Added new version

Updated init-letsencrypt

updated init-letsencrypt with docker-compose-init

updated init-letsencrypt with docker-compose-init

restored init-letsencrypt

updates to certbot

updates to certbot

updates to certbot

updates to certbot

updates to certbot

updates to certbot

updates to certbot

added certbot to scalelite-nginx

fixed settings for acme-challenge

added blacklist

updated init-letsencrypt for working with scaleite-nginx

Removed unnecessary files

percisted certbot logs and added env options to init-letsencrypt

.gitignore

@@ -1,7 +1,5 @@
 .env
 
-/data*
-
 /nginx/log*
 /nginx/sites-available*
 /nginx/sites-enabled*
@@ -11,3 +9,10 @@
 
 /scalelite/log*
 /scalelite/tmp*
+
+/data/*
+!/data/nginx/
+
+/tmp*
+
+/log*

README.md

@@ -1,383 +0,0 @@
-# scalelite-run
-
-This document provides instructions on how to quickly [Scalelite](https://github.com/blindsidenetworks/scalelite), a stateful BigBlueButton load balancer, using docker-compose.
-
-This can be performed as an [All-In-One-Box Deployment](#all-in-one-box-deployment) or making use of distributed services in the cloud (or virtual private cloud) through a cloud computing provider as a [Distributed Deployment](#distributed-deployment).
-
-<a name="prerequisites"/>
-
-## Prerequisites
-
-Scalelite requires a server with 4 CPU cores and 8 Gig of memory.  Since all the component run under docker, the underlying OS need only support docker and docker-compose.
-
-These steps were written for an Ubuntu 18.04 machine. It is assumed that your machine has the same (or a compatible version).  
-
-You need to have a fully qualified domain name (FQDN) for the Scalelite server, such as bbb-lb.example.com, that resolves to the public IP address of the server.  
-
-To setup the server, first install both [docker](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04) and [docker-compose](https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04).
-
-Next, clone the `scalelite-run` repository
-
-```
-git clone git@github.com:blindsidenetworks/scalelite-run.git
-cd scalelite-run
-```
-
-<a name="all-in-one-box-deployment"/>
-
-## I. All-In-One-Box Deployment
-
-<a name="initial-settings"/>
-
-### 1. Initial settings
-
-Copy `dotenv` file located in the root of the project as `.env` and edit it.
-
-```
-cp dotenv .env
-```
-
-You need to replace the variable `HOST_NAME=sl.xlab.blindside-dev.com` with a hostname under your own domain name (e.g. `HOST_NAME=sl.john.blindside-dev.com`) or delegated sub-domain.
-
-```
-vi .env
-```
-
-Copy `dotenv` file located in the scalelite directory as `.env` and in the same way as before, edit it:
-
-```
-cp scalelite/dotenv scalelite/.env
-```
-
-You can start it as is, but you may want to replace both variables with your own values.
-
-- `SECRET_KEY_BASE` is the Ruby On Rails secret key and must be replaced with a random one generated with `openssl rand -hex 64`.
-- `LOADBALANCER_SECRET` is the shared secret used by external applications for accessing Scalelite LoadBalancer as if it was a BigBlueButton server. This variable must be defined in order for the application to start. A secret can be generated with `openssl rand -hex 24`
-
-```
-vi scalelite/.env
-```
-
-<a name="ssl-certificate"/>
-
-### 2. SSL Certificate
-
-The docker-compose scripts come configured for using SSL Certificates, but you may want not to use an SSL certificate. If this is the case see the section [Removing SSL Certificate](#removing-ssl-certificate) in [Special Cases](#special-cases).
-
-The procedure for setting up the SSL Certificate will be different depending if [Let's Encrypt SSL CA](#letsencrypt-ssl-ca) CA or [Other SSL CA](#other-ssl-ca) will be used.
-
-<a name="letsencrypt-ssl-ca"/>
-
-#### 2.1. Using Let's Encrypt SSL CA
-
-There are also two paths that can be followed whether the box where Scalelite is going to be installed is [visible from the Internet](#letsencrypt-ssl-public-network) or [NOT visible from the Internet](#letsencrypt-ssl-private-network).
-
-<a name="letsencrypt-ssl-public-network"/>
-
-##### 2.1.1. Server is visible from the Internet
-
-If all the previous steps were properly followed and the machine is accessible in the Internet, only execute:
-
-```
-./init-letsencrypt.sh
-```
-
-This will generate the SSL certificates and run scalelite for the first time, so all the required files are automatically generated.
-
-<a name="letsencrypt-ssl-private-network"/>
-
-##### 2.1.2. Server is NOT visible from the Internet
-
-If you are trying to install scalelite locally or in a private network, the SSL certificate must be generated manually using certbot and by adding the manual challenge to the DNS.
-
-Install Let's Encrypt
-
-```
-sudo apt-get update
-sudo apt-get -y install letsencrypt
-```
-
-Become root
-
-```
-sudo -i
-```
-
-Start creating the certificates
-
-```
-certbot certonly --manual -d sl.<JOHN>.blindside-dev.com --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges=dns --email hostmaster@blindsdie-dev.com --server https://acme-v02.api.letsencrypt.org/directory
-```
-
-The output should look like this example
-
-```
--server https://acme-v02.api.letsencrypt.org/directory
-Saving debug log to /var/log/letsencrypt/letsencrypt.log
-Plugins selected: Authenticator manual, Installer None
-Obtaining a new certificate
-Performing the following challenges:
-dns-01 challenge for gl.<JOHN>.blindside-dev.com
-dns-01 challenge for gl.<JOHN>.blindside-dev.com
-
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-Please deploy a DNS TXT record under the name
-_acme-challenge.sl.<JOHN>.blindside-dev.com with the following value:
-
-2dxWYkcETHnimmQmCL0MCbhneRNxMEMo9yjk6P_17kE
-
-Before continuing, verify the record is deployed.
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-Press Enter to Continue
-```
-
-Create a TXT record in the DNS for
-`_acme-challenge.sl.<JOHN>.blindside-dev.com` with the challenge string as
-its value `2dxWYkcETHnimmQmCL0MCbhneRNxMEMo9yjk6P_17kE`
-
-Copy the certificates to the scalelite-run directory. Although `/etc/letsencrypt/live/`
-holds the latest certificate, they are only symbolic links. The real files must be copied and renamed
-
-```
-cp -R /etc/letsencrypt <YOUR ROOT>/scalelite-run/data/certbot/conf
-```
-
-<a name="other-ssl-ca"/>
-
-#### 2.2. Using Other SSL CA
-
-For adding an SSL certificate from an CA other than Let's Encrypt,
-
-DO NOT execute the `./init-letsencrypt.sh` script
-
-Place the SSL Certificate, Intermediate Certificate (or Bundle with both of them if you have it) and Private Key files inside `nginx/ssl` as `fullchain.pem` and `privkey.pem`.
-E.g.
-```
-cd ~/
-cat your_domain_name.crt Intermediate.crt >> bundle.crt
-cp bundle.crt <YOUR ROOT>/scalelite/nginx/ssl/fullchain.pem
-cp private.key <YOUR ROOT>/scalelite/nginx/ssl/privkey.pem
-```
-
-Edit the template for nginx.
-```
-cd <YOUR ROOT>/scalelite
-vi nginx/sites.template
-```
-Comment the lines referencing the Let's Encrypt Certificate and uncomment the other two. After that, it should look like this:
-
-```
-...
-    ## Configuration for Letsencrypt SSL Certificate
-    #ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
-    #ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
-
-    ## Configuration for SSL Certificate from a CA other than Letsencrypt
-    ssl_certificate /etc/ssl/fullchain.pem;
-    ssl_certificate_key /etc/ssl/privkey.pem;
-...
-```
-
-Comment out in `docker-compose.yml` the certbot container. After that, it should look like this:
-
-```
-...
-## Configuration for Letsencrypt SSL Certificate
-## comment out when using an SSL Certificate from a CA other than Letsencrypt
-#  certbot:
-#    image: certbot/certbot
-#    volumes:
-#      - ./data/certbot/conf:/etc/letsencrypt
-#      - ./data/certbot/www:/var/www/certbot
-#    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
-...
-```
-
-Start the containers as usual.
-
-<a name="start-up"/>
-
-### 3. Start Up
-
-And finally, start the application with docker-compose
-
-```
-cd <YOUR ROOT>/scalelite-run
-docker-compose up
-```
-
-If everything goes well, the logs will show ip in the console for all the containers starting and scalelite will be available at:
-
-```
-https://sl.<JOHN>.blindside-dev.com/bigbluebutton/api
-```
-
-Note that the application can be run in the background with `docker-compose up -d`
-
-<a name="final-steps"/>
-
-### 4. Final Steps
-
-<a name="initializing-pool"/>
-
-#### 4.1. Initializing pool of servers
-Since there are no servers added by default, atleast 1 server must be added and enabled in order to get started.
-
-Open a new console and get the IDs of the docker containers running:
-
-```
-docker ps
-```
-
-Get into the container running the api
-
-```
-docker exec -it <CONTAINER_ID> sh
-```
-
-Once inside, all the rails commands can be executed as needed. In this case, and assuming that the current current BigBlueButton server is going to be enabled.
-
-```
-bundle exec rake servers:add[BIGBLUEBUTTON_SERVER_URL,BIGBLUEBUTTON_SERVER_SECRET]
-bundle exec rake servers
-bundle exec rake servers:enable["SERVER_ID_AS SHOWN"]
-```
-
-For more information on what rake commands can be executed, see [scalelite documentation](https://github.com/blindsidenetworks/scalelite#administration).
-
-<a name="rolling-out-updates"/>
-
-#### 4.2. Rolling-out updates
-
-Scalelite is constantly updated. Either because of bug fixes or improvements. It is recommended to keep the deployment updated with the latest image available, which corresponds to the latest stable release.
-
-Those updates can be performed manually (recommended for a production alike environment) or automatically.
-
-<a name="rolling-out-updates-manual"/>
-
-##### 4.2.1. Manual updates
-
-Simply run the `deploy.sh` script included under `scripts`.
-
-```
-cd <YOUR ROOT>/scalelite-run
-sudo .scripts/deploy.sh
-```
-
-<a name="rolling-out-updates-automatic"/>
-
-##### 4.2.2. Automatic updates
-
-Use the scripts provided.
-
-```
-sudo ln -s <YOUR ROOT>/scalelite-run/scripts/deploy.sh /usr/local/bin/scalelite-deploy
-sudo cp <YOUR ROOT>/scalelite-run/scripts/scalelite-auto-deployer.service /etc/systemd/system/scalelite-auto-deployer.service
-sudo cp <YOUR ROOT>/scalelite-run/scripts/scalelite-auto-deployer.timer /etc/systemd/system/scalelite-auto-deployer.timer
-sudo systemctl daemon-reload
-sudo systemctl enable scalelite-auto-deployer.service
-sudo systemctl enable scalelite-auto-deployer.timer
-sudo systemctl start scalelite-auto-deployer.timer
-```
-
-<a name="starting-automatic"/>
-
-##### 4.2.3. Automatic start
-
-Use the scripts provided.
-
-```
-```
-
-<a name="distributed-deployment"/>
-
-## II. Distributed Deployment
-
-On a real production environment Scalelite should be deployed using distributed services in the cloud (or virtual private cloud) through a cloud computing provider like [AWS](https://aws.amazon.com/), [Google Cloud](https://cloud.google.com/), [Azure](https://azure.microsoft.com/en-ca/), [Digital Ocean](https://www.digitalocean.com/), [Alibaba Cloud](https://www.alibabacloud.com/), etc.
-
-Contact us at [Blindside Networks Contact](https://blindsidenetworks.com/contact/) getting recommendations on best practices with any of those cloud providers.
-
-<a name="special-cases"/>
-
-## III. Special cases
-
-<a name="building-docker-image"/>
-
-### Building Docker image
-
-If no access to the DockerHub registry is available, it is still possible to build the image. Either by running `docker build` where scalelite code is placed, or using the build script provided in this repo at `scripts/build.sh`. The only advantage of using the script is that the last commit is included as the build number.
-
-```
-cd <YOUR ROOT>/scalelite
-docker build -t blindsidenetwks/scalelite:latest .
-```
-
-or
-
-```
-cd <YOUR ROOT>/scalelite
-../scalelite-run/scripts/build.sh blindsidenetwks/scalelite latest
-```
-
-Keep in mind that the docker-compose.yml script makes use of some other configuration files that are mounted inside the containers. If any modification to nginx is needed it has to be done on the sites.template file. Also, whatever name is chosen for the image should match the one used in docker-compose.yml.
-
-<a name="removing-ssl-certificate"/>
-
-### Removing SSL Certificate
-
-DO NOT execute the `./init-letsencrypt.sh` script
-
-Edit the template for nginx.
-```
-cd <YOUR ROOT>/scalelite
-vi nginx/sites.template
-```
-Comment out all the lines from 13 to 34. The sites.template file should look like this:
-
-```
-...
-listen [::]:80;
-
-#    location /.well-known/acme-challenge/ {
-#        root /var/www/certbot;
-#    }
-#
-#    location / {
-#        return 301 https://$host$request_uri;
-#    }
-#}
-#
-#server {
-#    server_name $NGINX_HOSTNAME;
-#
-#    listen 443 ssl;
-#    listen [::]:443;
-#
-#    ## Configuration for Letsencrypt SSL Certificate
-#    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
-#    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
-#
-#    ## Configuration for SSL Certificate from a CA other than Letsencrypt
-#    #ssl_certificate /etc/ssl/fullchain.pem;
-#    #ssl_certificate_key /etc/ssl/privkey.pem;
-
-     location / {
-...
-```
-
-Comment out in `docker-compose.yml` the certbot container. After that, it should look like this:
-
-```
-...
-## Configuration for Letsencrypt SSL Certificate
-## comment out when using an SSL Certificate from a CA other than Letsencrypt
-#  certbot:
-#    image: certbot/certbot
-#    volumes:
-#      - ./data/certbot/conf:/etc/letsencrypt
-#      - ./data/certbot/www:/var/www/certbot
-#    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
-...
-```
-
-Start the containers as usual.

data/nginx/scalelite/acme-challenge.location

@@ -0,0 +1,3 @@
+location /.well-known/acme-challenge/ {
+    root /var/www/certbot;
+}

data/nginx/scalelite/blacklist

@@ -0,0 +1,9 @@
+## Deny access to IPs or subnets.
+# deny IP;
+# deny subnet;
+# e.g.
+# deny 192.168.0.1;
+# deny 192.168.0.0/24;
+
+## Allow access to everything else.
+allow    all;

docker-compose.yml

@@ -1,99 +1,100 @@
 version: '3'
 
 volumes:
-  database_data:
-    driver: local
+  postgres-data:
+  redis-data:
 
 services:
-  nginx:
-    image: nginx:latest
-    restart: "no"
-    volumes:
-      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
-      - ./nginx/sites-enabled:/etc/nginx/sites-enabled
-      - ./nginx/sites.template:/etc/nginx/sites-available/sites.template
-      - ./nginx/default/html:/var/www/html
-      - ./nginx/log/nginx:/var/log/nginx
-      - ./data/certbot/conf:/etc/letsencrypt
-      - ./data/certbot/www:/var/www/certbot
-      - ./nginx/ssl/:/etc/ssl
+  postgres:
+    image: postgres:11.5-alpine
+    container_name: postgres
+    restart: unless-stopped
     ports:
-      - "80:80"
-      - "443:443"
+      - "127.0.0:5432:5432"
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
     environment:
-      - NGINX_HOSTNAME=${HOST_NAME:-sl.xlab.blindside-dev.com}
-    depends_on:
-      - scalelite.api
-    command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites-available/sites.template > /etc/nginx/sites-enabled/sites.conf && while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g 'daemon off;'"
+      - POSTGRES_USER=${POSTGRES_USER:-postgres}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
 
+  redis:
+    image: redis:5.0-alpine
+    container_name: redis
+    restart: on-failure
+    ports:
+      - 127.0.0.1:6379:6379
+    volumes:
+      - redis-data:/data
 
-## Configuration for Letsencrypt SSL Certificate
-## comment out when using an SSL Certificate from a CA other than Letsencrypt
   certbot:
     image: certbot/certbot
+    container_name: certbot
     volumes:
+      - ./log/certbot:/var/log/letsencrypt
       - ./data/certbot/conf:/etc/letsencrypt
       - ./data/certbot/www:/var/www/certbot
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
 
-
-  redis:
-    image: redis:5.0-alpine
-    restart: "no"
+  scalelite-nginx:
+    image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-nginx
+    container_name: scalelite-nginx
+    restart: unless-stopped
     ports:
-      - 127.0.0.1:6379:6379
-    volumes:
-      - ./data/redis/:/data
-
-
-  postgres:
-    image: postgres:11.7-alpine
-    restart: "no"
-    ports:
-      - 127.0.0.1:5432:5432
+      - "80:80"
+      - "443:443"
     volumes:
-      - ./data/postgres/:/var/lib/postgresql/data
+      - ./log/nginx/:/var/log/nginx
+      - ./data/certbot/conf:/etc/nginx/ssl
+      - ./data/certbot/www:/var/www/certbot
+      - ./data/nginx/scalelite:/etc/nginx/conf.d/scalelite
+      - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/published:/var/bigbluebutton/published
     environment:
-      - POSTGRES_DB=postgres
-      - POSTGRES_USER=postgres
-      - POSTGRES_PASSWORD=password
-
+      - NGINX_SSL=${NGINX_SSL-true}
+      - URL_HOST=${URL_HOST}
+    depends_on:
+      - scalelite-api
 
-  scalelite.api:
-    entrypoint: [bin/start]
-    image: blindsidenetwks/scalelite:latest
-    restart: "no"
+  scalelite-api:
+    image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-api
+    container_name: scalelite-api
+    restart: unless-stopped
     ports:
-      - 127.0.0.1:3000:3000
-    links:
-      - redis
-      - postgres
+      - "3000:3000"
     volumes:
-      - ./scalelite/log/api:/srv/scalelite/log
-      - ./scalelite/bin/start:/srv/scalelite/bin/start
-      - ./scalelite/config/database.yml:/srv/scalelite/config/database.yml
-      - ./scalelite/tmp/pids/:/usr/src/app/tmp/pids
-      - ./scalelite/tmp/sockets/:/usr/src/app/tmp/sockets
-      - ./scalelite/tmp/cache/assets:/usr/src/app/tmp/cache/assets
-    env_file: ./scalelite/.env
+      - ./log/scalelite/:/app/log
+      - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
     environment:
+      - SECRET_KEY_BASE=${SECRET_KEY_BASE}
+      - LOADBALANCER_SECRET=${LOADBALANCER_SECRET}
       - REDIS_URL=${REDIS_URL:-redis://redis:6379}
       - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
-      - URL_HOST=${HOST_NAME:-sl.xlab.blindside-dev.com}
-
+      - URL_HOST=${URL_HOST}
+    depends_on:
+      - postgres
+      - redis
 
-  scalelite.poller:
-    entrypoint: [bin/start-poller]
-    image: blindsidenetwks/scalelite:latest
-    restart: "no"
-    ports:
-      - 127.0.0.1:3001:3000
-    links:
+  scalelite-poller:
+    image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-poller
+    container_name: scalelite-poller
+    restart: unless-stopped
+    environment:
+      - REDIS_URL=${REDIS_URL:-redis://redis:6379}
+      - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
+    depends_on:
+      - postgres
       - redis
-    volumes:
-      - ./scalelite/log/poller:/srv/scalelite/log
-      - ./scalelite/bin/start-poller:/srv/scalelite/bin/start-poller
-    env_file: ./scalelite/.env
+      - scalelite-api
+
+  scalelite-recording-importer:
+    image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-recording-importer
+    container_name: scalelite-recording-importer
+    restart: unless-stopped
     environment:
       - REDIS_URL=${REDIS_URL:-redis://redis:6379}
-      - URL_HOST=${HOST_NAME:-sl.xlab.blindside-dev.com}
+      - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
+    volumes:
+      - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
+    depends_on:
+      - postgres
+      - redis
+      - scalelite-api

dotenv

@@ -1,3 +1,23 @@
-HOST_NAME=sl.xlab.blindside-dev.com
-REDIS_URL=redis://redis:6379
-DATABASE_URL=postgres://postgres:password@postgres:5432/scalelite?pool=5
+### Required by scalelite-api
+# SECRET_KEY_BASE=
+# LOADBALANCER_SECRET=
+#
+### Required by scalelite-api and scalelite-poller
+# REDIS_URL=
+#
+### Required by scalelite-api and scalelite-recording-importer
+# DATABASE_URL=
+# SCALELITE_RECORDING_DIR=/mnt/scalelite-recordings/var/bigbluebutton
+#
+### Required by scalelite-nginx (only When using SSL)
+# NGINX_SSL=true
+# SCALELITE_NGINX_EXTRA_OPTS=--mount type=bind,source=/etc/letsencrypt,target=/etc/nginx/ssl,readonly
+# URL_HOST=
+#
+### Required when when specific repo or version (other than defaults) are needed
+# SCALELITE_REPO=blindsidenetwks
+# SCALELITE_TAG=v1
+#
+### Optional for postgres when using docker-compose
+# POSTGRES_USER=
+# POSTGRES_PASSWORD=

init-letsencrypt.sh

@@ -5,13 +5,14 @@ if ! [ -x "$(command -v docker-compose)" ]; then
   exit 1
 fi
 
-HOST_NAME=$(grep HOST_NAME .env | cut -d '=' -f2)
+URL_HOST=$(grep URL_HOST .env | cut -d '=' -f2)
+echo $URL_HOST
 
-domains=($HOST_NAME)
+domains=($URL_HOST)
 rsa_key_size=4096
 data_path="./data/certbot"
-email="" # Adding a valid address is strongly recommended
-staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
+email="$LETSENCRYPT_EMAIL" # Adding a valid address is strongly recommended
+staging=${LETSENCRYPT_STAGING:-0} # Set to 1 if you're testing your setup to avoid hitting request limits
 
 if [ -d "$data_path" ]; then
   read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision
@@ -40,8 +41,8 @@ docker-compose run --rm --entrypoint "\
 echo
 
 
-echo "### Starting nginx ..."
-docker-compose up --force-recreate -d nginx
+echo "### Starting scalelite-nginx ..."
+docker-compose up --force-recreate -d scalelite-nginx
 echo
 
 echo "### Deleting dummy certificate for $domains ..."
@@ -78,5 +79,5 @@ docker-compose run --rm --entrypoint "\
     --force-renewal" certbot
 echo
 
-echo "### Reloading nginx ..."
-docker-compose exec nginx nginx -s reload
+echo "### Reloading scalelite-nginx ..."
+docker-compose exec scalelite-nginx nginx -s reload

nginx/default/html/index.html

@@ -1,25 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<title>Welcome to nginx!</title>
-<style>
-    body {
-        width: 35em;
-        margin: 0 auto;
-        font-family: Tahoma, Verdana, Arial, sans-serif;
-    }
-</style>
-</head>
-<body>
-<h1>Welcome to nginx!</h1>
-<p>If you see this page, the nginx web server is successfully installed and
-working. Further configuration is required.</p>
-
-<p>For online documentation and support please refer to
-<a href="http://nginx.org/">nginx.org</a>.<br/>
-Commercial support is available at
-<a href="http://nginx.com/">nginx.com</a>.</p>
-
-<p><em>Thank you for using nginx.</em></p>
-</body>
-</html>

nginx/nginx.conf

@@ -1,37 +0,0 @@
-user  nginx;
-worker_processes  1;
-
-error_log  /var/log/nginx/error.log warn;
-pid        /var/run/nginx.pid;
-
-
-events {
-    worker_connections  1024;
-}
-
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$http_x_forwarded_for"';
-
-    access_log  /var/log/nginx/access.log  main;
-
-    sendfile        on;
-    #tcp_nopush     on;
-
-    keepalive_timeout  65;
-
-    #gzip  on;
-
-    include /etc/nginx/conf.d/*.conf;
-
-    ##
-    # Virtual Host Configs
-    ##
-
-    include /etc/nginx/sites-enabled/*;
-}

nginx/sites.template

@@ -1,55 +0,0 @@
-#### For <$NGINX_HOSTNAME>
-
-upstream docker-scalelite {
-    server scalelite.api:3000;
-}
-
-server {
-    server_name $NGINX_HOSTNAME;
-
-    listen 80;
-    listen [::]:80;
-
-    location /.well-known/acme-challenge/ {
-        root /var/www/certbot;
-    }
-
-    location / {
-        return 301 https://$host$request_uri;
-    }
-}
-
-server {
-    server_name $NGINX_HOSTNAME;
-
-    listen 443 ssl;
-    listen [::]:443;
-
-    ## Configuration for Letsencrypt SSL Certificate
-    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
-
-    ## Configuration for SSL Certificate from a CA other than Letsencrypt
-    #ssl_certificate /etc/ssl/fullchain.pem;
-    #ssl_certificate_key /etc/ssl/privkey.pem;
-
-    location / {
-            proxy_pass  http://docker-scalelite;
-            proxy_read_timeout 60s;
-            proxy_redirect off;
-
-            proxy_set_header  Host $http_host;
-
-            proxy_set_header  X-Real-IP $remote_addr;
-            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header  Cookie "$http_cookie; ip=$remote_addr";
-
-            proxy_set_header  X-Forwarded-Proto $scheme;
-
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
-
-            rewrite ~/(.*)$ /$1 break;
-    }
-}

scalelite/bin/start

@@ -1,34 +0,0 @@
-#!/bin/sh
-
-if [ "$LOADBALNCER_SECRET" == "loadbalancer_secret" ] || [ "$SECRET_KEY_BASE" == "secret_key_base" ]; then
-  echo "ERROR: Detected default SECRET_KEY_BASE or LOADBALANCER_SECRET. Please generate a random value."
-  echo "Exiting..."
-  exit 1
-fi
-
-servers="$(RAILS_ENV=$RAILS_ENV bundle exec rake servers 2>&1)"
-echo $servers
-
-if [ "$RAILS_ENV" = "production" ] && [ "$DB_ADAPTER" = "postgresql" ]; then
-  while ! curl http://$DB_HOST:${DB_PORT:-5432}/ 2>&1 | grep '52'
-  do
-    echo "Waiting for postgres to start up ..."
-    sleep 1
-  done
-fi
-
-db_create="$(RAILS_ENV=$RAILS_ENV bundle exec rake db:create 2>&1)"
-echo $db_create
-
-if [[ $db_create == *"already exists"* ]]; then
-  echo ">>> Database migration"
-  bundle exec rake db:migrate
-else
-  echo ">>> Database initialization"
-  bundle exec rake db:schema:load
-fi
-
-exec tini -- bundle exec puma -C config/puma.rb "$@"
-#tail -f /dev/null
-#bundle exec puma -C config/puma.rb
-#bundle exec rails s -b 0.0.0.0 -p 3000

scalelite/bin/start-poller

@@ -1,5 +0,0 @@
-#!/bin/sh
-
-echo "Poller is starting..."
-exec tini -- bundle exec rake poll["$INTERVAL"]
-#tail -f /dev/null

scalelite/config/database.yml

@@ -1,23 +0,0 @@
-default: &default
-  pool: <%= ENV.fetch('RAILS_MAX_THREADS') { 5 } %>
-  timeout: 5000
-  adapter: postgresql
-  host: <%= ENV['DB_HOST'] %>
-  username: <%= ENV['DB_USERNAME'] %>
-  password: <%= ENV['DB_PASSWORD'] %>
-  encoding: unicode
-
-development:
-  <<: *default
-  database: scalelite_development
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-test:
-  <<: *default
-  database: scalelite_test
-
-production:
-  <<: *default
-  database: <%= ENV['DB_NAME'] || 'scalelite' %>

scalelite/dotenv

@@ -1,2 +0,0 @@
-SECRET_KEY_BASE=secret_key_base
-LOADBALANCER_SECRET=loadbalancer_secret

scripts/README.md

@@ -1,13 +0,0 @@
-# Helpers
-
-## Running automatic updates
-
-```
-sudo ln -s /home/ubuntu/scalelite-run/scripts/deploy.sh /usr/local/bin/scalelite-deploy
-sudo cp /home/ubuntu/scalelite-run/scripts/scalelite-auto-deployer.service /etc/systemd/system/scalelite-auto-deployer.service
-sudo cp /home/ubuntu/scalelite-run/scripts/scalelite-auto-deployer.timer /etc/systemd/system/scalelite-auto-deployer.timer
-sudo systemctl daemon-reload
-sudo systemctl enable scalelite-auto-deployer.service
-sudo systemctl enable scalelite-auto-deployer.timer
-sudo systemctl start scalelite-auto-deployer.timer
-```

scripts/build.sh

@@ -1,90 +0,0 @@
-#!/bin/bash
-
-################################################################################
-# For this script to work properly it is required to define some environment variables
-# in the CI/CD Env variable declaration, while others should be passed as parameters.
-#
-#------------------------------------------------------------------------------
-# Defined as part of the CD/CI Env Variables:
-#
-# CD_DOCKER_USERNAME
-# A DockerHub username to be used for uploading the build.
-#
-# CD_DOCKER_PASSWORD
-# A DockerHub password to be used for uploading the build.
-#
-# CD_DOCKER_REPO
-# A DockerHub repository. By default the CD_REF_SLUG is also used as the docker repo.
-#
-# CD_BUILD_ALL
-# As the build is supposed to be done only for master (for a nightly deployments) and for releases
-# (like 'release-2.0.5' for production deployments), it is additionally required to include this
-# variable in order to build any other brnach, as it may be required for testing or reviewing work
-# as part of the development process.
-#
-
-display_usage() {
-  echo "This script should be used as part of a CI strategy."
-  echo -e "Usage:\n  build_image.sh [ARGUMENTS]"
-  echo -e "\nMandatory arguments \n"
-  echo -e "  repo_slug     The git repository  (e.g. blindsidenetworks/scalelite)"
-  echo -e "\nOptional arguments \n"
-  echo -e "  branch | tag  The branch (e.g. master | release-2.0.5)"
-}
-
-# if less than two arguments supplied, display usage
-if [ $# -le 0 ]; then
-	display_usage
-	exit 1
-fi
-
-# check whether user had supplied -h or --help . If yes display usage
-if [[ ($# == "--help") ||  $# == "-h" ]]; then
-	display_usage
-	exit 0
-fi
-
-export CD_REF_SLUG=$1
-export CD_REF_NAME=$2
-if [ -z $CD_REF_NAME ]; then
-  export CD_REF_NAME=$(git branch | grep \* | cut -d ' ' -f2)
-fi
-
-if [ "$CD_REF_NAME" != "master" ] && [[ "$CD_REF_NAME" != *"release"* ]] && ( [ -z "$CD_BUILD_ALL" ] || [ "$CD_BUILD_ALL" != "true" ] ); then
-  echo "#### Docker image for $CD_REF_SLUG:$CD_REF_NAME won't be built"
-  exit 0
-fi
-
-# Set the version tag when it is a release or the commit sha was included.
-if [[ "$CD_REF_NAME" == *"v"* ]]; then
-  export CD_BUILD_NUMBER=${CD_REF_NAME:1}
-else
-  export CD_BUILD_NUMBER="$CD_REF_NAME ($(eval git rev-parse --short=7 HEAD))"
-fi
-
-# Build the image
-if [ -z $CD_DOCKER_REPO ]; then
-  export CD_DOCKER_REPO=$CD_REF_SLUG
-fi
-echo "#### Docker image $CD_DOCKER_REPO:$CD_REF_NAME is being built"
-docker build --build-arg BUILD_NUMBER="${CD_BUILD_NUMBER}" -t $CD_DOCKER_REPO:$CD_REF_NAME .
-
-if [ -z "$CD_DOCKER_USERNAME" ] || [ -z "$CD_DOCKER_PASSWORD" ]; then
-  echo "#### Docker image for $CD_DOCKER_REPO can't be published because CD_DOCKER_USERNAME or CD_DOCKER_PASSWORD are missing (Ignore this warning if running outside a CD/CI environment)"
-  exit 0
-fi
-
-# Publish the image
-docker login -u="$CD_DOCKER_USERNAME" -p="$CD_DOCKER_PASSWORD"
-echo "#### Docker image $CD_DOCKER_REPO:$CD_REF_NAME is being published"
-docker push $CD_DOCKER_REPO
-
-# Publish image as latest and v2 if it is a release (excluding alpha and beta)
-if [[ "$CD_REF_NAME" == *"v"* ]] && [[ "$CD_REF_NAME" != *"alpha"* ]] && [[ "$CD_REF_NAME" != *"beta"* ]]; then
-  docker_image_id=$(docker images | grep -E "^$CD_DOCKER_REPO.*$CD_REF_NAME" | awk -e '{print $3}')
-  docker tag $docker_image_id $CD_DOCKER_REPO:latest
-  docker push $CD_DOCKER_REPO:latest
-  docker tag $docker_image_id $CD_DOCKER_REPO:v2
-  docker push $CD_DOCKER_REPO:v2
-fi
-exit 0

scripts/deploy.sh

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-DIR="$(cd "$(dirname "$0")" && pwd)"
-STATUS="Status: Downloaded newer image for blindsidenetwks/scalelite:latest"
-
-new_status=$(sudo docker pull blindsidenetwks/scalelite:latest | grep Status:)
-
-echo $new_status
-
-if [ "$STATUS" == "$new_status" ]
-then
-  cd $DIR/..
-  docker-compose down
-  docker rmi $(docker images -f dangling=true -q)
-  docker-compose up -d
-fi
-
-exit 0

scripts/scalelite-auto-deployer.service

@@ -1,9 +0,0 @@
-[Unit]
-Description=ScaleLite Auto Deployer
-
-[Service]
-ExecStart=/bin/bash /opt/scalelite-run/scripts/deploy.sh
-
-[Install]
-WantedBy=multi-user.target
-Alias=scalelite-auto-deployer

scripts/scalelite-auto-deployer.timer

@@ -1,12 +0,0 @@
-[Unit]
-Description=Runs scalelite-deploy every minute
-
-[Timer]
-# Time to wait after booting before we run first time
-OnBootSec=1min
-# Time between running each consecutive time
-OnUnitActiveSec=1m
-Unit=scalelite-auto-deployer.service
-
-[Install]
-WantedBy=multi-user.target

scripts/scalelite-run.service

@@ -1,18 +0,0 @@
-[Unit]
-Description=ScaleLite Run
-After=network.target
-After=systemd-user-sessions.service
-After=network-online.target
-
-[Service]
-ExecStart=/bin/bash /opt/scalelite-run/scripts/start.sh
-ExecStop=/bin/bash /opt/scalelite-run/scripts/stop.sh
-TimeoutSec=30
-Restart=on-failure
-RestartSec=30
-StartLimitInterval=350
-StartLimitBurst=10
-
-[Install]
-WantedBy=multi-user.target
-Alias=scalelite-run

scripts/start.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-DIR="$(cd "$(dirname "$0")" && pwd)"
-
-cd $DIR/..
-docker-compose up -d

scripts/stop.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-DIR="$(cd "$(dirname "$0")" && pwd)"
-
-cd $DIR/..
-docker-compose down