readysite / readysite.org / setup.sh
2.5 KB
setup.sh 
#!/bin/bash
# Server setup script for readysite.org
# Run by launch tool on deployment

set -e

echo "==> Setting up readysite.org server"

# Create git user if it doesn't exist
if ! id git &>/dev/null; then
    echo "Creating git user..."
    useradd -m -s /bin/sh git
fi

# Copy root's SSH authorized_keys to git user
echo "Setting up SSH access for git user..."
mkdir -p /home/git/.ssh
cp /root/.ssh/authorized_keys /home/git/.ssh/authorized_keys
chown -R git:git /home/git/.ssh
chmod 700 /home/git/.ssh
chmod 600 /home/git/.ssh/authorized_keys

# Create git repository directory
echo "Creating git directory..."
mkdir -p /var/git
chown git:git /var/git

# Create registry storage directory
echo "Creating registry storage directory..."
mkdir -p /mnt/data/registry

# Create site data directory (on dedicated volume)
echo "Creating site data directory..."
mkdir -p /mnt/sites

# Generate AUTH_SECRET if not exists
if [ ! -f /mnt/data/readysite.org/.env ]; then
    echo "Generating AUTH_SECRET..."
    mkdir -p /mnt/data/readysite.org
    AUTH_SECRET=$(openssl rand -hex 32)
    echo "AUTH_SECRET=$AUTH_SECRET" > /mnt/data/readysite.org/.env
fi

# Open ports 80 and 443 for HTTP/HTTPS
echo "Opening ports 80 and 443..."
ufw allow 80/tcp || true
ufw allow 443/tcp || true

# --- Caddy reverse proxy ---
echo "==> Setting up Caddy reverse proxy"

# Create Caddy directories
mkdir -p /mnt/data/caddy/data
mkdir -p /mnt/data/caddy/config
mkdir -p /mnt/data/caddy/sites

# Write Caddyfile - both domains route to the merged readysite-org container
cat > /mnt/data/caddy/Caddyfile <<'EOF'
readysite.org {
	reverse_proxy readysite-org:5000
}

hosting.readysite.org {
	reverse_proxy readysite-org:5000
}

import /etc/caddy/sites/*.caddy
EOF

# --- Docker Swarm ---
echo "==> Initializing Docker Swarm"

# Initialize Docker Swarm (idempotent)
docker info --format '{{.Swarm.LocalNodeState}}' | grep -q active || \
    docker swarm init --advertise-addr $(hostname -I | awk '{print $1}')

# Open Swarm ports
ufw allow 2377/tcp   # Cluster management
ufw allow 7946       # Inter-node communication (TCP+UDP)
ufw allow 4789/udp   # Overlay network traffic

# --- SSH key for Pro server access ---
echo "==> Generating SSH key for Pro server access"

# Generate SSH key for Pro server access (if not exists)
mkdir -p /mnt/data/hosting/ssh
[ -f /mnt/data/hosting/ssh/id_ed25519 ] || \
    ssh-keygen -t ed25519 -f /mnt/data/hosting/ssh/id_ed25519 -N ""
chmod 600 /mnt/data/hosting/ssh/id_ed25519

echo "==> Setup complete"
← Back

Create your account

Enter your email to get started. No password needed.

Already have an account? Sign in