scripts/setup.sh at main · anil.recoil.org/zulip-netdata-bot

Netdata.cloud bot for Zulip
zulip-netdata-bot / scripts / setup.sh
at main 5.0 kB view raw
  1#!/bin/bash
  2set -e
  3
  4# Netdata Zulip Bot Setup Script
  5
  6DOMAIN=""
  7EMAIL=""
  8USER="netdata-bot"
  9INSTALL_DIR="/opt/netdata-zulip-bot"
 10
 11usage() {
 12    echo "Usage: $0 --domain DOMAIN --email EMAIL [OPTIONS]"
 13    echo ""
 14    echo "Required:"
 15    echo "  --domain DOMAIN     Public domain for webhook endpoint"
 16    echo "  --email EMAIL       Email for Let's Encrypt certificate"
 17    echo ""
 18    echo "Options:"
 19    echo "  --user USER         System user to run service (default: netdata-bot)"
 20    echo "  --install-dir DIR   Installation directory (default: /opt/netdata-zulip-bot)"
 21    echo "  --port PORT         HTTPS port (default: 8443)"
 22    echo "  --help              Show this help"
 23    exit 1
 24}
 25
 26# Parse command line arguments
 27while [[ $# -gt 0 ]]; do
 28    case $1 in
 29        --domain)
 30            DOMAIN="$2"
 31            shift 2
 32            ;;
 33        --email)
 34            EMAIL="$2"
 35            shift 2
 36            ;;
 37        --user)
 38            USER="$2"
 39            shift 2
 40            ;;
 41        --install-dir)
 42            INSTALL_DIR="$2"
 43            shift 2
 44            ;;
 45        --port)
 46            PORT="$2"
 47            shift 2
 48            ;;
 49        --help)
 50            usage
 51            ;;
 52        *)
 53            echo "Unknown option: $1"
 54            usage
 55            ;;
 56    esac
 57done
 58
 59# Validate required arguments
 60if [[ -z "$DOMAIN" ]] || [[ -z "$EMAIL" ]]; then
 61    echo "Error: --domain and --email are required"
 62    usage
 63fi
 64
 65echo "Setting up Netdata Zulip Bot..."
 66echo "Domain: $DOMAIN"
 67echo "Email: $EMAIL"
 68echo "User: $USER"
 69echo "Install Directory: $INSTALL_DIR"
 70
 71# Check if running as root
 72if [[ $EUID -ne 0 ]]; then
 73    echo "This script must be run as root (use sudo)"
 74    exit 1
 75fi
 76
 77# Install system dependencies
 78echo "Installing system dependencies..."
 79apt-get update
 80apt-get install -y python3 python3-pip python3-venv certbot curl
 81
 82# Create system user
 83if ! id "$USER" &>/dev/null; then
 84    echo "Creating user $USER..."
 85    useradd --system --home-dir "$INSTALL_DIR" --shell /bin/bash "$USER"
 86fi
 87
 88# Create installation directory
 89echo "Setting up installation directory..."
 90mkdir -p "$INSTALL_DIR"
 91chown "$USER:$USER" "$INSTALL_DIR"
 92
 93# Install uv for Python package management
 94echo "Installing uv package manager..."
 95curl -LsSf https://astral.sh/uv/install.sh | sh
 96export PATH="$HOME/.local/bin:$PATH"
 97
 98# Copy application files
 99echo "Installing application..."
100cp -r . "$INSTALL_DIR/"
101chown -R "$USER:$USER" "$INSTALL_DIR"
102
103# Install Python dependencies as the service user
104echo "Installing Python dependencies..."
105sudo -u "$USER" bash -c "cd '$INSTALL_DIR' && ~/.local/bin/uv sync"
106
107# Obtain Let's Encrypt certificate
108echo "Obtaining Let's Encrypt certificate..."
109certbot certonly --standalone \
110    --non-interactive \
111    --agree-tos \
112    --email "$EMAIL" \
113    -d "$DOMAIN"
114
115# Set certificate permissions
116echo "Setting certificate permissions..."
117chown -R "$USER:$USER" "/etc/letsencrypt/live/$DOMAIN/"
118
119# Create systemd service
120echo "Creating systemd service..."
121cat > /etc/systemd/system/netdata-zulip-bot.service << EOF
122[Unit]
123Description=Netdata Zulip Bot
124After=network.target
125
126[Service]
127Type=simple
128User=$USER
129Group=$USER
130WorkingDirectory=$INSTALL_DIR
131Environment=PATH=$INSTALL_DIR/.venv/bin:/usr/local/bin:/usr/bin:/bin
132Environment=SERVER_DOMAIN=$DOMAIN
133Environment=SERVER_PORT=${PORT:-8443}
134Environment=SERVER_ENABLE_MTLS=true
135ExecStart=$INSTALL_DIR/.venv/bin/netdata-zulip-bot
136Restart=always
137RestartSec=5
138StandardOutput=journal
139StandardError=journal
140
141[Install]
142WantedBy=multi-user.target
143EOF
144
145# Setup log rotation
146echo "Setting up log rotation..."
147cat > /etc/logrotate.d/netdata-zulip-bot << EOF
148/var/log/netdata-zulip-bot/*.log {
149    daily
150    missingok
151    rotate 30
152    compress
153    delaycompress
154    notifempty
155    sharedscripts
156    postrotate
157        systemctl reload netdata-zulip-bot
158    endscript
159}
160EOF
161
162# Create configuration template
163echo "Creating configuration template..."
164sudo -u "$USER" bash -c "cd '$INSTALL_DIR' && ./.venv/bin/netdata-zulip-bot --create-config"
165
166# Enable and start service
167echo "Enabling and starting service..."
168systemctl daemon-reload
169systemctl enable netdata-zulip-bot
170
171# Setup firewall (if UFW is available)
172if command -v ufw &> /dev/null; then
173    echo "Configuring firewall..."
174    ufw allow ${PORT:-8443}/tcp
175fi
176
177echo ""
178echo "✅ Installation complete!"
179echo ""
180echo "Next steps:"
181echo "1. Configure Zulip settings:"
182echo "   sudo -u $USER nano $INSTALL_DIR/.zuliprc.sample"
183echo "   sudo -u $USER cp $INSTALL_DIR/.zuliprc.sample /home/$USER/.zuliprc"
184echo ""
185echo "2. Start the service:"
186echo "   sudo systemctl start netdata-zulip-bot"
187echo ""
188echo "3. Check service status:"
189echo "   sudo systemctl status netdata-zulip-bot"
190echo ""
191echo "4. View logs:"
192echo "   sudo journalctl -u netdata-zulip-bot -f"
193echo ""
194echo "5. Test the webhook endpoint:"
195echo "   curl -k https://$DOMAIN:${PORT:-8443}/health"
196echo ""
197echo "6. Configure Netdata Cloud webhook URL:"
198echo "   https://$DOMAIN:${PORT:-8443}/webhook/netdata"