#!/usr/bin/env bash set -e server=$1 type=$2 hostname=$3 branch=$4 if [ -z "$hostname" ]; then echo "USAGE: $0 server type hostname [branch]" echo "Installs an empty Ubuntu server in AWS with a Zulip server role." echo "* hostname is the current hostname/IP of the server" echo "* type is a list of puppet rules to be passed to scripts/lib/install" echo " E.g. 'zulip::base,zulip::apt_repository,zulip::postgres_common'" echo "* hostname is to be the server's external hostname." echo "* branch is used to override the default branch to install from." echo "Reads configuration from $HOME/.zulip-install-server.conf." exit 1 fi if ! echo "$hostname" | grep -q zulip; then echo "USAGE: $0 server type hostname [branch]" echo "Hostname must have zulip in it." exit 1 fi set -x zulip_ssh_config_file="$HOME/.zulip-install-server.conf" amazon_key_file=$(crudini --get "$zulip_ssh_config_file" ssh amazon_key_file) if ! [ -e "$amazon_key_file" ]; then echo "You need the amazon ssh key at $amazon_key_file" exit 1 fi server_private_key_file=$(crudini --get "$zulip_ssh_config_file" ssh server_private_key_file) if ! [ -e "$server_private_key_file" ]; then echo "You need a server ssh key at $server_private_key_file" exit 1 fi if [ -n "${zulip_confdir-}" ]; then zulipconf_file="$zulip_confdir/zulip.conf" secrets_file="$zulip_confdir/zulip-secrets.conf" settings_file="$zulip_confdir/settings.py" fi if [ -z "$secrets_file" ]; then echo "Specify secrets_file via environment." exit 1 fi zulip_repo=$(crudini --get "$zulip_ssh_config_file" repo repo_url) if [ -z "$branch" ]; then branch=$(crudini --get "$zulip_ssh_config_file" repo default_branch) fi VIRTUALENV_NEEDED=$(if echo "$type" | grep -q app_frontend; then echo -n yes; else echo -n no; fi) # Force RSA keys. We do this because the ECDSA key is not printed on syslog, # and our puppet configuration does not use ECDSA. If we don't do this, # we'll get key errors after puppet apply. SSH_OPTS=(-o 'HostKeyAlgorithms=ssh-rsa') set +e ssh "${SSH_OPTS[@]}" "$server" -i "$amazon_key_file" -lubuntu -o "ControlMaster=no" /bin/bash < /etc/hostname hostname "$hostname" sed -i 's/localhost$/localhost $hostname/' /etc/hosts EOF set -e # Give server its SSH keys scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file" root@"$server":/root/.ssh/id_rsa scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file".pub root@"$server":/root/.ssh/id_rsa.pub scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$secrets_file" root@"$server":/etc/zulip/zulip-secrets.conf if [ -e "$zulipconf_file" ]; then scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$zulipconf_file" root@"$server":/etc/zulip/zulip.conf fi if [ -e "$settings_file" ]; then scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$settings_file" root@"$server":/etc/zulip/settings.py fi # shellcheck disable=SC2029 disable=SC2087 ssh "${SSH_OPTS[@]}" "$server" -i "$amazon_key_file" -lroot /bin/bash </dev/null || true if ! [ -e "zulip" ]; then # need to install git to clone the repo apt-get install -y git crudini git clone "$zulip_repo" zulip fi cd zulip git fetch git checkout origin/$branch # The main Zulip production install script can take things from here! env VIRTUALENV_NEEDED=$VIRTUALENV_NEEDED PUPPET_CLASSES="$type" \ ./scripts/setup/install --self-signed-cert --no-init-db --no-overwrite-settings EOF scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file" root@"$server":/home/zulip/.ssh/id_rsa scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file".pub root@"$server":/home/zulip/.ssh/id_rsa.pub # shellcheck disable=SC2029 ssh "${SSH_OPTS[@]}" "$server" -i "$amazon_key_file" -lroot /bin/bash <