GeneralBots/gbserver
2
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

feat(gb-infra): Update ALM CI, Drive, and Email scripts for improved directory management and service setup
Some checks failed
GBCI / build (push) Has been cancelled
Details

Browse source
This commit is contained in:
Rodrigo Rodriguez (Pragmatismo) 2025-06-02 12:42:11 -03:00
parent 0b2211eccb
commit 9c63c38ca1
3 changed files with 47 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
gb-infra/src/scripts/alm-ci.sh
View file

@ -33,10 +33,6 @@ for i in {1..10}; do
sleep 3 sleep 3
done done
# Add directory mappings
lxc config device add "$CONTAINER_NAME" almdata disk source="$HOST_DATA" path=/opt/gbo/data || exit 1
lxc config device add "$CONTAINER_NAME" almconf disk source="$HOST_CONF" path=/opt/gbo/conf || exit 1
lxc config device add "$CONTAINER_NAME" almlogs disk source="$HOST_LOGS" path=/opt/gbo/logs || exit 1
# Container setup # Container setup
lxc exec "$CONTAINER_NAME" -- bash -c " lxc exec "$CONTAINER_NAME" -- bash -c "
@ -61,6 +57,24 @@ cd \"$BIN_PATH\"
--token \"$PARAM_ALM_CI_TOKEN\" \\ --token \"$PARAM_ALM_CI_TOKEN\" \\
--labels \"$ALM_CI_LABELS\" || { echo 'Runner registration failed'; exit 1; } --labels \"$ALM_CI_LABELS\" || { echo 'Runner registration failed'; exit 1; }
chown -R gbuser:gbuser /opt/gbo/data /opt/gbo/conf /opt/gbo/logs /opt/gbo/bin
"
# Set permissions
echo "[CONTAINER] Setting permissions..."
EMAIL_UID=$(lxc exec "$PARAM_TENANT"-alm-ci -- id -u gbuser)
EMAIL_GID=$(lxc exec "$PARAM_TENANT"-alm-ci -- id -g gbuser)
HOST_EMAIL_UID=$((100000 + EMAIL_UID))
HOST_EMAIL_GID=$((100000 + EMAIL_GID))
sudo chown -R "$HOST_EMAIL_UID:$HOST_EMAIL_GID" "$HOST_BASE"
# Add directory mappings
lxc config device add "$CONTAINER_NAME" almdata disk source="$HOST_DATA" path=/opt/gbo/data || exit 1
lxc config device add "$CONTAINER_NAME" almconf disk source="$HOST_CONF" path=/opt/gbo/conf || exit 1
lxc config device add "$CONTAINER_NAME" almlogs disk source="$HOST_LOGS" path=/opt/gbo/logs || exit 1
lxc exec "$CONTAINER_NAME" -- bash -c "
# Create systemd service # Create systemd service
cat > /etc/systemd/system/alm-ci.service <<EOF cat > /etc/systemd/system/alm-ci.service <<EOF
[Unit] [Unit]

48
gb-infra/src/scripts/drive.sh
View file

@ -1,54 +1,52 @@
#!/bin/bash #!/bin/bash
STORAGE_PATH="/opt/gbo/tenants/$PARAM_TENANT/drive/data"
DATA_PATH="/opt/gbo/tenants/$PARAM_TENANT/drive/data"
LOGS_PATH="/opt/gbo/tenants/$PARAM_TENANT/drive/logs" LOGS_PATH="/opt/gbo/tenants/$PARAM_TENANT/drive/logs"
mkdir -p "${DATA_PATH}" "${LOGS_PATH}" mkdir -p "${STORAGE_PATH}" "${LOGS_PATH}"
chmod -R 770 "${DATA_PATH}" "${LOGS_PATH}" chmod -R 770 "${STORAGE_PATH}" "${LOGS_PATH}"
chown -R 100999:100999 "${DATA_PATH}" "${LOGS_PATH}" chown -R 100999:100999 "${STORAGE_PATH}" "${LOGS_PATH}"
lxc launch images:debian/12 "${PARAM_TENANT}-drive" -c security.privileged=true lxc launch images:debian/12 "${PARAM_TENANT}-drive" -c security.privileged=true
sleep 15 sleep 15
lxc config device add "${PARAM_TENANT}-drive" storage disk source="${DATA_PATH}" path=/opt/gbo/data lxc config device add "${PARAM_TENANT}-drive" storage disk source="${STORAGE_PATH}" path=/data
lxc config device add "${PARAM_TENANT}-drive" logs disk source="${LOGS_PATH}" path=/opt/gbo/logs lxc config device add "${PARAM_TENANT}-drive" logs disk source="${LOGS_PATH}" path=/var/log/minio
lxc exec "${PARAM_TENANT}-drive" -- bash -c ' lxc exec "${PARAM_TENANT}-drive" -- bash -c '
mkdir -p /opt/gbo/logs /opt/gbo/data /opt/gbo/bin
useradd -r -s /bin/false gbuser || true
chown -R gbuser:gbuser /opt/gbo/logs /opt/gbo/data
apt-get update && apt-get install -y wget apt-get update && apt-get install -y wget
wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /opt/gbo/bin/minio wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /usr/local/bin/minio
chmod +x /opt/gbo/bin/minio chmod +x /usr/local/bin/minio
cat > /etc/systemd/system/drive.service <<EOF useradd -r -s /bin/false minio-user || true
mkdir -p /var/log/minio /data
chown -R minio-user:minio-user /var/log/minio /data
cat > /etc/systemd/system/minio.service <<EOF
[Unit] [Unit]
Description=drive Description=MinIO
After=network.target After=network.target
[Service] [Service]
Type=simple Type=simple
User=gbuser User=minio-user
Group=gbuser Group=minio-user
Environment="MINIO_ROOT_USER='"${PARAM_DRIVE_USER}"'" Environment="MINIO_ROOT_USER='"${PARAM_DRIVE_USER}"'"
Environment="MINIO_ROOT_PASSWORD='"${PARAM_DRIVE_PASSWORD}"'" Environment="MINIO_ROOT_PASSWORD='"${PARAM_DRIVE_PASSWORD}"'"
ExecStart=/opt/gbo/bin/minio server --console-address ":'"${PARAM_DRIVE_PORT}"'" /opt/gbo/data ExecStart=/usr/local/bin/minio server --console-address ":'"${PARAM_DRIVE_PORT}"'" /data
StandardOutput=append:/opt/gbo/logs/output.log StandardOutput=append:/var/log/minio/output.log
StandardError=append:/opt/gbo/logs/error.log StandardError=append:/var/log/minio/error.log
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
systemctl daemon-reload systemctl daemon-reload
systemctl enable drive systemctl enable minio
systemctl start drive systemctl start minio
' '
lxc config device remove "${PARAM_TENANT}-drive" drive-proxy 2>/dev/null || true lxc config device remove "${PARAM_TENANT}-drive" minio-proxy 2>/dev/null || true
lxc config device add "${PARAM_TENANT}-drive" drive-proxy proxy \ lxc config device add "${PARAM_TENANT}-drive" minio-proxy proxy \
listen=tcp:0.0.0.0:"${PARAM_DRIVE_API_PORT}" \ listen=tcp:0.0.0.0:"${PARAM_DRIVE_API_PORT}" \
connect=tcp:127.0.0.1:"${PARAM_DRIVE_API_PORT}" connect=tcp:127.0.0.1:"${PARAM_DRIVE_API_PORT}"

16
gb-infra/src/scripts/email.sh
View file

@ -35,16 +35,15 @@ echo "[CONTAINER] Launching LXC container..."
lxc launch images:debian/12 "$PARAM_TENANT"-email -c security.privileged=true lxc launch images:debian/12 "$PARAM_TENANT"-email -c security.privileged=true
sleep 15 sleep 15
# Install Stalwart Mail
echo "[CONTAINER] Installing Stalwart Mail..." echo "[CONTAINER] Installing Stalwart Mail..."
lxc exec "$PARAM_TENANT"-email -- bash -c " lxc exec "$PARAM_TENANT"-email -- bash -c "
apt-get update && apt-get install -y wget apt-get update && apt-get install -y wget libcap2-bin
wget -O /tmp/stalwart.tar.gz https://github.com/stalwartlabs/stalwart/releases/download/v0.12.3/stalwart-x86_64-unknown-linux-gnu.tar.gz wget -O /tmp/stalwart.tar.gz https://github.com/stalwartlabs/stalwart/releases/download/v0.11.8/stalwart-mail-x86_64-unknown-linux-gnu.tar.gz
tar -xzf /tmp/stalwart.tar.gz -C /tmp tar -xzf /tmp/stalwart.tar.gz -C /tmp
mkdir -p /opt/gbo/bin mkdir -p /opt/gbo/bin
mv /tmp/stalwart /opt/gbo/bin/stalwart-mail mv /tmp/stalwart-mail /opt/gbo/bin/stalwart-mail
chmod +x /opt/gbo/bin/stalwart-mail chmod +x /opt/gbo/bin/stalwart-mail
rm /tmp/stalwart.tar.gz
useradd --system --no-create-home --shell /bin/false email useradd --system --no-create-home --shell /bin/false email
mkdir -p /opt/gbo/data /opt/gbo/conf /opt/gbo/logs mkdir -p /opt/gbo/data /opt/gbo/conf /opt/gbo/logs
chown -R email:email /opt/gbo/data /opt/gbo/conf /opt/gbo/logs /opt/gbo/bin chown -R email:email /opt/gbo/data /opt/gbo/conf /opt/gbo/logs /opt/gbo/bin
@ -67,7 +66,7 @@ lxc config device add "$PARAM_TENANT"-email emaillogs disk source="$HOST_LOGS" p
# Create systemd service # Create systemd service
echo "[CONTAINER] Creating email service..." echo "[CONTAINER] Creating email service..."
lxc exec "$PARAM_TENANT"-email -- bash -c " lxc exec "$PARAM_TENANT"-email -- bash -c "
chown -R email:email /opt/gbo/data /opt/gbo/conf /opt/gbo/logs /opt/gbo/bin
cat > /etc/systemd/system/email.service <<EOF cat > /etc/systemd/system/email.service <<EOF
[Unit] [Unit]
@ -79,8 +78,7 @@ Type=simple
User=email User=email
Group=email Group=email
ExecStart=/opt/gbo/bin/stalwart-mail --config /opt/gbo/conf/config.toml ExecStart=/opt/gbo/bin/stalwart-mail --config /opt/gbo/conf/config.toml
StandardOutput=append:/opt/gbo/logs/output.log WorkingDirectory=/opt/gbo/bin
StandardError=append:/opt/gbo/logs/error.log
Restart=always Restart=always
[Install] [Install]
@ -122,8 +120,6 @@ for service in "${!PORTS[@]}"; do
sudo iptables -t nat -A PREROUTING -i $PUBLIC_INTERFACE -p tcp --dport "${PORTS[$service]}" -j DNAT --to-destination "$CONTAINER_IP":"${PORTS[$service]}" sudo iptables -t nat -A PREROUTING -i $PUBLIC_INTERFACE -p tcp --dport "${PORTS[$service]}" -j DNAT --to-destination "$CONTAINER_IP":"${PORTS[$service]}"
done done
lxc exec $PARAM_TENANT-email -- sudo setcap 'cap_net_bind_service=+ep' /opt/gbo/bin/stalwart-mail
# Save iptables rules again # Save iptables rules again
if command -v iptables-persistent >/dev/null; then if command -v iptables-persistent >/dev/null; then
sudo iptables-save | sudo tee /etc/iptables/rules.v4 sudo iptables-save | sudo tee /etc/iptables/rules.v4