#!/usr/bin/env bash # Recreate Containers as Privileged and Complete All Tasks # This script recreates containers as privileged and completes all installations set -uo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" # shellcheck source=/dev/null source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true NODE_IP="${PROXMOX_HOST_R630_01:-192.168.11.11}" BACKUP_DIR="/root/container-backups-$(date +%Y%m%d-%H%M%S)" log_info() { echo -e "\033[0;32m[INFO]\033[0m $1"; } log_error() { echo -e "\033[0;31m[ERROR]\033[0m $1"; } log_success() { echo -e "\033[0;32m[✓]\033[0m $1"; } log_warn() { echo -e "\033[1;33m[WARN]\033[0m $1"; } # Backup container configuration backup_container_config() { local vmid="$1" log_info "Backing up configuration for CT $vmid..." ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no root@${NODE_IP} " mkdir -p $BACKUP_DIR pct config $vmid > $BACKUP_DIR/ct-\${vmid}.conf 2>&1 echo 'Config backed up' " && log_success "Config backed up for CT $vmid" || log_error "Failed to backup CT $vmid" } # Recreate container as privileged (template - needs customization per container) recreate_container_privileged() { local vmid="$1" local hostname="$2" local ip="$3" local memory="${4:-2048}" local cores="${5:-2}" local disk="${6:-20}" log_info "Recreating CT $vmid as privileged..." ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no root@${NODE_IP} " # Stop and destroy old container pct stop $vmid 2>/dev/null || true pct destroy $vmid 2>/dev/null || true # Create new privileged container pct create $vmid \\ local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \\ --storage thin1 \\ --hostname $hostname \\ --memory $memory \\ --cores $cores \\ --rootfs thin1:\${disk} \\ --net0 name=eth0,bridge=vmbr0,gw=${NETWORK_GATEWAY:-192.168.11.1},ip=\${ip}/24,type=veth \\ --unprivileged 0 \\ --swap 512 \\ --onboot 1 \\ --timezone America/Los_Angeles \\ --features nesting=1,keyctl=1 # Start container pct start $vmid sleep 5 echo 'Container recreated' " && log_success "CT $vmid recreated as privileged" || log_error "Failed to recreate CT $vmid" } # Install PostgreSQL (will work with privileged containers) install_postgresql() { local vmid="$1" log_info "Installing PostgreSQL on CT $vmid..." ssh -o ConnectTimeout=15 -o StrictHostKeyChecking=no root@${NODE_IP} "pct enter $vmid <<'INSTALL_EOF' export DEBIAN_FRONTEND=noninteractive apt-get update -qq apt-get install -y -qq postgresql-15 postgresql-contrib-15 || exit 1 sed -i \"s/#listen_addresses = .*/listen_addresses = '*'/\" /etc/postgresql/15/main/postgresql.conf 2>/dev/null || true echo \"host all all 0.0.0.0/0 md5\" >> /etc/postgresql/15/main/pg_hba.conf 2>/dev/null || true systemctl enable postgresql@15-main systemctl start postgresql@15-main sleep 3 systemctl is-active postgresql@15-main && echo 'PostgreSQL installed' || exit 1 INSTALL_EOF " && log_success "PostgreSQL installed on CT $vmid" || log_error "Failed to install PostgreSQL on CT $vmid" } # Install Redis install_redis() { local vmid="$1" log_info "Installing Redis on CT $vmid..." ssh -o ConnectTimeout=15 -o StrictHostKeyChecking=no root@${NODE_IP} "pct enter $vmid <<'INSTALL_EOF' export DEBIAN_FRONTEND=noninteractive apt-get update -qq apt-get install -y -qq redis-server || exit 1 sed -i \"s/^bind .*/bind 0.0.0.0/\" /etc/redis/redis.conf 2>/dev/null || true systemctl enable redis-server systemctl restart redis-server sleep 2 systemctl is-active redis-server && echo 'Redis installed' || exit 1 INSTALL_EOF " && log_success "Redis installed on CT $vmid" || log_error "Failed to install Redis on CT $vmid" } # Install Node.js install_nodejs() { local vmid="$1" log_info "Installing Node.js on CT $vmid..." ssh -o ConnectTimeout=15 -o StrictHostKeyChecking=no root@${NODE_IP} "pct enter $vmid <<'INSTALL_EOF' export DEBIAN_FRONTEND=noninteractive apt-get update -qq apt-get install -y -qq curl ca-certificates gnupg || exit 1 curl -fsSL https://deb.nodesource.com/setup_18.x | bash - || exit 1 apt-get install -y -qq nodejs || exit 1 npm install -g pm2 || exit 1 node --version && npm --version && echo 'Node.js installed' || exit 1 INSTALL_EOF " && log_success "Node.js installed on CT $vmid" || log_error "Failed to install Node.js on CT $vmid" } echo "═══════════════════════════════════════════════════════════" echo "Recreate Containers as Privileged and Complete All Tasks" echo "═══════════════════════════════════════════════════════════" echo "" log_warn "WARNING: This script will DESTROY and RECREATE containers!" log_warn "All data in containers will be lost unless backed up separately!" echo "" read -p "Type 'YES' to continue: " confirm if [ "$confirm" != "YES" ]; then log_error "Aborted by user" exit 1 fi # Container definitions (VMID, Hostname, IP, Memory, Cores, Disk) declare -A CONTAINERS=( ["10000"]="order-postgres-primary:${ORDER_POSTGRES_PRIMARY:-${ORDER_POSTGRES_PRIMARY:-192.168.11.44}}:4096:4:50" ["10001"]="order-postgres-replica:${ORDER_POSTGRES_REPLICA:-${ORDER_POSTGRES_REPLICA:-192.168.11.45}}:4096:4:50" ["10020"]="order-redis:${ORDER_REDIS_IP:-192.168.11.38}:2048:2:20" ["10030"]="order-identity:${IP_SERVICE_40:-${IP_SERVICE_40:-${IP_SERVICE_40:-192.168.11.40}}}:2048:2:20" ["10040"]="order-intake:${IP_SERVICE_41:-${IP_SERVICE_41:-${IP_SERVICE_41:-192.168.11.41}}}:2048:2:20" ["10050"]="order-finance:${IP_SERVICE_49:-${IP_SERVICE_49:-${IP_SERVICE_49:-192.168.11.49}}}:2048:2:20" ["10060"]="order-dataroom:${IP_SERVICE_42:-${IP_SERVICE_42:-${IP_SERVICE_42:-192.168.11.42}}}:2048:2:20" ["10070"]="order-legal:${IP_ORDER_LEGAL:-192.168.11.87}:2048:2:20" ["10080"]="order-eresidency:${IP_SERVICE_43:-${IP_SERVICE_43:-${IP_SERVICE_43:-192.168.11.43}}}:2048:2:20" ["10090"]="order-portal-public:${IP_SERVICE_36:-${IP_SERVICE_36:-${IP_SERVICE_36:-${IP_SERVICE_36:-${IP_SERVICE_36:-${IP_SERVICE_36:-192.168.11.36}}}}}}:2048:2:20" ["10091"]="order-portal-internal:${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-192.168.11.35}}}}}}:2048:2:20" ["10092"]="order-mcp-legal:${IP_ORDER_MCP_LEGAL:-192.168.11.94}:2048:2:20" ["10100"]="dbis-postgres-primary:${PROXMOX_HOST_ML110}5:4096:4:50" ["10101"]="dbis-postgres-replica-1:${PROXMOX_HOST_ML110}6:4096:4:50" ["10120"]="dbis-redis:${PROXMOX_HOST_R630_02}0:2048:2:20" ["10130"]="dbis-frontend:${IP_DBIS_FRONTEND:-${IP_SERVICE_13:-${IP_SERVICE_13:-${IP_SERVICE_13:-${IP_SERVICE_13:-${IP_SERVICE_13:-192.168.11.13}}}}}0}:2048:2:20" ["10150"]="dbis-api-primary:${IP_DBIS_API:-${IP_DBIS_API:-192.168.11.155}}:4096:4:30" ["10151"]="dbis-api-secondary:${IP_DBIS_API_2:-${IP_DBIS_API_2:-192.168.11.156}}:4096:4:30" ) # Step 1: Backup configurations log_info "Step 1: Backing up container configurations..." for vmid in "${!CONTAINERS[@]}"; do backup_container_config "$vmid" done # Step 2: Recreate containers (commented out for safety - uncomment when ready) log_warn "Step 2: Container recreation is COMMENTED OUT for safety" log_warn "Uncomment the recreation section in the script when ready to proceed" # for vmid in "${!CONTAINERS[@]}"; do # IFS=':' read -r hostname ip memory cores disk <<< "${CONTAINERS[$vmid]}" # recreate_container_privileged "$vmid" "$hostname" "$ip" "$memory" "$cores" "$disk" # sleep 2 # done # Step 3: Install services (will work after recreation) log_info "Step 3: Service installation will proceed after container recreation" log_info "Use scripts/complete-all-tasks-parallel-comprehensive.sh after recreation" echo "" log_info "Backup complete. Container recreation script ready." log_warn "Uncomment recreation section and run again when ready to proceed."