updated scripts

2026-02-22 11:18:38 +01:00
parent 1fb2ff0516
commit c085de45dd
3 changed files with 233 additions and 36 deletions
@@ -144,6 +144,11 @@ CUSTOMER_ID=""
 CF_TUNNEL_TOKEN=""
 HUB_CUSTOMER=""
 HUB_PASSWORD=""
+HUB_CONFIG_TMP=""   # path to downloaded hub config temp file (set by apply_hub_config)
+DOMAIN_FROM_CLI=false
+EMAIL_FROM_CLI=false
+CF_TOKEN_FROM_CLI=false
+CF_TUNNEL_FROM_CLI=false

 # Directories
 DOCKER_DATA_DIR="/opt/docker"
@@ -302,13 +307,13 @@ parse_args() {
                INTERFACE="$2"; shift 2 ;;
            --domain)
                require_arg "$1" "${2:-}"
-                BASE_DOMAIN="$2"; shift 2 ;;
+                BASE_DOMAIN="$2"; DOMAIN_FROM_CLI=true; shift 2 ;;
            --email)
                require_arg "$1" "${2:-}"
-                ACME_EMAIL="$2"; shift 2 ;;
+                ACME_EMAIL="$2"; EMAIL_FROM_CLI=true; shift 2 ;;
            --cf-token)
                require_arg "$1" "${2:-}"
-                CF_DNS_API_TOKEN="$2"; shift 2 ;;
+                CF_DNS_API_TOKEN="$2"; CF_TOKEN_FROM_CLI=true; shift 2 ;;
            --traefik-password)
                require_arg "$1" "${2:-}"
                TRAEFIK_PASSWORD="$2"; shift 2 ;;
@@ -317,7 +322,7 @@ parse_args() {
                CUSTOMER_ID="$2"; shift 2 ;;
            --cf-tunnel-token)
                require_arg "$1" "${2:-}"
-                CF_TUNNEL_TOKEN="$2"; shift 2 ;;
+                CF_TUNNEL_TOKEN="$2"; CF_TUNNEL_FROM_CLI=true; shift 2 ;;
            --hub-customer)
                require_arg "$1" "${2:-}"
                HUB_CUSTOMER="$2"; shift 2 ;;
@@ -1461,6 +1466,88 @@ EOF
 }


+#-------------------------------------------------------------------------------
+# YAML helper: extract a single string value from a section+key
+# Usage: yaml_get <file> <top-level-section> <key>
+# Handles both quoted ("value") and unquoted values.
+#-------------------------------------------------------------------------------
+yaml_get() {
+    local file="$1" section="$2" key="$3"
+    awk -v s="${section}:" -v k="  ${key}:" '
+        /^[[:alpha:]]/ { in_s = ($0 == s) }
+        in_s && index($0, k) == 1 {
+            sub(/^[^:]*: */, ""); gsub(/^"|"$/, ""); print; exit
+        }
+    ' "$file"
+}
+
+#-------------------------------------------------------------------------------
+# Hub mode: download controller.yaml early and extract infra vars
+# Called from main() before Traefik/infra setup so BASE_DOMAIN etc. are ready.
+#-------------------------------------------------------------------------------
+apply_hub_config() {
+    [[ -z "$HUB_CUSTOMER" ]] && return
+
+    log_info "Fetching configuration from Felhom Hub (customer: ${HUB_CUSTOMER})..."
+
+    if [[ "$DRY_RUN" == true ]]; then
+        echo -e "${CYAN}[DRY-RUN]${NC} Would fetch: https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
+        echo -e "${CYAN}[DRY-RUN]${NC} Would apply domain, email, CF tokens from hub config"
+        # Set plausible placeholders so the plan display is meaningful
+        [[ "$DOMAIN_FROM_CLI" == false ]]       && BASE_DOMAIN="<hub-domain>"
+        [[ "$EMAIL_FROM_CLI" == false ]]        && ACME_EMAIL="<hub-email>"
+        [[ "$CF_TOKEN_FROM_CLI" == false ]]     && CF_DNS_API_TOKEN="<hub-cf-token>"
+        [[ "$CF_TUNNEL_FROM_CLI" == false ]]    && CF_TUNNEL_TOKEN="<hub-cf-tunnel-token>"
+        return
+    fi
+
+    HUB_CONFIG_TMP=$(mktemp /tmp/felhom-hub-config-XXXXXX.yaml)
+
+    local hub_url="https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
+    local http_code
+    http_code=$(curl -fsSL \
+        -H "X-Retrieval-Password: ${HUB_PASSWORD}" \
+        -o "${HUB_CONFIG_TMP}" \
+        -w "%{http_code}" \
+        "${hub_url}" 2>&1) || true
+
+    if [[ "$http_code" != "200" ]]; then
+        rm -f "${HUB_CONFIG_TMP}"
+        HUB_CONFIG_TMP=""
+        log_error "Failed to fetch config from Felhom Hub (HTTP ${http_code})"
+        log_error "URL: ${hub_url}"
+        log_error "Check the customer ID and retrieval password, then re-run."
+        exit 1
+    fi
+
+    log_success "Hub config fetched successfully"
+
+    # Extract values from hub YAML
+    local hub_domain hub_email hub_cf_token hub_tunnel_token
+    hub_domain=$(yaml_get "${HUB_CONFIG_TMP}" "customer" "domain")
+    hub_email=$(yaml_get "${HUB_CONFIG_TMP}" "customer" "email")
+    hub_cf_token=$(yaml_get "${HUB_CONFIG_TMP}" "infrastructure" "cf_api_token")
+    hub_tunnel_token=$(yaml_get "${HUB_CONFIG_TMP}" "infrastructure" "cf_tunnel_token")
+
+    # Apply to script vars — CLI flags always take precedence
+    if [[ "$DOMAIN_FROM_CLI" == false && -n "$hub_domain" ]]; then
+        BASE_DOMAIN="$hub_domain"
+        log_info "  domain: ${BASE_DOMAIN} (from Hub)"
+    fi
+    if [[ "$EMAIL_FROM_CLI" == false && -n "$hub_email" ]]; then
+        ACME_EMAIL="$hub_email"
+        log_info "  email: ${ACME_EMAIL} (from Hub)"
+    fi
+    if [[ "$CF_TOKEN_FROM_CLI" == false && -n "$hub_cf_token" ]]; then
+        CF_DNS_API_TOKEN="$hub_cf_token"
+        log_info "  cf_api_token: ${CF_DNS_API_TOKEN:0:6}... (from Hub)"
+    fi
+    if [[ "$CF_TUNNEL_FROM_CLI" == false && -n "$hub_tunnel_token" ]]; then
+        CF_TUNNEL_TOKEN="$hub_tunnel_token"
+        log_info "  cf_tunnel_token: ${CF_TUNNEL_TOKEN:0:6}... (from Hub)"
+    fi
+}
+
 #-------------------------------------------------------------------------------
 # Generate minimal controller.yaml — full configuration via web UI setup wizard
 #-------------------------------------------------------------------------------
@@ -1474,30 +1561,24 @@ generate_minimal_config() {
    mkdir -p "${CONTROLLER_DIR}"

    if [[ -n "$HUB_CUSTOMER" ]]; then
-        log_step "${step_num}/$(get_total_steps) - Downloading controller.yaml from Felhom Hub..."
+        log_step "${step_num}/$(get_total_steps) - Installing controller.yaml from Felhom Hub..."

        if [[ "$DRY_RUN" == true ]]; then
-            echo -e "${CYAN}[DRY-RUN]${NC} Would download controller.yaml from https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
+            echo -e "${CYAN}[DRY-RUN]${NC} Would install hub controller.yaml to ${CONTROLLER_DIR}/controller.yaml"
            return
        fi

-        local hub_url="https://hub.felhom.eu/api/v1/config/${HUB_CUSTOMER}"
-        local http_code
-        http_code=$(curl -fsSL \
-            -H "X-Retrieval-Password: ${HUB_PASSWORD}" \
-            -o "${CONTROLLER_DIR}/controller.yaml" \
-            -w "%{http_code}" \
-            "${hub_url}" 2>&1) || true
-
-        if [[ "$http_code" == "200" ]]; then
-            chmod 600 "${CONTROLLER_DIR}/controller.yaml"
-            log_success "controller.yaml downloaded from Felhom Hub (customer: ${HUB_CUSTOMER})"
+        # Config was already downloaded by apply_hub_config() early in main()
+        if [[ -n "$HUB_CONFIG_TMP" && -f "$HUB_CONFIG_TMP" ]]; then
+            mv "${HUB_CONFIG_TMP}" "${CONTROLLER_DIR}/controller.yaml"
+            HUB_CONFIG_TMP=""
        else
-            log_error "Failed to download controller.yaml from Hub (HTTP ${http_code})"
-            log_error "URL: ${hub_url}"
-            log_error "Check the customer ID and retrieval password, then re-run."
+            log_error "Hub config temp file not found — apply_hub_config() may not have run"
            exit 1
        fi
+
+        chmod 600 "${CONTROLLER_DIR}/controller.yaml"
+        log_success "controller.yaml installed from Felhom Hub (customer: ${HUB_CUSTOMER})"
        return
    fi

@@ -1734,7 +1815,11 @@ main() {
    if [[ "$DEBUG_MODE" == true ]]; then
        set -x
    fi
-    
+
+    # Hub mode: download config early so BASE_DOMAIN, ACME_EMAIL, CF tokens are
+    # available before Traefik and other infra steps run
+    apply_hub_config
+
    print_banner
    check_debian