diff --git a/.env b/.env new file mode 100644 index 0000000..b6b1992 --- /dev/null +++ b/.env @@ -0,0 +1,3 @@ +ROOT_URL=http://95.217.36.57:3000 +DOCKER_GROUP_ID=989 +DATA_MANAGER_DB_URL=postgresql://data_db:5432/user_data diff --git a/README.md b/README.md index f0e9c00..221bc44 100644 --- a/README.md +++ b/README.md @@ -388,3 +388,24 @@ Do you want to build load_manager? (Y/n): => => unpacking to docker.io/fast/load_manager:latest ``` +You can now run the built images using Docker commands, for example: + +## Setup Gitea Version controls system + +```bash +Do you want to set up Gitea (self-hosted git service)? (Y/n): +Cloning into 'lib'... +remote: Enumerating objects: 20, done. +remote: Counting objects: 100% (20/20), done. +remote: Compressing objects: 100% (15/15), done. +remote: Total 20 (delta 4), reused 0 (delta 0), pack-reused 0 (from 0) +Receiving objects: 100% (20/20), 6.30 KiB | 6.30 MiB/s, done. +Resolving deltas: 100% (4/4), done. +Enter the full path where you want to set up Fast (e.g., /opt/gitea): +``` + +After entering the path, the script will proceed to set up Gitea and ask if you want to start it immediately: + +```bash +Gitea has been set up at /opt/gitea +``` diff --git a/bin/create_key.sh b/bin/create_key.sh new file mode 100755 index 0000000..11a0500 --- /dev/null +++ b/bin/create_key.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +# This generates an environmental variable safe key for use in various applications. +KEY_LENGTH=$1 + +if [[ -z "$KEY_LENGTH" ]]; then + KEY_LENGTH=32 +fi + +KEY=$(head -c $KEY_LENGTH /dev/urandom | base64 | tr -d '=+/ ' | cut -c1-$KEY_LENGTH) +echo $KEY diff --git a/bin/generate_key.sh b/bin/generate_key.sh new file mode 100644 index 0000000..558f40f --- /dev/null +++ b/bin/generate_key.sh @@ -0,0 +1,5 @@ +#!/bin/bash +# This script generates a random 32-character alphanumeric key + +KEY=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 32) +echo "$KEY" diff --git a/bin/setup_env.sh b/bin/setup_env.sh index c8ac7f4..29d60d4 100755 --- a/bin/setup_env.sh +++ b/bin/setup_env.sh @@ -1,5 +1,7 @@ #!/bin/bash +SETUP_DIR=$PWD + # check if FAST_PATH is set, if not exit with a message if [ -z "$FAST_PATH" ]; then echo "FAST_PATH is not set." @@ -15,7 +17,7 @@ cd $FAST_PATH ENV_FILE=".env" # Define the keywords to look for (case-insensitive search for the value part) -KEYWORDS="(key|user|password|email)" +KEYWORDS="(KEY|USER|PASSWORD|EMAIL)" # Define the secure placeholder value for non-interactive mode SECURE_PLACEHOLDER="REPLACED_BY_SCRIPT" @@ -63,7 +65,7 @@ while IFS= read -r line; do VAR_VALUE_LOWER=$(echo "$VAR_VALUE_CLEANED" | tr '[:upper:]' '[:lower:]') # 3. Check if the value contains a sensitive keyword - if [[ "$VAR_VALUE_LOWER" =~ $KEYWORDS ]]; then + if [[ "$VAR_NAME" =~ $KEYWORDS ]]; then echo -e "\n⚠️ Sensitive variable found: **$VAR_NAME**" echo "Current value: $VAR_VALUE_RAW" @@ -77,8 +79,15 @@ while IFS= read -r line; do # if user entered an empty value, use the original value if [ -z "$NEW_VALUE" ]; then - NEW_VALUE="$VAR_VALUE_CLEANED" - echo "No input provided. Keeping original value." + + if [ -z "$VAR_VALUE_CLEANED" ]; then + echo "Original value is empty. Generating a new secure key using bin/create_key..." + NEW_VALUE=$($SETUP_DIR/bin/create_key.sh) + echo "Generated Key: $NEW_VALUE" + else + NEW_VALUE="$VAR_VALUE_CLEANED" + echo "No input provided. Keeping original value." + fi fi # Add quotes if value contains spaces diff --git a/bin/setup_gitea.sh b/bin/setup_gitea.sh new file mode 100755 index 0000000..2523b34 --- /dev/null +++ b/bin/setup_gitea.sh @@ -0,0 +1,35 @@ + +# clone the repository +git clone https://git.nxs.solutions/Fast/gitea.git lib + +# ask the user for the location where to setup Fast +read -p "Enter the full path where you want to set up Fast (e.g., /opt/gitea): " GITEA_PATH +# if the user input is empty, use /opt/fast as default + +if [ -z "$GITEA_PATH" ]; then + GITEA_PATH="/opt/gitea" +fi + +# create the directory if it doesn't exist +sudo mkdir -p "$GITEA_PATH" +sudo cp -r lib/* $GITEA_PATH +sudo rm -r lib + +sudo chown -R $USER:root $GITEA_PATH +echo "Gitea has been set up at $GITEA_PATH" + +# write GITEA_PATH to fast .env + +source $USER/.bashrc + +if [ -z "$FAST_PATH" ]; then + echo "FAST_PATH is not set. Please run setup_fast.sh first." + exit 1 +else + echo "GITEA_PATH=$GITEA_PATH" >> $FAST_PATH/.env +fi + +cd $GITEA_PATH +./setup.sh + +echo "Gitea setup script completed." diff --git a/config/.env b/config/.env index 88b641f..c0081dc 100644 --- a/config/.env +++ b/config/.env @@ -1,25 +1,25 @@ VERSION=1.0.0 LOG_LEVEL=DEBUG -RUNPOD_API_KEY=your_rupod_api_key_here +RUNPOD_API_KEY= REDIS_URL=redis://redis:6379/0 TASK_MANAGER_URL=http://fastflask-nginx-1/task/api/v1 -TASK_MANAGER_API_KEY=task_manager_api_key +TASK_MANAGER_API_KEY= SECRET_DATABASE_URL=sqlite:////app/data/secret.db SECRET_MANAGER_URL=http://fastflask-nginx-1/secret/api/v1 -SECRET_MANAGER_API_KEY=secret_manager_api_key +SECRET_MANAGER_API_KEY= POSTGRES_USER=your_postgres_user -POSTGRES_PASSWORD=your_postgres_password +POSTGRES_PASSWORD= STORAGE_DIR=/app/data ACCESS_DATABASE_URL=sqlite:////app/data/access.db ACCESS_MANAGER_URL=http://fastflask-nginx-1/access/api/v1 -ACCESS_MANAGER_API_KEY=access_manager_api_key +ACCESS_MANAGER_API_KEY= PROMETHEUS_URL=http://prometheus:9090 @@ -27,20 +27,21 @@ EXOSCALE_API_KEY=your_exoscale_api_key_here EXOSCALE_API_SECRET=your_exoscale_api_secret_here STRIPE_SECRET_KEY_PROD=your_stripe_api_secret_here -STRIPE_SECRET_KEY=your_stripe_api_key_here +STRIPE_SECRET_KEY=your_stripe_api_secret_here ADMIN_USERNAME=your_admin_username_here -ADMIN_PASSWORD=your_admin_password_here +ADMIN_PASSWORD= ADMIN_EMAIL=your_admin@email.com SMPT_SERVER=your_smtp_server.com SMPT_PORT=465 -JWT_SECRET_KEY=your_jwt_secret_key_here +JWT_SECRET_KEY= + SENDER_USER=your_smtp_username_here SENDER_PASSWORD=your_smtp_password_here SENDER_EMAIL=your_sender_email_here ACTIVATION_URL=https://your.activation.url/here -PERSONAL_API_KEY=your_personal_api_key_here +PERSONAL_API_KEY= diff --git a/setup.log b/setup.log deleted file mode 100644 index 9ec4dd2..0000000 --- a/setup.log +++ /dev/null @@ -1,316 +0,0 @@ -Hit:1 http://deb.debian.org/debian trixie InRelease -Hit:2 http://deb.debian.org/debian trixie-updates InRelease -Hit:3 https://download.docker.com/linux/debian trixie InRelease -Hit:4 http://deb.debian.org/debian trixie-backports InRelease -Hit:5 http://deb.debian.org/debian-security trixie-security InRelease -Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease -Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease -Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease -Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease -Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease -Reading package lists... -Building dependency tree... -Reading state information... -2 packages can be upgraded. Run 'apt list --upgradable' to see them. -Reading package lists... -Building dependency tree... -Reading state information... -Calculating upgrade... -Upgrading: - docker-ce docker-ce-cli - -Summary: - Upgrading: 2, Installing: 0, Removing: 0, Not Upgrading: 0 - Download size: 37.3 MB - Space needed: 5,120 B / 436 GB available - -Continue? [Y/n] Get:1 https://download.docker.com/linux/debian trixie/stable amd64 docker-ce-cli amd64 5:29.1.2-1~debian.13~trixie [16.3 MB] -Get:2 https://download.docker.com/linux/debian trixie/stable amd64 docker-ce amd64 5:29.1.2-1~debian.13~trixie [21.0 MB] -Fetched 37.3 MB in 0s (91.1 MB/s) -(Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52343 files and directories currently installed.) -Preparing to unpack .../docker-ce-cli_5%3a29.1.2-1~debian.13~trixie_amd64.deb ... -Unpacking docker-ce-cli (5:29.1.2-1~debian.13~trixie) over (5:29.1.1-1~debian.13~trixie) ... -Preparing to unpack .../docker-ce_5%3a29.1.2-1~debian.13~trixie_amd64.deb ... -Unpacking docker-ce (5:29.1.2-1~debian.13~trixie) over (5:29.1.1-1~debian.13~trixie) ... -Setting up docker-ce-cli (5:29.1.2-1~debian.13~trixie) ... -Setting up docker-ce (5:29.1.2-1~debian.13~trixie) ... -Processing triggers for man-db (2.13.1-1) ... -Reading package lists... -Building dependency tree... -Reading state information... -tmux is already the newest version (3.5a-3). -neovim is already the newest version (0.10.4-8). -mosh is already the newest version (1.4.0-1+b2). -zoxide is already the newest version (0.9.7-1+b1). -starship is already the newest version (1.22.1-5). -git is already the newest version (1:2.47.3-0+deb13u1). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Reading package lists... -Building dependency tree... -Reading state information... -ca-certificates is already the newest version (20250419). -curl is already the newest version (8.14.1-2+deb13u2). -build-essential is already the newest version (12.12). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -2025-12-03 10:55:55 - Installing pre-requisites -Hit:1 http://deb.debian.org/debian trixie InRelease -Hit:2 http://deb.debian.org/debian trixie-updates InRelease -Hit:3 https://download.docker.com/linux/debian trixie InRelease -Hit:4 http://deb.debian.org/debian trixie-backports InRelease -Hit:5 http://deb.debian.org/debian-security trixie-security InRelease -Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease -Hit:7 https://deb.nodesource.com/node_25.x nodistro InRelease -Hit:8 http://mirror.hetzner.com/debian/packages trixie-updates InRelease -Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease -Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease -Reading package lists... -Building dependency tree... -Reading state information... -All packages are up to date. -Reading package lists... -Building dependency tree... -Reading state information... -apt-transport-https is already the newest version (3.0.3). -ca-certificates is already the newest version (20250419). -curl is already the newest version (8.14.1-2+deb13u2). -gnupg is already the newest version (2.4.7-21). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Hit:1 http://deb.debian.org/debian trixie InRelease -Hit:2 http://deb.debian.org/debian trixie-updates InRelease -Hit:3 http://deb.debian.org/debian trixie-backports InRelease -Hit:4 http://deb.debian.org/debian-security trixie-security InRelease -Hit:5 https://download.docker.com/linux/debian trixie InRelease -Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease -Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease -Hit:8 http://mirror.hetzner.com/debian/packages trixie-backports InRelease -Hit:9 https://deb.nodesource.com/node_25.x nodistro InRelease -Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease -Reading package lists... -Building dependency tree... -Reading state information... -All packages are up to date. -2025-12-03 10:55:58 - Repository configured successfully. -2025-12-03 10:55:58 - To install Node.js, run: apt install nodejs -y -2025-12-03 10:55:58 - You can use N|solid Runtime as a node.js alternative -2025-12-03 10:55:58 - To install N|solid Runtime, run: apt install nsolid -y - -Reading package lists... -Building dependency tree... -Reading state information... -nodejs is already the newest version (25.2.0-1nodesource1). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Types: deb -URIs: https://download.docker.com/linux/debian -Suites: trixie -Components: stable -Signed-By: /etc/apt/keyrings/docker.asc -Hit:1 http://deb.debian.org/debian trixie InRelease -Hit:2 http://deb.debian.org/debian trixie-updates InRelease -Hit:3 https://download.docker.com/linux/debian trixie InRelease -Hit:4 http://deb.debian.org/debian trixie-backports InRelease -Hit:5 http://deb.debian.org/debian-security trixie-security InRelease -Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease -Hit:7 https://deb.nodesource.com/node_25.x nodistro InRelease -Hit:8 http://mirror.hetzner.com/debian/packages trixie-updates InRelease -Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease -Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease -Reading package lists... -Building dependency tree... -Reading state information... -All packages are up to date. -Reading package lists... -Building dependency tree... -Reading state information... -Calculating upgrade... -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Reading package lists... -Building dependency tree... -Reading state information... -docker-ce is already the newest version (5:29.1.2-1~debian.13~trixie). -docker-ce-cli is already the newest version (5:29.1.2-1~debian.13~trixie). -containerd.io is already the newest version (2.2.0-2~debian.13~trixie). -docker-buildx-plugin is already the newest version (0.30.1-1~debian.13~trixie). -docker-compose-plugin is already the newest version (2.40.3-1~debian.13~trixie). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Docker has been installed and configured. -Hit:1 http://deb.debian.org/debian trixie InRelease -Hit:2 http://deb.debian.org/debian trixie-updates InRelease -Hit:3 https://download.docker.com/linux/debian trixie InRelease -Hit:4 http://deb.debian.org/debian trixie-backports InRelease -Hit:5 http://deb.debian.org/debian-security trixie-security InRelease -Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease -Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease -Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease -Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease -Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease -Reading package lists... -Building dependency tree... -Reading state information... -All packages are up to date. -Reading package lists... -Building dependency tree... -Reading state information... -Calculating upgrade... -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Reading package lists... -Building dependency tree... -Reading state information... -ufw is already the newest version (0.36.2-9). -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 -Skipping adding existing rule -Skipping adding existing rule (v6) -Skipping adding existing rule -Skipping adding existing rule (v6) -Skipping adding existing rule -Skipping adding existing rule (v6) -Skipping adding existing rule -Skipping adding existing rule (v6) -Skipping adding existing rule -Skipping adding existing rule (v6) -Firewall is active and enabled on system startup -Status: active -Logging: on (low) -Default: deny (incoming), allow (outgoing), deny (routed) -New profiles: skip - -To Action From --- ------ ---- -22/tcp ALLOW IN Anywhere -80/tcp ALLOW IN Anywhere -443/tcp ALLOW IN Anywhere -2222/tcp ALLOW IN Anywhere -60000:61000/udp ALLOW IN Anywhere -22/tcp (v6) ALLOW IN Anywhere (v6) -80/tcp (v6) ALLOW IN Anywhere (v6) -443/tcp (v6) ALLOW IN Anywhere (v6) -2222/tcp (v6) ALLOW IN Anywhere (v6) -60000:61000/udp (v6) ALLOW IN Anywhere (v6) - -Removing .git directory to detach from the original repository... -FAST_PATH already exists in .bashrc. -Overwriting FAST_PATH in .bashrc... -FAST_PATH updated in .bashrc and sourced. -Fast has been set up at /opt/fast -Environment file copied to /opt/fast/.env -Mode: 🟢 Interactive (Will prompt for input) ---- .env File Security Checker --- -Searching for sensitive variables in .env... ------------------------------------ - -⚠️ Sensitive variable found: **RUNPOD_API_KEY** -Current value: your_rupod_api_key_here -my_runpod_api_key -Action: Manual update applied. - -⚠️ Sensitive variable found: **TASK_MANAGER_API_KEY** -Current value: task_manager_api_key -asd -Action: Manual update applied. - -⚠️ Sensitive variable found: **SECRET_MANAGER_API_KEY** -Current value: secret_manager_api_key -aa -Action: Manual update applied. - -⚠️ Sensitive variable found: **POSTGRES_USER** -Current value: your_postgres_user -admin -Action: Manual update applied. - -⚠️ Sensitive variable found: **POSTGRES_PASSWORD** -Current value: your_postgres_password -my_admin_postgres_pwd -Action: Manual update applied. - -⚠️ Sensitive variable found: **ACCESS_MANAGER_API_KEY** -Current value: access_manager_api_key - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **EXOSCALE_API_KEY** -Current value: your_exoscale_api_key_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **STRIPE_SECRET_KEY** -Current value: your_stripe_api_key_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **ADMIN_USERNAME** -Current value: your_admin_username_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **ADMIN_PASSWORD** -Current value: your_admin_password_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **ADMIN_EMAIL** -Current value: your_admin@email.com - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **JWT_SECRET_KEY** -Current value: your_jwt_secret_key_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **SENDER_USER** -Current value: your_smtp_username_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **SENDER_PASSWORD** -Current value: your_smtp_password_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **SENDER_EMAIL** -Current value: your_sender_email_here - -No input provided. Keeping original value. -Action: Manual update applied. - -⚠️ Sensitive variable found: **PERSONAL_API_KEY** -Current value: your_personal_api_key_here - -No input provided. Keeping original value. -Action: Manual update applied. - ---- adding DOCKER_GROUP_ID=989 to .env --- - ---- adding DATA_MANAGER_DB_URL to .env --- - ---- Finalizing Update --- -✅ All updates applied. The original .env has been overwritten. -Starting Fast build process in /opt/fast... -==> Found component Dockerfile: .docker/secret_manager/Dockerfile -Skipping build for access_manager. -Skipping build for task_manager. -Skipping build for data_manager. -Skipping build for bill_manager. -==> Found component Dockerfile: .docker/load_manager/Dockerfile -Reading package lists... -Building dependency tree... -Reading state information... -Summary: - Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 diff --git a/setup.sh b/setup.sh index f629f49..a5d2ab2 100755 --- a/setup.sh +++ b/setup.sh @@ -33,5 +33,13 @@ if [[ "$START_BUILD" == "y" || "$START_BUILD" == "Y" || $START_BUILD == "" ]]; t $PWD/bin/start_build.sh fi +# Ask user if they want to install Gitea now for self-hosted git +read -p "Do you want to set up Gitea (self-hosted git service)? (Y/n): " SETUP_GITEA + +if [[ "$SETUP_GITEA" == "y" || "$SETUP_GITEA" == "Y" || $SETUP_GITEA == "" ]]; then + $PWD/bin/setup_gitea.sh +fi + + sudo apt autoremove -y