107 lines
4.5 KiB
Bash
107 lines
4.5 KiB
Bash
|
#!/bin/bash
|
||
|
echo "Remote Host IP: ";
|
||
|
read -r ip;
|
||
|
echo "Remote Host port: ";
|
||
|
read -r port;
|
||
|
echo "Remote Host user: ";
|
||
|
read -r user;
|
||
|
echo "Remote Host password: ";
|
||
|
read -r pass;
|
||
|
echo "Target Domain: ";
|
||
|
read -r domain;
|
||
|
echo "Current user password for sudoer: ";
|
||
|
read -r user_pass;
|
||
|
domain_escape=`echo $domain|sed 's/\./\\\./g'`;
|
||
|
ssh_command="sshpass -p $pass ssh $user@$ip -p $port";
|
||
|
scp_command="sshpass -p $pass scp -r -P $port $user@$ip";
|
||
|
nginx_file=`$ssh_command "grep -e $'\s'$domain_escape' /etc/nginx/orbit_sites/* -l"`;
|
||
|
remote_sudo_command="echo $pass|sudo -S -p ''"
|
||
|
alias sudo_command="echo $user_pass|sudo -S -p ''"
|
||
|
if [ -z "$(which sshpass)" ]; then
|
||
|
sudo_command apt install sshpass -y;
|
||
|
fi
|
||
|
function escape_slash(){
|
||
|
echo "$1"|sed 's/\//\\\//g'
|
||
|
}
|
||
|
if [ "$?" != 0 ]; then
|
||
|
echo "Please check the remote server is reachable";
|
||
|
unalias sudo_command;
|
||
|
history -c
|
||
|
exit 1;
|
||
|
else
|
||
|
if [ -z "$nginx_file" ]; then
|
||
|
echo "$domain not found in nginx file!";
|
||
|
echo "Please Check ip and domain is correct";
|
||
|
else
|
||
|
root_path=`$ssh_command "cat '$nginx_file'|grep -E '(^|^\s+)root'|sed -E 's/(^|^\s+)root\s+//'|tr ';' ' '|awk '{print \\$1}'|sed 's/\/public$//g'"`;
|
||
|
echo "root_path: $root_path";
|
||
|
db_name=`$ssh_command "grep -w 'database' '$root_path/config/mongoid.yml' -m1|sed 's/database://g'| xargs"`
|
||
|
if [ -z $db_name ]; then
|
||
|
echo "There was some error when detecting Database!"
|
||
|
unalias sudo_command;
|
||
|
history -c
|
||
|
exit 1;
|
||
|
fi
|
||
|
echo "Database name: $db_name";
|
||
|
date_str=`date "+%Y%m%d"`
|
||
|
mongo_output="$root_path/dump_$date_str"
|
||
|
$ssh_command "mongodump -d $db_name -o '$mongo_output'"
|
||
|
$ssh_command "cp -f $nginx_file '$root_path/.'"
|
||
|
match_ssl=`$ssh_command "cat '$nginx_file'|grep -E '443\s+ssl'"`
|
||
|
if [[ ! -z $match_ssl ]]; then
|
||
|
echo "SSL Detected!"
|
||
|
ssl_certificate_file=`$ssh_command "grep -E '^(|\s+)ssl_certificate\s' $nginx_file|sed -E 's/^(|\s+)ssl_certificate(|_key)//g'|sed -E 's/;.*//g'|xargs|awk '{print \\$1}'"`
|
||
|
ssl_certificate_key_file=`$ssh_command "grep -E '^(|\s+)ssl_certificate_key\s' $nginx_file|sed -E 's/^(|\s+)ssl_certificate(|_key)//g'|sed -E 's/;.*//g'|xargs|awk '{print \\$1}'"`
|
||
|
$ssh_command "mkdir -p $root_path/ssl_files"
|
||
|
if [[ "$ssl_certificate_file" == *"/letsencrypt/"* ]]; then
|
||
|
echo "Use certbot!"
|
||
|
real_domain=`basename $(dirname $ssl_certificate_file)`
|
||
|
$ssh_command "mkdir -p $root_path/ssl_files/renewal"
|
||
|
$ssh_command "$remote_sudo_command cp -L /etc/letsencrypt/renewal/$real_domain.conf $root_path/ssl_files/renewal/."
|
||
|
org_ssl_dir=`dirname $ssl_certificate_file`
|
||
|
new_ssl_dir="ssl_files/$(basename org_ssl_dir)"
|
||
|
$ssh_command "$remote_sudo_command cp -r -f -L $org_ssl_dir $root_path/ssl_files/."
|
||
|
else
|
||
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_file $root_path/ssl_files/."
|
||
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_key_file $root_path/ssl_files/."
|
||
|
fi
|
||
|
$ssh_command "$remote_sudo_command chown $user:$user $root_path/ssl_files -R"
|
||
|
fi
|
||
|
local_store_path="$HOME/orbit_sites/$db_name"
|
||
|
mkdir -p "$local_store_path"
|
||
|
$scp_command:$root_path/* $local_store_path/.
|
||
|
cd $local_store_path
|
||
|
sudo_command cp -f "$(basename $nginx_file)" /etc/nginx/orbit_sites/.
|
||
|
new_nginx_file="/etc/nginx/orbit_sites/$(basename $nginx_file)"
|
||
|
mongorestore -d $db_name $(basename $mongo_output)/$db_name --drop
|
||
|
if [[ ! -z $match_ssl ]]; then
|
||
|
if [[ ! -z $org_ssl_dir ]]; then
|
||
|
sudo_command mkdir -p $org_ssl_dir
|
||
|
if [ -z "$(which certbot)" ]; then
|
||
|
wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_certbot.sh
|
||
|
sudo_command bash ./install_certbot.sh
|
||
|
fi
|
||
|
sudo_command sudo cp -r $new_ssl_dir/* $org_ssl_dir/.
|
||
|
sudo_command sudo cp -r $new_ssl_dir/renewal/* /etc/letsencrypt/renewal/.
|
||
|
else
|
||
|
sed "s/$(escape_slash $ssl_certificate_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_file)/g" -i $new_nginx_file
|
||
|
sed "s/$(escape_slash $ssl_certificate_key_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_key_file)/g" -i $new_nginx_file
|
||
|
fi
|
||
|
echo "Finish changing ssl setting!"
|
||
|
fi
|
||
|
sudo_command sed "s/$(escape_slash $root_path)/$(escape_slash $local_store_path)/g" -i "$new_nginx_file"
|
||
|
sudo_command nginx -t
|
||
|
if [ "$?" == "0" ];then
|
||
|
sudo_command service nginx restart;
|
||
|
else
|
||
|
echo "Nginx setting has some problem!";
|
||
|
echo "Please restart nginx by yourself!";
|
||
|
fi
|
||
|
unalias sudo_command
|
||
|
bundle install
|
||
|
rm -f tmp/unicorn.sock
|
||
|
bundle exec unicorn_rails -c config/unicorn.rb -E production
|
||
|
echo "Finish moving and installing site!"
|
||
|
history -c
|
||
|
fi
|
||
|
fi
|