From 66e5d1879d9c90e4059d122a7ec0c2f1d3928821 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Mon, 27 Apr 2020 02:53:54 +0000 Subject: [PATCH] Resolve "Raspbian" --- README.md | 2 +- {dev => scripts/env}/wg_clean.sh | 0 scripts/install.sh | 32 +++++++++++++++++++------------- 3 files changed, 20 insertions(+), 14 deletions(-) rename {dev => scripts/env}/wg_clean.sh (100%) diff --git a/README.md b/README.md index 913f02c..8347006 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Mistborn -A platform for easily managing your cloud server and Wireguard access +A platform for easily standing up and managing your own cloud services, with firewall, ad-blocking, and Wireguard access # Table of Contents [[_TOC_]] diff --git a/dev/wg_clean.sh b/scripts/env/wg_clean.sh similarity index 100% rename from dev/wg_clean.sh rename to scripts/env/wg_clean.sh diff --git a/scripts/install.sh b/scripts/install.sh index cb73dbf..7da2197 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -120,6 +120,7 @@ sudo sed -i 's/#PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/ss sudo sed -i 's/PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config sudo sed -i 's/PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config +sudo systemctl enable ssh sudo systemctl restart ssh # Additional tools fail2ban @@ -137,6 +138,8 @@ source ./scripts/subinstallers/wireguard.sh # Docker source ./scripts/subinstallers/docker.sh +sudo systemctl enable docker +sudo systemctl start docker # Unattended upgrades sudo apt-get install -y unattended-upgrades @@ -160,21 +163,11 @@ figlet "Mistborn default NIC: $iface" #IPV4_PUBLIC=$(ip -o -4 route show default | egrep -o 'dev [^ ]*' | awk '{print $2}' | xargs ip -4 addr show | grep 'inet ' | awk '{print $2}' | grep -o "^[0-9.]*" | tr -cd '\11\12\15\40-\176' | head -1) # tail -1 to get last IPV4_PUBLIC="10.2.3.1" -# clean -if [ -f "/etc/systemd/system/Mistborn-base.service" ]; then - sudo systemctl stop Mistborn*.service 2>/dev/null || true - sudo systemctl disable Mistborn*.service 2>/dev/null || true -fi - -sudo docker volume rm -f mistborn_production_postgres_data 2>/dev/null || true -sudo docker volume rm -f mistborn_production_postgres_data_backups 2>/dev/null || true -sudo docker volume rm -f mistborn_production_traefik 2>/dev/null || true -sudo docker volume prune -f 2>/dev/null || true # generate production .env file -if [ ! -d ./.envs/.production ]; then - ./scripts/subinstallers/gen_prod_env.sh "$MISTBORN_DEFAULT_PASSWORD" -fi +#if [ ! -d ./.envs/.production ]; then +./scripts/subinstallers/gen_prod_env.sh "$MISTBORN_DEFAULT_PASSWORD" +#fi # unattended upgrades sudo cp ./scripts/conf/20auto-upgrades /etc/apt/apt.conf.d/ @@ -242,6 +235,19 @@ echo "backup up original volumes folder" sudo mkdir -p ../mistborn_backup sudo tar -czf ../mistborn_backup/mistborn_volumes_backup.tar.gz ../mistborn_volumes 1>/dev/null 2>&1 +# clean docker +echo "cleaning old docker volumes" +sudo systemctl stop Mistborn-base || true +sudo docker-compose -f /opt/mistborn/base.yml kill +sudo docker volume rm -f mistborn_production_postgres_data 2>/dev/null || true +sudo docker volume rm -f mistborn_production_postgres_data_backups 2>/dev/null || true +sudo docker volume rm -f mistborn_production_traefik 2>/dev/null || true +sudo docker volume prune -f 2>/dev/null || true + +# clean Wireguard +echo "cleaning old wireguard services" +sudo ./scripts/env/wg_clean.sh + # start base service sudo systemctl enable Mistborn-base.service sudo systemctl start Mistborn-base.service