mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
feat: feature registry, auto-deploy, IP management, Docker support
Feature Manager (70+ features across 20 categories): - Web servers: Apache2, nginx, OpenLiteSpeed, Varnish - PHP: 7.4/8.1/8.2/8.3 multi-version, Composer - Databases: MySQL 8, MariaDB, PostgreSQL, Redis, Memcached, phpMyAdmin, phpPgAdmin - Email: Postfix, Dovecot, Roundcube, RainLoop, SpamAssassin, Rspamd, DKIM - DNS: BIND9, PowerDNS - FTP: ProFTPD, vsftpd, Pure-FTPd - SSL: Certbot/Let's Encrypt, acme.sh - Security: Fail2Ban, ModSecurity WAF, ImunifyAV, ClamAV, UFW, CrowdSec - Containers: Docker Engine, Docker Compose, Portainer CE, per-account Docker hosting - IP Management: Shared IPs (SNI), Dedicated IPs, IPv6 - Monitoring: Netdata, AWStats, GoAccess, Grafana+Prometheus - Backup: BorgBackup, rclone (S3/B2/GCS), Duplicati - CDN: Cloudflare API, PageSpeed Module - Dev: Gitea, Phusion Passenger, JupyterHub - One-click apps: WordPress+WP-CLI, auto-installer (50+ apps) - Billing: WHMCS bridge, BoxBilling - Reseller: White label, custom nameservers - Notifications: Email, Slack, Telegram - Compliance: Auditd, OSSEC HIDS Auto-deploy pipeline (deploy/): - webhook.php: HMAC-verified GitHub push webhook - deploy-runner.sh: PHP syntax validation → git pull → rsync → DB migrations → PHP-FPM reload - setup-deploy.sh: one-shot setup script, outputs GitHub webhook config - Runs every minute via cron; locked to prevent concurrent deploys Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,46 @@
|
||||
#!/usr/bin/env bash
|
||||
# Run once after install to configure the auto-deploy system
|
||||
# Usage: bash setup-deploy.sh <github_webhook_secret>
|
||||
set -euo pipefail
|
||||
|
||||
SECRET="${1:-$(openssl rand -hex 16)}"
|
||||
REPO_PATH="/opt/novacpx-src"
|
||||
WEB_ROOT="/srv/novacpx/public"
|
||||
|
||||
# Add deploy config to /etc/novacpx/config.ini
|
||||
python3 - <<PYEOF
|
||||
import configparser, os
|
||||
cfg = configparser.ConfigParser()
|
||||
cfg.read('/etc/novacpx/config.ini')
|
||||
if 'deploy' not in cfg: cfg['deploy'] = {}
|
||||
cfg['deploy']['webhook_secret'] = '$SECRET'
|
||||
cfg['deploy']['repo_path'] = '$REPO_PATH'
|
||||
cfg['deploy']['web_root'] = '$WEB_ROOT'
|
||||
cfg['deploy']['branch'] = 'main'
|
||||
with open('/etc/novacpx/config.ini', 'w') as f: cfg.write(f)
|
||||
print('Config updated')
|
||||
PYEOF
|
||||
|
||||
# Install deploy runner
|
||||
cp "$REPO_PATH/deploy/deploy-runner.sh" /usr/local/bin/novacpx-deploy
|
||||
chmod +x /usr/local/bin/novacpx-deploy
|
||||
|
||||
# Install webhook handler into web root
|
||||
mkdir -p "$WEB_ROOT/deploy"
|
||||
cp "$REPO_PATH/deploy/webhook.php" "$WEB_ROOT/deploy/webhook.php"
|
||||
chown www-data:www-data "$WEB_ROOT/deploy/webhook.php"
|
||||
|
||||
# Add cron job (every minute)
|
||||
(crontab -l 2>/dev/null | grep -v novacpx-deploy; echo "* * * * * root /usr/local/bin/novacpx-deploy >> /var/log/novacpx/deploy.log 2>&1") | crontab -
|
||||
|
||||
echo ""
|
||||
echo "Auto-deploy configured!"
|
||||
echo "Webhook URL: https://$(hostname -I | awk '{print $1}'):2083/deploy/webhook.php"
|
||||
echo "Webhook Secret: $SECRET"
|
||||
echo ""
|
||||
echo "Add this webhook to GitHub repo settings:"
|
||||
echo " Repo: https://github.com/myronblair/novacpx"
|
||||
echo " URL: https://$(hostname -I | awk '{print $1}'):2083/deploy/webhook.php"
|
||||
echo " Content-Type: application/json"
|
||||
echo " Secret: $SECRET"
|
||||
echo " Events: Push"
|
||||
Reference in New Issue
Block a user