Initial PlayBull release with Trilogy Hub integration.
Includes homelab deploy tooling, image position/zoom manifest persistence, and full trading/casino stack. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
135
deploy/fix-domain.sh
Normal file
135
deploy/fix-domain.sh
Normal file
@@ -0,0 +1,135 @@
|
||||
#!/usr/bin/env bash
|
||||
# Domain-Migration auf dem Homelab (DuckDNS + Nginx + Certbot)
|
||||
# Usage: sudo bash deploy/fix-domain.sh [neue-domain]
|
||||
set -euo pipefail
|
||||
|
||||
NEW_DOMAIN="${1:-trilogyhub.de}"
|
||||
OLD_DOMAIN="${2:-halmc.duckdns.org}"
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
APP_DIR="$(cd "${SCRIPT_DIR}/.." && pwd)"
|
||||
|
||||
if [[ "${EUID}" -ne 0 ]]; then
|
||||
echo "Bitte als root: sudo bash deploy/fix-domain.sh" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ENV_FILE="${APP_DIR}/deploy/env.homelab"
|
||||
if [[ ! -f "${ENV_FILE}" ]]; then
|
||||
echo "deploy/env.homelab fehlt" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "==> Domain: ${OLD_DOMAIN} -> ${NEW_DOMAIN}"
|
||||
|
||||
# env.homelab aktualisieren (Token behalten, CRLF entfernen)
|
||||
sed -i 's/\r$//' "${ENV_FILE}"
|
||||
if grep -q '^APP_DOMAIN=' "${ENV_FILE}"; then
|
||||
sed -i "s|^APP_DOMAIN=.*|APP_DOMAIN=${NEW_DOMAIN}|" "${ENV_FILE}"
|
||||
else
|
||||
echo "APP_DOMAIN=${NEW_DOMAIN}" >> "${ENV_FILE}"
|
||||
fi
|
||||
if grep -q '^DUCKDNS_DOMAIN=' "${ENV_FILE}"; then
|
||||
sed -i "s|^DUCKDNS_DOMAIN=.*|DUCKDNS_DOMAIN=${NEW_DOMAIN}|" "${ENV_FILE}"
|
||||
else
|
||||
echo "DUCKDNS_DOMAIN=${NEW_DOMAIN}" >> "${ENV_FILE}"
|
||||
fi
|
||||
chmod 600 "${ENV_FILE}"
|
||||
|
||||
# DuckDNS IP aktualisieren
|
||||
if grep -q '^DUCKDNS_TOKEN=.\+' "${ENV_FILE}" 2>/dev/null; then
|
||||
echo "==> DuckDNS Update"
|
||||
bash "${APP_DIR}/deploy/duckdns-update.sh" || echo " DuckDNS-Update fehlgeschlagen (manuell pruefen)"
|
||||
else
|
||||
echo " DuckDNS-Token leer — Update uebersprungen"
|
||||
fi
|
||||
|
||||
# Nginx LAN
|
||||
echo "==> Nginx LAN"
|
||||
sed -i 's/\r$//' "${APP_DIR}/deploy/nginx/bestewebsite-lan.conf" "${APP_DIR}/deploy/nginx/bestewebsite.conf" 2>/dev/null || true
|
||||
cp "${APP_DIR}/deploy/nginx/bestewebsite-lan.conf" /etc/nginx/sites-available/bestewebsite-lan
|
||||
ln -sf /etc/nginx/sites-available/bestewebsite-lan /etc/nginx/sites-enabled/00-bestewebsite-lan
|
||||
|
||||
# Nginx öffentlich — zuerst HTTP-only für Certbot
|
||||
echo "==> Nginx HTTP (Certbot-Vorbereitung)"
|
||||
cat > /etc/nginx/sites-available/bestewebsite <<EOF
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name ${NEW_DOMAIN};
|
||||
|
||||
client_max_body_size 30m;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3080;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host \$host;
|
||||
proxy_set_header X-Real-IP \$remote_addr;
|
||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||
}
|
||||
}
|
||||
EOF
|
||||
ln -sf /etc/nginx/sites-available/bestewebsite /etc/nginx/sites-enabled/bestewebsite
|
||||
nginx -t
|
||||
systemctl reload nginx
|
||||
|
||||
# Let's Encrypt Zertifikat
|
||||
echo "==> Certbot fuer ${NEW_DOMAIN}"
|
||||
CERTBOT_EMAIL="admin@${NEW_DOMAIN}"
|
||||
if certbot certificates 2>/dev/null | grep -q "${NEW_DOMAIN}"; then
|
||||
certbot renew --nginx --quiet || true
|
||||
else
|
||||
certbot --nginx -d "${NEW_DOMAIN}" --non-interactive --agree-tos --redirect -m "${CERTBOT_EMAIL}" || {
|
||||
echo "Certbot fehlgeschlagen — pruefe ob ${NEW_DOMAIN} auf diese Maschine zeigt (Port 80)." >&2
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
|
||||
# Finales Nginx-Template — Certbot-Zertifikat einbinden (kein erneutes certbot install)
|
||||
echo "==> Nginx HTTPS finalisieren"
|
||||
cp "${APP_DIR}/deploy/nginx/bestewebsite.conf" /etc/nginx/sites-available/bestewebsite
|
||||
if [[ ! -f "/etc/letsencrypt/live/${NEW_DOMAIN}/fullchain.pem" ]]; then
|
||||
echo "Zertifikat fehlt fuer ${NEW_DOMAIN}" >&2
|
||||
exit 1
|
||||
fi
|
||||
ln -sf /etc/nginx/sites-available/bestewebsite /etc/nginx/sites-enabled/bestewebsite
|
||||
nginx -t
|
||||
systemctl reload nginx
|
||||
|
||||
# Alte Domain optional auf neue weiterleiten (falls noch DNS zeigt)
|
||||
if [[ "${OLD_DOMAIN}" != "${NEW_DOMAIN}" ]]; then
|
||||
cat > /etc/nginx/sites-available/bestewebsite-legacy <<EOF
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name ${OLD_DOMAIN};
|
||||
return 301 https://${NEW_DOMAIN}\$request_uri;
|
||||
}
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
server_name ${OLD_DOMAIN};
|
||||
ssl_certificate /etc/letsencrypt/live/${OLD_DOMAIN}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${OLD_DOMAIN}/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
return 301 https://${NEW_DOMAIN}\$request_uri;
|
||||
}
|
||||
EOF
|
||||
if [[ -f "/etc/letsencrypt/live/${OLD_DOMAIN}/fullchain.pem" ]]; then
|
||||
ln -sf /etc/nginx/sites-available/bestewebsite-legacy /etc/nginx/sites-enabled/bestewebsite-legacy
|
||||
nginx -t && systemctl reload nginx
|
||||
echo " Redirect ${OLD_DOMAIN} -> ${NEW_DOMAIN} aktiv"
|
||||
else
|
||||
rm -f /etc/nginx/sites-enabled/bestewebsite-legacy
|
||||
fi
|
||||
fi
|
||||
|
||||
systemctl restart playbull || true
|
||||
|
||||
echo ""
|
||||
echo "=== Fertig ==="
|
||||
echo "HTTPS: https://${NEW_DOMAIN}"
|
||||
echo "LAN: http://192.168.178.49"
|
||||
echo "Test: curl -sfI https://${NEW_DOMAIN}/ | head -3"
|
||||
Reference in New Issue
Block a user