Merge branch '39-dns' into 'master'

Resolve "DNS issue on Ubuntu 20.04" Closes #39 See merge request cyber5k/mistborn!22
6 years ago · 2b8644f7e5
13 changed files with 78 additions and 15 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
				@@ -1,2 +1,3 @@
 compose/production/traefik/traefik.toml
 .envs/
+.env
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -6,6 +6,7 @@ services:
				@@ -6,6 +6,7 @@ services:
 variables:
  GIT_SUBMODULE_STRATEGY: "recursive"
  MISTBORN_DEFAULT_PASSWORD: "default_password"
+  MISTBORN_DNS_BIND_IP: "10.2.3.1"
  
 stages:
  - test
--- a/.gitmodules
+++ b/.gitmodules
@ -0,0 +1,3 @@
				@@ -0,0 +1,3 @@
+[submodule "modules/mistborn-cli"]
+	path = modules/mistborn-cli
+	url = https://gitlab.com/cyber5k/mistborn-cli.git
--- a/README.md
+++ b/README.md
@ -57,7 +57,7 @@ sudo bash ./mistborn/scripts/install.sh
				@@ -57,7 +57,7 @@ sudo bash ./mistborn/scripts/install.sh
 Get default admin Wireguard profile
 *wait 1 minute after "Mistborn Installed" message*
 ```
-sudo docker-compose -f /opt/mistborn/base.yml run --rm django python manage.py getconf admin default
+sudo mistborn-cli getconf 
 ```

 Connect via Wireguard then visit `http://home.mistborn`
@ -130,7 +130,7 @@ sudo journalctl -xfu Mistborn-base
				@@ -130,7 +130,7 @@ sudo journalctl -xfu Mistborn-base

 The default Wireguard configuration file for `admin` may be obtained via:
 ```
-sudo docker-compose -f /opt/mistborn/base.yml run --rm django python manage.py getconf admin default
+sudo mistborn-cli getconf 
 ```
 Please notice that the following lines are **NOT** part of the Wireguard config:
 ```
--- a/base.yml
+++ b/base.yml
@ -7,7 +7,7 @@ volumes:
				@@ -7,7 +7,7 @@ volumes:

 services:
  django:
-    image: cyber5k/mistborn:latest 
+    image: "cyber5k/mistborn:${MISTBORN_TAG}"
    container_name: mistborn_production_django
    depends_on:
      - postgres
@ -60,7 +60,7 @@ services:
				@@ -60,7 +60,7 @@ services:
    restart: unless-stopped

  celeryworker:
-    image: cyber5k/mistborn:latest 
+    image: "cyber5k/mistborn:${MISTBORN_TAG}"
    container_name: mistborn_production_celeryworker
    volumes:
      - /home/mistborn/.ssh:/ssh
@ -83,7 +83,7 @@ services:
				@@ -83,7 +83,7 @@ services:
    restart: unless-stopped
  
  celeryworker-low-priority:
-    image: cyber5k/mistborn:latest 
+    image: "cyber5k/mistborn:${MISTBORN_TAG}"
    container_name: mistborn_production_celeryworker_low_priority
    volumes:
      - /home/mistborn/.ssh:/ssh
@ -106,7 +106,7 @@ services:
				@@ -106,7 +106,7 @@ services:
    restart: unless-stopped

  celerybeat:
-    image: cyber5k/mistborn:latest 
+    image: "cyber5k/mistborn:${MISTBORN_TAG}"
    container_name: mistborn_production_celerybeat
    env_file:
      - ./.envs/.production/.django
@ -116,7 +116,7 @@ services:
				@@ -116,7 +116,7 @@ services:
    

  flower:
-    image: cyber5k/mistborn:latest 
+    image: "cyber5k/mistborn:${MISTBORN_TAG}"
    container_name: mistborn_production_flower
    env_file:
      - ./.envs/.production/.django
@ -129,9 +129,11 @@ services:
				@@ -129,9 +129,11 @@ services:
  pihole:
   container_name: mistborn_production_pihole
   image: pihole/pihole:latest
+   env_file:
+     - /opt/mistborn_volumes/base/base.txt
   ports:
-     - "53:53/tcp"
-     - "53:53/udp"
+     - "${MISTBORN_DNS_BIND_IP}:53:53/tcp"
+     - "${MISTBORN_DNS_BIND_IP}:53:53/udp"
   labels:
      - "traefik.enable=true"
   environment:
--- a/modules/mistborn-cli
+++ b/modules/mistborn-cli
@ -0,0 +1 @@
				@@ -0,0 +1 @@
+Subproject commit 00986bcb7f945c611d13099672b4fb1e2d0721f2
--- a/scripts/env/setup.sh
+++ b/scripts/env/setup.sh
@ -0,0 +1,21 @@
				@@ -0,0 +1,21 @@
+#!/bin/bash
+
+VAR_FILE=/opt/mistborn/.env
+
+source /opt/mistborn/scripts/subinstallers/platform.sh
+
+MISTBORN_DNS_BIND_IP="0.0.0.0"
+if [ "$DISTRO" == "ubuntu" ] && [ "$VERSION_ID" == "20.04" ]; then
+    MISTBORN_DNS_BIND_IP="10.2.3.1"
+fi
+
+echo "MISTBORN_DNS_BIND_IP=${MISTBORN_DNS_BIND_IP}" | sudo tee ${VAR_FILE}
+sudo chown mistborn:mistborn ${VAR_FILE}
+
+GIT_BRANCH=$(git -C /opt/mistborn symbolic-ref --short HEAD || echo "master")
+MISTBORN_TAG="latest"
+if [ "$GIT_BRANCH" != "master" ]; then
+    MISTBORN_TAG="test"
+fi
+
+echo "MISTBORN_TAG=$MISTBORN_TAG" | sudo tee -a ${VAR_FILE}
--- a/scripts/install.sh
+++ b/scripts/install.sh
@ -148,6 +148,10 @@ then
				@@ -148,6 +148,10 @@ then
    source ./scripts/subinstallers/cockpit.sh
 fi

+# Mistborn-cli (pip3 installed by docker)
+figlet "Mistborn: Installing mistborn-cli"
+sudo pip3 install -e ./modules/mistborn-cli
+
 # Mistborn
 # final setup vars
 iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk 'NR==1{print $2}')
@ -165,6 +169,7 @@ fi
				@@ -165,6 +169,7 @@ fi
 sudo docker volume rm -f mistborn_production_postgres_data 2>/dev/null || true
 sudo docker volume rm -f mistborn_production_postgres_data_backups 2>/dev/null || true
 sudo docker volume rm -f mistborn_production_traefik 2>/dev/null || true
+sudo docker volume prune -f 2>/dev/null || true

 # generate production .env file
 if [ ! -d ./.envs/.production ]; then
@ -207,6 +212,10 @@ source ./scripts/subinstallers/openssl.sh
				@@ -207,6 +212,10 @@ source ./scripts/subinstallers/openssl.sh
 sudo rm -rf ../mistborn_volumes/base/tls
 sudo mv ./tls ../mistborn_volumes/base/

+# enable and run setup to generate .env
+sudo systemctl enable Mistborn-setup.service
+sudo systemctl start Mistborn-setup.service
+
 # Download docker images while DNS is operable
 sudo docker-compose -f base.yml pull || true
 sudo docker-compose -f base.yml build
@ -240,4 +249,4 @@ popd
				@@ -240,4 +249,4 @@ popd

 figlet "Mistborn Installed"
 echo "Watch Mistborn start: sudo journalctl -xfu Mistborn-base"
-echo "Retrieve Wireguard default config for admin: sudo docker-compose -f /opt/mistborn/base.yml run --rm django python manage.py getconf admin default"
+echo "Retrieve Wireguard default config for admin: sudo mistborn-cli getconf" 
--- a/scripts/services/Mistborn-base.service
+++ b/scripts/services/Mistborn-base.service
@ -9,6 +9,7 @@ User=root
				@@ -9,6 +9,7 @@ User=root
 Group=docker
 PermissionsStartOnly=true
 # Shutdown container (if running) when unit is stopped
+EnvironmentFile=/opt/mistborn/.env
 ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down

 ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml build
--- a/scripts/services/Mistborn-setup.service
+++ b/scripts/services/Mistborn-setup.service
@ -0,0 +1,10 @@
				@@ -0,0 +1,10 @@
+[Unit]
+Description=Mistborn Environment Setup
+Before=Mistborn-base.service
+
+[Service]
+Type=oneshot
+ExecStart=/opt/mistborn/scripts/env/setup.sh
+
+[Install]
+WantedBy=multi-user.target
--- a/scripts/subinstallers/docker.sh
+++ b/scripts/subinstallers/docker.sh
@ -1,5 +1,8 @@
				@@ -1,5 +1,8 @@
 #!/bin/bash

+# Docker
+figlet "Mistborn: Installing Docker"
+
 sudo apt update
 sudo apt install -y python python3-pip python3-setuptools libffi-dev python3-dev libssl-dev

--- a/scripts/subinstallers/docker_manual.sh
+++ b/scripts/subinstallers/docker_manual.sh
@ -1,8 +1,5 @@
				@@ -1,8 +1,5 @@
 #!/bin/bash

-# Docker
-figlet "Mistborn: Installing Docker"
-
 # dependencies
 echo "Installing Docker dependencies"
 sudo apt-get install -y \
--- a/scripts/update.sh
+++ b/scripts/update.sh
@ -2,7 +2,21 @@
				@@ -2,7 +2,21 @@

 set -e

-sudo docker-compose -f /opt/mistborn/base.yml pull
-sudo docker-compose -f /opt/mistborn/base.yml build
+sudo git -C /opt/mistborn pull
+sudo git -C /opt/mistborn submodule update --init --recursive
+
+# ensure mistborn-cli is installed
+sudo pip3 install -e /opt/mistborn/modules/mistborn-cli
+
+iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk 'NR==1{print $2}')
+sudo cp /opt/mistborn/scripts/services/Mistborn* /etc/systemd/system/
+sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=root/User=mistborn/"
+sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/"
+
+sudo systemctl daemon-reload
+sudo systemctl enable Mistborn-setup.service
+sudo systemctl restart Mistborn-setup.service
+
+sudo mistborn-cli pullbuild

 sudo systemctl restart Mistborn-base
				`@ -0,0 +1 @@` @@ -0,0 +1 @@
				`Subproject commit 00986bcb7f945c611d13099672b4fb1e2d0721f2`