forked from oscar.krause/fastapi-dls
Oscar Krause
4e5559bb85
Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
99 lines
3.0 KiB
Bash
99 lines
3.0 KiB
Bash
#!/bin/bash
|
|
|
|
WORKING_DIR=/usr/share/fastapi-dls
|
|
CONFIG_DIR=/etc/fastapi-dls
|
|
|
|
echo "> Create config directory ..."
|
|
mkdir -p $CONFIG_DIR
|
|
|
|
echo "> Install service ..."
|
|
cat <<EOF >/etc/systemd/system/fastapi-dls.service
|
|
[Unit]
|
|
Description=Service for fastapi-dls
|
|
After=network.target
|
|
|
|
[Service]
|
|
User=www-data
|
|
Group=www-data
|
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
WorkingDirectory=$WORKING_DIR
|
|
EnvironmentFile=$CONFIG_DIR/env
|
|
ExecStart=uvicorn main:app \\
|
|
--env-file /etc/fastapi-dls/env \\
|
|
--host \$DLS_URL --port \$DLS_PORT \\
|
|
--app-dir $WORKING_DIR/app \\
|
|
--ssl-keyfile /etc/fastapi-dls/webserver.key \\
|
|
--ssl-certfile /etc/fastapi-dls/webserver.crt \\
|
|
--proxy-headers
|
|
Restart=always
|
|
KillSignal=SIGQUIT
|
|
Type=simple
|
|
NotifyAccess=all
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
|
|
echo "> Writing default config parameters ..."
|
|
touch $CONFIG_DIR/env
|
|
cat <<EOF >$CONFIG_DIR/env
|
|
DLS_URL=127.0.0.1
|
|
DLS_PORT=443
|
|
LEASE_EXPIRE_DAYS=90
|
|
DATABASE=sqlite:///$CONFIG_DIR/db.sqlite
|
|
INSTANCE_KEY_RSA=$CONFIG_DIR/instance.private.pem
|
|
INSTANCE_KEY_PUB=$CONFIG_DIR/instance.public.pem
|
|
|
|
EOF
|
|
|
|
echo "> Create dls-instance keypair ..."
|
|
openssl genrsa -out $CONFIG_DIR/instance.private.pem 2048
|
|
openssl rsa -in $CONFIG_DIR/instance.private.pem -outform PEM -pubout -out $CONFIG_DIR/instance.public.pem
|
|
|
|
while true; do
|
|
read -p "> Do you wish to create self-signed webserver certificate? [Y/n]" yn
|
|
yn=${yn:-y} # ${parameter:-word} If parameter is unset or null, the expansion of word is substituted. Otherwise, the value of parameter is substituted.
|
|
case $yn in
|
|
[Yy]*)
|
|
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $CONFIG_DIR/webserver.key -out $CONFIG_DIR/webserver.crt
|
|
break
|
|
;;
|
|
[Nn]*) break ;;
|
|
*) echo "Please answer [y] or [n]." ;;
|
|
esac
|
|
done
|
|
|
|
if [[ -f $CONFIG_DIR/webserver.key ]]; then
|
|
echo "> Starting service ..."
|
|
systemctl start fastapi-dls.service
|
|
|
|
if [ -x "$(command -v curl)" ]; then
|
|
echo "> Testing API ..."
|
|
curl --insecure -X GET https://127.0.0.1/status
|
|
else
|
|
echo "> Testing API failed, curl not available. Please test manually!"
|
|
fi
|
|
fi
|
|
|
|
chown -R www-data:www-data $CONFIG_DIR
|
|
chown -R www-data:www-data $WORKING_DIR
|
|
|
|
cat <<EOF
|
|
|
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
|
# #
|
|
# fastapi-dls is now installed. #
|
|
# #
|
|
# Service should be up and running. #
|
|
# Webservice is listen to https://localhost #
|
|
# #
|
|
# Configuration is stored in ${CONFIG_DIR}/env #
|
|
# #
|
|
# #
|
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
|
|
|
EOF
|