-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup-environment.sh
More file actions
executable file
·204 lines (177 loc) · 5.62 KB
/
setup-environment.sh
File metadata and controls
executable file
·204 lines (177 loc) · 5.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
#!/bin/bash
# SPDX-FileCopyrightText: 2025 Juan Manuel Méndez Rey
# SPDX-License-Identifier: GPL-3.0-or-later
set -e
echo "🔧 Conquer Web Environment Setup"
echo "================================"
echo ""
# Function to generate a random password
generate_password() {
openssl rand -base64 16 | tr -d "=+/" | cut -c1-16
}
# Function to validate domain
validate_domain() {
local domain=$1
# Allow subdomains: conquer.vejeta.com, example.com, sub.example.co.uk
if [[ $domain =~ ^[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\.[a-zA-Z]{2,}$ ]]; then
return 0
else
return 1
fi
}
# Function to validate email
validate_email() {
local email=$1
if [[ $email =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
return 0
else
return 1
fi
}
# Setup local environment
setup_local() {
echo "📋 Setting up LOCAL development environment..."
echo ""
# Get username
read -p "Enter username for local development: " LOCAL_USER
while [ -z "$LOCAL_USER" ]; do
read -p "Username cannot be empty. Enter username: " LOCAL_USER
done
# Get password or generate one
read -p "Enter password for local development (or press Enter to generate): " LOCAL_PASS
if [ -z "$LOCAL_PASS" ]; then
LOCAL_PASS=$(generate_password)
echo "Generated password: $LOCAL_PASS"
fi
# Get max clients
read -p "Maximum concurrent users for local [10]: " LOCAL_MAX_CLIENTS
LOCAL_MAX_CLIENTS=${LOCAL_MAX_CLIENTS:-10}
# Create local.env
cat > config/local.env << EOF
# Local Development Environment Configuration
ENVIRONMENT=local
DOMAIN=conquer.local
APACHE_HTTP_PORT=80
APACHE_HTTPS_PORT=443
CERT_TYPE=selfsigned
CERT_PATH=./apache/certs/live/conquer.local
APACHE_CONFIG=apache/local.conf
DOCKER_COMPOSE_FILE=docker-compose.local.yml
# Self-signed certificate settings
CERT_COUNTRY=US
CERT_STATE=CA
CERT_CITY="San Francisco"
CERT_ORG="Local Development"
CERT_DAYS=365
# Security settings
TTYD_USERNAME=$LOCAL_USER
TTYD_PASSWORD=$LOCAL_PASS
MAX_CLIENTS=$LOCAL_MAX_CLIENTS
SESSION_TIMEOUT=3600
EOF
echo "✅ Local environment configured!"
echo " URL: https://conquer.local"
echo " Username: $LOCAL_USER"
echo " Password: $LOCAL_PASS"
echo ""
}
# Setup production environment
setup_vps_production() {
echo "📋 Setting up PRODUCTION environment..."
echo ""
# Get domain
while true; do
read -p "Enter your production domain (e.g., game.example.com): " PROD_DOMAIN
if validate_domain "$PROD_DOMAIN"; then
break
else
echo "❌ Invalid domain format. Please try again."
fi
done
# Get email
while true; do
read -p "Enter email for Let's Encrypt certificates: " PROD_EMAIL
if validate_email "$PROD_EMAIL"; then
break
else
echo "❌ Invalid email format. Please try again."
fi
done
# Get username
read -p "Enter username for production access (avoid common names like 'admin'): " PROD_USER
while [ -z "$PROD_USER" ] || [ "$PROD_USER" = "admin" ] || [ "$PROD_USER" = "user" ] || [ "$PROD_USER" = "conquer" ]; do
echo "⚠️ Please choose a unique, non-default username"
read -p "Enter username for production access: " PROD_USER
done
# Get password or generate one
read -p "Enter STRONG password for production (or press Enter to generate one): " PROD_PASS
if [ -z "$PROD_PASS" ]; then
PROD_PASS=$(generate_password)
echo "Generated strong password: $PROD_PASS"
fi
# Get max clients
read -p "Maximum concurrent users for production [5]: " PROD_MAX_CLIENTS
PROD_MAX_CLIENTS=${PROD_MAX_CLIENTS:-5}
# Get session timeout
read -p "Session timeout in seconds [1800]: " PROD_TIMEOUT
PROD_TIMEOUT=${PROD_TIMEOUT:-1800}
# Create production.env
cat > config/production.env << EOF
# Production Environment Configuration
ENVIRONMENT=production
DOMAIN=$PROD_DOMAIN
APACHE_HTTP_PORT=80
APACHE_HTTPS_PORT=443
CERT_TYPE=letsencrypt
CERT_PATH=./apache/certs/live/$PROD_DOMAIN
APACHE_CONFIG=vps/virtualhost.conf.template
DOCKER_COMPOSE_FILE=docker-compose.vps.yml
# Let's Encrypt settings
LETSENCRYPT_EMAIL=$PROD_EMAIL
LETSENCRYPT_WEBROOT=/var/lib/letsencrypt
LETSENCRYPT_STAGING=false
# Security settings
TTYD_USERNAME=$PROD_USER
TTYD_PASSWORD=$PROD_PASS
MAX_CLIENTS=$PROD_MAX_CLIENTS
SESSION_TIMEOUT=$PROD_TIMEOUT
EOF
echo "✅ Production environment configured!"
echo " URL: https://$PROD_DOMAIN"
echo " Username: $PROD_USER"
echo " Password: $PROD_PASS"
echo " Email: $PROD_EMAIL"
echo ""
echo "⚠️ IMPORTANT: Save these credentials securely!"
echo ""
}
# Main menu
echo "🔧 Choose your deployment type:"
echo "1) Local development (Docker Apache + Conquer containers)"
echo "2) VPS production (Host Apache + Conquer container)"
echo ""
read -p "Choose option (1-2): " CHOICE
case $CHOICE in
1)
setup_local
;;
2)
setup_vps_production
;;
*)
echo "❌ Invalid choice. Please run the script again."
exit 1
;;
esac
echo "🎯 Setup complete!"
echo ""
echo "📋 Next steps:"
echo " - Run './start-local.sh' for local development"
echo " - Run './start-production.sh' for production deployment"
echo " - Check './health-check.sh' to verify everything works"
echo ""
echo "🔐 Security reminders:"
echo " - Environment files are excluded from git"
echo " - Change passwords regularly"
echo " - Keep backup of production credentials"
echo " - Set up certificate renewal cron job for production"