diff --git a/bin/add-site/install_directus.sh b/bin/add-site/install_directus.sh index b34121c..3b3dc5e 100644 --- a/bin/add-site/install_directus.sh +++ b/bin/add-site/install_directus.sh @@ -19,6 +19,7 @@ sed -i "s/^ADMIN_EMAIL=.*/ADMIN_EMAIL=${directus_admin_email}/" "/home/${USERNAM sed -i "s/^ADMIN_PASSWORD=.*/ADMIN_PASSWORD=${directus_admin_password}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env" # @TODO: random port + port=8055 key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n') @@ -28,12 +29,10 @@ sed -i "s/^KEY=.*/KEY=${key}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env" sed -i "s/^SECRET=.*/SECRET=${secret}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env" sed -i "s/^PORT=.*/PORT=${port}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env" -# Start the services using Docker Compose docker compose -f "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml" up -d sleep 10 -# Wait for the database to be ready echo "Waiting for Directus database to be ready..." until docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT 1 FROM directus.directus_roles LIMIT 1" &> /dev/null do @@ -41,16 +40,18 @@ do sleep 5 done +# @TODO: ask if import db +# and prompt "take care of permissions settings" +# else do the install db manipulations + docker cp assets/directus_policies.sql "${DOMAIN_NAME}_Directus_DB:/directus_policies.sql" docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c " mariadb -uroot directus < /directus_policies.sql " -# docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus roles create --role Website && npx directus roles create --role User" - -website_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Website'") | awk '{print $2}') -user_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='User'") | awk '{print $2}') -admin_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Administrator'") | awk '{print $2}') +website_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Website'") +user_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='User'") +admin_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Administrator'") website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n') @@ -64,16 +65,6 @@ docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c " UPDATE directus.directus_users SET token='${WEBSITE_TOKEN}' WHERE email='website@${DOMAIN_NAME}'; \" directus " -# @TODO: random port - -# INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) -# VALUES ('${website_role_uuid}', 'directus_files', 'read', '{}', '{}', '*'); -# INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) -# VALUES ('${user_role_uuid}', 'directus_files', 'read', '{}', '{}', '*'); -# INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields) -# VALUES ('${user_role_uuid}', 'directus_folders', 'read', '{}', '{}', '*'); - -# @TODO: website permission docker network connect web "${DOMAIN_NAME}_Directus" @@ -88,6 +79,26 @@ if [[ "$answer" == "y" ]]; then docker cp /home/${USERNAME}/snapshot.yaml "${DOMAIN_NAME}_Directus":/directus/snapshot.yaml docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus schema apply --yes ./snapshot.yaml" + + can_see_policy_id=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_policies WHERE name='CanSee'") + can_edit_policy_id=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_policies WHERE name='CanEdit'") + + docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "mariadb -N -u root directus -e \"SELECT collection FROM directus_collections;\"" | while read collection_name; do + echo $collection_name; + docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c " + mariadb -uroot directus -e \" + INSERT INTO directus_permissions (collection, action, permissions, fields, policy) + VALUES + ('${collection_name}', 'read', '{}', '*', '${can_see_policy_id}'), + ('${collection_name}', 'read', '{}', '*', '${can_edit_policy_id}'), + ('${collection_name}', 'create', '{}', '*', '${can_edit_policy_id}'), + ('${collection_name}', 'update', '{}', '*', '${can_edit_policy_id}'), + ('${collection_name}', 'delete', '{}', '*', '${can_edit_policy_id}'); + \" + " + done + # @TODO: check set permissions for collections imported via schema + fi if ! grep -q "cms.${DOMAIN_NAME}" "$CADDYFILE"; then diff --git a/bin/add-site/set_url.sh b/bin/add-site/set_url.sh index 78443b7..8cfdd8a 100644 --- a/bin/add-site/set_url.sh +++ b/bin/add-site/set_url.sh @@ -5,6 +5,7 @@ read DOMAIN_NAME check_global_const IP +# @TODO : Automate the DNS configuration with OVH api echo -e "${PURPLE}${BOLD}Configure the ${DOMAIN_NAME} DNS ZONE as the following${RESET}" echo -e "${BLUE}Domain : ${DOMAIN_NAME} | Type : A | Target : ${IP}${RESET}" echo -e "${BLUE}Domain : cms.${DOMAIN_NAME} | Type : A | Target : ${IP}${RESET}" diff --git a/bin/variables.sh b/bin/env-setup.sh similarity index 100% rename from bin/variables.sh rename to bin/env-setup.sh diff --git a/install.sh b/install.sh index 846c817..75913d0 100644 --- a/install.sh +++ b/install.sh @@ -1,8 +1,8 @@ #!/bin/bash -. bin/variables.sh +. bin/env-setup.sh -echo -e "${PURPLE}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}" +echo -e "${PURPLE}${BOLD}Deployment Debian + Docker + Caddy + Directus + Nuxt${RESET}" if [ "$(dirname "$(readlink -f "$0")")" != "$(pwd)" ]; then echo "Please run this script from its directory."