-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnetrics-docker-run
executable file
·216 lines (180 loc) · 7.91 KB
/
netrics-docker-run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
#!/bin/bash
#
# ensure dependencies on rpi
#
sudo apt-get install -y docker.io python3-toml
sudo modprobe tcp_bbr
#
# set up ndt-server
#
if [ ! -f /usr/local/bin/ndt-generate-local-test-certs ]; then
sudo curl \
-o /usr/local/bin/ndt-generate-local-test-certs \
https://raw.githubusercontent.com/m-lab/ndt-server/v0.20.6/gen_local_test_certs.bash
sudo chmod 775 /usr/local/bin/ndt-generate-local-test-certs
fi
if [ ! -f /usr/local/lib/ndt-server/certs/cert.pem ]; then
sudo mkdir -p /usr/local/lib/ndt-server
pushd /usr/local/lib/ndt-server
sudo install -d certs datadir
sudo /usr/local/bin/ndt-generate-local-test-certs
sudo chown root:$(id -g) certs/key.pem
sudo chmod g+r certs/key.pem
sudo chown root:$(id -g) datadir
sudo chmod g+w datadir
popd
sudo docker stop ndt7 &>/dev/null
sudo docker rm ndt7 &>/dev/null
sudo docker run \
--detach \
--restart=always \
--network=bridge \
--log-driver=local \
--publish 4444:4444 \
--publish 8888:8888 \
--volume /usr/local/lib/ndt-server/certs:/certs:ro \
--volume /usr/local/lib/ndt-server/datadir:/datadir \
--read-only \
--user $(id -u):$(id -g) \
--cap-drop=all \
--name ndt7 \
chicagocdac/ndt-server \
-cert /certs/cert.pem \
-key /certs/key.pem \
-datadir /datadir \
-ndt7_addr :4444 \
-ndt5_addr :3001 \
-ndt5_wss_addr :3010 \
-ndt7_addr_cleartext :8888
fi
#
# set up dashboard
#
if [ ! -e /var/lib/netrics-dashboard ]; then
sudo mkdir -p /var/lib/netrics-dashboard
sudo chown root:$(id -g) /var/lib/netrics-dashboard
sudo chmod g+w /var/lib/netrics-dashboard
fi
sudo mkdir -p /var/run/netrics-dashboard
if [ ! -f /var/run/netrics-dashboard/version ] || [ "$(</var/run/netrics-dashboard/version)" != 1.0.1 ]; then
TOPIC=$(</etc/nm-exp-active-netrics/nm-exp-active-netrics.toml \
python3 -c "import sys, toml; sys.stdout.write(toml.load(sys.stdin).get('topic', ''))")
sudo docker stop netrics-dashboard &>/dev/null
sudo docker rm netrics-dashboard &>/dev/null
sudo docker run \
--detach \
--restart=always \
--network=bridge \
--log-driver=local \
--publish 80:8080 \
\
\
--env DATAFILE_PENDING=/var/nm/nm-exp-active-netrics/upload/pending/${TOPIC:-default}/json/ \
--env DATAFILE_ARCHIVE=/var/nm/nm-exp-active-netrics/upload/archive/${TOPIC:-default}/json/ \
--volume /var/lib/netrics-dashboard:/var/lib/dashboard \
--volume /var/nm:/var/nm:ro \
--read-only \
--user $(id -u):$(id -g) \
--name netrics-dashboard \
chicagocdac/netrics-dashboard:1.0.1
sudo docker inspect \
--format="{{.Config.Labels.appversion}}" \
netrics-dashboard \
| sudo tee /var/run/netrics-dashboard/version \
| xargs echo netrics-dashboard:
fi
#
# set up data backups
#
cat <<'SCRIPT' | sudo tee /usr/local/bin/local-dashboard > /dev/null
#!/bin/sh
docker run \
--rm \
--network=bridge \
\
--volume /var/lib/netrics-dashboard:/var/lib/dashboard \
--volume /var/nm:/var/nm:rw \
--read-only \
--user $(id -u):$(id -g) \
--name netrics-dashboard-command \
chicagocdac/netrics-dashboard:1.0.1 \
python -m app.cmd "$@"
SCRIPT
sudo chmod +x /usr/local/bin/local-dashboard
cat <<'SCRIPT' | sudo tee /usr/local/bin/local-dashboard-backupdb > /dev/null
#!/bin/sh
if [ "$1" = --group ]
then
if [ "$#" -ne 3 ]
then
echo "Usage: $0 [--group GROUP] DIRECTORY" >&2
exit 1
fi
GROUP="$2"
shift 2
elif [ "$#" -ne 1 ]
then
echo "Usage: $0 [--group GROUP] DIRECTORY" >&2
exit 1
fi
/usr/local/bin/local-dashboard backupdb --compress "$1"
if [ -n "$GROUP" ]
then
find "$1/pending/survey" "$1/pending/trial" -type f -not -group $GROUP -print0 | xargs -0 -r chown $USER:$GROUP
find "$1/pending/survey" "$1/pending/trial" -type f -not -perm -g=w -print0 | xargs -0 -r chmod g+w
fi
SCRIPT
sudo chmod +x /usr/local/bin/local-dashboard-backupdb
cat <<'SCRIPT' | sudo tee /usr/local/bin/ndt7-backup > /dev/null
#!/bin/sh
if [ "$1" = --group ]
then
if [ "$#" -ne 3 ]
then
echo "Usage: $0 [--group GROUP] DIRECTORY" >&2
exit 1
fi
GROUP="$2"
shift 2
elif [ "$#" -ne 1 ]
then
echo "Usage: $0 [--group GROUP] DIRECTORY" >&2
exit 1
fi
SOURCE=/usr/local/lib/ndt-server/datadir/ndt7/
TARGET="$1/pending/ndt7/json/"
if [ ! -d "$TARGET" ]
then
echo "no such directory: $TARGET" >&2
exit 1
fi
if [ -n "$GROUP" ]
then
# correct ownership & permissions
find "$SOURCE" -type f -print0 | xargs -0 -r chown $USER:$GROUP
find "$SOURCE" -type f -group $GROUP -print0 | xargs -0 -r chmod g+w
# move into place
find "$SOURCE" -type f -group $GROUP -print0 | xargs -0 -r mv -t "$TARGET"
else
# move into place
find "$SOURCE" -type f -print0 | xargs -0 -r mv -t "$TARGET"
fi
# clean up source
find "$SOURCE" -mindepth 1 -type d -empty -delete
SCRIPT
sudo chmod +x /usr/local/bin/ndt7-backup
cat <<'CRONTAB' | sudo tee /etc/cron.d/nm-exp-local-dashboard > /dev/null
@midnight root /usr/local/bin/local-dashboard-backupdb --group netrics /var/nm/nm-exp-local-dashboard/upload/
@midnight root /usr/local/bin/ndt7-backup --group netrics /var/nm/nm-exp-local-dashboard/upload/
CRONTAB
for directory in /var/nm/nm-exp-local-dashboard/upload/pending/survey/csv/ \
/var/nm/nm-exp-local-dashboard/upload/pending/trial/csv/ \
/var/nm/nm-exp-local-dashboard/upload/archive/survey/csv/ \
/var/nm/nm-exp-local-dashboard/upload/archive/trial/csv/ \
/var/nm/nm-exp-local-dashboard/upload/pending/ndt7/json/ \
/var/nm/nm-exp-local-dashboard/upload/archive/ndt7/json/
do
sudo mkdir -p $directory
sudo chmod g+ws $directory
sudo chown netrics:netrics $directory
done