Vadym/OVHserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
OVHserver/opt/infrastructure-docs/scripts/modules/generate-websites.sh
SamoilenkoVadym c5401eb33c fix: улучшения скриптов мониторинга и backup 
Исправлены критические проблемы и добавлены улучшения:

1. **server-full-report.sh**:
   - Улучшены Slack уведомления с детектором проблем
   - Добавлены автоматические рекомендации по исправлению
   - Добавлена цветная индикация статуса (good/warning/danger)
   - Улучшена структура уведомлений с приоритетами

2. **generate-summary.sh**:
   - Исправлено дублирование контента в отчетах
   - Удален незакрытый heredoc, вызывавший проблемы
   - Добавлены правильные разделители секций

3. **backup-full-enhanced.sh** v2.0.0 → v2.1.0:
   - Добавлен полный auto-discovery для всех типов БД
   - Добавлена поддержка MongoDB backup
   - Улучшена детекция PostgreSQL/MariaDB через образы
   - Автоматическое определение пользователей БД
   - Удален hardcoded список баз данных

4. **health-check-alerting.sh**:
   - Добавлена проверка наличия 'bc' перед использованием
   - Добавлен fallback на integer comparison без bc
   - Улучшена надежность проверки R2 storage

Slack уведомления теперь включают:
- Автоматическое обнаружение проблем (unhealthy, down sites, high disk)
- Конкретные команды для исправления проблем
- SSH инструкции и ссылки на admin tools
- Цветовую индикацию серьезности (danger/warning/good)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-06 10:47:20 +00:00

198 lines
7 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# Module 4: Websites & Access
cat << 'EOF'
---
## 4⃣ WEBSITES & ACCESS
### Public Services Status
EOF
# Check website status dynamically
check_website() {
local url=$1
local response=$(curl -s -o /dev/null -w "%{http_code}|%{time_total}" --max-time 10 -L "$url" 2>/dev/null)
local http_code=$(echo "$response" | cut -d'|' -f1)
local response_time=$(echo "$response" | cut -d'|' -f2)
# Success codes (2xx, 3xx redirects)
if [[ "$http_code" =~ ^(200|301|302|303|307|308)$ ]]; then
echo "✅ OK (${response_time}s)"
# Authentication required (expected for protected services)
elif [[ "$http_code" =~ ^(401|403)$ ]]; then
echo "🔐 Protected"
# Connection/network errors
elif [[ "$http_code" == "000" ]]; then
echo "⚠️ No Response"
# Other errors
else
echo "❌ HTTP $http_code"
fi
}
# Main services table
echo "| Service | URL | Status | Purpose | Auth |"
echo "|---------|-----|--------|---------|------|"
# Core Business Services
echo "| **Odoo** | https://odoo.ai-impress.com | $(check_website https://odoo.ai-impress.com) | ERP & Business Management | Direct Login |"
echo "| **N8N** | https://n8n.ai-impress.com | $(check_website https://n8n.ai-impress.com) | Workflow Automation | Authentik SSO |"
# Documentation & Wiki
echo "| **Wiki (Outline)** | https://wiki.ai-impress.com | $(check_website https://wiki.ai-impress.com) | Main Knowledge Base | Authentik SSO |"
echo "| **Info (WikiJS)** | https://info.ai-impress.com | $(check_website https://info.ai-impress.com) | Additional Docs | Authentik SSO |"
# Document Management
echo "| **Documenso** | https://sign.ai-impress.com | $(check_website https://sign.ai-impress.com) | E-Signature Platform | Direct Login |"
# Social Media & Communication
echo "| **Postiz** | https://social.ai-impress.com | $(check_website https://social.ai-impress.com) | Social Media Manager | Direct Login |"
echo "| **Postiz Uploads** | https://uploads.ai-impress.com | $(check_website https://uploads.ai-impress.com) | Media Storage | Auto |"
echo "| **Evolution API** | https://wpp.ai-impress.com | $(check_website https://wpp.ai-impress.com) | WhatsApp API | API Key |"
# Backend Services
echo "| **Supabase** | https://supabase.ai-impress.com | $(check_website https://supabase.ai-impress.com) | Backend as a Service | Direct Login |"
echo "| **RabbitMQ** | https://rabbitmq.ai-impress.com | $(check_website https://rabbitmq.ai-impress.com) | Message Queue | Guest Login |"
# Authentication & Security
echo "| **Authentik** | https://auth.ai-impress.com | $(check_website https://auth.ai-impress.com) | Single Sign-On (SSO) | Direct Login |"
echo "| **Vault Admin** | https://vault-admin.ai-impress.com | $(check_website https://vault-admin.ai-impress.com) | Secrets Management UI | Root Token |"
echo "| **Vaultwarden** | https://vault.ai-impress.com | $(check_website https://vault.ai-impress.com) | Password Manager | Direct Login |"
# Monitoring & Admin Tools
echo "| **Grafana** | https://grafana.ai-impress.com | $(check_website https://grafana.ai-impress.com) | Monitoring Dashboard | Admin Only |"
echo "| **Prometheus** | https://prometheus.ai-impress.com | $(check_website https://prometheus.ai-impress.com) | Metrics Database | Admin Only |"
echo "| **Uptime Kuma** | https://status.ai-impress.com | $(check_website https://status.ai-impress.com) | Uptime Monitoring | Direct Login |"
echo "| **Portainer** | https://portainer.ai-impress.com | $(check_website https://portainer.ai-impress.com) | Docker Management UI | Admin Only |"
echo "| **Traefik** | https://traefik.ai-impress.com | $(check_website https://traefik.ai-impress.com) | Reverse Proxy Dashboard | Admin Only |"
echo "| **pgAdmin** | https://pgadmin.ai-impress.com | $(check_website https://pgadmin.ai-impress.com) | PostgreSQL Admin | Direct Login |"
cat << 'EOF'
### Service Categories
**📊 Business Operations:**
- Odoo - Complete ERP system
- N8N - Workflow automation and integrations
**📚 Documentation:**
- Outline (wiki.ai-impress.com) - Primary knowledge base
- WikiJS (info.ai-impress.com) - Additional documentation
**📱 Communication:**
- Postiz - Social media management
- Evolution API - WhatsApp business integration
**🔐 Security & Authentication:**
- Authentik - Central SSO provider
- Vault Admin - Secrets management
- Vaultwarden - Password manager (Bitwarden)
**📈 Monitoring & DevOps:**
- Grafana - Visual dashboards
- Prometheus - Metrics collection
- Uptime Kuma - Service monitoring
- Portainer - Docker management
- Traefik - Reverse proxy & routing
### How to Get Passwords from Vault
```bash
# SSH to server
ssh ubuntu@51.89.231.46
# Set Vault variables
export VAULT_ADDR="http://127.0.0.1:8200"
export VAULT_TOKEN=$(cat /opt/00-infrastructure/vault/.vault-token)
# List all available secrets
vault kv list aimpress/
# Examples: Get specific passwords
vault kv get aimpress/odoo
vault kv get aimpress/authentik
vault kv get aimpress/grafana
vault kv get aimpress/postgres/admin
vault kv get aimpress/n8n
vault kv get aimpress/postiz
vault kv get aimpress/evolution-api
vault kv get aimpress/vaultwarden
# Get in JSON format
vault kv get -format=json aimpress/odoo | jq '.data.data'
# Get single field
vault kv get -field=password aimpress/odoo
```
### Quick Website Health Check
```bash
# Check all websites at once
for site in wiki n8n odoo auth grafana status portainer social sign wpp supabase; do
echo -n "$site.ai-impress.com: "
curl -s -o /dev/null -w "%{http_code}" --max-time 5 "https://$site.ai-impress.com"
echo ""
done
# Check specific site in detail
curl -I https://wiki.ai-impress.com
```
### Service Ports (Internal)
EOF
docker ps --format '{{.Names}}\t{{.Ports}}' | grep -v '^\s*$' | while read -r name ports; do
if [[ -n "$ports" ]]; then
echo "- **$name**: $ports"
fi
done
cat << 'EOF'
### Common Admin Tasks
```bash
# Restart a service
cd /opt/<service-name>
docker-compose restart
# View service logs
docker logs -f --tail 100 <container-name>
# Check SSL certificates
echo | openssl s_client -servername wiki.ai-impress.com -connect wiki.ai-impress.com:443 2>/dev/null | openssl x509 -noout -dates
# Renew all Let's Encrypt certificates (automatic via Traefik)
docker restart traefik
# Check Traefik routing
docker logs traefik --tail 100 | grep -i error
```
### Adding New Service
To add a new service to the system:
1. **Create docker-compose.yml** in `/opt/<service-name>/`
2. **Add Traefik labels** for routing:
```yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.<name>.rule=Host(`subdomain.ai-impress.com`)"
- "traefik.http.routers.<name>.entrypoints=websecure"
- "traefik.http.routers.<name>.tls.certresolver=letsencrypt"
```
3. **Add to monitoring** in health-check-alerting.sh
4. **Save credentials** to Vault:
```bash
vault kv put aimpress/<service> \
username="admin" \
password="<generated-password>" \
url="https://subdomain.ai-impress.com"
```
5. **Start service**: `docker-compose up -d`
EOF
Reference in a new issue View git blame Copy permalink