From 99ff16c465ed4d3b98041bf308dfeb0918b535ab Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Mon, 13 Apr 2020 11:34:28 +0200 Subject: [PATCH] tooling box: added nginx + polished bash scripts and environment - add installation method for nginx sites, morty and filtron - clean up PUBLIC_URL environment in and outside of containers - clean up comand lines - handle uWSGI quirks on fedora (emperor mode) - handle Python quirks on debian (there is no 'python' command anymore) - lib.sh: add die and die_caller functions - lxc_suite_install_info is now a function - lint: shellcheck Signed-off-by: Markus Heiser --- .config.sh | 3 ++- utils/filtron.sh | 13 +++++++--- utils/lib.sh | 59 ++++++++++++++++++++++++--------------------- utils/lxc-searx.env | 38 +++++++++++++++++++++++------ utils/lxc.sh | 21 ++++++---------- utils/morty.sh | 15 +++++++----- utils/searx.sh | 23 ++++++++++++------ 7 files changed, 106 insertions(+), 66 deletions(-) diff --git a/.config.sh b/.config.sh index 835bfecf4..4eff5f4c6 100644 --- a/.config.sh +++ b/.config.sh @@ -18,7 +18,8 @@ PUBLIC_URL="${SEARX_URL}" if [[ ${PUBLIC_URL} == "https://searx.me" ]]; then - PUBLIC_URL= + # hint: Linux containers do not have DNS entries, lets use IPs + PUBLIC_URL="http://$(primary_ip)/searx" fi # searx.sh diff --git a/utils/filtron.sh b/utils/filtron.sh index c82c2d0a3..8986fb0ef 100755 --- a/utils/filtron.sh +++ b/utils/filtron.sh @@ -225,6 +225,11 @@ install_all() { if ask_yn "Do you want to install a reverse proxy (ProxyPass)" Yn; then install_apache_site fi + elif nginx_is_installed; then + info_msg "nginx is installed on this host." + if ask_yn "Do you want to install a reverse proxy (ProxyPass)" Yn; then + install_nginx_site + fi fi if ask_yn "Do you want to inspect the installation?" Ny; then inspect_service @@ -315,8 +320,6 @@ sourced ${DOT_CONFIG#"$REPO_ROOT/"} : EOF - apache_is_installed && info_msg "Apache is installed." - if service_account_is_available "$SERVICE_USER"; then info_msg "service account $SERVICE_USER available." else @@ -445,7 +448,7 @@ install_apache_site() { rst_para "\ This installs a reverse proxy (ProxyPass) into apache site (${APACHE_FILTRON_SITE})" - ! apache_is_installed && err_msg "Apache is not installed." + ! apache_is_installed && info_msg "Apache is not installed." if ! ask_yn "Do you really want to continue?" Yn; then return @@ -487,7 +490,7 @@ install_nginx_site() { rst_para "\ This installs a reverse proxy (ProxyPass) into nginx site (${NGINX_FILTRON_SITE})" - ! nginx_is_installed && err_msg "nginx is not installed." + ! nginx_is_installed && info_msg "nginx is not installed." if ! ask_yn "Do you really want to continue?" Yn; then return @@ -497,7 +500,9 @@ This installs a reverse proxy (ProxyPass) into nginx site (${NGINX_FILTRON_SITE} "${REPO_ROOT}/utils/searx.sh" install uwsgi + # shellcheck disable=SC2034 SEARX_SRC=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_SRC) + # shellcheck disable=SC2034 SEARX_URL_PATH=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_URL_PATH) nginx_install_app --variant=filtron "${NGINX_FILTRON_SITE}" diff --git a/utils/lib.sh b/utils/lib.sh index 4fc50ff39..eb55f356b 100755 --- a/utils/lib.sh +++ b/utils/lib.sh @@ -482,7 +482,7 @@ service_is_available() { # usage: service_is_available [[ -z $1 ]] && die_caller 42 "missing argument " - + local URL="$1" http_code=$(curl -H 'Cache-Control: no-cache' \ --silent -o /dev/null --head --write-out '%{http_code}' --insecure \ "${URL}") @@ -969,6 +969,7 @@ uWSGI_distro_setup() { # one day, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833067 uWSGI_APPS_AVAILABLE="${uWSGI_SETUP}/apps-available" uWSGI_APPS_ENABLED="${uWSGI_SETUP}/apps-enabled" + uWSGI_PACKAGES="uwsgi" ;; arch-*) # systemd --> /usr/lib/systemd/system/uwsgi@.service @@ -977,6 +978,7 @@ uWSGI_distro_setup() { # - https://uwsgi-docs.readthedocs.io/en/latest/Systemd.html#one-service-per-app-in-systemd uWSGI_APPS_AVAILABLE="${uWSGI_SETUP}/apps-archlinux" uWSGI_APPS_ENABLED="${uWSGI_SETUP}" + uWSGI_PACKAGES="uwsgi" ;; fedora-*) # systemd --> /usr/lib/systemd/system/uwsgi.service @@ -984,6 +986,7 @@ uWSGI_distro_setup() { # - https://uwsgi-docs.readthedocs.io/en/latest/Emperor.html uWSGI_APPS_AVAILABLE="${uWSGI_SETUP}/apps-available" uWSGI_APPS_ENABLED="${uWSGI_SETUP}.d" + uWSGI_PACKAGES="uwsgi" uWSGI_USER="uwsgi" uWSGI_GROUP="uwsgi" ;; @@ -995,18 +998,26 @@ esac uWSGI_distro_setup +install_uwsgi(){ + info_msg "installing uwsgi ..." + pkg_install "$uWSGI_PACKAGES" + case $DIST_ID-$DIST_VERS in + fedora-*) + # enable & start should be called once at uWSGI installation time + systemctl enable uwsgi + systemctl restart uwsgi + ;; + esac +} + uWSGI_restart() { # usage: uWSGI_restart() local CONF="$1" - if [[ -z $CONF ]]; then - err_msg "uWSGI_restart: missing arguments" - return 42 - fi + [[ -z $CONF ]] && die_caller 42 "missing argument " info_msg "restart uWSGI service" - case $DIST_ID-$DIST_VERS in ubuntu-*|debian-*) # the 'service' method seems broken in that way, that it (re-)starts @@ -1025,6 +1036,9 @@ uWSGI_restart() { # in emperor mode, just touch the file to restart if uWSGI_app_enabled "${CONF}"; then touch "${uWSGI_APPS_ENABLED}/${CONF}" + # it seems, there is a polling time in between touch and restart + # of the service. + sleep 3 else info_msg "[uWSGI:emperor] ${CONF} not installed (no need to restart)" fi @@ -1040,11 +1054,9 @@ uWSGI_prepare_app() { # usage: uWSGI_prepare_app + [[ -z $1 ]] && die_caller 42 "missing argument " + local APP="${1%.*}" - if [[ -z $APP ]]; then - err_msg "uWSGI_prepare_app: missing arguments" - return 42 - fi case $DIST_ID-$DIST_VERS in fedora-*) @@ -1065,10 +1077,8 @@ uWSGI_prepare_app() { uWSGI_app_available() { # usage: uWSGI_app_available local CONF="$1" - if [[ -z $CONF ]]; then - err_msg "uWSGI_app_available: missing arguments" - return 42 - fi + + [[ -z $CONF ]] && die_caller 42 "missing argument " [[ -f "${uWSGI_APPS_AVAILABLE}/${CONF}" ]] } @@ -1101,6 +1111,8 @@ uWSGI_remove_app() { # usage: uWSGI_remove_app local CONF="$1" + + [[ -z $CONF ]] && die_caller 42 "missing argument " info_msg "remove uWSGI app: ${CONF}" uWSGI_disable_app "${CONF}" uWSGI_restart "${CONF}" @@ -1110,12 +1122,10 @@ uWSGI_remove_app() { uWSGI_app_enabled() { # usage: uWSGI_app_enabled - local CONF="$1" local exit_val=0 - if [[ -z $CONF ]]; then - err_msg "uWSGI_app_enabled: missing arguments" - return 42 - fi + local CONF="$1" + + [[ -z $CONF ]] && die_caller 42 "missing argument " case $DIST_ID-$DIST_VERS in ubuntu-*|debian-*) [[ -f "${uWSGI_APPS_ENABLED}/${CONF}" ]] @@ -1145,11 +1155,7 @@ uWSGI_enable_app() { local CONF="$1" - if [[ -z $CONF ]]; then - err_msg "uWSGI_enable_app: missing arguments" - return 42 - fi - + [[ -z $CONF ]] && die_caller 42 "missing argument " case $DIST_ID-$DIST_VERS in ubuntu-*|debian-*) mkdir -p "${uWSGI_APPS_ENABLED}" @@ -1183,11 +1189,8 @@ uWSGI_disable_app() { # usage: uWSGI_disable_app local CONF="$1" - if [[ -z $CONF ]]; then - err_msg "uWSGI_disable_app: missing arguments" - return 42 - fi + [[ -z $CONF ]] && die_caller 42 "missing argument " case $DIST_ID-$DIST_VERS in ubuntu-*|debian-*) service uwsgi stop "${CONF%.*}" diff --git a/utils/lxc-searx.env b/utils/lxc-searx.env index fc5b33f06..a51312fb8 100644 --- a/utils/lxc-searx.env +++ b/utils/lxc-searx.env @@ -32,13 +32,36 @@ lxc_set_suite_env() { # rolling releases see https://www.archlinux.org/releng/releases/ "$LINUXCONTAINERS_ORG_NAME:archlinux" "archlinux" ) - export FILTRON_API="0.0.0.0:4005" - export FILTRON_LISTEN="0.0.0.0:4004" - export MORTY_LISTEN="0.0.0.0:3000" + + PUBLIC_URL="${PUBLIC_URL:-http://$(uname -n)/searx}" + if in_container; then + # container hostnames do not have a DNS entry: use primary IP! + PUBLIC_URL="http://$(primary_ip)/searx" + + # make GUEST's services public to the HOST + FILTRON_API="0.0.0.0:4005" + FILTRON_LISTEN="0.0.0.0:4004" + MORTY_LISTEN="0.0.0.0:3000" + + # export LXC specific environment + export PUBLIC_URL FILTRON_API FILTRON_LISTEN MORTY_LISTEN + fi } -# shellcheck disable=SC2034 -LXC_SUITE_INSTALL_INFO="suite includes searx, morty & filtron" +lxc_suite_install_info() { + ( + lxc_set_suite_env + cat < ${PUBLIC_URL} + suite includes searx, morty & filtron +suite images: +$(echo " ${LOCAL_IMAGES[*]}" | $FMT) +suite containers: +$(echo " ${CONTAINERS[*]}" | $FMT) +EOF + ) + } + lxc_suite_install() { ( lxc_set_suite_env @@ -62,8 +85,9 @@ lxc_suite_info() { info_msg "(${ip%|*}) IPv6: http://[${ip#*|}]" else # IPv4: - info_msg "(${ip%|*}) filtron: http://${ip#*|}:4004/" - info_msg "(${ip%|*}) morty: http://${ip#*|}:3000/" + # shellcheck disable=SC2034,SC2031 + info_msg "(${ip%|*}) filtron: http://${ip#*|}:4004/ $PUBLIC_URL" + info_msg "(${ip%|*}) morty: http://${ip#*|}:3000/ $PUBLIC_URL_MORTY" info_msg "(${ip%|*}) docs-live: http://${ip#*|}:8080/" fi done diff --git a/utils/lxc.sh b/utils/lxc.sh index ce306fe85..a324bdaf2 100755 --- a/utils/lxc.sh +++ b/utils/lxc.sh @@ -112,14 +112,7 @@ EOF } usage_containers() { - cat < [] + + info_msg "try to set result proxy: $1" cp "${SEARX_SETTINGS_PATH}" "${SEARX_SETTINGS_PATH}.bak" _set_result_proxy "$1" "$2" > "${SEARX_SETTINGS_PATH}" }