d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
fbda1b4bebd0be1036952f8343d54298f6026865
proxmox/scripts/convert-database-containers-to-privileged.sh
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

255 lines
9.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Convert Database Containers to Privileged Mode
# Recreates PostgreSQL and Redis containers as privileged to enable service startup
set -uo pipefail
# Load IP configuration
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
NODE_IP="${PROXMOX_HOST_R630_01:-192.168.11.11}"
BACKUP_DIR="/tmp/container-backups-$(date +%Y%m%d-%H%M%S)"
TEMPLATE="ubuntu-22.04-standard_22.04-1_amd64.tar.zst"
log_info() { echo -e "\033[0;32m[INFO]\033[0m $1"; }
log_success() { echo -e "\033[0;32m[✓]\033[0m $1"; }
log_error() { echo -e "\033[0;31m[ERROR]\033[0m $1"; }
log_warn() { echo -e "\033[0;33m[WARN]\033[0m $1"; }
# Container configurations
declare -A CONTAINER_CONFIGS
# PostgreSQL containers
CONTAINER_CONFIGS[10000]="order-postgres:${ORDER_POSTGRES_PRIMARY:-${ORDER_POSTGRES_PRIMARY:-192.168.11.44}}/24:${NETWORK_GATEWAY:-192.168.11.1}:2:2048:8"
CONTAINER_CONFIGS[10001]="order-postgres-replica:${ORDER_POSTGRES_REPLICA:-${ORDER_POSTGRES_REPLICA:-192.168.11.45}}/24:${NETWORK_GATEWAY:-192.168.11.1}:2:2048:8"
CONTAINER_CONFIGS[10100]="dbis-postgres:${DBIS_POSTGRES_PRIMARY:-192.168.11.105}/24:${NETWORK_GATEWAY:-192.168.11.1}:2:2048:8"
CONTAINER_CONFIGS[10101]="dbis-postgres-replica:${DBIS_POSTGRES_REPLICA:-192.168.11.106}/24:${NETWORK_GATEWAY:-192.168.11.1}:2:2048:8"
# Redis containers
CONTAINER_CONFIGS[10020]="order-redis:${ORDER_REDIS_REPLICA:-${ORDER_REDIS_REPLICA:-${ORDER_REDIS_REPLICA:-192.168.11.46}}}/24:${NETWORK_GATEWAY:-192.168.11.1}:1:1024:4"
CONTAINER_CONFIGS[10120]="dbis-redis:${DBIS_REDIS_IP:-192.168.11.125}/24:${NETWORK_GATEWAY:-192.168.11.1}:1:1024:4"
backup_container() {
local vmid="$1"
log_info "Backing up CT $vmid..."
mkdir -p "$BACKUP_DIR/$vmid"
# Backup config
ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct config $vmid > $BACKUP_DIR/$vmid/config.conf 2>&1
echo 'Config backed up'
" && log_success "CT $vmid config backed up" || log_error "Failed to backup CT $vmid config"
}
recreate_container_privileged() {
local vmid="$1"
local config_line="${CONTAINER_CONFIGS[$vmid]}"
IFS=':' read -r hostname ip gateway cores memory storage <<< "$config_line"
log_info "Recreating CT $vmid as privileged..."
# Stop and destroy existing container
ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct stop $vmid 2>/dev/null || true
sleep 2
pct destroy $vmid 2>/dev/null || true
sleep 2
"
# Create new privileged container
ssh -o ConnectTimeout=20 -o StrictHostKeyChecking=no root@${NODE_IP} "
# Get storage pool name (use data as it's the lvmthin storage)
STORAGE=\$(pvesm status | grep lvmthin | head -1 | awk '{print \$1}')
if [ -z \"\$STORAGE\" ]; then
STORAGE=\"data\"
fi
pct create $vmid local:vztmpl/$TEMPLATE \\
--hostname $hostname \\
--net0 name=eth0,bridge=vmbr0,gw=$gateway,ip=$ip,type=veth \\
--cores $cores \\
--memory $memory \\
--rootfs \$STORAGE:${storage} \\
--unprivileged 0 \\
--features nesting=1 \\
--ostype ubuntu \\
--arch amd64
sleep 3
# Verify container exists
if pct config $vmid >/dev/null 2>&1; then
# Start container
pct start $vmid
sleep 5
echo 'Container created and started'
else
echo 'Container creation failed'
exit 1
fi
" && log_success "CT $vmid recreated as privileged" || log_error "Failed to recreate CT $vmid"
}
install_postgresql_privileged() {
local vmid="$1"
log_info "Installing PostgreSQL on privileged CT $vmid..."
ssh -o ConnectTimeout=30 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct exec $vmid -- bash -c '
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install -y -qq wget ca-certificates gnupg lsb-release
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
echo \"deb http://apt.postgresql.org/pub/repos/apt \$(lsb_release -cs)-pgdg main\" > /etc/apt/sources.list.d/pgdg.list
apt-get update -qq
apt-get install -y -qq postgresql-15 postgresql-contrib-15
# Configure PostgreSQL
sed -i \"s/#listen_addresses = .*/listen_addresses = '\''*'\''/\" /etc/postgresql/15/main/postgresql.conf
echo \"host all all 0.0.0.0/0 md5\" >> /etc/postgresql/15/main/pg_hba.conf
# Start PostgreSQL
systemctl start postgresql@15-main
systemctl enable postgresql@15-main
sleep 3
systemctl is-active postgresql@15-main && echo \"PostgreSQL installed and started\" || echo \"PostgreSQL start failed\"
'
" && log_success "PostgreSQL installed on CT $vmid" || log_error "Failed to install PostgreSQL on CT $vmid"
}
install_redis_privileged() {
local vmid="$1"
log_info "Installing Redis on privileged CT $vmid..."
ssh -o ConnectTimeout=20 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct exec $vmid -- bash -c '
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install -y -qq redis-server
# Configure Redis
sed -i \"s/^bind .*/bind 0.0.0.0/\" /etc/redis/redis.conf
sed -i \"s/^protected-mode yes/protected-mode no/\" /etc/redis/redis.conf
# Start Redis
systemctl start redis-server
systemctl enable redis-server
sleep 2
systemctl is-active redis-server && echo \"Redis installed and started\" || echo \"Redis start failed\"
'
" && log_success "Redis installed on CT $vmid" || log_error "Failed to install Redis on CT $vmid"
}
configure_order_databases() {
local vmid="$1"
log_info "Configuring Order database on CT $vmid..."
ssh -o ConnectTimeout=15 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct exec $vmid -- su - postgres -c \"
psql << 'SQL_EOF'
CREATE DATABASE order_db;
CREATE USER order_user WITH PASSWORD 'order_password';
GRANT ALL PRIVILEGES ON DATABASE order_db TO order_user;
ALTER DATABASE order_db OWNER TO order_user;
\\l order_db
SQL_EOF
\" 2>&1
" && log_success "Order DB configured on CT $vmid" || log_error "Failed to configure Order DB on CT $vmid"
}
configure_dbis_databases() {
local vmid="$1"
log_info "Configuring DBIS database on CT $vmid..."
ssh -o ConnectTimeout=15 -o StrictHostKeyChecking=no root@${NODE_IP} "
pct exec $vmid -- su - postgres -c \"
psql << 'SQL_EOF'
CREATE DATABASE dbis_core;
CREATE USER dbis WITH PASSWORD '8cba649443f97436db43b34ab2c0e75b5cf15611bef9c099cee6fb22cc3d7771';
GRANT ALL PRIVILEGES ON DATABASE dbis_core TO dbis;
ALTER DATABASE dbis_core OWNER TO dbis;
\\l dbis_core
SQL_EOF
\" 2>&1
" && log_success "DBIS DB configured on CT $vmid" || log_error "Failed to configure DBIS DB on CT $vmid"
}
echo "═══════════════════════════════════════════════════════════"
echo "Convert Database Containers to Privileged Mode"
echo "═══════════════════════════════════════════════════════════"
echo ""
# Create backup directory
mkdir -p "$BACKUP_DIR"
log_info "Backup directory: $BACKUP_DIR"
# Backup all containers
log_info "Backing up container configurations..."
for vmid in 10000 10001 10100 10101 10020 10120; do
backup_container "$vmid"
done
# Recreate PostgreSQL containers as privileged
log_info "Recreating PostgreSQL containers as privileged..."
for vmid in 10000 10001 10100 10101; do
recreate_container_privileged "$vmid"
sleep 3
done
# Install PostgreSQL on privileged containers
log_info "Installing PostgreSQL on privileged containers..."
for vmid in 10000 10001 10100 10101; do
install_postgresql_privileged "$vmid"
sleep 3
done
# Configure databases
log_info "Configuring databases..."
for vmid in 10000 10001; do
configure_order_databases "$vmid"
sleep 2
done
for vmid in 10100 10101; do
configure_dbis_databases "$vmid"
sleep 2
done
# Recreate Redis containers as privileged
log_info "Recreating Redis containers as privileged..."
for vmid in 10020 10120; do
recreate_container_privileged "$vmid"
sleep 3
done
# Install Redis on privileged containers
log_info "Installing Redis on privileged containers..."
for vmid in 10020 10120; do
install_redis_privileged "$vmid"
sleep 3
done
# Final verification
echo ""
log_info "Final Service Status:"
echo "PostgreSQL:"
for vmid in 10000 10001 10100 10101; do
status=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${NODE_IP} \
"pct exec $vmid -- systemctl is-active postgresql@15-main 2>&1 || echo 'inactive'")
echo " CT $vmid: $status"
done
echo "Redis:"
for vmid in 10020 10120; do
status=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${NODE_IP} \
"pct exec $vmid -- systemctl is-active redis-server 2>&1 || echo 'inactive'")
echo " CT $vmid: $status"
done
echo ""
log_success "Database container conversion complete!"
log_info "Backups saved to: $BACKUP_DIR"
Reference in New Issue View Git Blame Copy Permalink