From 487c32ba1663accf134ecdb9aa2069227a3f2c52 Mon Sep 17 00:00:00 2001 From: okseby Date: Thu, 26 Feb 2026 16:45:42 -0500 Subject: [PATCH] fix certbot section --- install-wings.sh | 130 +++++++++++++++++------------------------------ 1 file changed, 48 insertions(+), 82 deletions(-) diff --git a/install-wings.sh b/install-wings.sh index 41c7984..5316814 100644 --- a/install-wings.sh +++ b/install-wings.sh @@ -1,13 +1,8 @@ #!/usr/bin/env bash set -euo pipefail -# Interactive installer for Docker + (optional) Certbot SSL + Calagopus Wings (calagopus/wings) -# Intended usage: -# curl -fsSL https://example.com/install-wings.sh | bash -# -# Notes: -# - Prompts read from /dev/tty so it still works when piped from curl. -# - Default answers are conservative (Docker install: NO, SSL setup: NO, reboot: NO). +# Seby's Calagopus Wings Installer +# Designed for curl | bash usage ######################################## # helpers @@ -22,7 +17,7 @@ have() { command -v "$1" >/dev/null 2>&1; } need_tty() { if [[ ! -r "$TTY" || ! -w "$TTY" ]]; then - err "No TTY available for interactive prompts. Run in an interactive shell." + err "No interactive TTY available." exit 1 fi } @@ -47,7 +42,7 @@ require_root_or_sudo() { if have sudo; then SUDO="sudo" else - err "This script needs root privileges (or sudo). Re-run as root or install sudo." + err "Root or sudo required." exit 1 fi else @@ -56,11 +51,13 @@ require_root_or_sudo() { } apt_install() { - local pkgs=("$@") $SUDO apt-get update -y - $SUDO apt-get install -y "${pkgs[@]}" + $SUDO apt-get install -y "$@" } +######################################## +# SSL config updater +######################################## update_wings_ssl_config() { local domain="$1" local cfg="/etc/calagopus/config.yml" @@ -68,51 +65,40 @@ update_wings_ssl_config() { local key="/etc/letsencrypt/live/${domain}/privkey.pem" if [[ ! -f "$cfg" ]]; then - warn "Calagopus config not found at $cfg; skipping SSL config update." - return 0 + warn "Config not found at $cfg — skipping SSL update." + return fi - if [[ ! -f "$cert" || ! -f "$key" ]]; then - warn "Certbot files not found ($cert / $key); skipping SSL config update." - return 0 - fi - - say "Updating Calagopus SSL settings in $cfg (backup: ${cfg}.bak)..." + say "Updating SSL section in $cfg" $SUDO cp -a "$cfg" "${cfg}.bak" - # Update the 'ssl:' block values (assumes the block exists with standard indentation) $SUDO awk -v cert="$cert" -v key="$key" ' BEGIN { inssl=0 } { if ($0 ~ /^ ssl:[[:space:]]*$/) { inssl=1; print; next } - if (inssl==1) { - # leave ssl block when we hit the next top-level (two-space) section if ($0 ~ /^ [^[:space:]]/ && $0 !~ /^ ssl:/) { inssl=0 } else if ($0 ~ /^ enabled:/) { print " enabled: true"; next } else if ($0 ~ /^ cert:/) { print " cert: " cert; next } else if ($0 ~ /^ key:/) { print " key: " key; next } } - print } ' "$cfg" | $SUDO tee "$cfg" >/dev/null - - say "Calagopus SSL block updated." } ######################################## -# checks +# Start ######################################## need_tty require_root_or_sudo if ! have apt-get; then - err "This script currently supports Debian/Ubuntu (apt)." + err "Only Debian/Ubuntu systems supported." exit 1 fi -say "Calagopus Wings bootstrap (Docker + optional SSL + Wings binary)" +say "Calagopus Wings Installer" ######################################## # Docker @@ -120,30 +106,31 @@ say "Calagopus Wings bootstrap (Docker + optional SSL + Wings binary)" if have docker; then say "Docker detected: $(docker --version || true)" else - warn "Docker is NOT installed." - if confirm_default_no "Install Docker now?"; then - say "Installing Docker via get.docker.com (CHANNEL=stable)..." + warn "Docker not installed." + if confirm_default_no "Install Docker?"; then apt_install ca-certificates curl curl -fsSL https://get.docker.com/ | CHANNEL=stable $SUDO bash - say "Docker installed: $(docker --version || true)" else - err "Docker is required for Wings. Exiting because you chose not to install Docker." + err "Docker required. Exiting." exit 1 fi fi ######################################## -# Optional SSL (Certbot standalone) +# SSL (Certbot standalone) ######################################## DO_SSL=false DOMAIN="" +EMAIL="" -if confirm_default_no "Set up SSL with certbot (standalone) now?"; then - DO_SSL=true - DOMAIN="$(prompt "Enter the domain name to issue a cert for (e.g. node1.example.com): ")" - if [[ -z "$DOMAIN" ]]; then - err "No domain entered. Skipping SSL." - DO_SSL=false +if confirm_default_no "Set up SSL with certbot (standalone)?"; then + DOMAIN="$(prompt "Enter domain (e.g. node.example.com): ")" + EMAIL="$(prompt "Enter email for Let's Encrypt notices: ")" + + if [[ -n "$DOMAIN" && -n "$EMAIL" ]]; then + DO_SSL=true + else + err "Domain and email required for SSL. Skipping." fi fi @@ -151,29 +138,30 @@ if $DO_SSL; then say "Installing certbot..." apt_install certbot - say "Requesting certificate for: $DOMAIN" - warn "Certbot standalone requires ports 80/443 to be reachable and not in use." - $SUDO certbot certonly --standalone -d "$DOMAIN" + warn "Ports 80/443 must be open and unused." + + $SUDO certbot certonly \ + --standalone \ + -d "$DOMAIN" \ + --non-interactive \ + --agree-tos \ + --email "$EMAIL" \ + --no-eff-email - # Update Calagopus config.yml ssl section update_wings_ssl_config "$DOMAIN" fi ######################################## -# Download Wings binary (calagopus/wings) +# Download Wings ######################################## say "Downloading Wings binary..." ARCH="$(uname -m)" case "$ARCH" in - x86_64|amd64) - WINGS_ARCH="x86_64" - ;; - aarch64|arm64) - WINGS_ARCH="aarch64" - ;; + x86_64|amd64) WINGS_ARCH="x86_64" ;; + aarch64|arm64) WINGS_ARCH="aarch64" ;; *) - err "Unsupported architecture: $ARCH (expected x86_64/amd64 or aarch64/arm64)." + err "Unsupported architecture: $ARCH" exit 1 ;; esac @@ -181,8 +169,6 @@ esac WINGS_URL="https://github.com/calagopus/wings/releases/latest/download/wings-rs-${WINGS_ARCH}-linux" WINGS_BIN="/usr/local/bin/wings" -say "Detected arch: $ARCH -> using asset: wings-rs-${WINGS_ARCH}-linux" -say "Downloading: $WINGS_URL" $SUDO curl -fL "$WINGS_URL" -o "$WINGS_BIN" $SUDO chmod +x "$WINGS_BIN" @@ -190,45 +176,25 @@ say "Wings installed to $WINGS_BIN" "$WINGS_BIN" version || true ######################################## -# Configure Wings (join-data) +# Configure ######################################## -say "Wings configuration" - -JOIN_DATA="" -if confirm_default_no "Run 'wings configure --join-data ...' now?"; then - JOIN_DATA="$(prompt "Paste the join-data string from your Calagopus panel (it can be long): ")" - if [[ -z "$JOIN_DATA" ]]; then - err "No join-data provided; skipping wings configure." - else +if confirm_default_no "Run wings configure --join-data now?"; then + JOIN_DATA="$(prompt "Paste join-data string: ")" + if [[ -n "$JOIN_DATA" ]]; then $SUDO mkdir -p /etc/calagopus $SUDO "$WINGS_BIN" configure --join-data "$JOIN_DATA" - say "Wings configured." fi -else - warn "Skipping 'wings configure'. You'll need to configure manually later." -fi - -if [[ -t 0 ]] && [[ -t 1 ]] && confirm_default_no "Open /etc/calagopus/config.yml in nano now?"; then - $SUDO nano /etc/calagopus/config.yml fi ######################################## -# Install & start service +# Install Service ######################################## -if confirm_default_no "Install Wings as a systemd service now? (wings service-install)"; then +if confirm_default_no "Install as systemd service? (wings service-install)"; then $SUDO "$WINGS_BIN" service-install - say "Service status:" $SUDO systemctl --no-pager status wings || true -else - warn "Skipping service installation." fi ######################################## -# Optional reboot +# Done ######################################## -if confirm_default_no "Reboot now?"; then - say "Rebooting..." - $SUDO reboot -else - say "Done. No reboot performed." -fi +say "Installation complete."