|
| 1 | +#!/usr/bin/env php |
| 2 | +<?php |
| 3 | + |
| 4 | +# |
| 5 | +# Auto create multiple Hesia containers with various features enabled/disabled |
| 6 | +# lxc/lxd should be allready configured |
| 7 | +# - container name will be generated depending on enabled features (os,proxy,webserver and php) |
| 8 | +# - 'SHARED_HOST_FOLDER' will be mounted in the (guest lxc) container at '/home/ubuntu/source/' and hestiacp src folder is expected to be there |
| 9 | +# - wildcard dns *.hst.domain.tld can be used to point to vm host |
| 10 | +# - watch install log ex:(host) tail -n 100 -f /tmp/hst_installer_hst-ub1604-a2-mphp |
| 11 | +# |
| 12 | +# CONFIG HOST STEPS: |
| 13 | +# export SHARED_HOST_FOLDER="/home/myuser/projectfiles" |
| 14 | +# mkdir -p $SHARED_HOST_FOLDER |
| 15 | +# cd $SHARED_HOST_FOLDER && git clone https://github.com/hestiacp/hestiacp.git && cd hestiacp && git checkout ..branch.. |
| 16 | +# |
| 17 | + |
| 18 | + |
| 19 | +## Uncomment and configure the following vars |
| 20 | +# define('DOMAIN', 'hst.domain.tld'); |
| 21 | +# define('SHARED_HOST_FOLDER', '/home/myuser/projectfiles'); |
| 22 | +# define('HST_PASS', ''); // <- # openssl rand -base64 12 |
| 23 | +# define('HST_EMAIL', 'user@domain.tld'); |
| 24 | +define('HST_BRANCH', '~localsrc'); |
| 25 | +define('HST_ARGS', '--force --interactive no --clamav no -p ' . HST_PASS . ' --email ' . HST_EMAIL); |
| 26 | +define('LXC_TIMEOUT', 15); |
| 27 | + |
| 28 | +if( !defined('SHARED_HOST_FOLDER') || !defined('HST_PASS') || !defined('HST_EMAIL') || !defined('HST_BRANCH') || !defined('DOMAIN') ) { |
| 29 | + die("Error: missing variables".PHP_EOL); |
| 30 | +} |
| 31 | + |
| 32 | +$containers = [ |
| 33 | +// ['description'=>'hst-d9-ngx-a2-mphp', 'os'=>'debian9', 'nginx'=>true, 'apache2'=>true, 'php'=>'multiphp', 'dns'=>'auto', 'exim'=>'auto'], |
| 34 | + ['description'=>'ub1804 ngx mphp', 'os'=>'ubuntu18.04', 'nginx'=>true, 'apache2'=>false, 'php'=>'multiphp', 'dns'=>'auto', 'exim'=>'auto'], |
| 35 | + ['description'=>'ub1804 ngx fpm', 'os'=>'ubuntu18.04', 'nginx'=>true, 'apache2'=>false, 'php'=>'fpm', 'dns'=>'auto', 'exim'=>'auto'], |
| 36 | + ['description'=>'ub1804 ngx a2', 'os'=>'ubuntu18.04', 'nginx'=>true, 'apache2'=>true, 'php'=>'auto', 'dns'=>'auto', 'exim'=>'auto'], |
| 37 | + ['description'=>'ub1804 ngx a2 mphp', 'os'=>'ubuntu18.04', 'nginx'=>true, 'apache2'=>true, 'php'=>'multiphp', 'dns'=>'auto', 'exim'=>'auto'], |
| 38 | + ['description'=>'ub1804 a2 mphp', 'os'=>'ubuntu18.04', 'nginx'=>false, 'apache2'=>true, 'php'=>'multiphp', 'dns'=>'auto', 'exim'=>'auto'], |
| 39 | + ['description'=>'ub1804 a2', 'os'=>'ubuntu18.04', 'nginx'=>false, 'apache2'=>true, 'php'=>'auto', 'dns'=>'auto'], |
| 40 | + ['description'=>'ub1604 a2 mphp', 'os'=>'ubuntu16.04', 'nginx'=>false, 'apache2'=>true, 'php'=>'multiphp', 'dns'=>'auto', 'exim'=>'auto'], |
| 41 | +]; |
| 42 | + |
| 43 | +array_walk($containers, function(&$element) { |
| 44 | + $lxc_name='hst-'; |
| 45 | + $hst_args = HST_ARGS; |
| 46 | + |
| 47 | + $element['hst_installer'] = 'hst-install-ubuntu.sh'; |
| 48 | + $element['lxc_image'] = 'ubuntu:18.04'; |
| 49 | + |
| 50 | + if($element['os'] == "ubuntu16.04") { |
| 51 | + $element['lxc_image'] = 'ubuntu:16.04'; |
| 52 | + $lxc_name .= 'ub1604'; |
| 53 | + } else if($element['os'] == "debian8") { |
| 54 | + $element['lxc_image'] = 'images:debian/8'; |
| 55 | + $element['hst_installer'] = 'hst-install-debian.sh'; |
| 56 | + $lxc_name .= 'd8'; |
| 57 | + } else if($element['os'] == "debian9") { |
| 58 | + $element['lxc_image'] = 'images:debian/9'; |
| 59 | + $element['hst_installer'] = 'hst-install-debian.sh'; |
| 60 | + $lxc_name .= 'd9'; |
| 61 | + } else { |
| 62 | + $lxc_name .= 'ub1804'; |
| 63 | + $element['os'] = "ubuntu18.04"; |
| 64 | + } |
| 65 | + |
| 66 | + if($element['nginx'] === true) { |
| 67 | + $lxc_name .= '-ngx'; |
| 68 | + $hst_args .= " --nginx yes"; |
| 69 | + } else |
| 70 | + $hst_args .= " --nginx no"; |
| 71 | + |
| 72 | + if($element['apache2'] === true) { |
| 73 | + $lxc_name .= '-a2'; |
| 74 | + $hst_args .= " --apache yes"; |
| 75 | + } else |
| 76 | + $hst_args .= " --apache no"; |
| 77 | + |
| 78 | + |
| 79 | + if($element['php'] == 'fpm') { |
| 80 | + $lxc_name .= '-fpm'; |
| 81 | + $hst_args .= " --phpfpm yes"; |
| 82 | + } else if($element['php'] == 'multiphp') { |
| 83 | + $lxc_name .= '-mphp'; |
| 84 | + $hst_args .= " --multiphp yes"; |
| 85 | + } |
| 86 | + |
| 87 | + if(isset($element['dns'])) { |
| 88 | + if($element['dns'] === true || $element['dns'] == 'auto') { |
| 89 | + $hst_args .= " --named yes"; |
| 90 | + } else { |
| 91 | + $hst_args .= " --named no"; |
| 92 | + } |
| 93 | + } |
| 94 | + |
| 95 | + if(isset($element['exim'])) { |
| 96 | + if($element['exim'] === true || $element['exim'] == 'auto') { |
| 97 | + $hst_args .= " --exim yes"; |
| 98 | + } else { |
| 99 | + $hst_args .= " --exim no"; |
| 100 | + } |
| 101 | + } |
| 102 | + |
| 103 | + if(isset($element['webmail'])) { |
| 104 | + if($element['webmail'] === true || $element['webmail'] == 'auto') { |
| 105 | + $hst_args .= " --dovecot yes"; |
| 106 | + } else { |
| 107 | + $hst_args .= " --dovecot no"; |
| 108 | + } |
| 109 | + } |
| 110 | + |
| 111 | + $element['lxc_name'] = $lxc_name; |
| 112 | + $element['hostname'] = $lxc_name . '.' . DOMAIN; |
| 113 | + |
| 114 | + // $hst_args .= ' --with-debs /home/ubuntu/source/hestiacp/src/pkgs/develop/' . $element['os']; |
| 115 | + $hst_args .= ' --with-debs /tmp/hestiacp-src/debs'; |
| 116 | + $hst_args .= ' --hostname ' . $element['hostname']; |
| 117 | + $element['hst_args'] = $hst_args; |
| 118 | +}); |
| 119 | + |
| 120 | +function lxc_run($args, &$rc) { |
| 121 | + $cmd_args = ""; |
| 122 | + |
| 123 | + if(is_array($args)) { |
| 124 | + foreach ($args as $arg) { |
| 125 | + $cmd_args .= ' ' . escapeshellarg($arg); |
| 126 | + } |
| 127 | + } else |
| 128 | + $cmd_args = $args; |
| 129 | + |
| 130 | + exec('lxc ' . $cmd_args . ' 2>/dev/null', $cmdout, $rc); |
| 131 | + |
| 132 | + if(isset($rc) && $rc !== 0) |
| 133 | + return false; |
| 134 | + |
| 135 | + if(json_decode(implode(PHP_EOL, $cmdout),true) === null) |
| 136 | + return $cmdout; |
| 137 | + |
| 138 | + return json_decode(implode(PHP_EOL, $cmdout),true); |
| 139 | +} |
| 140 | + |
| 141 | +function getHestiaVersion($branch) { |
| 142 | + $control_file = ''; |
| 143 | + if($branch==='~localsrc') |
| 144 | + $control_file = file_get_contents(SHARED_HOST_FOLDER . '/hestiacp/src/deb/hestia/control'); |
| 145 | + else { |
| 146 | + $control_file = file_get_contents("https://raw.githubusercontent.com/hestiacp/hestiacp/${branch}/src/deb/hestia/control"); |
| 147 | + } |
| 148 | + |
| 149 | + foreach(explode(PHP_EOL, $control_file) as $line) { |
| 150 | + if(empty($line)) |
| 151 | + continue; |
| 152 | + |
| 153 | + list($key,$value) = explode(':', $line); |
| 154 | + if(strtolower($key) === 'version') |
| 155 | + return trim($value); |
| 156 | + } |
| 157 | + |
| 158 | + throw new Exception("Error reading Hestia version for branch: [${branch}]", 1); |
| 159 | +} |
| 160 | + |
| 161 | +function get_lxc_ip($name) { |
| 162 | + $result = lxc_run(['list', '--format', 'csv', '-c', 'n,4'],$rc); |
| 163 | + if(empty($result)) |
| 164 | + return false; |
| 165 | + |
| 166 | + foreach ($result as $line) { |
| 167 | + list($cnt, $address) = explode(',', $line); |
| 168 | + if($cnt == $name) { |
| 169 | + $iface = explode(' ', $address); |
| 170 | + if(filter_var($iface[0], FILTER_VALIDATE_IP)) |
| 171 | + return $iface[0]; |
| 172 | + else |
| 173 | + return false; |
| 174 | + } |
| 175 | + } |
| 176 | +} |
| 177 | + |
| 178 | +function check_lxc_container($container) { |
| 179 | + echo "Check container:".$container['lxc_name'].PHP_EOL; |
| 180 | + |
| 181 | + lxc_run(['info', $container['lxc_name']], $rc); |
| 182 | + if(isset($rc) && $rc === 0) |
| 183 | + return; |
| 184 | + |
| 185 | + echo "Creating container ".$container['lxc_name'] . PHP_EOL; |
| 186 | + lxc_run(['init', $container['lxc_image'], $container['lxc_name']], $rc); |
| 187 | + exec('lxc config set '.escapeshellarg($container['lxc_name']).' raw.idmap "both 1000 1000" 2>/dev/null', $devnull, $rc); |
| 188 | + exec('lxc config device add '.escapeshellarg($container['lxc_name']).' hestiasrc disk path=/home/ubuntu/source source='.SHARED_HOST_FOLDER.' 2>/dev/null', $devnull, $rc); |
| 189 | + lxc_run(['start', $container['lxc_name']], $rc); |
| 190 | + |
| 191 | + $lxc_retry = 0; |
| 192 | + do { |
| 193 | + $lxc_retry++; |
| 194 | + $cip = get_lxc_ip($container['lxc_name']); |
| 195 | + if($cip) |
| 196 | + echo "container ip: $cip" . PHP_EOL; |
| 197 | + sleep(1); |
| 198 | + } while ($lxc_retry <= LXC_TIMEOUT && filter_var($cip, FILTER_VALIDATE_IP) === false); |
| 199 | + |
| 200 | + echo "Updating container: " . $container['lxc_name'] . PHP_EOL; |
| 201 | + exec('lxc exec ' . $container['lxc_name'] . ' -- apt update', $devnull, $rc); |
| 202 | +} |
| 203 | + |
| 204 | +function hst_installer_worker($container) { |
| 205 | + $pid = pcntl_fork(); |
| 206 | + if($pid > 0) |
| 207 | + return $pid; |
| 208 | + |
| 209 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "/home/ubuntu/source/hestiacp/src/hst_autocompile.sh --hestia \"'.HST_BRANCH.'\" no"'); |
| 210 | + |
| 211 | + $hver = getHestiaVersion(HST_BRANCH); |
| 212 | + echo "Install Hestia ${hver} on " . $container['lxc_name'] . PHP_EOL; |
| 213 | + echo "Args: " . $container['hst_args'] . PHP_EOL; |
| 214 | + |
| 215 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "cd \"/home/ubuntu/source/hestiacp\"; install/'.$container['hst_installer']. |
| 216 | + ' '.$container['hst_args'].'" 2>&1 > /tmp/hst_installer_'.$container['lxc_name']); |
| 217 | + |
| 218 | + exit(0); |
| 219 | +} |
| 220 | + |
| 221 | +$worker_pool = []; |
| 222 | +foreach ($containers as $container) { |
| 223 | + check_lxc_container($container); |
| 224 | + |
| 225 | + # Is hestia installed? |
| 226 | + lxc_run('exec '.$container['lxc_name'].' -- sudo --login "v-list-sys-config"', $rc); |
| 227 | + if(isset($rc) && $rc===0) |
| 228 | + continue; |
| 229 | + |
| 230 | + $worker_pid = hst_installer_worker($container); |
| 231 | + if($worker_pid > 0) |
| 232 | + $worker_pool[] = $worker_pid; |
| 233 | +} |
| 234 | + |
| 235 | +echo count($worker_pool) . " background workers started" . PHP_EOL; |
| 236 | + |
| 237 | +# waiting for workers to finish |
| 238 | +while(count($worker_pool)) { |
| 239 | + echo "Wait for workers to finish".PHP_EOL; |
| 240 | + $child_pid = pcntl_wait($status); |
| 241 | + if($child_pid) { |
| 242 | + $worker_pos = array_search($child_pid, $worker_pool); |
| 243 | + unset($worker_pool[$worker_pos]); |
| 244 | + } |
| 245 | +} |
| 246 | + |
| 247 | +foreach ($containers as $container) { |
| 248 | + echo "Apply custom config on: ".$container['lxc_name'].PHP_EOL; |
| 249 | + |
| 250 | + # Allow running a reverse proxy in front of Hestia |
| 251 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "sed -i \'s/session.cookie_secure] = on\$/session.cookie_secure] = off/\' /usr/local/hestia/php/etc/php-fpm.conf"'); |
| 252 | + |
| 253 | + # get rid off "mesg: ttyname failed: No such device" error |
| 254 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "sed -i -re \'s/^(mesg n)(.*)$/#\1\2/g\' /root/.profile"'); |
| 255 | + |
| 256 | + # Use LE sandbox server, prevents hitting rate limits |
| 257 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "sed -i \'/LE_STAGING/d\' /usr/local/hestia/conf/hestia.conf"'); |
| 258 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "echo \'LE_STAGING=\"YES\"\' >> /usr/local/hestia/conf/hestia.conf"'); |
| 259 | + |
| 260 | + system( 'lxc exec '.$container['lxc_name'].' -- bash -c "service hestia restart"'); |
| 261 | +} |
| 262 | + |
| 263 | +echo "Hestia containers configured".PHP_EOL; |
0 commit comments