Refactor: Major script reorganization and improvements
- Add 12 section headers for better code navigation - Create 7 common helper functions (backup, directories, networks, etc.) - Break down monolithic functions: setup_ssh_key_to_core (140→31 lines), main (213→70 lines) - Consolidate redundant backup operations using common_backup() - Consolidate directory/network creation with common helpers - Extract menu handling and completion display into separate functions - Improve visual consistency with ║-bordered output formatting - Suppress verbose output from SSH and deployment operations - Add deployment-ready feedback to install-prerequisites.sh Total functions increased from ~50 to 58 for better modularity Script now 2,824 lines with clearer structure and reduced redundancy
This commit is contained in:
kelin
File diff suppressed because it is too large
Load Diff
@@ -94,7 +94,8 @@ EOF
|
|||||||
|
|
||||||
# Main system setup function
|
# Main system setup function
|
||||||
system_setup() {
|
system_setup() {
|
||||||
log_info "Performing system setup..."
|
echo "║ Installing Prerequisites"
|
||||||
|
echo "║"
|
||||||
|
|
||||||
# Check if running as root for system setup
|
# Check if running as root for system setup
|
||||||
if [ "$EUID" -ne 0 ]; then
|
if [ "$EUID" -ne 0 ]; then
|
||||||
@@ -107,90 +108,130 @@ system_setup() {
|
|||||||
|
|
||||||
# Get SERVER_IP from environment or prompt
|
# Get SERVER_IP from environment or prompt
|
||||||
if [ -z "$SERVER_IP" ]; then
|
if [ -z "$SERVER_IP" ]; then
|
||||||
read -p "Enter the server IP address: " SERVER_IP
|
read -p "║ Enter the server IP address: " SERVER_IP
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Step 1: System Update
|
# Step 1: System Update
|
||||||
log_info "Step 1/10: Updating system packages..."
|
echo -n "║ Step 1/10: Updating system packages... "
|
||||||
apt-get update && apt-get upgrade -y
|
if apt-get update >/dev/null 2>&1 && apt-get upgrade -y >/dev/null 2>&1; then
|
||||||
log_success "System updated successfully"
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to update system packages"
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 2: Install required packages
|
# Step 2: Install required packages
|
||||||
log_info "Step 2/10: Installing required packages..."
|
echo -n "║ Step 2/10: Installing required packages... "
|
||||||
apt-get install -y curl wget git htop nano vim ufw fail2ban unattended-upgrades apt-listchanges sshpass
|
if apt-get install -y curl wget git htop nano vim ufw fail2ban unattended-upgrades apt-listchanges sshpass gettext-base python3 >/dev/null 2>&1; then
|
||||||
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to install required packages"
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 3: Install Docker
|
# Step 3: Install Docker
|
||||||
log_info "Step 3/10: Installing Docker..."
|
echo -n "║ Step 3/10: Installing Docker... "
|
||||||
if command -v docker &> /dev/null && docker --version &> /dev/null; then
|
if command -v docker &> /dev/null && docker --version &> /dev/null; then
|
||||||
log_success "Docker is already installed ($(docker --version))"
|
echo "✓ (already installed)"
|
||||||
# Check if user is in docker group
|
# Check if user is in docker group
|
||||||
if ! groups "$ACTUAL_USER" 2>/dev/null | grep -q docker; then
|
if ! groups "$ACTUAL_USER" 2>/dev/null | grep -q docker; then
|
||||||
log_info "Adding $ACTUAL_USER to docker group..."
|
usermod -aG docker "$ACTUAL_USER" >/dev/null 2>&1
|
||||||
usermod -aG docker "$ACTUAL_USER"
|
|
||||||
NEEDS_LOGOUT=true
|
NEEDS_LOGOUT=true
|
||||||
fi
|
fi
|
||||||
# Check if Docker service is running
|
# Check if Docker service is running
|
||||||
if ! systemctl is-active --quiet docker; then
|
if ! systemctl is-active --quiet docker; then
|
||||||
log_warning "Docker service is not running, starting it..."
|
systemctl start docker >/dev/null 2>&1
|
||||||
systemctl start docker
|
systemctl enable docker >/dev/null 2>&1
|
||||||
systemctl enable docker
|
|
||||||
log_success "Docker service started and enabled"
|
|
||||||
else
|
|
||||||
log_info "Docker service is already running"
|
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh
|
if curl -fsSL https://get.docker.com -o /tmp/get-docker.sh >/dev/null 2>&1 && sh /tmp/get-docker.sh >/dev/null 2>&1; then
|
||||||
usermod -aG docker "$ACTUAL_USER"
|
usermod -aG docker "$ACTUAL_USER" >/dev/null 2>&1
|
||||||
NEEDS_LOGOUT=true
|
NEEDS_LOGOUT=true
|
||||||
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to install Docker"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Step 4: Install Docker Compose
|
# Step 4: Install Docker Compose
|
||||||
log_info "Step 4/10: Installing Docker Compose..."
|
echo -n "║ Step 4/10: Installing Docker Compose... "
|
||||||
if command -v docker-compose &> /dev/null && docker-compose --version &> /dev/null; then
|
if command -v docker-compose &> /dev/null && docker-compose --version &> /dev/null; then
|
||||||
log_success "Docker Compose is already installed ($(docker-compose --version))"
|
echo "✓ (already installed)"
|
||||||
else
|
else
|
||||||
curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
|
if curl -sL "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose >/dev/null 2>&1 && chmod +x /usr/local/bin/docker-compose; then
|
||||||
chmod +x /usr/local/bin/docker-compose
|
echo "✓"
|
||||||
log_success "Docker Compose installed ($(docker-compose --version))"
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to install Docker Compose"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Step 5: Generate shared CA for multi-server TLS
|
# Step 5: Generate shared CA for multi-server TLS
|
||||||
log_info "Step 5/10: Generating shared CA certificate for multi-server TLS..."
|
echo -n "║ Step 5/10: Generating shared CA certificate... "
|
||||||
generate_shared_ca
|
if generate_shared_ca >/dev/null 2>&1; then
|
||||||
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to generate shared CA"
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 6: Configure Docker TLS
|
# Step 6: Configure Docker TLS
|
||||||
log_info "Step 6/10: Configuring Docker TLS..."
|
echo -n "║ Step 6/10: Configuring Docker TLS... "
|
||||||
setup_docker_tls
|
if setup_docker_tls >/dev/null 2>&1; then
|
||||||
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to configure Docker TLS"
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 7: Configure UFW firewall
|
# Step 7: Configure UFW firewall
|
||||||
log_info "Step 7/10: Configuring firewall..."
|
echo -n "║ Step 7/10: Configuring firewall... "
|
||||||
ufw --force enable
|
if ufw --force enable >/dev/null 2>&1 && \
|
||||||
ufw allow ssh
|
ufw allow ssh >/dev/null 2>&1 && \
|
||||||
ufw allow 80
|
ufw allow 80 >/dev/null 2>&1 && \
|
||||||
ufw allow 443
|
ufw allow 443 >/dev/null 2>&1 && \
|
||||||
ufw allow 2376/tcp # Docker TLS port
|
ufw allow 2376/tcp >/dev/null 2>&1; then
|
||||||
log_success "Firewall configured"
|
echo "✓"
|
||||||
|
else
|
||||||
|
echo "✗"
|
||||||
|
log_error "Failed to configure firewall"
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 8: Configure automatic updates
|
# Step 8: Configure automatic updates
|
||||||
log_info "Step 8/10: Configuring automatic updates..."
|
echo -n "║ Step 8/10: Configuring automatic updates... "
|
||||||
dpkg-reconfigure -f noninteractive unattended-upgrades
|
if dpkg-reconfigure -f noninteractive unattended-upgrades >/dev/null 2>&1; then
|
||||||
|
echo "✓"
|
||||||
# Step 10: Create Docker networks
|
else
|
||||||
log_info "Step 10/10: Creating Docker networks..."
|
echo "✗"
|
||||||
docker network create homelab-network 2>/dev/null && log_success "Created homelab-network" || log_info "homelab-network already exists"
|
log_error "Failed to configure automatic updates"
|
||||||
docker network create traefik-network 2>/dev/null && log_success "Created traefik-network" || log_info "traefik-network already exists"
|
fi
|
||||||
docker network create media-network 2>/dev/null && log_success "Created media-network" || log_info "media-network already exists"
|
|
||||||
|
|
||||||
# Step 9: Set proper ownership
|
# Step 9: Set proper ownership
|
||||||
log_info "Step 9/10: Setting directory ownership..."
|
echo -n "║ Step 9/10: Setting directory ownership... "
|
||||||
chown -R "$ACTUAL_USER:$ACTUAL_USER" /opt
|
if chown -R "$ACTUAL_USER:$ACTUAL_USER" /opt >/dev/null 2>&1; then
|
||||||
|
echo "✓"
|
||||||
log_success "System setup completed!"
|
else
|
||||||
echo ""
|
echo "✗"
|
||||||
if [ "$NEEDS_LOGOUT" = true ]; then
|
log_error "Failed to set directory ownership"
|
||||||
log_info "Please log out and back in for Docker group changes to take effect."
|
|
||||||
echo ""
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Step 10: Create Docker networks
|
||||||
|
echo -n "║ Step 10/10: Creating Docker networks... "
|
||||||
|
docker network create homelab-network >/dev/null 2>&1 || true
|
||||||
|
docker network create traefik-network >/dev/null 2>&1 || true
|
||||||
|
docker network create media-network >/dev/null 2>&1 || true
|
||||||
|
echo "✓"
|
||||||
|
|
||||||
|
echo "║"
|
||||||
|
echo "║ Prerequisites installation complete!"
|
||||||
|
echo "║"
|
||||||
|
|
||||||
|
if [ "$NEEDS_LOGOUT" = true ]; then
|
||||||
|
echo "║ ⚠️ Please log out and back in then rerun the script."
|
||||||
|
echo "║"
|
||||||
|
fi
|
||||||
|
echo "╚════════════════════════════════════════════════════════════"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Run the setup
|
# Run the setup
|
||||||
|
|||||||
Reference in New Issue
Block a user