#!/bin/bash # Setup script for GLAM CI/CD # Generates SSH keys and provides instructions for GitHub Actions setup set -e SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" KEY_DIR="$PROJECT_ROOT/.ssh" RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo -e "${BLUE} GLAM CI/CD Setup${NC}" echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo "" # Check for existing .env if [ ! -f "$PROJECT_ROOT/.env" ]; then echo -e "${YELLOW}Creating .env file...${NC}" cat > "$PROJECT_ROOT/.env" < Security > API Tokens HETZNER_HC_API_TOKEN=your_token_here # Domain Configuration GLAM_DOMAIN=sparql.glam-ontology.org ADMIN_EMAIL=admin@example.org EOF echo -e "${GREEN}Created .env - please edit with your values${NC}" fi # Generate SSH key for deployments echo "" echo -e "${BLUE}Generating SSH Key for Deployments${NC}" echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" mkdir -p "$KEY_DIR" KEY_FILE="$KEY_DIR/glam_deploy_key" if [ -f "$KEY_FILE" ]; then echo -e "${YELLOW}SSH key already exists: $KEY_FILE${NC}" read -p "Generate new key? This will overwrite the existing one. [y/N] " -n 1 -r echo "" if [[ ! $REPLY =~ ^[Yy]$ ]]; then echo "Keeping existing key." else rm -f "$KEY_FILE" "$KEY_FILE.pub" fi fi if [ ! -f "$KEY_FILE" ]; then echo -e "${YELLOW}Generating new ED25519 SSH key...${NC}" ssh-keygen -t ed25519 -C "glam-deploy@github-actions" -f "$KEY_FILE" -N "" echo -e "${GREEN}SSH key generated${NC}" fi # Add .ssh to gitignore if ! grep -q "^\.ssh/" "$PROJECT_ROOT/.gitignore" 2>/dev/null; then echo "" >> "$PROJECT_ROOT/.gitignore" echo "# SSH keys for deployment" >> "$PROJECT_ROOT/.gitignore" echo ".ssh/" >> "$PROJECT_ROOT/.gitignore" echo -e "${GREEN}Added .ssh/ to .gitignore${NC}" fi # Display instructions echo "" echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo -e "${BLUE} GitHub Repository Setup Instructions${NC}" echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo "" echo -e "${YELLOW}1. Add Repository Secrets${NC}" echo " Go to: GitHub Repository > Settings > Secrets and variables > Actions" echo "" echo " Add the following secrets:" echo "" echo -e " ${GREEN}HETZNER_HC_API_TOKEN${NC}" echo " Your Hetzner Cloud API token" echo "" echo -e " ${GREEN}DEPLOY_SSH_PRIVATE_KEY${NC}" echo " Copy the entire content of this file:" echo " $KEY_FILE" echo "" cat "$KEY_FILE" echo "" echo "" echo -e "${YELLOW}2. Add Repository Variables${NC}" echo " Go to: GitHub Repository > Settings > Secrets and variables > Actions > Variables" echo "" echo " Add the following variables:" echo "" echo -e " ${GREEN}GLAM_DOMAIN${NC}" echo " Your domain name (e.g., sparql.glam-ontology.org)" echo "" echo -e " ${GREEN}ADMIN_EMAIL${NC}" echo " Email for Let's Encrypt certificates" echo "" echo -e "${YELLOW}3. Add SSH Public Key to Terraform${NC}" echo " The public key needs to be added to your server." echo "" echo " Public key:" cat "$KEY_FILE.pub" echo "" echo "" echo " Option A: Add to terraform.tfvars:" echo " ssh_public_key_path = \"$KEY_FILE.pub\"" echo "" echo " Option B: For existing servers, add to authorized_keys:" echo " ssh root@YOUR_SERVER_IP \"echo '$(cat $KEY_FILE.pub)' >> ~/.ssh/authorized_keys\"" echo "" echo -e "${YELLOW}4. Initial Deployment${NC}" echo " Run local deployment first to create infrastructure:" echo "" echo " cd $PROJECT_ROOT/infrastructure" echo " ./deploy.sh --infra --data --frontend --reload" echo "" echo -e "${YELLOW}5. Verify CI/CD${NC}" echo " After setup, push a change to the main branch to trigger deployment." echo " Or manually trigger from GitHub Actions tab." echo "" echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo -e "${GREEN} Setup Complete!${NC}" echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}" echo "" echo "Files created:" echo " - $KEY_FILE (private key - KEEP SECRET)" echo " - $KEY_FILE.pub (public key)" echo "" echo "Next steps:" echo " 1. Edit .env with your Hetzner API token" echo " 2. Follow the GitHub setup instructions above" echo " 3. Run: ./infrastructure/deploy.sh --all"