add minio and museum setup scripts

2024-11-03 00:38:46 -06:00
parent 209b65d933
commit da069610fb
4 changed files with 200 additions and 0 deletions
--- a/setup_minio.sh
+++ b/setup_minio.sh
@ -0,0 +1,73 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status.
+set -e
+
+# Download and install MinIO server
+wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /usr/local/bin/minio
+
+# Make the MinIO binary executable
+chmod +x /usr/local/bin/minio
+
+# Create a new user and group named 'minio'
+sudo groupadd -r minio
+sudo useradd -r -s /sbin/nologin -g minio -d /usr/local/bin/minio minio
+
+# Create a directory for MinIO server configuration and data
+sudo mkdir -p /etc/minio /var/lib/minio
+
+# Set ownership and permissions for the MinIO data directory
+sudo chown minio:minio /var/lib/minio
+
+# Configure MinIO server as a systemd service
+sudo tee /etc/systemd/system/minio.service > /dev/null <<EOL
+[Unit]
+Description=MinIO
+Documentation=https://docs.min.io
+Wants=network-online.target
+After=network-online.target
+AssertFileIsExecutable=/usr/local/bin/minio
+
+[Service]
+WorkingDirectory=/var/lib/minio
+User=minio
+Group=minio
+ProtectSystem=full
+EnvironmentFile=-/etc/default/minio
+ExecStartPre=/bin/bash -c "[ -n \"\${MINIO_VOLUMES}\" ]"
+ExecStart=/usr/local/bin/minio server \$MINIO_OPTS \$MINIO_VOLUMES
+# Let systemd restart this service always
+Restart=always
+# Specifies the maximum file descriptor number that can be opened by this process
+LimitNOFILE=65536
+# Specifies the maximum number of threads this process can create
+TasksMax=infinity
+
+[Install]
+WantedBy=multi-user.target
+EOL
+
+# Reload systemd manager configuration
+sudo systemctl daemon-reload
+
+# Start the MinIO service
+sudo systemctl start minio
+
+# Enable MinIO service to start on boot
+sudo systemctl enable minio
+
+echo "MinIO server has been set up successfully. Access the server at http://localhost:9000"
+
+# The setup_minio.sh script installs and configures the MinIO server as a systemd service on a Linux system. It downloads the MinIO binary, creates a new user and group for MinIO, sets up the necessary directories, and configures the MinIO server as a systemd service.
+
+# Key points:
+# - The script uses wget to download the MinIO server binary and places it in /usr/local/bin/minio.
+# - It creates a new user and group named 'minio' to run the MinIO server.
+# - The script creates directories for MinIO server configuration (/etc/minio) and data (/var/lib/minio) and sets the appropriate ownership and permissions.
+# - It configures the MinIO server as a systemd service by creating a unit file at /etc/systemd/system/minio.service.
+# - The MinIO service is started and enabled to run on boot using systemctl commands.
+# - The script provides a message indicating that the MinIO server setup was successful and provides the URL to access the server (http://localhost:9000).
+
+# Overall, the script automates the setup process for the MinIO server, making it easier to deploy and manage the object storage service on a Linux system.
+
+# Note: The script assumes that the system has wget installed and that the necessary dependencies for running the MinIO server are available. It may need to be adjusted based on the specific Linux distribution and environment.
--- a/setup_minio_nginx.sh
+++ b/setup_minio_nginx.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status.
+set -e
+
+# MinIO server should be running on port 9000
+MINIO_PORT=9000
+
+# Configure nginx to proxy requests to the MinIO server
+sudo tee /etc/nginx/sites-available/minio.sa.vin.conf > /dev/null <<EOL
+server {
+    listen 80;
+    server_name minio.sa.vin;
+
+    location / {
+        proxy_pass http://
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOL
+
+# Create a symbolic link to enable the site
+sudo ln -s /etc/nginx/sites-available/minio.sa.vin /etc/nginx/sites-enabled/
+
+# Reload nginx to apply changes
+sudo systemctl reload nginx
+
+# Use certbot to add SSL certificate for the MinIO server
+sudo certbot --nginx -d minio.sa.vin
+
+echo "MinIO server has been set up successfully. Access the server at https://minio.sa.vin"
--- a/setup_museum.sh
+++ b/setup_museum.sh
@ -0,0 +1,63 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status.
+set -e
+
+# set the local repo location
+LOCAL_REPO="~/src/ente"
+INSTALL_DIR="/usr/local/bin/"
+LIB_DIR="/var/lib/museum/"
+PORT=1098
+
+cd $LOCAL_REPO/server
+
+# sed command to replace `server.Run(":8080")` with `server.Run(":$PORT")`
+sed -i "s/server.Run(\":8080\")/server.Run(\":$PORT\")/g" cmd/museum/main.go
+
+go build -o museum cmd/museum/main.go
+
+sudo cp museum $INSTALL_DIR
+
+# Create a new user and group named 'museum'
+sudo groupadd -r museum
+sudo useradd -r -g museum -d $LIB_DIR -s /sbin/nologin -c "museum user" museum
+
+
+sudo mkdir -p $LIB_DIR
+sudo cp -r migrations $LIB_DIR
+sudo cp -r mail-templates $LIB_DIR
+sudo cp -r configurations $LIB_DIR
+sudo cp museum.yaml $LIB_DIR
+sudo chown -R museum:museum $LIB_DIR
+
+# Create a new systemd service file for the museum service
+sudo tee /etc/systemd/system/museum.service > /dev/null <<EOL
+[Unit]
+Description=Museum Service
+After=syslog.target
+After=network.target
+Wants=postgresql.service
+After=postgresql.service
+
+[Service]
+Type=simple
+User=museum
+Group=museum
+WorkingDirectory=$LIB_DIR
+ExecStart=$INSTALL_DIR/museum
+Restart=always
+WatchdogSec=30s
+
+[Install]
+WantedBy=multi-user.target
+EOL
+
+# Reload systemd manager configuration
+sudo systemctl daemon-reload
+
+# Start the museum service
+sudo systemctl start museum
+
+# Enable the museum service to start on boot
+sudo systemctl enable museum
+
--- a/setup_museum_nginx.sh
+++ b/setup_museum_nginx.sh
@ -0,0 +1,30 @@
+#!/bin/bash
+
+PORT=1098
+
+# Configure nginx to proxy requests to the museum service
+sudo tee /etc/nginx/sites-available/museum.sa.vin.conf > /dev/null <<EOL
+server {
+    listen 80;
+    server_name museum.sa.vin;
+
+    location / {
+        proxy_pass http://127.0.0.1:$PORT;
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOL
+
+# Create a symbolic link to enable the site
+sudo ln -s /etc/nginx/sites-available/museum /etc/nginx/sites-enabled/
+
+# Reload nginx to apply changes
+sudo systemctl reload nginx
+
+# Use certbot to add SSL certificate for the museum service
+sudo certbot --nginx -d museum.sa.vin
+
+echo "Museum service has been set up successfully. Access the service at https://museum.sa.vin"