feat: switch phase2 to macvlan networking
Replace host port vars with macvlan vars in require_vars. Add Step 2 to create macvlan gitea_net network on Fedora. Update docker-compose rendering to use GITEA_CONTAINER_IP and DB_CONTAINER_IP. Use FEDORA_GITEA_IP as domain for backup instance app.ini. Renumber steps. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
S
@@ -11,8 +11,9 @@ SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
||||
source "${SCRIPT_DIR}/lib/common.sh"
|
||||
|
||||
load_env
|
||||
require_vars FEDORA_IP FEDORA_SSH_USER FEDORA_SSH_PORT \
|
||||
FEDORA_GITEA_PORT FEDORA_GITEA_SSH_PORT FEDORA_GITEA_DATA_PATH \
|
||||
require_vars FEDORA_IP FEDORA_SSH_USER FEDORA_SSH_PORT FEDORA_GITEA_DATA_PATH \
|
||||
FEDORA_MACVLAN_PARENT FEDORA_MACVLAN_SUBNET FEDORA_MACVLAN_GATEWAY \
|
||||
FEDORA_MACVLAN_IP_RANGE FEDORA_GITEA_IP \
|
||||
GITEA_ADMIN_USER GITEA_ADMIN_PASSWORD GITEA_ADMIN_EMAIL \
|
||||
GITEA_DB_TYPE GITEA_VERSION \
|
||||
GITEA_BACKUP_INTERNAL_URL
|
||||
@@ -80,25 +81,45 @@ else
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 2: Render + SCP docker-compose file
|
||||
# Uses the same template as Phase 1 but with Fedora-specific port/path vars.
|
||||
# Step 2: Create macvlan Docker network (idempotent)
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 2 "Deploying docker-compose.yml..."
|
||||
log_step 2 "Creating macvlan Docker network on Fedora..."
|
||||
if ssh_exec FEDORA "docker network inspect gitea_net" &>/dev/null; then
|
||||
log_info "gitea_net network already exists — skipping"
|
||||
else
|
||||
ssh_exec FEDORA "docker network create \
|
||||
--driver macvlan \
|
||||
--subnet='${FEDORA_MACVLAN_SUBNET}' \
|
||||
--gateway='${FEDORA_MACVLAN_GATEWAY}' \
|
||||
--ip-range='${FEDORA_MACVLAN_IP_RANGE}' \
|
||||
-o parent='${FEDORA_MACVLAN_PARENT}' \
|
||||
gitea_net"
|
||||
log_success "macvlan network gitea_net created"
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 3: Render + SCP docker-compose file
|
||||
# Uses the same template as Phase 1 but with Fedora-specific values.
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 3 "Deploying docker-compose.yml..."
|
||||
if ssh_exec FEDORA "test -f '${DATA_PATH}/docker-compose.yml'"; then
|
||||
log_info "docker-compose.yml already exists — skipping"
|
||||
else
|
||||
TMPFILE=$(mktemp)
|
||||
export DATA_PATH GITEA_PORT="${FEDORA_GITEA_PORT}" GITEA_SSH_PORT="${FEDORA_GITEA_SSH_PORT}"
|
||||
GITEA_CONTAINER_IP="${FEDORA_GITEA_IP}"
|
||||
export DATA_PATH GITEA_CONTAINER_IP
|
||||
|
||||
if [[ "$GITEA_DB_TYPE" == "sqlite3" ]]; then
|
||||
render_template "${SCRIPT_DIR}/templates/docker-compose-gitea.yml.tpl" "$TMPFILE" \
|
||||
"\${GITEA_VERSION} \${DATA_PATH} \${GITEA_PORT} \${GITEA_SSH_PORT}"
|
||||
"\${GITEA_VERSION} \${DATA_PATH} \${GITEA_CONTAINER_IP}"
|
||||
_strip_block "$TMPFILE" "DB_SERVICE_START" "DB_SERVICE_END"
|
||||
_strip_block "$TMPFILE" "DB_DEPENDS_START" "DB_DEPENDS_END"
|
||||
else
|
||||
_set_db_vars
|
||||
DB_CONTAINER_IP="${FEDORA_DB_IP}"
|
||||
export DB_CONTAINER_IP
|
||||
render_template "${SCRIPT_DIR}/templates/docker-compose-gitea.yml.tpl" "$TMPFILE" \
|
||||
"\${GITEA_VERSION} \${DATA_PATH} \${GITEA_PORT} \${GITEA_SSH_PORT} \${DB_DOCKER_IMAGE} \${DB_ENV_VARS} \${DB_DATA_DIR} \${DB_HEALTHCHECK}"
|
||||
"\${GITEA_VERSION} \${DATA_PATH} \${GITEA_CONTAINER_IP} \${DB_DOCKER_IMAGE} \${DB_ENV_VARS} \${DB_DATA_DIR} \${DB_HEALTHCHECK} \${DB_CONTAINER_IP}"
|
||||
fi
|
||||
|
||||
scp_to FEDORA "$TMPFILE" "${DATA_PATH}/docker-compose.yml"
|
||||
@@ -107,22 +128,21 @@ else
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 3: Render + SCP app.ini
|
||||
# Step 4: Render + SCP app.ini
|
||||
# Uses GITEA_BACKUP_INTERNAL_URL as the ROOT_URL for the Fedora instance.
|
||||
# The domain is derived from the backup URL since Fedora doesn't need a
|
||||
# public-facing domain — it's accessed internally for mirrors.
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 3 "Deploying app.ini..."
|
||||
log_step 4 "Deploying app.ini..."
|
||||
if ssh_exec FEDORA "test -f '${DATA_PATH}/config/app.ini'"; then
|
||||
log_info "app.ini already exists — skipping"
|
||||
else
|
||||
TMPFILE=$(mktemp)
|
||||
# Generate a unique secret key for the Fedora instance (different from Unraid)
|
||||
GITEA_SECRET_KEY=$(openssl rand -hex 32)
|
||||
export GITEA_SECRET_KEY
|
||||
# Override GITEA_DOMAIN for the backup instance — use the IP:port since
|
||||
# Override GITEA_DOMAIN for the backup instance — use the container IP since
|
||||
# the Fedora instance doesn't have a public domain
|
||||
GITEA_DOMAIN="${FEDORA_IP}:${FEDORA_GITEA_PORT}"
|
||||
GITEA_DOMAIN="${FEDORA_GITEA_IP}"
|
||||
export GITEA_DOMAIN
|
||||
|
||||
if [[ "$GITEA_DB_TYPE" == "sqlite3" ]]; then
|
||||
@@ -141,9 +161,9 @@ else
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 4: Start Gitea container
|
||||
# Step 5: Start Gitea container
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 4 "Starting Gitea container..."
|
||||
log_step 5 "Starting Gitea container..."
|
||||
CONTAINER_STATUS=$(ssh_exec FEDORA "docker ps --filter name=gitea --format '{{.Status}}'" 2>/dev/null || true)
|
||||
if [[ "$CONTAINER_STATUS" == *"Up"* ]]; then
|
||||
log_info "Gitea container already running — skipping"
|
||||
@@ -154,15 +174,15 @@ else
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 5: Wait for Gitea to be ready
|
||||
# Step 6: Wait for Gitea to be ready
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 5 "Waiting for Gitea to be ready..."
|
||||
log_step 6 "Waiting for Gitea to be ready..."
|
||||
wait_for_http "${GITEA_BACKUP_INTERNAL_URL}/api/v1/version" 120
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 6: Create admin user (same creds as primary — shared credentials)
|
||||
# Step 7: Create admin user (same creds as primary — shared credentials)
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 6 "Creating admin user..."
|
||||
log_step 7 "Creating admin user..."
|
||||
if curl -sf -u "${GITEA_ADMIN_USER}:${GITEA_ADMIN_PASSWORD}" "${GITEA_BACKUP_INTERNAL_URL}/api/v1/user" -o /dev/null 2>/dev/null; then
|
||||
log_info "Admin user already exists — skipping"
|
||||
else
|
||||
@@ -183,9 +203,9 @@ else
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 7: Generate API token and save to .env as GITEA_BACKUP_ADMIN_TOKEN
|
||||
# Step 8: Generate API token and save to .env as GITEA_BACKUP_ADMIN_TOKEN
|
||||
# ---------------------------------------------------------------------------
|
||||
log_step 7 "Generating backup API token..."
|
||||
log_step 8 "Generating backup API token..."
|
||||
if [[ -n "${GITEA_BACKUP_ADMIN_TOKEN:-}" ]]; then
|
||||
# Verify existing token works
|
||||
if curl -sf -H "Authorization: token ${GITEA_BACKUP_ADMIN_TOKEN}" "${GITEA_BACKUP_INTERNAL_URL}/api/v1/user" -o /dev/null 2>/dev/null; then
|
||||
|
||||
Reference in New Issue
Block a user