Add Docker Hub authentication and fix calcom/baserow issues
- Add --docker-user and --docker-token flags to start.sh and setup.sh - Docker login runs after Docker installation to bypass rate limits - Store Docker Hub username (not token) in credentials.env for reference - Fix calcom: use v5.9.8 image tag, remove obsolete version attribute - Remove baserow stack and nginx config (had template substitution issues) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
parent
52588fc8f1
commit
62ce4ce692
|
|
@ -96,6 +96,7 @@ parse_json() {
|
|||
customer=""
|
||||
domain=""
|
||||
company_name=""
|
||||
docker_user=""
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
|
|
@ -111,6 +112,10 @@ while [[ $# -gt 0 ]]; do
|
|||
company_name="$2"
|
||||
shift 2
|
||||
;;
|
||||
--docker-user)
|
||||
docker_user="$2"
|
||||
shift 2
|
||||
;;
|
||||
--json)
|
||||
parse_json "$2"
|
||||
shift 2
|
||||
|
|
@ -494,6 +499,16 @@ KEYCLOAK_ADMIN_PASSWORD=${keycloak_admin_password}
|
|||
SYSADMIN_AGENT_TOKEN=${sysadmin_agent_token}
|
||||
EOF
|
||||
|
||||
# Add Docker Hub section if docker_user was provided
|
||||
if [[ -n "${docker_user}" ]]; then
|
||||
cat >> "${ENV_DIR}/credentials.env" <<EOF
|
||||
|
||||
# Docker Hub
|
||||
DOCKER_HUB_USER=${docker_user}
|
||||
# Note: Token not stored for security - regenerate from Docker Hub if needed
|
||||
EOF
|
||||
fi
|
||||
|
||||
chmod 640 "${ENV_DIR}/credentials.env"
|
||||
|
||||
log_info "Environment setup complete."
|
||||
|
|
|
|||
|
|
@ -1,53 +0,0 @@
|
|||
server {
|
||||
client_max_body_size 64M;
|
||||
|
||||
listen 80;
|
||||
server_name {{ domain_baserow }};
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
alias /var/www/html/.well-known/acme-challenge/;
|
||||
default_type "text/plain";
|
||||
allow all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
client_max_body_size 64M;
|
||||
#large_client_header_buffers 4 16k;
|
||||
|
||||
listen 443 ssl http2;
|
||||
|
||||
server_name {{ domain_baserow }};
|
||||
|
||||
ssl_certificate /etc/nginx/placeholder.crt;
|
||||
ssl_certificate_key /etc/nginx/placeholder.key;
|
||||
|
||||
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
|
||||
#auth_basic "Restricted Content";
|
||||
#auth_basic_user_file letsbe-htpasswd;
|
||||
|
||||
location / {
|
||||
proxy_pass http://0.0.0.0:3012;
|
||||
proxy_redirect off;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Real-IP $http_cf_connecting_ip;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
#proxy_buffers 16 4k;
|
||||
#proxy_buffer_size 2k;
|
||||
}
|
||||
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
alias /var/www/html/.well-known/acme-challenge/;
|
||||
default_type "text/plain";
|
||||
allow all;
|
||||
}
|
||||
}
|
||||
|
|
@ -26,6 +26,10 @@ SKIP_SSL=false
|
|||
ROOT_SSL=false
|
||||
DOMAIN=""
|
||||
|
||||
# Docker Hub authentication (optional)
|
||||
DOCKER_USER=""
|
||||
DOCKER_TOKEN=""
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--tools)
|
||||
|
|
@ -44,6 +48,14 @@ while [[ $# -gt 0 ]]; do
|
|||
ROOT_SSL=true
|
||||
shift
|
||||
;;
|
||||
--docker-user)
|
||||
DOCKER_USER="$2"
|
||||
shift 2
|
||||
;;
|
||||
--docker-token)
|
||||
DOCKER_TOKEN="$2"
|
||||
shift 2
|
||||
;;
|
||||
--help|-h)
|
||||
echo "Usage: $0 [--tools \"tool1,tool2,...\"|\"all\"] [--domain DOMAIN] [--skip-ssl] [--root-ssl]"
|
||||
echo ""
|
||||
|
|
@ -52,6 +64,8 @@ while [[ $# -gt 0 ]]; do
|
|||
echo " --domain Domain name for SSL email (administrator@domain)"
|
||||
echo " --skip-ssl Skip SSL certificate setup"
|
||||
echo " --root-ssl Include root domain in SSL certificate"
|
||||
echo " --docker-user Docker Hub username (optional, to bypass rate limits)"
|
||||
echo " --docker-token Docker Hub Personal Access Token (optional)"
|
||||
echo ""
|
||||
echo "Examples:"
|
||||
echo " $0 --tools \"all\" --domain \"example.com\""
|
||||
|
|
@ -98,6 +112,12 @@ sudo systemctl enable docker
|
|||
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m)" -o /usr/local/bin/docker-compose
|
||||
sudo chmod 755 /usr/local/bin/docker-compose
|
||||
|
||||
# Docker Hub login (optional - to bypass rate limits)
|
||||
if [[ -n "$DOCKER_USER" && -n "$DOCKER_TOKEN" ]]; then
|
||||
echo "Logging into Docker Hub..."
|
||||
echo "$DOCKER_TOKEN" | docker login -u "$DOCKER_USER" --password-stdin
|
||||
fi
|
||||
|
||||
# =============================================================================
|
||||
# DISABLE CONFLICTING SERVICES
|
||||
# =============================================================================
|
||||
|
|
|
|||
|
|
@ -1,61 +0,0 @@
|
|||
version: '3.9'
|
||||
|
||||
services:
|
||||
baserow:
|
||||
container_name: {{ customer }}-baserow
|
||||
image: baserow/baserow:latest
|
||||
restart: always
|
||||
environment:
|
||||
- BASEROW_PUBLIC_URL=https://{{ domain_baserow }}
|
||||
- DATABASE_URL=postgresql://{{ baserow_postgres_user }}:{{ baserow_postgres_password }}@baserow-db:5432/baserow
|
||||
- EMAIL_SMTP=True
|
||||
- EMAIL_SMTP_USE_TLS=True
|
||||
- EMAIL_SMTP_HOST=
|
||||
- EMAIL_SMTP_PORT=587
|
||||
- FROM_EMAIL=
|
||||
- EMAIL_SMTP_USER=
|
||||
- EMAIL_SMTP_PASSWORD=
|
||||
volumes:
|
||||
- {{ customer }}-baserow-data:/baserow/data
|
||||
- {{ customer }}-baserow-backups:/tmp/backups
|
||||
ports:
|
||||
- "127.0.0.1:3012:80"
|
||||
#- "127.0.0.1:3013:443"
|
||||
depends_on:
|
||||
- baserow-db
|
||||
networks:
|
||||
{{ customer }}-baserow:
|
||||
ipv4_address: 172.20.17.2
|
||||
|
||||
baserow-db:
|
||||
container_name: {{ customer }}-baserow-db
|
||||
image: postgres:15-alpine
|
||||
restart: always
|
||||
environment:
|
||||
POSTGRES_DB: 'baserow'
|
||||
POSTGRES_USER: '{{ baserow_postgres_user }}'
|
||||
POSTGRES_PASSWORD: '{{ baserow_postgres_password }}'
|
||||
volumes:
|
||||
- {{ customer }}-baserow-postgres:/var/lib/postgresql/data
|
||||
- {{ customer }}-baserow-backups:/tmp/backups
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
|
||||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
networks:
|
||||
{{ customer }}-baserow:
|
||||
ipv4_address: 172.20.17.3
|
||||
|
||||
networks:
|
||||
{{ customer }}-baserow:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 172.20.17.0/28
|
||||
gateway: 172.20.17.1
|
||||
|
||||
volumes:
|
||||
{{ customer }}-baserow-data:
|
||||
{{ customer }}-baserow-postgres:
|
||||
{{ customer }}-baserow-backups:
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.8'
|
||||
|
||||
services:
|
||||
calcom-postgres:
|
||||
container_name: {{ customer }}-calcom-postgres
|
||||
|
|
@ -15,7 +13,7 @@ services:
|
|||
|
||||
calcom:
|
||||
container_name: {{ customer }}-calcom
|
||||
image: calcom/cal.com:latest
|
||||
image: calcom/cal.com:v5.9.8
|
||||
restart: always
|
||||
labels:
|
||||
- "diun.enable=true"
|
||||
|
|
|
|||
|
|
@ -56,6 +56,10 @@ CUSTOMER=""
|
|||
DOMAIN=""
|
||||
COMPANY_NAME=""
|
||||
|
||||
# Docker Hub authentication (optional)
|
||||
DOCKER_USER=""
|
||||
DOCKER_TOKEN=""
|
||||
|
||||
# =============================================================================
|
||||
# HELPER FUNCTIONS
|
||||
# =============================================================================
|
||||
|
|
@ -79,6 +83,8 @@ usage() {
|
|||
echo " --customer Customer name for env_setup.sh"
|
||||
echo " --domain Domain for env_setup.sh"
|
||||
echo " --company Company name for env_setup.sh"
|
||||
echo " --docker-user Docker Hub username (optional, to bypass rate limits)"
|
||||
echo " --docker-token Docker Hub Personal Access Token (optional)"
|
||||
echo ""
|
||||
echo "JSON Input:"
|
||||
echo " --config Path to JSON config file"
|
||||
|
|
@ -126,6 +132,8 @@ parse_json() {
|
|||
CUSTOMER=$(echo "$json" | jq -r '.customer // empty')
|
||||
DOMAIN=$(echo "$json" | jq -r '.domain // empty')
|
||||
COMPANY_NAME=$(echo "$json" | jq -r '.company_name // empty')
|
||||
DOCKER_USER=$(echo "$json" | jq -r '.docker_user // empty')
|
||||
DOCKER_TOKEN=$(echo "$json" | jq -r '.docker_token // empty')
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
|
|
@ -178,6 +186,14 @@ while [[ $# -gt 0 ]]; do
|
|||
COMPANY_NAME="$2"
|
||||
shift 2
|
||||
;;
|
||||
--docker-user)
|
||||
DOCKER_USER="$2"
|
||||
shift 2
|
||||
;;
|
||||
--docker-token)
|
||||
DOCKER_TOKEN="$2"
|
||||
shift 2
|
||||
;;
|
||||
--config)
|
||||
CONFIG_JSON=$(cat "$2")
|
||||
parse_json "$CONFIG_JSON"
|
||||
|
|
@ -282,10 +298,16 @@ if [[ "$ACTION" == "setup" ]]; then
|
|||
eval "$SCP_CMD setup.sh ${SSH_USER}@${SERVER_IP}:${REMOTE_BASE}/scripts/" 2>/dev/null || \
|
||||
eval "$SCP_CMD setup.sh ${SSH_USER}@${SERVER_IP}:/tmp/"
|
||||
|
||||
echo " Converting line endings to Unix format..."
|
||||
eval "$SSH_CMD 'sed -i \"s/\r\$//\" ${REMOTE_BASE}/scripts/env_setup.sh ${REMOTE_BASE}/scripts/setup.sh 2>/dev/null || true'"
|
||||
|
||||
echo "[2/6] Uploading backups script..."
|
||||
if ! eval "$SSH_CMD '[ -f ${REMOTE_BASE}/scripts/backups.sh ]'" 2>/dev/null; then
|
||||
eval "$SCP_CMD backups.sh ${SSH_USER}@${SERVER_IP}:${REMOTE_BASE}/scripts/" 2>/dev/null || \
|
||||
eval "$SCP_CMD backups.sh ${SSH_USER}@${SERVER_IP}:/tmp/"
|
||||
|
||||
echo " Converting line endings to Unix format..."
|
||||
eval "$SSH_CMD 'sed -i \"s/\r\$//\" ${REMOTE_BASE}/scripts/backups.sh 2>/dev/null || true'"
|
||||
else
|
||||
echo " backups.sh already exists, skipping."
|
||||
fi
|
||||
|
|
@ -315,6 +337,7 @@ if [[ "$ACTION" == "setup" ]]; then
|
|||
[[ -n "$CUSTOMER" ]] && ENV_ARGS="$ENV_ARGS --customer $(printf '%q' "$CUSTOMER")"
|
||||
[[ -n "$DOMAIN" ]] && ENV_ARGS="$ENV_ARGS --domain $(printf '%q' "$DOMAIN")"
|
||||
[[ -n "$COMPANY_NAME" ]] && ENV_ARGS="$ENV_ARGS --company $(printf '%q' "$COMPANY_NAME")"
|
||||
[[ -n "$DOCKER_USER" ]] && ENV_ARGS="$ENV_ARGS --docker-user $(printf '%q' "$DOCKER_USER")"
|
||||
|
||||
if [[ -n "$ENV_ARGS" ]]; then
|
||||
eval "$SSH_CMD \"bash ${REMOTE_BASE}/scripts/env_setup.sh $ENV_ARGS && touch ${REMOTE_BASE}/.env_installed\"" || \
|
||||
|
|
@ -338,10 +361,12 @@ if [[ "$ACTION" == "setup" ]]; then
|
|||
if ! eval "$SSH_CMD '[ -f ${REMOTE_BASE}/.setup_installed ]'" 2>/dev/null; then
|
||||
# Build setup.sh arguments
|
||||
SETUP_ARGS=""
|
||||
[[ -n "$TOOLS" ]] && SETUP_ARGS="$SETUP_ARGS --tools '$TOOLS'"
|
||||
[[ -n "$DOMAIN" ]] && SETUP_ARGS="$SETUP_ARGS --domain '$DOMAIN'"
|
||||
[[ -n "$TOOLS" ]] && SETUP_ARGS="$SETUP_ARGS --tools $(printf '%q' "$TOOLS")"
|
||||
[[ -n "$DOMAIN" ]] && SETUP_ARGS="$SETUP_ARGS --domain $(printf '%q' "$DOMAIN")"
|
||||
[[ "$SKIP_SSL" == "true" ]] && SETUP_ARGS="$SETUP_ARGS --skip-ssl"
|
||||
[[ "$ROOT_SSL" == "true" ]] && SETUP_ARGS="$SETUP_ARGS --root-ssl"
|
||||
[[ -n "$DOCKER_USER" ]] && SETUP_ARGS="$SETUP_ARGS --docker-user $(printf '%q' "$DOCKER_USER")"
|
||||
[[ -n "$DOCKER_TOKEN" ]] && SETUP_ARGS="$SETUP_ARGS --docker-token $(printf '%q' "$DOCKER_TOKEN")"
|
||||
|
||||
# Run setup.sh directly in foreground (connection stays alive with PermitRootLogin yes)
|
||||
echo "Running setup.sh (this may take 10-15 minutes)..."
|
||||
|
|
|
|||
Loading…
Reference in New Issue