|
| 1 | +#!/usr/bin/env bash |
| 2 | + |
| 3 | +# support user renaming of script |
| 4 | +SCRIPT=$(basename "$0") |
| 5 | + |
| 6 | +# useful function |
| 7 | +isContainerRunning() { |
| 8 | + if STATUS=$(curl -s --unix-socket /var/run/docker.sock http://localhost/containers/$1/json | jq .State.Status) ; then |
| 9 | + if [ "$STATUS" = "\"running\"" ] ; then |
| 10 | + return 0 |
| 11 | + fi |
| 12 | + fi |
| 13 | + return 1 |
| 14 | +} |
| 15 | + |
| 16 | + |
| 17 | +# should not run as root |
| 18 | +[ "$EUID" -eq 0 ] && echo "$SCRIPT should NOT be run using sudo" && exit -1 |
| 19 | + |
| 20 | +read -r -d '' RUNNINGNOTES <<-EOM |
| 21 | +\n |
| 22 | +=============================================================================== |
| 23 | +
|
| 24 | +Error: The WireGuard container can't be running during the migration. |
| 25 | + Please stop the container like this: |
| 26 | +
|
| 27 | + $ cd ~/IOTstack |
| 28 | + $ docker-compose rm --force --stop -v wireguard |
| 29 | +
|
| 30 | + Do not start the container again until the migration is complete and |
| 31 | + you have followed the instructions for modifying WireGuard's service |
| 32 | + definition in your docker-compose.yml |
| 33 | +
|
| 34 | +=============================================================================== |
| 35 | +\n |
| 36 | +EOM |
| 37 | + |
| 38 | +# wireguard can't be running |
| 39 | +isContainerRunning "wireguard" && echo -e "$RUNNINGNOTES" && exit -1 |
| 40 | + |
| 41 | +# source directory is |
| 42 | +WIREGUARD="$HOME/IOTstack/volumes/wireguard" |
| 43 | + |
| 44 | +# source directory must exist |
| 45 | +[ ! -d "$WIREGUARD" ] && echo "Error: $WIREGUARD does not exist" && exit -1 |
| 46 | + |
| 47 | +# the backup directory is |
| 48 | +BACKUP="$WIREGUARD.bak" |
| 49 | + |
| 50 | +read -r -d '' REPEATNOTES <<-EOM |
| 51 | +\n |
| 52 | +=============================================================================== |
| 53 | +
|
| 54 | +Error: It looks like you might be trying to migrate twice! You can't do that. |
| 55 | +
|
| 56 | + If you need to start over, you can try resetting like this: |
| 57 | +
|
| 58 | + $ cd ~/IOTstack/volumes |
| 59 | + $ sudo rm -rf wireguard |
| 60 | + $ sudo mv wireguard.bak wireguard |
| 61 | +
|
| 62 | + Alternatively, restore ~/IOTstack/volumes/wireguard from a backup. |
| 63 | +
|
| 64 | +=============================================================================== |
| 65 | +\n |
| 66 | +EOM |
| 67 | + |
| 68 | +# required sub-directories are |
| 69 | +CONFIGD="config" |
| 70 | +INITD="custom-cont-init.d" |
| 71 | +SERVICESD="custom-services.d" |
| 72 | + |
| 73 | +# backup directory must not exist |
| 74 | +[ -d "$BACKUP" ] && echo -e "$REPEATNOTES" && exit -1 |
| 75 | + |
| 76 | +# required sub-directories must not exist |
| 77 | +[ -d "$WIREGUARD/$CONFIGD" ] && echo -e "$REPEATNOTES" && exit -1 |
| 78 | +[ -d "$WIREGUARD/$INITD" ] && echo -e "$REPEATNOTES" && exit -1 |
| 79 | +[ -d "$WIREGUARD/$SERVICESD" ] && echo -e "$REPEATNOTES" && exit -1 |
| 80 | + |
| 81 | +# rename source to backup |
| 82 | +echo "Renaming $WIREGUARD to $BACKUP" |
| 83 | +sudo mv "$WIREGUARD" "$BACKUP" |
| 84 | + |
| 85 | +# create the required directories |
| 86 | +echo "creating required sub-folders" |
| 87 | +sudo mkdir -p "$WIREGUARD/$CONFIGD" "$WIREGUARD/$INITD" "$WIREGUARD/$SERVICESD" |
| 88 | + |
| 89 | +# for now, set ownership to the current user |
| 90 | +echo "setting ownership on $WIREGUARD to $USER" |
| 91 | +sudo chown -R "$USER":"$USER" "$WIREGUARD" |
| 92 | + |
| 93 | +# migrate config directory components |
| 94 | +echo "migrating user-configuration components" |
| 95 | +rsync -r --ignore-existing --exclude="${INITD}*" --exclude="${SERVICESD}*" "$BACKUP"/ "$WIREGUARD/$CONFIGD" |
| 96 | + |
| 97 | +# migrate special cases and change ownership to root |
| 98 | +echo "migrating custom configuration options" |
| 99 | +for C in "$INITD" "$SERVICESD" ; do |
| 100 | + for D in "$BACKUP/$C"* ; do |
| 101 | + echo " merging $D into $WIREGUARD/$C" |
| 102 | + rsync -r --ignore-existing --exclude="README.txt" "$D"/ "$WIREGUARD/$C" |
| 103 | + echo " changing ownership to root" |
| 104 | + sudo chown -R root:root "$WIREGUARD/$C" |
| 105 | + done |
| 106 | +done |
| 107 | + |
| 108 | +# force correct mode for wg0.conf |
| 109 | +echo "Setting mode 600 on $WIREGUARD/$CONFIGD/wg0.conf" |
| 110 | +chmod 600 "$WIREGUARD/$CONFIGD/wg0.conf" |
| 111 | + |
| 112 | +read -r -d '' COMPOSENOTES <<-EOM |
| 113 | +\n |
| 114 | +=============================================================================== |
| 115 | +
|
| 116 | +Migration seems to have been successful. Do NOT start the WireGuard container |
| 117 | +until you have updated WireGuard's service definition: |
| 118 | +
|
| 119 | +Old: |
| 120 | +
|
| 121 | + volumes: |
| 122 | + - ./volumes/wireguard:/config |
| 123 | + - /lib/modules:/lib/modules:ro |
| 124 | +
|
| 125 | +New: |
| 126 | +
|
| 127 | + volumes: |
| 128 | + - ./volumes/wireguard/config:/config |
| 129 | + - ./volumes/wireguard/custom-cont-init.d:/custom-cont-init.d |
| 130 | + - ./volumes/wireguard/custom-services.d:/custom-services.d |
| 131 | + - /lib/modules:/lib/modules:ro |
| 132 | +
|
| 133 | +Pay careful attention to the lines starting with "- ./volumes". Do NOT |
| 134 | +just copy and paste the middle two lines. The first line has changed too. |
| 135 | +
|
| 136 | +=============================================================================== |
| 137 | +\n |
| 138 | +EOM |
| 139 | + |
| 140 | +# all done - display the happy news |
| 141 | +echo -e "$COMPOSENOTES" |
0 commit comments