#!/bin/bash set -e # Setup Production Server # This script performs initial production server setup with Ansible SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" DEPLOYMENT_DIR="$(dirname "$SCRIPT_DIR")" ANSIBLE_DIR="$DEPLOYMENT_DIR/ansible" # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color echo "" echo "🚀 Production Server Setup" echo "==========================" echo "" # Function to print colored messages print_success() { echo -e "${GREEN}✅ $1${NC}" } print_error() { echo -e "${RED}❌ $1${NC}" } print_warning() { echo -e "${YELLOW}⚠ī¸ $1${NC}" } print_info() { echo -e "${BLUE}ℹī¸ $1${NC}" } # Check if running from correct directory if [ ! -f "$ANSIBLE_DIR/ansible.cfg" ]; then print_error "Error: Must run from deployment/scripts directory" exit 1 fi cd "$ANSIBLE_DIR" # Step 1: Check Prerequisites echo "Step 1: Checking Prerequisites" echo "------------------------------" # Check Ansible installed if ! command -v ansible &> /dev/null; then print_error "Ansible is not installed" echo "" echo "Install Ansible:" echo " pip install ansible" exit 1 fi print_success "Ansible is installed: $(ansible --version | head -n1)" # Check Ansible playbooks exist if [ ! -f "$ANSIBLE_DIR/playbooks/setup-production-secrets.yml" ]; then print_error "Ansible playbooks not found" exit 1 fi print_success "Ansible playbooks found" # Check SSH key SSH_KEY="$HOME/.ssh/production" if [ ! -f "$SSH_KEY" ]; then print_warning "SSH key not found: $SSH_KEY" echo "" read -p "Do you want to create SSH key now? (y/N): " -n 1 -r echo if [[ $REPLY =~ ^[Yy]$ ]]; then ssh-keygen -t ed25519 -f "$SSH_KEY" -C "ansible-deploy" chmod 600 "$SSH_KEY" chmod 644 "$SSH_KEY.pub" print_success "SSH key created" echo "" echo "📋 Public key:" cat "$SSH_KEY.pub" echo "" print_warning "You must add this public key to the production server:" echo " ssh-copy-id -i $SSH_KEY.pub deploy@94.16.110.151" echo "" read -p "Press ENTER after adding SSH key to server..." else print_error "SSH key is required for Ansible" exit 1 fi else print_success "SSH key found: $SSH_KEY" fi echo "" # Step 2: Setup Ansible Secrets echo "Step 2: Setup Ansible Secrets" echo "-----------------------------" # Check if vault file exists if [ ! -f "$ANSIBLE_DIR/secrets/production.vault.yml" ]; then print_warning "Vault file not found" echo "" read -p "Do you want to run init-secrets.sh now? (Y/n): " -n 1 -r echo if [[ ! $REPLY =~ ^[Nn]$ ]]; then "$ANSIBLE_DIR/scripts/init-secrets.sh" else print_error "Vault file is required" exit 1 fi else print_success "Vault file exists" fi # Check vault password file if [ ! -f "$ANSIBLE_DIR/secrets/.vault_pass" ]; then print_error "Vault password file not found: secrets/.vault_pass" echo "" echo "Run init-secrets.sh to create vault password file:" echo " $ANSIBLE_DIR/scripts/init-secrets.sh" exit 1 fi print_success "Vault password file found" # Verify vault can be decrypted if ! ansible-vault view "$ANSIBLE_DIR/secrets/production.vault.yml" \ --vault-password-file "$ANSIBLE_DIR/secrets/.vault_pass" > /dev/null 2>&1; then print_error "Failed to decrypt vault file" echo "Check your vault password in: secrets/.vault_pass" exit 1 fi print_success "Vault file can be decrypted" echo "" # Step 3: Test Connection echo "Step 3: Test Connection to Production" echo "-------------------------------------" if ansible production -m ping 2>&1 | grep -q "SUCCESS"; then print_success "Connection to production server successful" else print_error "Connection to production server failed" echo "" echo "Troubleshooting steps:" echo "1. Test SSH manually: ssh -i $SSH_KEY deploy@94.16.110.151" echo "2. Verify SSH key is added: ssh-copy-id -i $SSH_KEY.pub deploy@94.16.110.151" echo "3. Check inventory file: cat $ANSIBLE_DIR/inventory/production.yml" exit 1 fi echo "" # Step 4: Deploy Secrets to Production echo "Step 4: Deploy Secrets to Production" echo "------------------------------------" read -p "Deploy secrets to production server? (Y/n): " -n 1 -r echo if [[ ! $REPLY =~ ^[Nn]$ ]]; then print_info "Deploying secrets to production..." echo "" if ansible-playbook "$ANSIBLE_DIR/playbooks/setup-production-secrets.yml" \ --vault-password-file "$ANSIBLE_DIR/secrets/.vault_pass"; then print_success "Secrets deployed successfully" else print_error "Failed to deploy secrets" exit 1 fi else print_warning "Skipped secrets deployment" fi echo "" # Step 5: Verify Docker Services echo "Step 5: Verify Docker Services" echo "------------------------------" print_info "Checking Docker services on production..." echo "" ssh -i "$SSH_KEY" deploy@94.16.110.151 "docker node ls" || true echo "" ssh -i "$SSH_KEY" deploy@94.16.110.151 "docker service ls" || true echo "" # Summary echo "" echo "✅ Production Server Setup Complete!" echo "====================================" echo "" echo "Next Steps:" echo "" echo "1. Verify secrets are deployed:" echo " ssh -i $SSH_KEY deploy@94.16.110.151 'cat /home/deploy/secrets/.env'" echo "" echo "2. Deploy your application:" echo " $SCRIPT_DIR/deploy.sh " echo "" echo "3. Monitor deployment:" echo " ssh -i $SSH_KEY deploy@94.16.110.151 'docker service logs -f app_app'" echo "" echo "📖 For more information, see: $ANSIBLE_DIR/README.md" echo ""