fix(setup.sh): remove old deploy url; use sed for token replacement and escape special characters

README.md

@@ -43,4 +43,6 @@ NAVIDROME_SCROBBLE_TOKEN   # server
 NAVIDROME_API_URL          # server
 NAVIDROME_API_TOKEN        # server
 ARTIST_IMPORT_TOKEN        # server
+COOLIFY_REBUILD_TOKEN      # server
+COOLIFY_REBUILD_URL        # server
 ```

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "coryd.dev",
-  "version": "1.1.10",
+  "version": "1.1.11",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "coryd.dev",
-      "version": "1.1.10",
+      "version": "1.1.11",
       "license": "MIT",
       "dependencies": {
         "minisearch": "^7.1.2",
@@ -1084,9 +1084,9 @@
       }
     },
     "node_modules/caniuse-lite": {
-      "version": "1.0.30001707",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001707.tgz",
-      "integrity": "sha512-3qtRjw/HQSMlDWf+X79N206fepf4SOOU6SQLMaq/0KkZLmSjPxAkBOQQ+FxbHKfHmYLZFfdWsO3KA90ceHPSnw==",
+      "version": "1.0.30001709",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001709.tgz",
+      "integrity": "sha512-NgL3vUTnDrPCZ3zTahp4fsugQ4dc7EKTSzwQDPEel6DMoMnfH2jhry9n2Zm8onbSR+f/QtKHFOA+iAQu4kbtWA==",
       "dev": true,
       "funding": [
         {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "coryd.dev",
-  "version": "1.1.10",
+  "version": "1.1.11",
   "description": "The source for my personal site. Built using 11ty (and other tools).",
   "type": "module",
   "engines": {

scripts/setup.sh

@@ -23,12 +23,14 @@ SECRETS_JSON='{
   "FORWARDEMAIL_API_KEY": "{{ op://Private/coryd.dev secrets/FORWARDEMAIL_API_KEY }}",
   "BOOK_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/BOOK_IMPORT_TOKEN }}",
   "WATCHING_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/WATCHING_IMPORT_TOKEN }}",
+  "ARTIST_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/ARTIST_IMPORT_TOKEN }}",
   "TMDB_API_KEY": "{{ op://Private/coryd.dev secrets/TMDB_API_KEY }}",
   "SEASONS_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/SEASONS_IMPORT_TOKEN }}",
   "NAVIDROME_SCROBBLE_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_SCROBBLE_TOKEN }}",
   "NAVIDROME_API_URL": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_URL }}",
   "NAVIDROME_API_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_TOKEN }}",
-  "COOLIFY_REBUILD_TOKEN": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_TOKEN }}"
+  "COOLIFY_REBUILD_TOKEN": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_TOKEN }}",
+  "COOLIFY_REBUILD_URL": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_URL }}"
 }'
 
 SECRETS=$(echo "$SECRETS_JSON" | op inject)
@@ -41,49 +43,40 @@ fi
 echo "${COLOR_BLUE}writing .env file...${COLOR_RESET}"
 echo "$SECRETS" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' > .env
 
-# load environment variables from .env
+# load environment variables from .env and export them
 export $(grep -v '^#' .env | xargs)
 
 # step 2: generate final config files from templates
 echo "${COLOR_BLUE}generating configuration files from templates...${COLOR_RESET}"
 mkdir -p generated
 
+# escape special characters in the replacement string
+escape_special_chars() {
+  printf '%s' "$1" | sed 's|[&/\ |]|\\&|g'
+}
+
 for file in scripts/templates/*.template; do
   [ -e "$file" ] || continue
 
-  new_file="generated/$(basename ${file%.template})"
+  new_file="generated/$(basename "${file%.template}")"
   cp "$file" "$new_file"
 
-  # use awk to replace placeholders safely
-  awk -v POSTGREST_URL="$POSTGREST_URL" \
-      -v POSTGREST_API_KEY="$POSTGREST_API_KEY" \
-      -v FORWARDEMAIL_API_KEY="$FORWARDEMAIL_API_KEY" \
-      -v MASTODON_ACCESS_TOKEN="$MASTODON_ACCESS_TOKEN" \
-      -v MASTODON_SYNDICATION_TOKEN="$MASTODON_SYNDICATION_TOKEN" \
-      -v BOOK_IMPORT_TOKEN="$BOOK_IMPORT_TOKEN" \
-      -v WATCHING_IMPORT_TOKEN="$WATCHING_IMPORT_TOKEN" \
-      -v TMDB_API_KEY="$TMDB_API_KEY" \
-      -v NAVIDROME_SCROBBLE_TOKEN="$NAVIDROME_SCROBBLE_TOKEN" \
-      -v SEASONS_IMPORT_TOKEN="$SEASONS_IMPORT_TOKEN" \
-      -v NAVIDROME_API_URL="$NAVIDROME_API_URL" \
-      -v NAVIDROME_API_TOKEN="$NAVIDROME_API_TOKEN" \
-      -v ARTIST_IMPORT_TOKEN="$ARTIST_IMPORT_TOKEN" \
-      -v COOLIFY_REBUILD_TOKEN="$COOLIFY_REBUILD_TOKEN" \
-      '{gsub(/{{POSTGREST_URL}}/, POSTGREST_URL);
-        gsub(/{{POSTGREST_API_KEY}}/, POSTGREST_API_KEY);
-        gsub(/{{FORWARDEMAIL_API_KEY}}/, FORWARDEMAIL_API_KEY);
-        gsub(/{{MASTODON_ACCESS_TOKEN}}/, MASTODON_ACCESS_TOKEN);
-        gsub(/{{MASTODON_SYNDICATION_TOKEN}}/, MASTODON_SYNDICATION_TOKEN);
-        gsub(/{{BOOK_IMPORT_TOKEN}}/, BOOK_IMPORT_TOKEN);
-        gsub(/{{WATCHING_IMPORT_TOKEN}}/, WATCHING_IMPORT_TOKEN);
-        gsub(/{{TMDB_API_KEY}}/, TMDB_API_KEY);
-        gsub(/{{NAVIDROME_SCROBBLE_TOKEN}}/, NAVIDROME_SCROBBLE_TOKEN);
-        gsub(/{{SEASONS_IMPORT_TOKEN}}/, SEASONS_IMPORT_TOKEN);
-        gsub(/{{NAVIDROME_API_URL}}/, NAVIDROME_API_URL);
-        gsub(/{{NAVIDROME_API_TOKEN}}/, NAVIDROME_API_TOKEN);
-        gsub(/{{ARTIST_IMPORT_TOKEN}}/, ARTIST_IMPORT_TOKEN);
-        gsub(/{{COOLIFY_REBUILD_TOKEN}}/, COOLIFY_REBUILD_TOKEN);
-        print}' "$new_file" > tmpfile && mv tmpfile "$new_file"
+  # replace placeholders
+  sed -i '' -e "s|{{POSTGREST_URL}}|$(escape_special_chars "$POSTGREST_URL")|g" "$new_file"
+  sed -i '' -e "s|{{POSTGREST_API_KEY}}|$(escape_special_chars "$POSTGREST_API_KEY")|g" "$new_file"
+  sed -i '' -e "s|{{MASTODON_ACCESS_TOKEN}}|$(escape_special_chars "$MASTODON_ACCESS_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{MASTODON_SYNDICATION_TOKEN}}|$(escape_special_chars "$MASTODON_SYNDICATION_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{FORWARDEMAIL_API_KEY}}|$(escape_special_chars "$FORWARDEMAIL_API_KEY")|g" "$new_file"
+  sed -i '' -e "s|{{BOOK_IMPORT_TOKEN}}|$(escape_special_chars "$BOOK_IMPORT_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{WATCHING_IMPORT_TOKEN}}|$(escape_special_chars "$WATCHING_IMPORT_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{ARTIST_IMPORT_TOKEN}}|$(escape_special_chars "$ARTIST_IMPORT_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{TMDB_API_KEY}}|$(escape_special_chars "$TMDB_API_KEY")|g" "$new_file"
+  sed -i '' -e "s|{{SEASONS_IMPORT_TOKEN}}|$(escape_special_chars "$SEASONS_IMPORT_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{NAVIDROME_SCROBBLE_TOKEN}}|$(escape_special_chars "$NAVIDROME_SCROBBLE_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{NAVIDROME_API_URL}}|$(escape_special_chars "$NAVIDROME_API_URL")|g" "$new_file"
+  sed -i '' -e "s|{{NAVIDROME_API_TOKEN}}|$(escape_special_chars "$NAVIDROME_API_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{COOLIFY_REBUILD_TOKEN}}|$(escape_special_chars "$COOLIFY_REBUILD_TOKEN")|g" "$new_file"
+  sed -i '' -e "s|{{COOLIFY_REBUILD_URL}}|$(escape_special_chars "$COOLIFY_REBUILD_URL")|g" "$new_file"
 done
 
 echo "${COLOR_BLUE}all configurations generated in the 'generated' folder.${COLOR_RESET}"

scripts/templates/www_crontab.template

@@ -1,4 +1,4 @@
 */15 * * * * curl -X POST -H "Authorization: Bearer {{MASTODON_ACCESS_TOKEN}}" -H "Content-Type: application/json" https://www.coryd.dev/api/mastodon.php
-0 * * * * curl -X POST "https://apps.coryd.dev/api/v1/deploy?uuid=q004wcg840s0s88g8cwo8wkg&force=true" -H "Authorization: Bearer {{COOLIFY_REBUILD_TOKEN}}" -H "Content-Type: application/json" >/dev/null 2>&1
+0 * * * * curl -X POST {{COOLIFY_REBUILD_URL}} -H "Authorization: Bearer {{COOLIFY_REBUILD_TOKEN}}" -H "Content-Type: application/json" >/dev/null 2>&1
 */3 * * * * curl -X POST -H "Authorization: Bearer {{NAVIDROME_SCROBBLE_TOKEN}}" https://www.coryd.dev/api/scrobble.php
 0 0 * * * curl -X POST -H "Authorization: Bearer {{SEASONS_IMPORT_TOKEN}}" https://www.coryd.dev/api/seasons-import.php