chore(setup.sh): refactor setup script to optionally generate server deploy script

2025-05-23 18:13:56 -07:00 · 2025-05-23 18:13:56 -07:00 · 80b0499550
commit 80b0499550
parent 13b5b9c5cb
3 changed files with 121 additions and 68 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1,12 +1,12 @@
 {
  "name": "coryd.dev",
-  "version": "6.0.14",
+  "version": "6.1.14",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "coryd.dev",
-      "version": "6.0.14",
+      "version": "6.1.14",
      "license": "MIT",
      "dependencies": {
        "minisearch": "^7.1.2",
@ -1749,9 +1749,9 @@
      "license": "MIT"
    },
    "node_modules/electron-to-chromium": {
-      "version": "1.5.155",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.155.tgz",
-      "integrity": "sha512-ps5KcGGmwL8VaeJlvlDlu4fORQpv3+GIcF5I3f9tUKUlJ/wsysh6HU8P5L1XWRYeXfA0oJd4PyM8ds8zTFf6Ng==",
+      "version": "1.5.157",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.157.tgz",
+      "integrity": "sha512-/0ybgsQd1muo8QlnuTpKwtl0oX5YMlUGbm8xyqgDU00motRkKFFbUJySAQBWcY79rVqNLWIWa87BGVGClwAB2w==",
      "dev": true,
      "license": "ISC"
    },
@ -2514,9 +2514,9 @@
      }
    },
    "node_modules/jackspeak": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.0.tgz",
-      "integrity": "sha512-9DDdhb5j6cpeitCbvLO7n7J4IxnbM6hoF6O1g4HQ5TfhvvKN8ywDM7668ZhMHRqVmxqhps/F6syWK2KcPxYlkw==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz",
+      "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==",
      "dev": true,
      "license": "BlueOak-1.0.0",
      "dependencies": {
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "coryd.dev",
-  "version": "6.0.14",
+  "version": "6.1.14",
  "description": "The source for my personal site. Built using 11ty (and other tools).",
  "type": "module",
  "engines": {
@ -16,6 +16,7 @@
    "php": "export $(grep -v '^#' .env | xargs) && php -d error_reporting=E_ALL^E_DEPRECATED -S localhost:8080 -t dist",
    "update:deps": "composer update && npm upgrade && ncu",
    "setup": "sh ./scripts/setup.sh",
+    "setup:deploy": "sh ./scripts/setup.sh  --deploy",
    "clean": "rimraf dist .cache",
    "clean:cache": "rimraf .cache",
    "clean:dist": "rimraf dist"
--- a/scripts/setup.sh
+++ b/scripts/setup.sh
@ -2,19 +2,36 @@

 COLOR_BLUE="\033[38;2;51;100;255m"
 COLOR_RESET="\033[0m"
+DEPLOY=false
+
+# parse flags
+for arg in "$@"; do
+  case $arg in
+    --deploy)
+      DEPLOY=true
+      shift
+      ;;
+  esac
+done

 echo "${COLOR_BLUE}"
 echo "=========================================="
-echo "        setting up coryd.dev locally      "
+echo "        Setting up coryd.dev locally      "
 echo "=========================================="
 echo "${COLOR_RESET}"

-# step 1: retrieve and build .env file from 1password
-echo "${COLOR_BLUE}signing in to 1password...${COLOR_RESET}"
+# determine sed compatibility
+if [[ "$OSTYPE" == "darwin"* ]]; then
+  SED_INPLACE="sed -i ''"
+else
+  SED_INPLACE="sed -i"
+fi
+
+# get secrets from 1password
+echo "${COLOR_BLUE}Signing in to 1Password...${COLOR_RESET}"
 eval $(op signin)

-echo "${COLOR_BLUE}fetching secrets from 1password...${COLOR_RESET}"
-
+echo "${COLOR_BLUE}Fetching secrets from 1Password...${COLOR_RESET}"
 SECRETS_JSON='{
  "POSTGREST_URL": "{{ op://Private/coryd.dev secrets/POSTGREST_URL }}",
  "POSTGREST_API_KEY": "{{ op://Private/coryd.dev secrets/POSTGREST_API_KEY }}",
@ -38,25 +55,34 @@ SECRETS_JSON='{
 SECRETS=$(echo "$SECRETS_JSON" | op inject)

 if [ -z "$SECRETS" ]; then
-  echo "error: failed to retrieve secrets from 1password."
+  echo "error: failed to retrieve secrets from 1Password."
  exit 1
 fi

-echo "${COLOR_BLUE}writing .env file...${COLOR_RESET}"
+echo "${COLOR_BLUE}Writing .env file...${COLOR_RESET}"
 echo "$SECRETS" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' > .env
-
-# load environment variables from .env and export them
 export $(grep -v '^#' .env | xargs)

-# step 2: generate final config files from templates
-echo "${COLOR_BLUE}generating configuration files from templates...${COLOR_RESET}"
 mkdir -p generated

-# escape special characters in the replacement string
+# escape sed replacements
 escape_special_chars() {
-  printf '%s' "$1" | sed 's|[&/\ |]|\\&|g'
+  printf '%s' "$1" | sed 's/[&/\|]/\\&/g'
 }

+# replace placeholders in template file
+render_template() {
+  local input="$1"
+  local output="$2"
+  cp "$input" "$output"
+
+  for key in $(jq -r 'keys_unsorted[]' <<< "$SECRETS"); do
+    value=$(jq -r --arg k "$key" '.[$k]' <<< "$SECRETS")
+    $SED_INPLACE "s|{{${key}}}|$(escape_special_chars "$value")|g" "$output"
+  done
+}
+
+# render templates
 for file in scripts/templates/*.template; do
  [ -e "$file" ] || continue

@ -85,59 +111,85 @@ done

 echo "${COLOR_BLUE}all configurations generated in the 'generated' folder.${COLOR_RESET}"

-# step 3: ensure apache_modules.list exists
-MODULES_LIST="scripts/lists/apache_modules.list"
-if [ ! -f "$MODULES_LIST" ]; then
-  echo "apache_modules.list not found, generating it..."
-  a2query -m | awk '{print $1}' > "$MODULES_LIST"
-fi
-
-# step 4: ensure php_extensions.list exists
-PHP_EXTENSIONS_LIST="scripts/lists/php_extensions.list"
-if [ ! -f "$PHP_EXTENSIONS_LIST" ]; then
-  echo "php_extensions.list not found, generating it..."
-  dpkg --get-selections | awk '/php8.3/ {print $1}' > "$PHP_EXTENSIONS_LIST"
-fi
-
-# step 5: display manual installation instructions
 echo "${COLOR_BLUE}"
 echo "=========================================="
-echo "         setup complete!                  "
-echo "  your local environment is ready! 🚀     "
+echo "         Setup complete!                  "
+echo "  Your local environment is ready! 💻     "
 echo "=========================================="
 echo "${COLOR_RESET}"

-echo "${COLOR_BLUE}next steps:${COLOR_RESET}"
-echo "1️⃣ move the coryd.dev.conf apache configuration to the correct location:"
-echo "   sudo a2ensite coryd.dev.conf"
-echo "   sudo systemctl reload apache2"
-echo ""
-echo "2️⃣ enable the required apache modules:"
-if [ -f "$MODULES_LIST" ]; then
+if [ "$DEPLOY" = true ]; then
+  echo "${COLOR_BLUE}Reading module lists...${COLOR_RESET}"
+
+  # read lists
+  MODULES_LIST="scripts/lists/apache_modules.list"
+  PHP_EXTENSIONS_LIST="scripts/lists/php_extensions.list"
  REQUIRED_MODULES=$(tr '\n' ' ' < "$MODULES_LIST" | sed 's/ *$//')
-  if [ -n "$REQUIRED_MODULES" ]; then
-    echo "   sudo a2enmod $REQUIRED_MODULES && sudo systemctl restart apache2"
-  else
-    echo "   no required modules found."
-  fi
-else
-  echo "   error: apache_modules.list not found."
-fi
-echo ""
-echo "3️⃣ install the required php extensions:"
-if [ -f "$PHP_EXTENSIONS_LIST" ]; then
  REQUIRED_PHP_EXTENSIONS=$(tr '\n' ' ' < "$PHP_EXTENSIONS_LIST" | sed 's/ *$//')

-  if [ -n "$REQUIRED_PHP_EXTENSIONS" ]; then
-    echo "   sudo apt install -y $REQUIRED_PHP_EXTENSIONS && sudo systemctl restart php8.3-fpm"
+  echo "${COLOR_BLUE}Writing server setup script...${COLOR_RESET}"
+
+# generate server setup script
+cat > generated/setup-server.sh <<EOF
+#!/bin/bash
+set -e
+
+echo "🔧 Enabling Apache modules..."
+sudo a2enmod $REQUIRED_MODULES
+sudo systemctl restart apache2
+
+echo "🔧 Installing PHP extensions..."
+sudo apt update
+sudo apt install -y $REQUIRED_PHP_EXTENSIONS
+sudo systemctl restart php8.3-fpm
+
+echo "🔧 Enabling site..."
+sudo cp generated/coryd.dev.conf /etc/apache2/sites-available/
+sudo a2dissite 000-default.conf || true
+sudo a2ensite coryd.dev.conf
+sudo systemctl reload apache2
+
+echo "🔐 Running Certbot to obtain TLS certificates..."
+if ! [ -f /etc/letsencrypt/live/coryd.dev/fullchain.pem ]; then
+  sudo certbot --apache -d coryd.dev -d www.coryd.dev
 else
-    echo "   no required php extensions found."
+  echo "✅ Certificate already exists, skipping Certbot."
 fi
+
+echo "🕒 Installing crontabs..."
+sudo crontab generated/root.cron
+sudo crontab -u www-data generated/www-data.cron
+
+echo "✅ All done!"
+EOF
+
+  chmod +x generated/setup-server.sh
+
+  echo "${COLOR_BLUE}"
+  echo "=========================================="
+  echo "         Deploy script generated!         "
+  echo "  Ready to configure your server! 🚀      "
+  echo "=========================================="
+  echo "${COLOR_RESET}"
+
+  read -p "📡 Enter the remote SSH host (e.g., user@hostname): " SSH_HOST
+
+  if [[ -n "$SSH_HOST" ]]; then
+    echo "${COLOR_BLUE}📤 Copying files to $SSH_HOST...${COLOR_RESET}"
+    scp -r generated "$SSH_HOST:~/"
+
+    echo "${COLOR_BLUE}"
+    echo "=========================================="
+    echo "       ✅ Files copied to server!         "
+    echo "=========================================="
+    echo "${COLOR_RESET}"
+
+    echo "${COLOR_BLUE}🧑‍💻 Next steps on the server:${COLOR_RESET}"
+    echo "   ssh $SSH_HOST"
+    echo "   sudo su"
+    echo "   ./generated/setup-server.sh"
  else
-  echo "   error: php_extensions.list not found."
+    echo "${COLOR_BLUE}⚠️ Skipping SSH deploy. No host provided.${COLOR_RESET}"
  fi
-echo ""
-echo "4️⃣ apply crontabs manually:"
-echo "   root: crontab -e"
-echo "   www-data: sudo crontab -u www-data -e"
-echo "${COLOR_BLUE}all done! 🎉${COLOR_RESET}"
+fi
+echo "${COLOR_RESET}"