From e0f6023dadb2fda8ea0425ebb2a70761fd9c4be0 Mon Sep 17 00:00:00 2001 From: Cory Dransfeldt Date: Wed, 2 Apr 2025 21:26:46 -0700 Subject: [PATCH] fix(setup.sh): remove old deploy url; use sed for token replacement and escape special characters --- README.md | 2 + package-lock.json | 10 ++--- package.json | 2 +- scripts/setup.sh | 59 ++++++++++++-------------- scripts/templates/www_crontab.template | 2 +- 5 files changed, 35 insertions(+), 40 deletions(-) diff --git a/README.md b/README.md index 88a5da5..51ceeef 100644 --- a/README.md +++ b/README.md @@ -43,4 +43,6 @@ NAVIDROME_SCROBBLE_TOKEN # server NAVIDROME_API_URL # server NAVIDROME_API_TOKEN # server ARTIST_IMPORT_TOKEN # server +COOLIFY_REBUILD_TOKEN # server +COOLIFY_REBUILD_URL # server ``` diff --git a/package-lock.json b/package-lock.json index a975643..ebf1e80 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "coryd.dev", - "version": "1.1.10", + "version": "1.1.11", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "coryd.dev", - "version": "1.1.10", + "version": "1.1.11", "license": "MIT", "dependencies": { "minisearch": "^7.1.2", @@ -1084,9 +1084,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001707", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001707.tgz", - "integrity": "sha512-3qtRjw/HQSMlDWf+X79N206fepf4SOOU6SQLMaq/0KkZLmSjPxAkBOQQ+FxbHKfHmYLZFfdWsO3KA90ceHPSnw==", + "version": "1.0.30001709", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001709.tgz", + "integrity": "sha512-NgL3vUTnDrPCZ3zTahp4fsugQ4dc7EKTSzwQDPEel6DMoMnfH2jhry9n2Zm8onbSR+f/QtKHFOA+iAQu4kbtWA==", "dev": true, "funding": [ { diff --git a/package.json b/package.json index 4ed28a7..2a96afc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "coryd.dev", - "version": "1.1.10", + "version": "1.1.11", "description": "The source for my personal site. Built using 11ty (and other tools).", "type": "module", "engines": { diff --git a/scripts/setup.sh b/scripts/setup.sh index 0c18677..7df1678 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -23,12 +23,14 @@ SECRETS_JSON='{ "FORWARDEMAIL_API_KEY": "{{ op://Private/coryd.dev secrets/FORWARDEMAIL_API_KEY }}", "BOOK_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/BOOK_IMPORT_TOKEN }}", "WATCHING_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/WATCHING_IMPORT_TOKEN }}", + "ARTIST_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/ARTIST_IMPORT_TOKEN }}", "TMDB_API_KEY": "{{ op://Private/coryd.dev secrets/TMDB_API_KEY }}", "SEASONS_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/SEASONS_IMPORT_TOKEN }}", "NAVIDROME_SCROBBLE_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_SCROBBLE_TOKEN }}", "NAVIDROME_API_URL": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_URL }}", "NAVIDROME_API_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_TOKEN }}", - "COOLIFY_REBUILD_TOKEN": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_TOKEN }}" + "COOLIFY_REBUILD_TOKEN": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_TOKEN }}", + "COOLIFY_REBUILD_URL": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_URL }}" }' SECRETS=$(echo "$SECRETS_JSON" | op inject) @@ -41,49 +43,40 @@ fi echo "${COLOR_BLUE}writing .env file...${COLOR_RESET}" echo "$SECRETS" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' > .env -# load environment variables from .env +# load environment variables from .env and export them export $(grep -v '^#' .env | xargs) # step 2: generate final config files from templates echo "${COLOR_BLUE}generating configuration files from templates...${COLOR_RESET}" mkdir -p generated +# escape special characters in the replacement string +escape_special_chars() { + printf '%s' "$1" | sed 's|[&/\ |]|\\&|g' +} + for file in scripts/templates/*.template; do [ -e "$file" ] || continue - new_file="generated/$(basename ${file%.template})" + new_file="generated/$(basename "${file%.template}")" cp "$file" "$new_file" - # use awk to replace placeholders safely - awk -v POSTGREST_URL="$POSTGREST_URL" \ - -v POSTGREST_API_KEY="$POSTGREST_API_KEY" \ - -v FORWARDEMAIL_API_KEY="$FORWARDEMAIL_API_KEY" \ - -v MASTODON_ACCESS_TOKEN="$MASTODON_ACCESS_TOKEN" \ - -v MASTODON_SYNDICATION_TOKEN="$MASTODON_SYNDICATION_TOKEN" \ - -v BOOK_IMPORT_TOKEN="$BOOK_IMPORT_TOKEN" \ - -v WATCHING_IMPORT_TOKEN="$WATCHING_IMPORT_TOKEN" \ - -v TMDB_API_KEY="$TMDB_API_KEY" \ - -v NAVIDROME_SCROBBLE_TOKEN="$NAVIDROME_SCROBBLE_TOKEN" \ - -v SEASONS_IMPORT_TOKEN="$SEASONS_IMPORT_TOKEN" \ - -v NAVIDROME_API_URL="$NAVIDROME_API_URL" \ - -v NAVIDROME_API_TOKEN="$NAVIDROME_API_TOKEN" \ - -v ARTIST_IMPORT_TOKEN="$ARTIST_IMPORT_TOKEN" \ - -v COOLIFY_REBUILD_TOKEN="$COOLIFY_REBUILD_TOKEN" \ - '{gsub(/{{POSTGREST_URL}}/, POSTGREST_URL); - gsub(/{{POSTGREST_API_KEY}}/, POSTGREST_API_KEY); - gsub(/{{FORWARDEMAIL_API_KEY}}/, FORWARDEMAIL_API_KEY); - gsub(/{{MASTODON_ACCESS_TOKEN}}/, MASTODON_ACCESS_TOKEN); - gsub(/{{MASTODON_SYNDICATION_TOKEN}}/, MASTODON_SYNDICATION_TOKEN); - gsub(/{{BOOK_IMPORT_TOKEN}}/, BOOK_IMPORT_TOKEN); - gsub(/{{WATCHING_IMPORT_TOKEN}}/, WATCHING_IMPORT_TOKEN); - gsub(/{{TMDB_API_KEY}}/, TMDB_API_KEY); - gsub(/{{NAVIDROME_SCROBBLE_TOKEN}}/, NAVIDROME_SCROBBLE_TOKEN); - gsub(/{{SEASONS_IMPORT_TOKEN}}/, SEASONS_IMPORT_TOKEN); - gsub(/{{NAVIDROME_API_URL}}/, NAVIDROME_API_URL); - gsub(/{{NAVIDROME_API_TOKEN}}/, NAVIDROME_API_TOKEN); - gsub(/{{ARTIST_IMPORT_TOKEN}}/, ARTIST_IMPORT_TOKEN); - gsub(/{{COOLIFY_REBUILD_TOKEN}}/, COOLIFY_REBUILD_TOKEN); - print}' "$new_file" > tmpfile && mv tmpfile "$new_file" + # replace placeholders + sed -i '' -e "s|{{POSTGREST_URL}}|$(escape_special_chars "$POSTGREST_URL")|g" "$new_file" + sed -i '' -e "s|{{POSTGREST_API_KEY}}|$(escape_special_chars "$POSTGREST_API_KEY")|g" "$new_file" + sed -i '' -e "s|{{MASTODON_ACCESS_TOKEN}}|$(escape_special_chars "$MASTODON_ACCESS_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{MASTODON_SYNDICATION_TOKEN}}|$(escape_special_chars "$MASTODON_SYNDICATION_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{FORWARDEMAIL_API_KEY}}|$(escape_special_chars "$FORWARDEMAIL_API_KEY")|g" "$new_file" + sed -i '' -e "s|{{BOOK_IMPORT_TOKEN}}|$(escape_special_chars "$BOOK_IMPORT_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{WATCHING_IMPORT_TOKEN}}|$(escape_special_chars "$WATCHING_IMPORT_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{ARTIST_IMPORT_TOKEN}}|$(escape_special_chars "$ARTIST_IMPORT_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{TMDB_API_KEY}}|$(escape_special_chars "$TMDB_API_KEY")|g" "$new_file" + sed -i '' -e "s|{{SEASONS_IMPORT_TOKEN}}|$(escape_special_chars "$SEASONS_IMPORT_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{NAVIDROME_SCROBBLE_TOKEN}}|$(escape_special_chars "$NAVIDROME_SCROBBLE_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{NAVIDROME_API_URL}}|$(escape_special_chars "$NAVIDROME_API_URL")|g" "$new_file" + sed -i '' -e "s|{{NAVIDROME_API_TOKEN}}|$(escape_special_chars "$NAVIDROME_API_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{COOLIFY_REBUILD_TOKEN}}|$(escape_special_chars "$COOLIFY_REBUILD_TOKEN")|g" "$new_file" + sed -i '' -e "s|{{COOLIFY_REBUILD_URL}}|$(escape_special_chars "$COOLIFY_REBUILD_URL")|g" "$new_file" done echo "${COLOR_BLUE}all configurations generated in the 'generated' folder.${COLOR_RESET}" diff --git a/scripts/templates/www_crontab.template b/scripts/templates/www_crontab.template index 2d8dd37..1f0964d 100644 --- a/scripts/templates/www_crontab.template +++ b/scripts/templates/www_crontab.template @@ -1,4 +1,4 @@ */15 * * * * curl -X POST -H "Authorization: Bearer {{MASTODON_ACCESS_TOKEN}}" -H "Content-Type: application/json" https://www.coryd.dev/api/mastodon.php -0 * * * * curl -X POST "https://apps.coryd.dev/api/v1/deploy?uuid=q004wcg840s0s88g8cwo8wkg&force=true" -H "Authorization: Bearer {{COOLIFY_REBUILD_TOKEN}}" -H "Content-Type: application/json" >/dev/null 2>&1 +0 * * * * curl -X POST {{COOLIFY_REBUILD_URL}} -H "Authorization: Bearer {{COOLIFY_REBUILD_TOKEN}}" -H "Content-Type: application/json" >/dev/null 2>&1 */3 * * * * curl -X POST -H "Authorization: Bearer {{NAVIDROME_SCROBBLE_TOKEN}}" https://www.coryd.dev/api/scrobble.php 0 0 * * * curl -X POST -H "Authorization: Bearer {{SEASONS_IMPORT_TOKEN}}" https://www.coryd.dev/api/seasons-import.php