Vadym/OVHserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
OVHserver/opt/infrastructure-docs/scripts/modules/generate-websites.sh
SamoilenkoVadym c5401eb33c fix: улучшения скриптов мониторинга и backup 
Исправлены критические проблемы и добавлены улучшения:

1. **server-full-report.sh**:
   - Улучшены Slack уведомления с детектором проблем
   - Добавлены автоматические рекомендации по исправлению
   - Добавлена цветная индикация статуса (good/warning/danger)
   - Улучшена структура уведомлений с приоритетами

2. **generate-summary.sh**:
   - Исправлено дублирование контента в отчетах
   - Удален незакрытый heredoc, вызывавший проблемы
   - Добавлены правильные разделители секций

3. **backup-full-enhanced.sh** v2.0.0 → v2.1.0:
   - Добавлен полный auto-discovery для всех типов БД
   - Добавлена поддержка MongoDB backup
   - Улучшена детекция PostgreSQL/MariaDB через образы
   - Автоматическое определение пользователей БД
   - Удален hardcoded список баз данных

4. **health-check-alerting.sh**:
   - Добавлена проверка наличия 'bc' перед использованием
   - Добавлен fallback на integer comparison без bc
   - Улучшена надежность проверки R2 storage

Slack уведомления теперь включают:
- Автоматическое обнаружение проблем (unhealthy, down sites, high disk)
- Конкретные команды для исправления проблем
- SSH инструкции и ссылки на admin tools
- Цветовую индикацию серьезности (danger/warning/good)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-06 10:47:20 +00:00

198 lines
7 KiB
Bash
Executable file
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# Module 4: Websites & Access
cat << 'EOF'
---
## 4⃣ WEBSITES & ACCESS
### Public Services Status
EOF
# Check website status dynamically
check_website() {
local url=$1
local response=$(curl -s -o /dev/null -w "%{http_code}|%{time_total}" --max-time 10 -L "$url" 2>/dev/null)
local http_code=$(echo "$response" | cut -d'|' -f1)
local response_time=$(echo "$response" | cut -d'|' -f2)
# Success codes (2xx, 3xx redirects)
if [[ "$http_code" =~ ^(200|301|302|303|307|308)$ ]]; then
echo "✅ OK (${response_time}s)"
# Authentication required (expected for protected services)
elif [[ "$http_code" =~ ^(401|403)$ ]]; then
echo "🔐 Protected"
# Connection/network errors
elif [[ "$http_code" == "000" ]]; then
echo "⚠️ No Response"
# Other errors
else
echo "❌ HTTP $http_code"
fi
}
# Main services table
echo "| Service | URL | Status | Purpose | Auth |"
echo "|---------|-----|--------|---------|------|"
# Core Business Services
echo "| **Odoo** | https://odoo.ai-impress.com | $(check_website https://odoo.ai-impress.com) | ERP & Business Management | Direct Login |"
echo "| **N8N** | https://n8n.ai-impress.com | $(check_website https://n8n.ai-impress.com) | Workflow Automation | Authentik SSO |"
# Documentation & Wiki
echo "| **Wiki (Outline)** | https://wiki.ai-impress.com | $(check_website https://wiki.ai-impress.com) | Main Knowledge Base | Authentik SSO |"
echo "| **Info (WikiJS)** | https://info.ai-impress.com | $(check_website https://info.ai-impress.com) | Additional Docs | Authentik SSO |"
# Document Management
echo "| **Documenso** | https://sign.ai-impress.com | $(check_website https://sign.ai-impress.com) | E-Signature Platform | Direct Login |"
# Social Media & Communication
echo "| **Postiz** | https://social.ai-impress.com | $(check_website https://social.ai-impress.com) | Social Media Manager | Direct Login |"
echo "| **Postiz Uploads** | https://uploads.ai-impress.com | $(check_website https://uploads.ai-impress.com) | Media Storage | Auto |"
echo "| **Evolution API** | https://wpp.ai-impress.com | $(check_website https://wpp.ai-impress.com) | WhatsApp API | API Key |"
# Backend Services
echo "| **Supabase** | https://supabase.ai-impress.com | $(check_website https://supabase.ai-impress.com) | Backend as a Service | Direct Login |"
echo "| **RabbitMQ** | https://rabbitmq.ai-impress.com | $(check_website https://rabbitmq.ai-impress.com) | Message Queue | Guest Login |"
# Authentication & Security
echo "| **Authentik** | https://auth.ai-impress.com | $(check_website https://auth.ai-impress.com) | Single Sign-On (SSO) | Direct Login |"
echo "| **Vault Admin** | https://vault-admin.ai-impress.com | $(check_website https://vault-admin.ai-impress.com) | Secrets Management UI | Root Token |"
echo "| **Vaultwarden** | https://vault.ai-impress.com | $(check_website https://vault.ai-impress.com) | Password Manager | Direct Login |"
# Monitoring & Admin Tools
echo "| **Grafana** | https://grafana.ai-impress.com | $(check_website https://grafana.ai-impress.com) | Monitoring Dashboard | Admin Only |"
echo "| **Prometheus** | https://prometheus.ai-impress.com | $(check_website https://prometheus.ai-impress.com) | Metrics Database | Admin Only |"
echo "| **Uptime Kuma** | https://status.ai-impress.com | $(check_website https://status.ai-impress.com) | Uptime Monitoring | Direct Login |"
echo "| **Portainer** | https://portainer.ai-impress.com | $(check_website https://portainer.ai-impress.com) | Docker Management UI | Admin Only |"
echo "| **Traefik** | https://traefik.ai-impress.com | $(check_website https://traefik.ai-impress.com) | Reverse Proxy Dashboard | Admin Only |"
echo "| **pgAdmin** | https://pgadmin.ai-impress.com | $(check_website https://pgadmin.ai-impress.com) | PostgreSQL Admin | Direct Login |"
cat << 'EOF'
### Service Categories
**📊 Business Operations:**
- Odoo - Complete ERP system
- N8N - Workflow automation and integrations
**📚 Documentation:**
- Outline (wiki.ai-impress.com) - Primary knowledge base
- WikiJS (info.ai-impress.com) - Additional documentation
**📱 Communication:**
- Postiz - Social media management
- Evolution API - WhatsApp business integration
**🔐 Security & Authentication:**
- Authentik - Central SSO provider
- Vault Admin - Secrets management
- Vaultwarden - Password manager (Bitwarden)
**📈 Monitoring & DevOps:**
- Grafana - Visual dashboards
- Prometheus - Metrics collection
- Uptime Kuma - Service monitoring
- Portainer - Docker management
- Traefik - Reverse proxy & routing
### How to Get Passwords from Vault
```bash
# SSH to server
ssh ubuntu@51.89.231.46
# Set Vault variables
export VAULT_ADDR="http://127.0.0.1:8200"
export VAULT_TOKEN=$(cat /opt/00-infrastructure/vault/.vault-token)
# List all available secrets
vault kv list aimpress/
# Examples: Get specific passwords
vault kv get aimpress/odoo
vault kv get aimpress/authentik
vault kv get aimpress/grafana
vault kv get aimpress/postgres/admin
vault kv get aimpress/n8n
vault kv get aimpress/postiz
vault kv get aimpress/evolution-api
vault kv get aimpress/vaultwarden
# Get in JSON format
vault kv get -format=json aimpress/odoo | jq '.data.data'
# Get single field
vault kv get -field=password aimpress/odoo
```
### Quick Website Health Check
```bash
# Check all websites at once
for site in wiki n8n odoo auth grafana status portainer social sign wpp supabase; do
echo -n "$site.ai-impress.com: "
curl -s -o /dev/null -w "%{http_code}" --max-time 5 "https://$site.ai-impress.com"
echo ""
done
# Check specific site in detail
curl -I https://wiki.ai-impress.com
```
### Service Ports (Internal)
EOF
docker ps --format '{{.Names}}\t{{.Ports}}' | grep -v '^\s*$' | while read -r name ports; do
if [[ -n "$ports" ]]; then
echo "- **$name**: $ports"
fi
done
cat << 'EOF'
### Common Admin Tasks
```bash
# Restart a service
cd /opt/<service-name>
docker-compose restart
# View service logs
docker logs -f --tail 100 <container-name>
# Check SSL certificates
echo | openssl s_client -servername wiki.ai-impress.com -connect wiki.ai-impress.com:443 2>/dev/null | openssl x509 -noout -dates
# Renew all Let's Encrypt certificates (automatic via Traefik)
docker restart traefik
# Check Traefik routing
docker logs traefik --tail 100 | grep -i error
```
### Adding New Service
To add a new service to the system:
1. **Create docker-compose.yml** in `/opt/<service-name>/`
2. **Add Traefik labels** for routing:
```yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.<name>.rule=Host(`subdomain.ai-impress.com`)"
- "traefik.http.routers.<name>.entrypoints=websecure"
- "traefik.http.routers.<name>.tls.certresolver=letsencrypt"
```
3. **Add to monitoring** in health-check-alerting.sh
4. **Save credentials** to Vault:
```bash
vault kv put aimpress/<service> \
username="admin" \
password="<generated-password>" \
url="https://subdomain.ai-impress.com"
```
5. **Start service**: `docker-compose up -d`
EOF
Reference in a new issue View git blame Copy permalink