From 8684505db67bc41822130dfec9110670f5655834 Mon Sep 17 00:00:00 2001 From: Filip Wandzio Date: Tue, 19 Aug 2025 02:12:13 +0200 Subject: Initialize the script Signed-off-by: Filip Wandzio --- whiterabbit.sh | 194 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 194 insertions(+) create mode 100644 whiterabbit.sh diff --git a/whiterabbit.sh b/whiterabbit.sh new file mode 100644 index 0000000..8f1d77d --- /dev/null +++ b/whiterabbit.sh @@ -0,0 +1,194 @@ +#!/bin/sh +set -e + +echo "Warning: secrets will be visible when typing. Press Enter after each input." + +# --- User input --- +printf "Base domain (e.g., example.com): " +read DOMAIN +printf "Subdomain for this instance (e.g., matrix1): " +read SUBDOMAIN +CN="$SUBDOMAIN.$DOMAIN" + +printf "Postgres secret: " +read POSTGRES_SECRET +printf "REG Secret (registration_shared_secret): " +read REG_SECRET + +# --- Directories --- +BASE_DIR="/opt/matrix/$CN" +mkdir -p "$BASE_DIR/data" +mkdir -p "$BASE_DIR/db" + +# --- Automatic port assignment --- +BASE_PORT=8008 +FEDERATION_PORT=8448 + +for dir in /opt/matrix/*; do + if [ -f "$dir/docker-compose.yml" ]; then + used_ports=$(grep 'ports:' -A1 "$dir/docker-compose.yml" | awk -F: '{print $2}' | tr -d '"') + for port in $used_ports; do + if [ "$port" ] && [ "$port" -ge "$BASE_PORT" ]; then + BASE_PORT=$((port + 1)) + fi + if [ "$port" ] && [ "$port" -ge "$FEDERATION_PORT" ]; then + FEDERATION_PORT=$((port + 1)) + fi + done + fi +done + +echo "Assigning ports: client-server=$BASE_PORT, federation=$FEDERATION_PORT" + +# --- Docker Compose --- +cat > "$BASE_DIR/docker-compose.yml" < /dev/null </dev/null 2>&1; then + echo "Installing dnsutils (needed for DNS checks)..." + sudo apt-get update && sudo apt-get install -y dnsutils +fi + +# Collect all VPS IPs (IPv4 + IPv6) +VPS_IPS=$(hostname -I | tr ' ' '\n') +echo "VPS addresses: $VPS_IPS" + +echo "Checking DNS propagation for $CN ..." +MAX_RETRIES=30 +SLEEP_SEC=10 +count=0 + +while true; do + DNS_IPS=$( (dig +short "$CN" A; dig +short "$CN" AAAA) | sort -u ) + MATCH="false" + + for dns_ip in $DNS_IPS; do + for vps_ip in $VPS_IPS; do + if [ "$dns_ip" = "$vps_ip" ]; then + MATCH="true" + break + fi + done + done + + if [ "$MATCH" = "true" ]; then + echo "$CN resolves correctly to one of the VPS IPs: $DNS_IPS" + break + else + count=$((count + 1)) + if [ "$count" -ge "$MAX_RETRIES" ]; then + echo "DNS propagation not detected after $((MAX_RETRIES*SLEEP_SEC)) seconds." + echo "Please make sure $CN points to this VPS and rerun the script." + exit 1 + fi + echo "DNS not ready yet ($count/$MAX_RETRIES). Found: $DNS_IPS Expected one of: $VPS_IPS" + echo "Retrying in $SLEEP_SEC seconds..." + sleep $SLEEP_SEC + fi +done + +# --- Obtain HTTPS certificate --- +sudo certbot certonly --nginx -d "$CN" --non-interactive --agree-tos -m "admin@$DOMAIN" + +sudo tee "$NGINX_CONF" > /dev/null <