greyn/deployment
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

omg it works.
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
adam 2024-12-06 22:29:52 -05:00
parent a47de1098c
commit a672887719
1 changed files with 18 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
scripts/1clickservice.groovy
View File

@ -97,7 +97,7 @@ pipeline {
sh """#!/bin/bash sh """#!/bin/bash
#mkdir -p ~/.ssh #mkdir -p ~/.ssh
#ssh-keyscan -t ed25519 gitea.arg.rip >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 gitea.arg.rip >> ~/.ssh/known_hosts
#cat ~/.ssh/known_hosts #cat ~/.ssh/known_hosts
#shit doesn't work. ssh in, git clone, get your shit set up for keys. #shit doesn't work. ssh in, git clone, get your shit set up for keys.
git -c core.sshCommand="ssh -i '$PK'\" clone ssh://git@gitea.arg.rip:8022/greyn/${servicename}.git git -c core.sshCommand="ssh -i '$PK'\" clone ssh://git@gitea.arg.rip:8022/greyn/${servicename}.git
@ -222,15 +222,11 @@ pipeline {
sh """#!/bin/bash sh """#!/bin/bash
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/service/scripts/serviceaccount.sh --output serviceaccount.sh curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/main/scripts/serviceaccount.sh --output serviceaccount.sh
sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh
sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh
sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh
echo "serviceaccount :)"
cat serviceaccount.sh
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh
rm serviceaccount.sh rm serviceaccount.sh
""" """
@ -247,23 +243,16 @@ pipeline {
withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')]) withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
{ {
sh """#!/bin/bash sh """#!/bin/bash
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} servicename=${servicename} pw_productiondatabase=${env.pw_productiondatabase} pw_developmentdatabase=${env.pw_developmentdatabase} 'echo "$SUDOER_PSW" | sudo -Sv && bash -s' << 'ENDSSH' curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/main/scripts/databases.sh --output databases.sh
sudo -u postgres psql && bash -s << 'ENDPSQL'
create database $servicename;
create user $servicename with encrypted password '$pw_productiondatabase';
grant all privileges on database $servicename to $servicename;
ENDPSQL
service_dev="${servicename}_dev" sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' databases.sh
sudo -u postgres psql && bash -s << 'ENDPSQL' sed -i 's/pw_productiondatabase=/pw_productiondatabase="${env.pw_productiondatabase}/' databases.sh
create database \$service_dev; sed -i 's/pw_developmentdatabase=/pw_developmentdatabase="${env.pw_developmentdatabase}/' databases.sh
create user \$service_dev with encrypted password '\$pw_developmentdatabase'; sed -i 's/servicename=/servicename="${servicename}"/' databases.sh
grant all privileges on database \$service_dev to \$service_dev;
ENDPSQL
ENDSSH ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <databases.sh
rm databases.sh
""" """
} }
} }
@ -271,16 +260,13 @@ pipeline {
} }
stage("initial service setup"){ stage("initial service setup"){
steps{ steps{
sshagent([SUDOERSSH]) sh """#!/bin/bash
{ ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} "mkdir -p ~/.config/systemd/user/"
sh 'scp ${servicename}.service ${servicename}@${targetHost}:~/.config/systemd/user/${servicename}.service' scp -i "${servicename}-ssh" ${servicename}/${servicename}.service ${servicename}@${targetHost}:~/.config/systemd/user/${servicename}.service
sh """ssh -tt $SUDOER_USR@${targetHost} servicename=${servicename} pw_productiondatabase=${env.pw_productiondatabase} pw_developmentdatabase=${env.pw_developmentdatabase} 'echo "$SUDOER_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
sudo -u ${servicename} && bash -s << 'ENDASSERVICE' ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} 'systemctl --user daemon-reload'
systemctl --user daemon-reload ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} 'systemctl --user enable ${servicename}.service'
systemctl --user enable ${servicename}.service """
ENDASSERVICE
ENDSSH"""
}
} }
} }
} }