DeBros/orama
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/orama.git synced 2026-03-17 15:46:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
orama/scripts/patches/fix-anyone-relay.sh

131 lines
3.7 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# Patch: Fix Anyone relay after orama upgrade.
#
# After orama upgrade, the firewall reset drops the ORPort 9001 rule because
# preferences.yaml didn't have anyone_relay=true. This patch:
# 1. Opens port 9001/tcp in UFW
# 2. Re-enables orama-anyone-relay (survives reboot)
# 3. Saves anyone_relay preference so future upgrades preserve the rule
#
# Usage:
# scripts/patches/fix-anyone-relay.sh --devnet
# scripts/patches/fix-anyone-relay.sh --testnet
#
set -euo pipefail
ENV=""
for arg in "$@"; do
case "$arg" in
--devnet) ENV="devnet" ;;
--testnet) ENV="testnet" ;;
-h|--help)
echo "Usage: scripts/patches/fix-anyone-relay.sh --devnet|--testnet"
exit 0
;;
*) echo "Unknown flag: $arg" >&2; exit 1 ;;
esac
done
if [[ -z "$ENV" ]]; then
echo "ERROR: specify --devnet or --testnet" >&2
exit 1
fi
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
CONF="$ROOT_DIR/scripts/remote-nodes.conf"
[[ -f "$CONF" ]] || { echo "ERROR: Missing $CONF" >&2; exit 1; }
SSH_OPTS=(-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=10 -o PreferredAuthentications=publickey,password)
fix_node() {
local user_host="$1"
local password="$2"
local ssh_key="$3"
# The remote script:
# 1. Check if anyone relay service exists, skip if not
# 2. Open ORPort 9001 in UFW
# 3. Enable the service (auto-start on boot)
# 4. Update preferences.yaml with anyone_relay: true
local cmd
cmd=$(cat <<'REMOTE'
set -e
PREFS="/opt/orama/.orama/preferences.yaml"
# Only patch nodes that have the Anyone relay service installed
if [ ! -f /etc/systemd/system/orama-anyone-relay.service ]; then
echo "SKIP_NO_RELAY"
exit 0
fi
# 1. Open ORPort 9001 in UFW
sudo ufw allow 9001/tcp >/dev/null 2>&1
# 2. Enable the service so it survives reboot
sudo systemctl enable orama-anyone-relay >/dev/null 2>&1
# 3. Restart the service if not running
if ! systemctl is-active --quiet orama-anyone-relay; then
sudo systemctl start orama-anyone-relay >/dev/null 2>&1
fi
# 4. Save anyone_relay preference if missing
if [ -f "$PREFS" ]; then
if ! grep -q "anyone_relay:" "$PREFS"; then
echo "anyone_relay: true" | sudo tee -a "$PREFS" >/dev/null
echo "anyone_orport: 9001" | sudo tee -a "$PREFS" >/dev/null
elif grep -q "anyone_relay: false" "$PREFS"; then
sudo sed -i 's/anyone_relay: false/anyone_relay: true/' "$PREFS"
if ! grep -q "anyone_orport:" "$PREFS"; then
echo "anyone_orport: 9001" | sudo tee -a "$PREFS" >/dev/null
fi
fi
fi
echo "PATCH_OK"
REMOTE
)
local result
if [[ -n "$ssh_key" ]]; then
expanded_key="${ssh_key/#\~/$HOME}"
result=$(ssh -n "${SSH_OPTS[@]}" -i "$expanded_key" "$user_host" "$cmd" 2>&1)
else
result=$(sshpass -p "$password" ssh -n "${SSH_OPTS[@]}" -o PubkeyAuthentication=no "$user_host" "$cmd" 2>&1)
fi
if echo "$result" | grep -q "PATCH_OK"; then
echo " OK $user_host — UFW 9001/tcp opened, service enabled, prefs saved"
elif echo "$result" | grep -q "SKIP_NO_RELAY"; then
echo " SKIP $user_host — no Anyone relay installed"
else
echo " ERR $user_host: $result"
fi
}
# Parse ALL nodes from conf (both node and nameserver roles)
# The fix_node function skips nodes without the relay service installed
HOSTS=()
PASSES=()
KEYS=()
while IFS='|' read -r env host pass role key; do
[[ -z "$env" || "$env" == \#* ]] && continue
env="${env%%#*}"
env="$(echo "$env" | xargs)"
[[ "$env" != "$ENV" ]] && continue
HOSTS+=("$host")
PASSES+=("$pass")
KEYS+=("${key:-}")
done < "$CONF"
echo "== fix-anyone-relay ($ENV) — checking ${#HOSTS[@]} nodes =="
for i in "${!HOSTS[@]}"; do
fix_node "${HOSTS[$i]}" "${PASSES[$i]}" "${KEYS[$i]}" &
done
wait
echo "Done."
Reference in New Issue View Git Blame Copy Permalink