admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docker-setup.sh fixed for hub config

Browse Source
This commit is contained in:
authentik Default Admin
2026-02-22 10:43:45 +01:00
parent ed3970b5fd
commit 1fb2ff0516
2 changed files with 79 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/docker-setup.sh
+78 -5
View File
@@ -31,6 +31,8 @@
# --cf-token TOKEN Cloudflare API token for DNS-01 TLS
# --cf-tunnel-token TK Cloudflare Tunnel token (optional)
# --customer ID Customer identifier (optional, set in web wizard)
# --hub-customer ID Download config from Felhom Hub: customer ID
# --hub-password PW Download config from Felhom Hub: retrieval password
# --traefik-password PW Password for Traefik dashboard (default: auto-generated)
# --self-signed-cert Generate self-signed wildcard certificate
# --skip-filebrowser Skip FileBrowser installation
@@ -42,6 +44,9 @@
# sudo ./docker-setup.sh --domain demo-felhom.eu --customer demo-felhom \
# --email certs@felhom.eu --cf-token cf-xxx
#
# Hub mode example:
# sudo ./docker-setup.sh --hub-customer demo-felhom --hub-password <retrieval-pw>
#
#===============================================================================
set -euo pipefail
@@ -137,6 +142,8 @@ SELF_SIGNED_CERT=false
DEBUG_MODE=false
CUSTOMER_ID=""
CF_TUNNEL_TOKEN=""
HUB_CUSTOMER=""
HUB_PASSWORD=""
# Directories
DOCKER_DATA_DIR="/opt/docker"
@@ -207,6 +214,8 @@ OPTIONS:
--bootstrap Install sudo (run first on fresh Debian)
--domain DOMAIN Base domain for services (required)
--customer ID Customer identifier (optional, set in web wizard)
--hub-customer ID Download config from Felhom Hub: customer ID
--hub-password PW Download config from Felhom Hub: retrieval password
--ip ADDRESS Static IP address
--gateway ADDRESS Gateway (default: 192.168.0.1)
--dns ADDRESS DNS servers, comma-separated (default: 1.1.1.1,8.8.8.8)
@@ -259,6 +268,9 @@ EXAMPLES:
sudo ./docker-setup.sh --domain demo-felhom.eu --customer demo-felhom \
--ip 192.168.0.50 --email certs@felhom.eu --cf-token cf-xxx \
--cf-tunnel-token eyJhIjoi...
# Hub mode — download pre-configured controller.yaml from Felhom Hub
sudo ./docker-setup.sh --hub-customer demo-felhom --hub-password <retrieval-password>
EOF
}
@@ -306,6 +318,12 @@ parse_args() {
--cf-tunnel-token)
require_arg "$1" "${2:-}"
CF_TUNNEL_TOKEN="$2"; shift 2 ;;
--hub-customer)
require_arg "$1" "${2:-}"
HUB_CUSTOMER="$2"; shift 2 ;;
--hub-password)
require_arg "$1" "${2:-}"
HUB_PASSWORD="$2"; shift 2 ;;
--self-signed-cert) SELF_SIGNED_CERT=true; shift ;;
--skip-filebrowser) SKIP_FILEBROWSER=true; shift ;;
--dry-run) DRY_RUN=true; shift ;;
@@ -373,6 +391,22 @@ parse_args() {
exit 1
fi
fi
# Validate hub mode: both flags must be used together
if [[ -n "$HUB_CUSTOMER" && -z "$HUB_PASSWORD" ]]; then
log_error "--hub-customer requires --hub-password"
exit 1
fi
if [[ -n "$HUB_PASSWORD" && -z "$HUB_CUSTOMER" ]]; then
log_error "--hub-password requires --hub-customer"
exit 1
fi
if [[ -n "$HUB_CUSTOMER" ]]; then
if [[ ! "$HUB_CUSTOMER" =~ ^[a-zA-Z0-9_-]+$ ]]; then
log_error "Hub customer ID must be alphanumeric (hyphens/underscores allowed): $HUB_CUSTOMER"
exit 1
fi
fi
}
#-------------------------------------------------------------------------------
@@ -1436,6 +1470,37 @@ CONTROLLER_DIR="/opt/docker/felhom-controller"
generate_minimal_config() {
local step_num=5
[[ "$SELF_SIGNED_CERT" == true ]] && ((step_num++))
mkdir -p "${CONTROLLER_DIR}"
if [[ -n "$HUB_CUSTOMER" ]]; then
log_step "${step_num}/$(get_total_steps) - Downloading controller.yaml from Felhom Hub..."
if [[ "$DRY_RUN" == true ]]; then
echo -e "${CYAN}[DRY-RUN]${NC} Would download controller.yaml from https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
return
fi
local hub_url="https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
local http_code
http_code=$(curl -fsSL \
-H "X-Retrieval-Password: ${HUB_PASSWORD}" \
-o "${CONTROLLER_DIR}/controller.yaml" \
-w "%{http_code}" \
"${hub_url}" 2>&1) || true
if [[ "$http_code" == "200" ]]; then
chmod 600 "${CONTROLLER_DIR}/controller.yaml"
log_success "controller.yaml downloaded from Felhom Hub (customer: ${HUB_CUSTOMER})"
else
log_error "Failed to download controller.yaml from Hub (HTTP ${http_code})"
log_error "URL: ${hub_url}"
log_error "Check the customer ID and retrieval password, then re-run."
exit 1
fi
return
fi
log_step "${step_num}/$(get_total_steps) - Generating minimal controller.yaml..."
if [[ "$DRY_RUN" == true ]]; then
@@ -1443,8 +1508,6 @@ generate_minimal_config() {
return
fi
mkdir -p "${CONTROLLER_DIR}"
# Build optional customer.id line
local customer_id_line=""
if [[ -n "$CUSTOMER_ID" ]]; then
@@ -1594,7 +1657,9 @@ print_summary() {
echo ""
echo -e "${BOLD}Server IP:${NC} ${server_ip}"
echo -e "${BOLD}Domain:${NC} *.${BASE_DOMAIN}"
if [[ -n "$CUSTOMER_ID" ]]; then
if [[ -n "$HUB_CUSTOMER" ]]; then
echo -e "${BOLD}Customer:${NC} ${HUB_CUSTOMER} (from Hub)"
elif [[ -n "$CUSTOMER_ID" ]]; then
echo -e "${BOLD}Customer:${NC} ${CUSTOMER_ID}"
fi
echo ""
@@ -1683,14 +1748,22 @@ main() {
if [[ "$SELF_SIGNED_CERT" == true ]]; then
echo " 5. Generate self-signed certificate"
fi
echo " - Generate minimal controller.yaml"
if [[ -n "$HUB_CUSTOMER" ]]; then
echo " - Download controller.yaml from Felhom Hub (customer: ${HUB_CUSTOMER})"
else
echo " - Generate minimal controller.yaml"
fi
echo " - Install Cloudflare Tunnel: $([[ -n "$CF_TUNNEL_TOKEN" ]] && echo "yes" || echo "skip")"
echo " - Install FileBrowser: $([[ "$SKIP_FILEBROWSER" == true ]] && echo "skip" || echo "yes (auto-discover drives)")"
echo " - Deploy felhom-controller"
echo " - Install helper tools (ctop, lazydocker, aliases)"
echo ""
echo " Domain: *.${BASE_DOMAIN}"
echo " Customer: ${CUSTOMER_ID:-<none — will be set in web setup wizard>}"
if [[ -n "$HUB_CUSTOMER" ]]; then
echo " Hub customer: ${HUB_CUSTOMER} (config downloaded from Hub)"
else
echo " Customer: ${CUSTOMER_ID:-<none — will be set in web setup wizard>}"
fi
echo " Traefik password: ${TRAEFIK_PASSWORD}"
if [[ -n "$ACME_EMAIL" && -n "$CF_DNS_API_TOKEN" ]]; then
echo -e " TLS: ${GREEN}Let's Encrypt (Cloudflare DNS-01)${NC}"