diff --git a/.env b/.env new file mode 100644 index 0000000..c83f256 --- /dev/null +++ b/.env @@ -0,0 +1,7 @@ +# Kopieren zu .env und anpassen +SFTP_HOST=www374.your-server.de +SFTP_USER=peterksd +SSH_KEY=/home/souko/.ssh/id_ed25519 +TARGET_DIR=/public_html/wishlist.hiabuto.de +SOURCE_DIR=./ +DRY_RUN=1 diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..a60536f --- /dev/null +++ b/.env.example @@ -0,0 +1,7 @@ +# Kopieren zu .env und anpassen +SFTP_HOST=change.me +SFTP_USER=change_me +SSH_KEY=/home/you/.ssh/id_ed25519 +TARGET_DIR=/public_html/wishlist.tld +SOURCE_DIR=./ +DRY_RUN=1 diff --git a/deploy.sh b/deploy.sh index 1902367..c357e57 100755 --- a/deploy.sh +++ b/deploy.sh @@ -3,21 +3,38 @@ set -euo pipefail # ========================= # Wishlist Deploy (SFTP) +# - Git-safe Defaults +# - .env Support # ========================= +RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' + SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +# --- Optional: .env im Skriptordner laden (wenn vorhanden) --- +if [[ -f "${SCRIPT_DIR}/.env" ]]; then + # Nur schlichte KEY=VALUE Zeilen ohne Export/Spaces + # shellcheck disable=SC2046 + set -a + source "${SCRIPT_DIR}/.env" + set +a +fi + +# --- Pfade/Quellen --- SOURCE_DIR="${SOURCE_DIR:-"$SCRIPT_DIR/"}" -TARGET_DIR="${TARGET_DIR:-"/public_html/wishlist.hiabuto.de"}" +TARGET_DIR="${TARGET_DIR:-"/public_html/CHANGE_ME_path"}" -SFTP_HOST="${SFTP_HOST:-www374.your-server.de}" -SFTP_USER="${SFTP_USER:-peterksd}" -SSH_KEY="${SSH_KEY:-$HOME/.ssh/id_ed25519}" +# --- Verbindungsdaten: absichtlich ungültige Defaults (müssen überschrieben werden) --- +SFTP_HOST="${SFTP_HOST:-CHANGE_ME_HOST}" +SFTP_USER="${SFTP_USER:-CHANGE_ME_USER}" +SSH_KEY="${SSH_KEY:-$HOME/.ssh/CHANGE_ME_key}" +# Flags DRY_RUN="${DRY_RUN:-0}" +DEBUG="${DEBUG:-0}" -# Glob-Excludes (rein mit Globs, kompatibel zu älteren lftp-Versionen) +# Glob-Excludes (nur Globs, lftp-kompatibel) EXCLUDE_ARGS=( - # Git-Kram (rekursiv, egal wo) --exclude-glob ".git" --exclude-glob ".git/*" --exclude-glob "*/.git" @@ -31,39 +48,57 @@ EXCLUDE_ARGS=( --exclude-glob ".gitignore" --exclude-glob ".github*" - # Secrets/Meta --exclude-glob ".env*" --exclude-glob "deploy*.sh" --exclude-glob "README*" --exclude-glob "*.md" --exclude-glob "*.sql" - # Vendor/Node --exclude-glob "node_modules" --exclude-glob "node_modules/**" --exclude-glob "vendor/*/.git*" - # Deine echte Config NICHT überschreiben --exclude-glob "config/config.php" - # Server-Daten (Bilder) NICHT anfassen --exclude-glob "data" --exclude-glob "data/*" --exclude-glob "data/**" ) -RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' +need() { command -v "$1" >/dev/null 2>&1 || { echo -e "${RED}Error: '$1' ist nicht installiert.${NC}"; exit 1; }; } + +build_connect_program() { + printf "ssh -i %q -o IdentitiesOnly=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o NumberOfPasswordPrompts=0 -o BatchMode=yes -o ConnectTimeout=15 -o LogLevel=ERROR" "$SSH_KEY" +} + +abort_defaults_present() { + local bad=0 + if [[ "$SFTP_HOST" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_HOST=${SFTP_HOST}${NC}"; bad=1; fi + if [[ "$SFTP_USER" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_USER=${SFTP_USER}${NC}"; bad=1; fi + if [[ "$SSH_KEY" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SSH_KEY=${SSH_KEY}${NC}"; bad=1; fi + if [[ "$TARGET_DIR" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: TARGET_DIR=${TARGET_DIR}${NC}"; bad=1; fi + + if (( bad == 1 )); then + cat <&2 +${YELLOW}Hinweis:${NC} Setze die Variablen per Umgebung oder .env: + SFTP_HOST=example.org + SFTP_USER=example + SSH_KEY=/home/user/.ssh/id_ed25519 + TARGET_DIR=/public_html/wishlist.hiabuto.de +Abbruch, weil noch CHANGE_ME-Defaults aktiv sind. +EOF + exit 42 + fi +} + echo -e "${GREEN}Starting wishlist deployment...${NC}" echo -e "${GREEN}SFTP Upload -> ${SFTP_USER}@${SFTP_HOST}${NC}" echo -e "${GREEN}Target Dir -> ${TARGET_DIR}${NC}" (( DRY_RUN == 1 )) && echo -e "${YELLOW}Mode -> DRY-RUN${NC}" -need() { command -v "$1" >/dev/null 2>&1 || { echo -e "${RED}Error: '$1' ist nicht installiert.${NC}"; exit 1; }; } -build_connect_program() { - printf "ssh -i %q -o IdentitiesOnly=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o NumberOfPasswordPrompts=0 -o BatchMode=yes -o ConnectTimeout=15 -o LogLevel=ERROR" "$SSH_KEY" -} - need lftp +abort_defaults_present + [ -d "$SOURCE_DIR" ] || { echo -e "${RED}Error: SOURCE_DIR existiert nicht: ${SOURCE_DIR}${NC}"; exit 1; } [ -r "$SSH_KEY" ] || { echo -e "${RED}Error: SSH-Key nicht gefunden/lesbar: ${SSH_KEY}${NC}"; exit 1; } @@ -92,7 +127,7 @@ echo -e "${YELLOW}>> Upload per SFTP (mirror -R)...${NC}" MIRROR_OPTS=( -R --delete --verbose --parallel=4 ) (( DRY_RUN == 1 )) && MIRROR_OPTS+=( --dry-run ) -(( ${DEBUG:-0} == 1 )) && { +(( DEBUG == 1 )) && { echo "mirror opts: ${MIRROR_OPTS[*]}" echo "exclude : ${EXCLUDE_ARGS[*]}" }