updated deploy.sh

2025-08-19 12:17:17 +02:00
parent 16c4d58def
commit f8f4c8954a
3 changed files with 66 additions and 17 deletions
--- a/.env
+++ b/.env
@@ -0,0 +1,7 @@
+# Kopieren zu .env und anpassen
+SFTP_HOST=www374.your-server.de
+SFTP_USER=peterksd
+SSH_KEY=/home/souko/.ssh/id_ed25519
+TARGET_DIR=/public_html/wishlist.hiabuto.de
+SOURCE_DIR=./
+DRY_RUN=1
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,7 @@
+# Kopieren zu .env und anpassen
+SFTP_HOST=change.me
+SFTP_USER=change_me
+SSH_KEY=/home/you/.ssh/id_ed25519
+TARGET_DIR=/public_html/wishlist.tld
+SOURCE_DIR=./
+DRY_RUN=1
--- a/deploy.sh
+++ b/deploy.sh
@@ -3,21 +3,38 @@ set -euo pipefail

 # =========================
 #  Wishlist Deploy (SFTP)
+#  - Git-safe Defaults
+#  - .env Support
 # =========================

+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# --- Optional: .env im Skriptordner laden (wenn vorhanden) ---
+if [[ -f "${SCRIPT_DIR}/.env" ]]; then
+  # Nur schlichte KEY=VALUE Zeilen ohne Export/Spaces
+  # shellcheck disable=SC2046
+  set -a
+  source "${SCRIPT_DIR}/.env"
+  set +a
+fi
+
+# --- Pfade/Quellen ---
 SOURCE_DIR="${SOURCE_DIR:-"$SCRIPT_DIR/"}"
-TARGET_DIR="${TARGET_DIR:-"/public_html/wishlist.hiabuto.de"}"
+TARGET_DIR="${TARGET_DIR:-"/public_html/CHANGE_ME_path"}"

-SFTP_HOST="${SFTP_HOST:-www374.your-server.de}"
-SFTP_USER="${SFTP_USER:-peterksd}"
-SSH_KEY="${SSH_KEY:-$HOME/.ssh/id_ed25519}"
+# --- Verbindungsdaten: absichtlich ungültige Defaults (müssen überschrieben werden) ---
+SFTP_HOST="${SFTP_HOST:-CHANGE_ME_HOST}"
+SFTP_USER="${SFTP_USER:-CHANGE_ME_USER}"
+SSH_KEY="${SSH_KEY:-$HOME/.ssh/CHANGE_ME_key}"

+# Flags
 DRY_RUN="${DRY_RUN:-0}"
+DEBUG="${DEBUG:-0}"

-# Glob-Excludes (rein mit Globs, kompatibel zu älteren lftp-Versionen)
+# Glob-Excludes (nur Globs, lftp-kompatibel)
 EXCLUDE_ARGS=(
-  # Git-Kram (rekursiv, egal wo)
  --exclude-glob ".git"
  --exclude-glob ".git/*"
  --exclude-glob "*/.git"
@@ -31,39 +48,57 @@ EXCLUDE_ARGS=(
  --exclude-glob ".gitignore"
  --exclude-glob ".github*"

-  # Secrets/Meta
  --exclude-glob ".env*"
  --exclude-glob "deploy*.sh"
  --exclude-glob "README*"
  --exclude-glob "*.md"
  --exclude-glob "*.sql"

-  # Vendor/Node
  --exclude-glob "node_modules"
  --exclude-glob "node_modules/**"
  --exclude-glob "vendor/*/.git*"

-  # Deine echte Config NICHT überschreiben
  --exclude-glob "config/config.php"

-  # Server-Daten (Bilder) NICHT anfassen
  --exclude-glob "data"
  --exclude-glob "data/*"
  --exclude-glob "data/**"
 )

-RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+need() { command -v "$1" >/dev/null 2>&1 || { echo -e "${RED}Error: '$1' ist nicht installiert.${NC}"; exit 1; }; }
+
+build_connect_program() {
+  printf "ssh -i %q -o IdentitiesOnly=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o NumberOfPasswordPrompts=0 -o BatchMode=yes -o ConnectTimeout=15 -o LogLevel=ERROR" "$SSH_KEY"
+}
+
+abort_defaults_present() {
+  local bad=0
+  if [[ "$SFTP_HOST" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_HOST=${SFTP_HOST}${NC}"; bad=1; fi
+  if [[ "$SFTP_USER" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_USER=${SFTP_USER}${NC}"; bad=1; fi
+  if [[ "$SSH_KEY"    == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SSH_KEY=${SSH_KEY}${NC}";    bad=1; fi
+  if [[ "$TARGET_DIR" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: TARGET_DIR=${TARGET_DIR}${NC}"; bad=1; fi
+
+  if (( bad == 1 )); then
+    cat <<EOF >&2
+${YELLOW}Hinweis:${NC} Setze die Variablen per Umgebung oder .env:
+  SFTP_HOST=example.org
+  SFTP_USER=example
+  SSH_KEY=/home/user/.ssh/id_ed25519
+  TARGET_DIR=/public_html/wishlist.hiabuto.de
+Abbruch, weil noch CHANGE_ME-Defaults aktiv sind.
+EOF
+    exit 42
+  fi
+}
+
 echo -e "${GREEN}Starting wishlist deployment...${NC}"
 echo -e "${GREEN}SFTP Upload -> ${SFTP_USER}@${SFTP_HOST}${NC}"
 echo -e "${GREEN}Target Dir  -> ${TARGET_DIR}${NC}"
 (( DRY_RUN == 1 )) && echo -e "${YELLOW}Mode        -> DRY-RUN${NC}"

-need() { command -v "$1" >/dev/null 2>&1 || { echo -e "${RED}Error: '$1' ist nicht installiert.${NC}"; exit 1; }; }
-build_connect_program() {
-  printf "ssh -i %q -o IdentitiesOnly=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o NumberOfPasswordPrompts=0 -o BatchMode=yes -o ConnectTimeout=15 -o LogLevel=ERROR" "$SSH_KEY"
-}
-
 need lftp
+abort_defaults_present
+
 [ -d "$SOURCE_DIR" ] || { echo -e "${RED}Error: SOURCE_DIR existiert nicht: ${SOURCE_DIR}${NC}"; exit 1; }
 [ -r "$SSH_KEY" ]     || { echo -e "${RED}Error: SSH-Key nicht gefunden/lesbar: ${SSH_KEY}${NC}"; exit 1; }

@@ -92,7 +127,7 @@ echo -e "${YELLOW}>> Upload per SFTP (mirror -R)...${NC}"
 MIRROR_OPTS=( -R --delete --verbose --parallel=4 )
 (( DRY_RUN == 1 )) && MIRROR_OPTS+=( --dry-run )

-(( ${DEBUG:-0} == 1 )) && {
+(( DEBUG == 1 )) && {
  echo "mirror opts: ${MIRROR_OPTS[*]}"
  echo "exclude    : ${EXCLUDE_ARGS[*]}"
 }