144 lines
5.4 KiB
Bash
Executable file
144 lines
5.4 KiB
Bash
Executable file
#!/bin/bash
|
|
# Setup script for GLAM CI/CD
|
|
# Generates SSH keys and provides instructions for GitHub Actions setup
|
|
|
|
set -e
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
KEY_DIR="$PROJECT_ROOT/.ssh"
|
|
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo -e "${BLUE} GLAM CI/CD Setup${NC}"
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo ""
|
|
|
|
# Check for existing .env
|
|
if [ ! -f "$PROJECT_ROOT/.env" ]; then
|
|
echo -e "${YELLOW}Creating .env file...${NC}"
|
|
cat > "$PROJECT_ROOT/.env" <<EOF
|
|
# GLAM Environment Configuration
|
|
# DO NOT COMMIT THIS FILE
|
|
|
|
# Hetzner Cloud API Token
|
|
# Get from: https://console.hetzner.cloud/ > Security > API Tokens
|
|
HETZNER_HC_API_TOKEN=your_token_here
|
|
|
|
# Domain Configuration
|
|
GLAM_DOMAIN=sparql.glam-ontology.org
|
|
ADMIN_EMAIL=admin@example.org
|
|
EOF
|
|
echo -e "${GREEN}Created .env - please edit with your values${NC}"
|
|
fi
|
|
|
|
# Generate SSH key for deployments
|
|
echo ""
|
|
echo -e "${BLUE}Generating SSH Key for Deployments${NC}"
|
|
echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
|
|
|
|
mkdir -p "$KEY_DIR"
|
|
KEY_FILE="$KEY_DIR/glam_deploy_key"
|
|
|
|
if [ -f "$KEY_FILE" ]; then
|
|
echo -e "${YELLOW}SSH key already exists: $KEY_FILE${NC}"
|
|
read -p "Generate new key? This will overwrite the existing one. [y/N] " -n 1 -r
|
|
echo ""
|
|
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
|
|
echo "Keeping existing key."
|
|
else
|
|
rm -f "$KEY_FILE" "$KEY_FILE.pub"
|
|
fi
|
|
fi
|
|
|
|
if [ ! -f "$KEY_FILE" ]; then
|
|
echo -e "${YELLOW}Generating new ED25519 SSH key...${NC}"
|
|
ssh-keygen -t ed25519 -C "glam-deploy@github-actions" -f "$KEY_FILE" -N ""
|
|
echo -e "${GREEN}SSH key generated${NC}"
|
|
fi
|
|
|
|
# Add .ssh to gitignore
|
|
if ! grep -q "^\.ssh/" "$PROJECT_ROOT/.gitignore" 2>/dev/null; then
|
|
echo "" >> "$PROJECT_ROOT/.gitignore"
|
|
echo "# SSH keys for deployment" >> "$PROJECT_ROOT/.gitignore"
|
|
echo ".ssh/" >> "$PROJECT_ROOT/.gitignore"
|
|
echo -e "${GREEN}Added .ssh/ to .gitignore${NC}"
|
|
fi
|
|
|
|
# Display instructions
|
|
echo ""
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo -e "${BLUE} GitHub Repository Setup Instructions${NC}"
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo ""
|
|
echo -e "${YELLOW}1. Add Repository Secrets${NC}"
|
|
echo " Go to: GitHub Repository > Settings > Secrets and variables > Actions"
|
|
echo ""
|
|
echo " Add the following secrets:"
|
|
echo ""
|
|
echo -e " ${GREEN}HETZNER_HC_API_TOKEN${NC}"
|
|
echo " Your Hetzner Cloud API token"
|
|
echo ""
|
|
echo -e " ${GREEN}DEPLOY_SSH_PRIVATE_KEY${NC}"
|
|
echo " Copy the entire content of this file:"
|
|
echo " $KEY_FILE"
|
|
echo ""
|
|
cat "$KEY_FILE"
|
|
echo ""
|
|
echo ""
|
|
|
|
echo -e "${YELLOW}2. Add Repository Variables${NC}"
|
|
echo " Go to: GitHub Repository > Settings > Secrets and variables > Actions > Variables"
|
|
echo ""
|
|
echo " Add the following variables:"
|
|
echo ""
|
|
echo -e " ${GREEN}GLAM_DOMAIN${NC}"
|
|
echo " Your domain name (e.g., sparql.glam-ontology.org)"
|
|
echo ""
|
|
echo -e " ${GREEN}ADMIN_EMAIL${NC}"
|
|
echo " Email for Let's Encrypt certificates"
|
|
echo ""
|
|
|
|
echo -e "${YELLOW}3. Add SSH Public Key to Terraform${NC}"
|
|
echo " The public key needs to be added to your server."
|
|
echo ""
|
|
echo " Public key:"
|
|
cat "$KEY_FILE.pub"
|
|
echo ""
|
|
echo ""
|
|
echo " Option A: Add to terraform.tfvars:"
|
|
echo " ssh_public_key_path = \"$KEY_FILE.pub\""
|
|
echo ""
|
|
echo " Option B: For existing servers, add to authorized_keys:"
|
|
echo " ssh root@YOUR_SERVER_IP \"echo '$(cat $KEY_FILE.pub)' >> ~/.ssh/authorized_keys\""
|
|
echo ""
|
|
|
|
echo -e "${YELLOW}4. Initial Deployment${NC}"
|
|
echo " Run local deployment first to create infrastructure:"
|
|
echo ""
|
|
echo " cd $PROJECT_ROOT/infrastructure"
|
|
echo " ./deploy.sh --infra --data --frontend --reload"
|
|
echo ""
|
|
|
|
echo -e "${YELLOW}5. Verify CI/CD${NC}"
|
|
echo " After setup, push a change to the main branch to trigger deployment."
|
|
echo " Or manually trigger from GitHub Actions tab."
|
|
echo ""
|
|
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo -e "${GREEN} Setup Complete!${NC}"
|
|
echo -e "${BLUE}════════════════════════════════════════════════════════════════${NC}"
|
|
echo ""
|
|
echo "Files created:"
|
|
echo " - $KEY_FILE (private key - KEEP SECRET)"
|
|
echo " - $KEY_FILE.pub (public key)"
|
|
echo ""
|
|
echo "Next steps:"
|
|
echo " 1. Edit .env with your Hetzner API token"
|
|
echo " 2. Follow the GitHub setup instructions above"
|
|
echo " 3. Run: ./infrastructure/deploy.sh --all"
|