diff --git a/phase8_teardown.sh b/phase8_teardown.sh index c2b67cc..cbd3012 100755 --- a/phase8_teardown.sh +++ b/phase8_teardown.sh @@ -4,10 +4,9 @@ set -euo pipefail # ============================================================================= # phase8_teardown.sh — Reverse the cutover: remove HTTPS, restore GitHub repos # Steps: -# 1. Remove Nginx gitea.conf + reload -# 2. Remove cert renewal cron -# 3. Optionally remove SSL certificates -# 4. Restore GitHub repo settings from the saved Phase 8 state snapshot +# 1. Stop + remove Caddy container and compose file +# 2. Optionally remove Caddy data (certs, config) +# 3. Restore GitHub repo settings from the saved Phase 8 state snapshot # ============================================================================= SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" @@ -15,8 +14,8 @@ source "${SCRIPT_DIR}/lib/common.sh" load_env require_vars UNRAID_IP UNRAID_SSH_USER \ - GITEA_DOMAIN NGINX_CONTAINER_NAME NGINX_CONF_PATH \ - SSL_MODE GITHUB_USERNAME GITHUB_TOKEN \ + GITEA_DOMAIN CADDY_DATA_PATH \ + GITHUB_USERNAME GITHUB_TOKEN \ REPO_NAMES log_warn "=== Phase 8 Teardown: Cutover ===" @@ -33,50 +32,46 @@ github_pages_http_code() { } # --------------------------------------------------------------------------- -# Step 1: Remove Nginx config and reload +# Step 1: Stop + remove Caddy container # --------------------------------------------------------------------------- -if ssh_exec UNRAID "test -f '${NGINX_CONF_PATH}/gitea.conf'" 2>/dev/null; then - printf 'Remove Nginx config for %s? [y/N] ' "$GITEA_DOMAIN" +CONTAINER_STATUS=$(ssh_exec UNRAID "docker ps --filter name=caddy --format '{{.Status}}'" 2>/dev/null || true) +if [[ "$CONTAINER_STATUS" == *"Up"* ]]; then + printf 'Stop and remove Caddy container? [y/N] ' read -r confirm if [[ "$confirm" =~ ^[Yy]$ ]]; then - ssh_exec UNRAID "rm -f '${NGINX_CONF_PATH}/gitea.conf'" - ssh_exec UNRAID "docker exec ${NGINX_CONTAINER_NAME} nginx -s reload" || true - log_success "Nginx config removed and reloaded" + ssh_exec UNRAID "cd '${CADDY_DATA_PATH}' && docker compose down 2>/dev/null || docker-compose down" + log_success "Caddy container stopped and removed" else - log_info "Nginx config preserved" + log_info "Caddy container preserved" fi else - log_info "Nginx config already removed" + log_info "Caddy container not running" fi -# --------------------------------------------------------------------------- -# Step 2: Remove cert renewal cron -# --------------------------------------------------------------------------- -if ssh_exec UNRAID "crontab -l 2>/dev/null | grep -q certbot" 2>/dev/null; then - ssh_exec UNRAID "crontab -l 2>/dev/null | grep -v certbot | crontab -" - log_success "Certbot renewal cron removed" +# Remove Caddy compose + Caddyfile +if ssh_exec UNRAID "test -f '${CADDY_DATA_PATH}/docker-compose.yml'" 2>/dev/null; then + ssh_exec UNRAID "rm -f '${CADDY_DATA_PATH}/docker-compose.yml' '${CADDY_DATA_PATH}/Caddyfile'" + log_success "Removed Caddy config files" else - log_info "No certbot cron found" + log_info "Caddy config files already removed" fi # --------------------------------------------------------------------------- -# Step 3: Optionally remove SSL certificates (letsencrypt only) +# Step 2: Optionally remove Caddy data (certs, config) # --------------------------------------------------------------------------- -if [[ "$SSL_MODE" == "letsencrypt" ]]; then - if ssh_exec UNRAID "test -d '/etc/letsencrypt/live/${GITEA_DOMAIN}'" 2>/dev/null; then - printf 'Remove SSL certificates for %s? [y/N] ' "$GITEA_DOMAIN" - read -r confirm - if [[ "$confirm" =~ ^[Yy]$ ]]; then - ssh_exec UNRAID "rm -rf '/etc/letsencrypt/live/${GITEA_DOMAIN}' '/etc/letsencrypt/archive/${GITEA_DOMAIN}' '/etc/letsencrypt/renewal/${GITEA_DOMAIN}.conf'" - log_success "SSL certificates removed" - else - log_info "SSL certificates preserved" - fi +if ssh_exec UNRAID "test -d '${CADDY_DATA_PATH}/data'" 2>/dev/null; then + printf 'Remove Caddy TLS data (certificates) for %s? [y/N] ' "$GITEA_DOMAIN" + read -r confirm + if [[ "$confirm" =~ ^[Yy]$ ]]; then + ssh_exec UNRAID "rm -rf '${CADDY_DATA_PATH}/data' '${CADDY_DATA_PATH}/config'" + log_success "Caddy TLS data removed" + else + log_info "Caddy TLS data preserved" fi fi # --------------------------------------------------------------------------- -# Step 4: Restore GitHub repos +# Step 3: Restore GitHub repos # Primary path: restore from state snapshot written by phase8_cutover.sh. # Fallback path: if snapshot is missing, restore description from "— was: ..." # and use legacy defaults for homepage/wiki/projects.