check global const

bin/add-site/install_directus.sh

@@ -1,17 +1,13 @@
 #!/bin/bash
 
-if [[ -z "$DOMAIN_NAME" ]]; then
+check_global_const DOMAIN_NAME USERNAME CADDYFILE IP SSH_PORT
-    echo -e "${PURPLE}${BOLD}Enter the domain name of the website${RESET}"
-    read DOMAIN_NAME
-    get_ip
-fi
 
-mkdir "/home/${username}/cms.${DOMAIN_NAME}"
+mkdir "/home/${USERNAME}/cms.${DOMAIN_NAME}"
-cp assets/directus.docker-compose.yml "/home/${username}/cms.${DOMAIN_NAME}/docker-compose.yml"
+cp assets/directus.docker-compose.yml "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml"
-cp assets/setup_mariadb.sql "/home/${username}/cms.${DOMAIN_NAME}/setup_mariadb.sql"
+cp assets/setup_mariadb.sql "/home/${USERNAME}/cms.${DOMAIN_NAME}/setup_mariadb.sql"
-cp assets/.env.example "/home/${username}/cms.${DOMAIN_NAME}/.env"
+cp assets/.env.example "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
 
-sed -i "s/^PROJECT_NAME=.*/PROJECT_NAME=${DOMAIN_NAME}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^PROJECT_NAME=.*/PROJECT_NAME=${DOMAIN_NAME}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
 
 echo -e "${ORANGE}${BOLD}Generate and store the credentials somewhere safe${RESET}"
 echo -e "${PURPLE}${BOLD}Enter the Directus admin email : ${RESET}"
@@ -19,20 +15,21 @@ read directus_admin_email
 echo -e "${PURPLE}${BOLD}Enter the Directus admin password : ${RESET}"
 read -s directus_admin_password
 
-sed -i "s/^ADMIN_EMAIL=.*/ADMIN_EMAIL=${directus_admin_email}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^ADMIN_EMAIL=.*/ADMIN_EMAIL=${directus_admin_email}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
-sed -i "s/^ADMIN_PASSWORD=.*/ADMIN_PASSWORD=${directus_admin_password}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^ADMIN_PASSWORD=.*/ADMIN_PASSWORD=${directus_admin_password}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
 
+# @TODO: random port
 port=8055
 
 key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
 secret=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
 
-sed -i "s/^KEY=.*/KEY=${key}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^KEY=.*/KEY=${key}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
-sed -i "s/^SECRET=.*/SECRET=${secret}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^SECRET=.*/SECRET=${secret}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
-sed -i "s/^PORT=.*/PORT=${port}/" "/home/${username}/cms.${DOMAIN_NAME}/.env"
+sed -i "s/^PORT=.*/PORT=${port}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
 
 # Start the services using Docker Compose
-docker compose -f "/home/${username}/cms.${DOMAIN_NAME}/docker-compose.yml" up -d
+docker compose -f "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml" up -d
 
 docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus roles create --role Website && npx directus roles create --role User"
 
@@ -48,21 +45,33 @@ WEBSITE_TOKEN=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
 docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
     mariadb -uroot -e \"
         UPDATE directus.directus_roles SET icon='robot' WHERE name='Website';
-        UPDATE directus.directus_roles SET app_access='0' WHERE name='Website';
         UPDATE directus.directus_users SET token='${WEBSITE_TOKEN}' WHERE email='website@${DOMAIN_NAME}';
-        INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
-            VALUES ('${website_role_uuid}', 'directus_files', 'read', '{}', '{}', '*');
-        INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
-            VALUES ('${user_role_uuid}', 'directus_files', 'read', '{}', '{}', '*');
-        INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
-            VALUES ('${user_role_uuid}', 'directus_folders', 'read', '{}', '{}', '*');
     \" directus
 "
+# @TODO: random port
+
+#      INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
+#            VALUES ('${website_role_uuid}', 'directus_files', 'read', '{}', '{}', '*');
+#        INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
+#            VALUES ('${user_role_uuid}', 'directus_files', 'read', '{}', '{}', '*');
+#        INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) 
+#            VALUES ('${user_role_uuid}', 'directus_folders', 'read', '{}', '{}', '*');
+
+# @TODO: website permission
 
 docker network connect web "${DOMAIN_NAME}_Directus"
 
-if [[ -z "$CADDYFILE" ]]; then
+echo -e "${PURPLE}${BOLD}Import Directus data model ? (y/N) ${RESET}"
-    CADDYFILE="/home/${username}/caddy/caddyfile/Caddyfile"
+read answer
+if [[ "$answer" == "y" ]]; then
+    echo -e "${PURPLE}${BOLD}Import local Directus data model${RESET}"
+    echo -e "${BLUE}npx directus schema snapshot ./snapshot.yaml${RESET}"
+    echo -e "${BLUE}scp -P ${SSH_PORT} /local/path/to/snapshot.yaml ${USERNAME}@${IP}:/home/${USERNAME}/snapshot.yaml${RESET}"
+    echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
+    read
+
+    docker cp /home/${USERNAME}/snapshot.yaml "${DOMAIN_NAME}_Directus":/directus/snapshot.yaml
+    docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus schema apply --yes ./snapshot.yaml"
 fi
 
 if ! grep -q "cms.${DOMAIN_NAME}" "$CADDYFILE"; then
@@ -70,6 +79,7 @@ if ! grep -q "cms.${DOMAIN_NAME}" "$CADDYFILE"; then
     echo "    reverse_proxy ${DOMAIN_NAME}_Directus:${port}" >> "$CADDYFILE"
     echo "}" >> "$CADDYFILE"
     docker restart caddy
+    echo -e "${PURPLE}${BOLD}You can now add some content${RESET}"
 else
-    echo "Entry for cms.${DOMAIN_NAME} already exists in $CADDYFILE."
+    echo -e "${ORANGE}${BOLD}Entry for cms.${DOMAIN_NAME} already exists in $CADDYFILE.${RESET}"
 fi

bin/add-site/set_url.sh

@@ -3,12 +3,10 @@
 echo -e "${PURPLE}${BOLD}Enter the domain name of the website${RESET}"
 read DOMAIN_NAME
 
-if [[ -z "$ip" ]]; then
+check_global_const IP
-    ip=$(hostname -I | cut -d' ' -f1)
-fi
 
 echo -e "${PURPLE}${BOLD}Configure the ${DOMAIN_NAME} DNS ZONE as the following${RESET}"
-echo -e "${BLUE}Domain : ${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
+echo -e "${BLUE}Domain : ${DOMAIN_NAME} | Type : A | Target : ${IP}${RESET}"
 echo -e "${BLUE}Domain : cms.${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
 echo -e "${BLUE}Domain : www.${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
 echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"

bin/add_site.sh

@@ -1,8 +1,6 @@
 #!/bin/bash
 
-if [[ -z "$username" ]]; then
+# @TODO: check caddy
-    username=$(getent passwd 1001 | cut -d: -f1)
-fi
 
 # SET URL
 echo -e "${PURPLE}${BOLD}Set url ? (y/N) ${RESET}"

bin/first-install/add_swap.sh

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-fallocate -l 2G /swapfile
-chmod 600 /swapfile
-mkswap /swapfile
-swapon /swapfile
-echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
-
-echo -e "${PURPLE}${BOLD}2G swapfile created${RESET}"

bin/first-install/create_user.sh

@@ -2,9 +2,9 @@
 
 echo -e "${PURPLE}${BOLD}Create user${RESET}"
 
-read -p "Enter username: " username
+read -p "Enter username: " USERNAME
 
-if id "$username" &>/dev/null; then
+if id "$USERNAME" &>/dev/null; then
     echo "User '$username' already exists."
     exit 1
 fi
@@ -12,11 +12,11 @@ fi
 echo -e "${ORANGE}${BOLD}Generate and store the password somewhere safe${RESET}"
 read -s -p "Enter password: " password
 echo
-useradd -m "$username"
+useradd -m "$USERNAME"
-chsh -s /bin/bash $username
+chsh -s /bin/bash $USERNAME
-echo "$username:$password" | chpasswd
+echo "$USERNAME:$password" | chpasswd
 
-usermod -aG sudo $username
+usermod -aG sudo $USERNAME
-usermod -aG docker $username
+usermod -aG docker $USERNAME
 
-echo -e "${PURPLE}${BOLD}User '$username' created with password successfully.${RESET}"
+echo -e "${PURPLE}${BOLD}User '$USERNAME' created with password successfully.${RESET}"

bin/first-install/setup_firewall_fail2ban.sh

@@ -5,7 +5,7 @@ install_pkg ufw
 install_pkg fail2ban
 systemctl enable fail2ban
 get_ssh_port
-ufw allow $ssh_port
+ufw allow $SSH_PORT
 ufw allow http
 ufw allow https
 

bin/first-install/setup_ssh.sh

@@ -2,12 +2,12 @@
 
 echo -e "${PURPLE}${BOLD}Setup SSH${RESET}"
 
-ssh_port=$((RANDOM % (65536 - 1024 + 1) + 1024))
+SSH_PORT=$((RANDOM % (65536 - 1024 + 1) + 1024))
 
 touch /etc/ssh/sshd_config.d/custom.conf
 echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
 echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
-echo "Port ${ssh_port}" >> /etc/ssh/sshd_config.d/custom.conf
+echo "Port ${SSH_PORT}" >> /etc/ssh/sshd_config.d/custom.conf
 systemctl reload ssh
 
-echo -e "${ORANGE}${BOLD}Store the ssh port ${ssh_port} somewhere safe${RESET}"
+echo -e "${ORANGE}${BOLD}Store the ssh port ${SSH_PORT} somewhere safe${RESET}"

bin/first_install.sh

@@ -19,13 +19,6 @@ if [[ "$answer" == "y" ]]; then
     . bin/first-install/setup_ssh.sh
 fi
 
-# SWAP
-echo -e "${PURPLE}${BOLD}Add SWAP ? (y/N) ${RESET}"
-read answer
-if [[ "$answer" == "y" ]]; then
-    . bin/first-install/add_swap.sh
-fi
-
 # FIREWALL AND FAIL2BAN
 echo -e "${PURPLE}${BOLD}Setup Firewall and Fail2ban ? (y/N) ${RESET}"
 read answer
@@ -35,25 +28,22 @@ fi
 
 # Check if Docker is installed
 if ! command -v docker &> /dev/null; then
-    echo "Docker is not installed."
+    echo "${ORANGE}${BOLD}Docker is not installed.${RESET}"
     exit 1
 else
-    echo "Docker is installed."
+    echo "${BLUE}${BOLD}Docker is installed.${RESET}"
 fi
 
-if [[ -z "$username" ]]; then
-    username=$(getent passwd 1001 | cut -d: -f1)
-fi
 
 # Check if a Caddy container is running
 if docker ps --filter "ancestor=caddy" --format '{{.Names}}' | grep -q .; then
-    echo "A Caddy container is running."
+    echo -e "${BLUE}${BOLD}A Caddy container is running.${BLUE}${BOLD}"
 else
-    mkdir "/home/${username}/caddy"
+    check_global_const USERNAME CADDYFILE
-    mkdir "/home/${username}/caddy/caddyfile"
+    mkdir "/home/${USERNAME}/caddy"
-    CADDYFILE="/home/${username}/caddy/caddyfile/Caddyfile"
+    mkdir "/home/${USERNAME}/caddy/caddyfile"
     touch "${CADDYFILE}"
-    cp assets/caddy.docker-compose.yml "/home/${username}/caddy/docker-compose.yml"
+    cp assets/caddy.docker-compose.yml "/home/${USERNAME}/caddy/docker-compose.yml"
     docker network create web
-    docker compose -f "/home/${username}/caddy/docker-compose.yml" up -d
+    docker compose -f "/home/${USERNAME}/caddy/docker-compose.yml" up -d
 fi

bin/variables.sh

@@ -7,4 +7,45 @@ BLUE='\033[34m'
 BOLD='\033[1m'
 RESET='\033[0m'
 
+USERNAME=""
+SSH_PORT=
+CADDYFILE=""
 DOMAIN_NAME=""
+IP=""
+
+check_global_const() {
+    for var_name in "$@"; do
+        if [[ -z "${!var_name}" ]]; then
+            case "$var_name" in
+                USERNAME)
+                    eval "$var_name=$(getent passwd 1001 | cut -d: -f1)"
+                    ;;
+                SSH_PORT)
+                    eval "$var_name=$(cat /etc/ssh/sshd_config.d/custom.conf | grep "Port " | sed 's/^Port //')"
+                    ;;
+                CADDYFILE)
+                    eval "$var_name=\"/home/${USERNAME}/caddy/caddyfile/Caddyfile\""
+                    ;;
+                DOMAIN_NAME)
+                    echo -e "${PURPLE}${BOLD}Enter the domain name of the website${RESET}"
+                    read DOMAIN_NAME
+                    eval "$var_name=$DOMAIN_NAME"
+                    ;;
+                IP)
+                    eval "$var_name=$(hostname -I | cut -d' ' -f1)"
+                    ;;
+                *)
+                    echo "Unknown variable: $var_name" >&2
+                    ;;
+            esac
+        fi
+    done
+}
+
+install_pkg() {
+    pkg="$1"
+    if ! dpkg -s "$pkg" >/dev/null 2>&1; then
+        apt update && apt install -y "$pkg"
+        echo -e "${PURPLE}${BOLD}${pkg} installed${RESET}"
+    fi
+}