This repository has been archived by the owner on Sep 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapply-config.sh
executable file
·130 lines (108 loc) · 3.46 KB
/
apply-config.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/bin/vbash
# shellcheck shell=bash
# shellcheck source=/dev/null
dry_run=true
if [[ "$(id -g -n)" != 'vyattacfg' ]] ; then
exec sg vyattacfg -c "/bin/vbash $(readlink -f "$0") $*"
fi
while getopts "c" options; do
case "${options}" in
# -c Commit changes - default is dry-run
c)
echo 'Will commit changes'
dry_run=false
;;
*)
echo 'error in command line parsing' >&2
exit 1
;;
esac
done
# Load secrets into ENV vars
if [[ -f "/config/secrets.sops.env" ]]; then
export SOPS_AGE_KEY_FILE=/config/secrets/age.key
mapfile environmentAsArray < <(
sops --decrypt "/config/secrets.sops.env" |
grep --invert-match '^#' |
grep --invert-match '^\s*$'
) # Uses grep to remove commented and blank lines
if [ -f "/config/vyos.env" ]; then
mapfile array2 < <(
cat "/config/vyos.env" \
| grep --invert-match '^#' \
| grep --invert-match '^\s*$'
)
environmentAsArray+=(${array2[*]})
fi
for variableDeclaration in "${environmentAsArray[@]}"; do
export "${variableDeclaration//[$'\r\n']/}" # The substitution removes the line breaks
done
fi
# Apply environment to container (configuration) files
restart_containers=""
while IFS= read -r -d '' file
do
cfgfile="${file%.tmpl}"
shafile="${file}.sha256"
if ! test -e "${shafile}"; then
echo "rebuild" >"${shafile}"
fi
newsha=$(envsubst <"${file}" | shasum -a 256 | awk '{print $1}')
oldsha=$(cat "${shafile}")
if ! test "${newsha}" == "${oldsha}"; then
echo "Configuration changed for ${file}"
if ! "${dry_run}"; then
envsubst <"${file}" >"${cfgfile}"
echo "${newsha}" >"${shafile}"
restart_containers="${restart_containers} $(echo "${file}" | awk -F / '{print $1}')"
fi
fi
done < <(find containers -type f -name "*.tmpl" -print0)
# Include VyOS specific functions and aliases
source /opt/vyatta/etc/functions/script-template
# Reset the configuration
load /opt/vyatta/etc/config.boot.default
# Load all config files
for f in /config/config-parts/*.sh; do
if [[ -f "${f}" ]]; then
echo "Processing ${f}"
source "${f}"
fi
done
if "${dry_run}"; then
# Show what's different from the running config
compare
else
# Pull new container images
mapfile -t AVAILABLE_IMAGES < <(run show container image | awk '{ if ( NR > 1 ) { print $1 ":" $2} }')
mapfile -t CONFIG_IMAGES < <(sed -nr "s/set container name .* image '(.*)'/\1/p" /config/config-parts/* | uniq)
for image in "${CONFIG_IMAGES[@]}"; do
if [[ ! " ${AVAILABLE_IMAGES[*]} " =~ \ ${image}\ ]]; then
echo "Pulling image ${image}"
run add container image "${image}"
fi
done
# Commit and save
echo "Committing and saving config"
commit
save
# Clean obsolete container images
IFS=$'\n' read -rd '' -a AVAILABLE_IMAGES <<<"$(run show container image | tail -n +2)"
for image in "${AVAILABLE_IMAGES[@]}"; do
image_name=$(echo "${image}" | awk '{ print $1 }')
image_tag=$(echo "${image}" | awk '{ print $2 }')
image_id=$(echo "${image}" | awk '{ print $3 }')
image_name_tag="${image_name}:${image_tag}"
if [[ ! " ${CONFIG_IMAGES[*]} " =~ \ ${image_name_tag}\ ]]; then
echo "Removing container ${image_name_tag}"
run delete container image "${image_id}"
fi
done
# Restart containers
for container in ${restart_containers}; do
run restart container "${container}"
done
fi
# Clean annoying overlay* folders
sudo find "/config" -name "overlay*" -type d -prune -exec rm -rf "{}" \;
exit