d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
400bfe799f6dd80a9989449056a34c4f3006503c
proxmox/scripts/npmplus/automate-phase2-cert-sync.sh
defiQUG dbd517b279 Sync workspace: config, docs, scripts, CI, operator rules, and submodule pointers. 
- Update dbis_core, cross-chain-pmm-lps, explorer-monorepo, metamask-integration, pr-workspace/chains
- Omit embedded publish git dirs and empty placeholders from index

Made-with: Cursor
2026-04-12 06:12:20 -07:00

63 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Phase 2: Set up certificate synchronization
set -euo pipefail
# Load IP configuration
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
if [ -f "$PROJECT_ROOT/.env" ]; then
set +euo pipefail
source "$PROJECT_ROOT/.env" 2>/dev/null || true
set -euo pipefail
fi
PRIMARY_HOST="${PRIMARY_HOST:-192.168.11.11}"
SECONDARY_HOST="${SECONDARY_HOST:-192.168.11.12}"
REMOTE_PROJECT_ROOT="${REMOTE_PROJECT_ROOT:-$PROJECT_ROOT}"
# Colors
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[⚠]${NC} $1"; }
log_info "Setting up certificate synchronization..."
# Test sync script
log_info "Testing certificate sync..."
bash "$SCRIPT_DIR/sync-certificates.sh" || {
log_warn "Initial sync failed (may be expected if certificates don't exist yet)"
}
# Set up cron job on primary
log_info "Setting up automated certificate sync (cron job)..."
if [[ "$REMOTE_PROJECT_ROOT" == /tmp/* ]]; then
log_warn "Refusing to install cron from ephemeral remote path: $REMOTE_PROJECT_ROOT"
log_warn "Set REMOTE_PROJECT_ROOT to a persistent checkout on the target host."
exit 0
fi
if ! ssh -o StrictHostKeyChecking=no root@"$PRIMARY_HOST" "test -f '$REMOTE_PROJECT_ROOT/scripts/npmplus/sync-certificates.sh'"; then
log_warn "Remote project root missing on $PRIMARY_HOST: $REMOTE_PROJECT_ROOT"
log_warn "Skipping cron install to avoid a broken host path."
exit 0
fi
CRON_CMD="*/5 * * * * cd $REMOTE_PROJECT_ROOT && bash $REMOTE_PROJECT_ROOT/scripts/npmplus/sync-certificates.sh >> /var/log/npmplus-cert-sync.log 2>&1"
ssh -o StrictHostKeyChecking=no root@"$PRIMARY_HOST" "{ crontab -l 2>/dev/null | grep -v 'sync-certificates.sh' || true; echo '$CRON_CMD'; } | crontab -"
log_success "Cron job installed on primary host"
log_success "Phase 2 complete: Certificate sync configured"
Reference in New Issue View Git Blame Copy Permalink