-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup.sh
More file actions
executable file
Β·286 lines (245 loc) Β· 12 KB
/
setup.sh
File metadata and controls
executable file
Β·286 lines (245 loc) Β· 12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
#!/bin/bash
# ==============================================================================
# Argentquest Development Suite - Enhanced Orchestration Script
# ==============================================================================
# This script is the primary entry point for deploying the Argentquest Suite.
# It handles environment detection, dependency management, container orchestration,
# and post-deployment validation.
# ==============================================================================
set -euo pipefail
# --- SECTION 0: PRIVILEGE ESCALATION ---
# Docker and /etc/hosts modifications require root access.
# If not running as root, we re-execute the script using sudo.
if [[ $EUID -ne 0 ]]; then
echo "π Privilege Check: This script requires root privileges for Docker and System configuration."
echo " Elevating permissions..."
exec sudo "$0" "$@"
fi
echo "π Starting Argentquest Suite Orchestration..."
# --- SECTION 0.1: TOOL DETECTION ---
# We detect if the modern 'docker compose' (V2) or legacy 'docker-compose' (V1) is available.
DOCKER_COMPOSE="docker-compose"
if docker compose version &>/dev/null; then
DOCKER_COMPOSE="docker compose"
fi
echo " π³ Engine Discovery: Using '$DOCKER_COMPOSE' for orchestration"
# --- SECTION 0.2: OS-SPECIFIC OPTIMIZATIONS ---
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
echo "βΉοΈ System: Linux environment detected"
# Pruning the Docker builder cache and system artifacts helps prevent
# "Exporting to Image" hangs caused by corrupted or bloated cache layers.
echo "πΎ Hygiene: Reclaiming disk space and clearing build cache..."
docker builder prune -f >/dev/null 2>&1 || true
docker system prune -f >/dev/null 2>&1 || true
# KDE/XRDP FIX: Argentquest is optimized for Kubuntu/KDE RDP sessions.
# This ensures the window manager starts correctly in remote environments.
echo "π₯οΈ RDP Optimization: Ensuring KDE Plasma session stability..."
echo "dbus-launch --exit-with-session startplasma-x11" > ~/.xsession
chmod +x ~/.xsession
fi
# --- SECTION 0.5: PYTHON ENVIRONMENT (Self-Healing) ---
# The suite relies on Python for auto-configuration scripts (NPM/Heimdall).
echo "π Environment: Preparing Python 3 virtual environment..."
if ! command -v python3 &> /dev/null; then
echo "β Error: Python 3 is not installed on this system."
exit 1
fi
# Ensure python3-venv is installed (often missing on minimal Ubuntu installs)
# This is a common blocker for fresh Linux VPS/VM setups.
if ! dpkg -l | grep -q "python3-venv" && [[ "$OSTYPE" == "linux-gnu"* ]]; then
echo " π§ Dependency Check: 'python3-venv' is missing. Installing system package..."
apt-get update -qq && apt-get install -y -qq python3-venv >/dev/null 2>&1 || echo " β οΈ Warning: Could not install python3-venv. Native venv creation might fail."
fi
# Advanced UV Discovery (Handles sudo path issues)
# 'uv' is used to significantly speed up pip installations.
# We check home directories and pyenv because 'sudo' often strips these from the PATH.
UV_BIN=$(command -v uv || echo "$HOME/.local/bin/uv" || echo "$HOME/.pyenv/shims/uv" || which uv 2>/dev/null || true)
if [ -x "$UV_BIN" ]; then
echo " β‘ Performance: 'uv' detected at $UV_BIN. Using high-speed installer..."
if [ ! -f ".venv/bin/activate" ]; then
echo " π§ Initialization: Creating/Repairing virtual environment with uv..."
rm -rf .venv
"$UV_BIN" venv .venv >/dev/null
fi
source .venv/bin/activate
echo " π¦ Dependencies: Installing Python libraries (requests, python-dotenv)..."
"$UV_BIN" pip install --quiet requests python-dotenv
echo " β
Python: Virtual environment ready (Accelerated by uv)"
else
# Fallback to standard venv/pip if 'uv' is not installed.
if [ ! -f ".venv/bin/activate" ]; then
echo " π§ Initialization: Creating/Repairing virtual environment with standard venv..."
rm -rf .venv
python3 -m venv .venv
fi
source .venv/bin/activate
if command -v pip &> /dev/null; then
echo " π¦ Dependencies: Installing Python libraries via pip..."
pip install --quiet --upgrade pip
pip install --quiet requests python-dotenv
echo " β
Python: Virtual environment ready (Standard pip)"
fi
fi
# --- SECTION 0.6: PRE-FLIGHT SYSTEM CHECKS ---
echo "π Pre-flight: Validating system connectivity and local DNS..."
# Local DNS Modification (/etc/hosts)
# This allows you to use 'pocmaster.argentquest.com' instead of 'localhost:port'.
PROJECT_DOMAIN="pocmaster.argentquest.com"
if ! grep -q "$PROJECT_DOMAIN" /etc/hosts; then
echo " π DNS: Mapping '$PROJECT_DOMAIN' to 127.0.0.1 in /etc/hosts..."
HOSTS_CONTENT="
127.0.0.1 pocmaster.argentquest.com
127.0.0.1 api.pocmaster.argentquest.com
127.0.0.1 api-dev.pocmaster.argentquest.com
127.0.0.1 pgadmin.pocmaster.argentquest.com
127.0.0.1 mongo.pocmaster.argentquest.com
127.0.0.1 redis.pocmaster.argentquest.com
127.0.0.1 minio.pocmaster.argentquest.com
127.0.0.1 portainer.pocmaster.argentquest.com
127.0.0.1 heimdall.pocmaster.argentquest.com
127.0.0.1 code.pocmaster.argentquest.com
127.0.0.1 mcp.pocmaster.argentquest.com
127.0.0.1 n8n.pocmaster.argentquest.com
127.0.0.1 jupyter.pocmaster.argentquest.com
"
if echo "$HOSTS_CONTENT" | tee -a /etc/hosts > /dev/null; then
echo " β
DNS: Successfully updated /etc/hosts"
else
echo " β DNS: Failed to update /etc/hosts. Local domain resolution will fail."
fi
else
echo " β
DNS: Local domain mapping looks good"
fi
# Firewall Check (UFW)
if command -v ufw &> /dev/null; then
if ufw status | grep -q "Status: active"; then
echo " π‘οΈ Security: UFW is active. Ensure incoming traffic is allowed on 80, 443, and 81."
fi
fi
# --- SECTION 1: CONFIGURATION MANAGEMENT ---
echo "π Config: Hydrating environment files from templates..."
for env_file in .env .env.dev .env.prod; do
if [ ! -f "$env_file" ]; then
# We copy from the template to ensure all required keys exist.
cp .env.template "$env_file" 2>/dev/null || touch "$env_file"
echo " β
Config: Created $env_file"
else
echo " β οΈ Config: $env_file already exists, keeping current values"
fi
done
# --- SECTION 2: DOCKER ENGINE READINESS ---
echo "π Engine: Verifying Docker daemon status..."
if ! docker info > /dev/null 2>&1; then
echo " β οΈ Warning: Docker is not reachable. Attempting to start service..."
systemctl restart docker || (echo "β Error: Failed to start Docker engine"; exit 1)
sleep 5
fi
# Validate Application Secrets
if [ -f ".env" ]; then
if grep -q "your-openrouter-api-key-here" .env; then
echo " π« Warning: OPENROUTER_API_KEY is not configured in .env!"
echo " AI features will be disabled until you provide a valid key."
fi
fi
echo " β
Engine: System and Config validated"
# --- SECTION 3: CONTAINER ORCHESTRATION ---
echo "π Deployment: Launching Argentquest Stack (21 Containers)..."
# BuildKit Optimization
# We default to LEGACY MODE (DISABLE_BUILDKIT=1) to prevent "Exporting to Image" hangs
# on resource-constrained VMs. This uses 'Dockerfile.legacy' and standard 'docker build'.
# To enable BuildKit, run: DISABLE_BUILDKIT=0 ./setup.sh
export DISABLE_BUILDKIT=${DISABLE_BUILDKIT:-1}
if [ "$DISABLE_BUILDKIT" -eq 1 ]; then
echo " β οΈ BuildKit: DISABLED by default. Using stable legacy builder."
export DOCKER_BUILDKIT=0
export COMPOSE_DOCKER_CLI_BUILD=0
else
echo " π BuildKit: ENABLED. Using modern builder with cache mounts."
export DOCKER_BUILDKIT=1
export COMPOSE_DOCKER_CLI_BUILD=1
fi
# Sequential Build Strategy
# Building 'app-dev' first prevents parallel build contention on the Docker daemon,
# which is the #1 cause of "Exporting to image" hangs in multi-container stacks.
echo " π οΈ Phase 1: Building core application images..."
if [ "$DISABLE_BUILDKIT" -eq 1 ]; then
echo " π’ Legacy Mode: Performing manual script-based build for ALL services..."
echo " - Building app-dev..."
docker build -f Dockerfile.legacy -t argentquest/app-dev:latest .
echo " - Building app-prod..."
docker build -f Dockerfile.legacy -t argentquest/app-prod:latest .
echo " - Building monitor-api..."
# Use subshell to ensure correct context and file finding
(cd system-monitor && docker build -f Dockerfile.api -t argentquest/monitor-api:latest .)
echo " - Building npm-setup..."
(cd scripts && docker build -f Dockerfile.npm-setup -t argentquest/npm-setup:latest .)
echo " - Building beszel-setup..."
(cd scripts && docker build -f Dockerfile.beszel-setup -t argentquest/beszel-setup:latest .)
echo " π’ Phase 2: Launching containers (No-Build Mode)..."
$DOCKER_COMPOSE up -d --no-build
else
echo " π Modern Mode: Using BuildKit sequential build..."
$DOCKER_COMPOSE build app-dev
echo " π’ Phase 2: Launching remaining ecosystem containers..."
$DOCKER_COMPOSE up -d --pull always
fi
# --- SECTION 4: SERVICE INITIALIZATION WAIT ---
echo "β³ Startup: Waiting for core services to reach 'Healthy' state..."
# Helper function to poll a URL until it returns a 200 OK.
wait_for_service() {
local url=$1
local name=$2
local timeout=60
local count=0
echo -n " π Monitoring $name..."
until $(curl --output /dev/null --silent --head --fail "$url"); do
if [ $count -gt $timeout ]; then
echo " β Timeout after ${timeout}s"
return 1
fi
echo -n "."
sleep 2
count=$((count + 2))
done
echo " β
Ready!"
}
# The Nginx Proxy Manager is the "Front Door". We wait for it before configuring routing.
wait_for_service "http://localhost:81" "Nginx Proxy Manager Admin" || echo " β οΈ Wait: NPM API is slow to respond. Proxy automation may retry."
# --- SECTION 5: AUTOMATED CONFIGURATION & VALIDATION ---
echo "π Networking: Applying automated proxy and dashboard configurations..."
if [ -f "scripts/npm-simple-setup.py" ]; then
echo " π οΈ Proxy: Configuring Nginx Proxy Manager hosts via API..."
python3 scripts/npm-simple-setup.py || echo " β οΈ Error: Proxy automation failed"
fi
echo "π₯ Validation: Running system health signatures..."
if [ -f "health-check.py" ]; then
python3 health-check.py || echo " β οΈ Health: Some services reported non-critical issues"
fi
if [ -f "validate-database-setup.sh" ]; then
echo " ποΈ Database: Verifying PostgreSQL and MongoDB connectivity..."
chmod +x validate-database-setup.sh
./validate-database-setup.sh || echo " β οΈ Database: Schema validation check failed"
fi
# --- SECTION 6: HEIMDALL DASHBOARD SETUP ---
if [ -f "scripts/heimdall-auto-setup.py" ]; then
echo " π Dashboard: Mapping all 21 services to Heimdall UI..."
python3 scripts/heimdall-auto-setup.py || echo " β οΈ Dashboard: Heimdall auto-setup failed"
fi
# --- SECTION 7: FINAL WRAP-UP ---
echo ""
echo "=================================================="
echo "π DEPLOYMENT SUCCESSFUL!"
echo "=================================================="
echo "π Access Hyperlinks:"
echo " π Main Dashboard: http://pocmaster.argentquest.com"
echo " π§ Development API: http://api-dev.pocmaster.argentquest.com"
echo " π Production API: http://api.pocmaster.argentquest.com"
echo " ποΈ Database Admin: http://pgadmin.pocmaster.argentquest.com"
echo " π³ Container Mgmt: https://localhost:9443 (Portainer)"
echo "=================================================="
echo "π Credentials: See .env file for secrets"
echo " Portainer: admin / argentquest123"
echo "=================================================="
echo "π₯οΈ RDP Access Note: If the screen is black, log out other active sessions."
echo "πΎ Storage Status: $(df -h / | awk 'NR==2 {print $4}') available on root partition"
echo "=================================================="