| #!/usr/bin/env bash |
| set -euo pipefail |
|
|
| echo "[boot] start redis" |
| redis-server --bind 127.0.0.1 --port 6379 --daemonize yes |
|
|
| export DATABASE_HOST="${DATABASE_HOST:-pg-newapi-codeatlantis666.f.aivencloud.com}" |
| export DATABASE_PORT="${DATABASE_PORT:-22503}" |
| export DATABASE_USER="${DATABASE_USER:-avnadmin}" |
| export DATABASE_DBNAME="${DATABASE_DBNAME:-sub2api}" |
| export DATABASE_SSLMODE="${DATABASE_SSLMODE:-require}" |
| export DATABASE_SSLROOTCERT="${DATABASE_SSLROOTCERT:-/app/ca.pem}" |
|
|
| export DB_MAX_OPEN_CONNS="${DB_MAX_OPEN_CONNS:-10}" |
|
|
| if [ -z "${SQL_PASSWORD:-}" ]; then |
| echo "[error] SQL_PASSWORD is required. Set Space Secret SQL_PASSWORD." |
| echo "[error] You can provide either:" |
| echo "[error] 1) password only (recommended with DATABASE_USER), or" |
| echo "[error] 2) 'username:password' in SQL_PASSWORD." |
| exit 1 |
| fi |
|
|
| if [ ! -f "${DATABASE_SSLROOTCERT}" ]; then |
| echo "[error] CA cert not found at ${DATABASE_SSLROOTCERT}." |
| echo "[error] Upload ca.pem and/or set DATABASE_SSLROOTCERT correctly." |
| exit 1 |
| fi |
|
|
| if [[ "${SQL_PASSWORD}" == *:* ]]; then |
| export DATABASE_USER="${SQL_PASSWORD%%:*}" |
| export DATABASE_PASSWORD="${SQL_PASSWORD#*:}" |
| else |
| export DATABASE_PASSWORD="${SQL_PASSWORD}" |
| fi |
|
|
| if command -v psql >/dev/null 2>&1; then |
| export PGHOST="${DATABASE_HOST}" |
| export PGPORT="${DATABASE_PORT}" |
| export PGUSER="${DATABASE_USER}" |
| export PGPASSWORD="${DATABASE_PASSWORD}" |
| export PGSSLMODE="${DATABASE_SSLMODE}" |
| export PGSSLROOTCERT="${DATABASE_SSLROOTCERT}" |
|
|
| if ! psql "dbname=postgres" -tAc "SELECT 1" >/dev/null 2>&1; then |
| echo "[boot] 'postgres' database missing or inaccessible, trying to create it..." |
| EXISTS_IN_TARGET=$(psql "dbname=${DATABASE_DBNAME}" -tAc "SELECT 1 FROM pg_database WHERE datname='postgres'" 2>/dev/null || true) |
| if [ "${EXISTS_IN_TARGET}" != "1" ]; then |
| if psql "dbname=${DATABASE_DBNAME}" -v ON_ERROR_STOP=1 -c "CREATE DATABASE postgres" >/dev/null 2>&1; then |
| echo "[boot] created database: postgres" |
| else |
| echo "[warn] failed to create database 'postgres'. Auto setup may fail if upstream still requires dbname=postgres." |
| fi |
| else |
| echo "[boot] database 'postgres' already exists" |
| fi |
| fi |
| fi |
|
|
| |
| |
| is_true() { |
| case "${1:-}" in |
| 1|t|T|true|TRUE|yes|YES|y|Y|on|ON) return 0 ;; |
| *) return 1 ;; |
| esac |
| } |
|
|
| migration_applied() { |
| local mig_name="$1" |
| local out="" |
| if ! is_true "${SCHEMA_MIGRATIONS_EXISTS:-}"; then |
| echo "0" |
| return 0 |
| fi |
| out=$(psql "dbname=${DATABASE_DBNAME}" -tAc "SELECT 1 FROM schema_migrations WHERE filename='${mig_name}' LIMIT 1" 2>/dev/null | tr -d '[:space:]' || true) |
| if [ "${out}" = "1" ]; then |
| echo "1" |
| else |
| echo "0" |
| fi |
| } |
|
|
| preapply_migration() { |
| local mig_name="$1" |
| local mig_url="$2" |
| local mig_sql="/tmp/${mig_name}" |
| if curl -fsSL "${mig_url}" -o "${mig_sql}" >/dev/null 2>&1; then |
| echo "[boot] pre-applying migration ${mig_name} ..." |
| if PGOPTIONS="-c statement_timeout=0 -c lock_timeout=0" psql "dbname=${DATABASE_DBNAME}" -v ON_ERROR_STOP=1 -f "${mig_sql}" >/dev/null 2>&1; then |
| echo "[boot] pre-apply ${mig_name} done" |
| rm -f "${mig_sql}" || true |
| return 0 |
| fi |
| echo "[warn] pre-apply ${mig_name} failed; AutoSetup will continue with built-in migration flow" |
| rm -f "${mig_sql}" || true |
| return 1 |
| fi |
| echo "[warn] failed to download migration ${mig_name} from ${mig_url}" |
| return 1 |
| } |
|
|
| if command -v psql >/dev/null 2>&1 && command -v curl >/dev/null 2>&1; then |
| SCHEMA_MIGRATIONS_EXISTS=$(psql "dbname=${DATABASE_DBNAME}" -tAc "SELECT to_regclass('public.schema_migrations') IS NOT NULL" 2>/dev/null | tr -d '[:space:]' || true) |
| OPS_CORE_EXISTS=$(psql "dbname=${DATABASE_DBNAME}" -tAc "SELECT to_regclass('public.ops_error_logs') IS NOT NULL" 2>/dev/null | tr -d '[:space:]' || true) |
|
|
| MIG_033_APPLIED="$(migration_applied "033_ops_monitoring_vnext.sql")" |
| MIG_062_APPLIED="$(migration_applied "062_add_scheduler_and_usage_composite_indexes_notx.sql")" |
| MIG_065_APPLIED="$(migration_applied "065_add_search_trgm_indexes.sql")" |
|
|
| if [ "${MIG_033_APPLIED}" != "1" ]; then |
| |
| if is_true "${OPS_CORE_EXISTS}"; then |
| echo "[boot] skip pre-apply 033: ops schema already present" |
| else |
| preapply_migration \ |
| "033_ops_monitoring_vnext.sql" \ |
| "${MIG_033_URL:-https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/backend/migrations/033_ops_monitoring_vnext.sql}" || true |
| fi |
| fi |
|
|
| if [ "${MIG_062_APPLIED}" != "1" ]; then |
| preapply_migration \ |
| "062_add_scheduler_and_usage_composite_indexes_notx.sql" \ |
| "${MIG_062_URL:-https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/backend/migrations/062_add_scheduler_and_usage_composite_indexes_notx.sql}" || true |
| fi |
|
|
| if [ "${MIG_065_APPLIED}" != "1" ]; then |
| preapply_migration \ |
| "065_add_search_trgm_indexes.sql" \ |
| "${MIG_065_URL:-https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/backend/migrations/065_add_search_trgm_indexes.sql}" || true |
| fi |
| fi |
|
|
| DATABASE_QUERY="sslmode=${DATABASE_SSLMODE}&sslrootcert=${DATABASE_SSLROOTCERT}" |
| if [ -n "${DATABASE_QUERY_EXTRA:-}" ]; then |
| DATABASE_QUERY="${DATABASE_QUERY}&${DATABASE_QUERY_EXTRA}" |
| fi |
|
|
| export DATABASE_URL="postgresql://${DATABASE_USER}:${DATABASE_PASSWORD}@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DBNAME}?${DATABASE_QUERY}" |
| export POSTGRES_URL="${DATABASE_URL}" |
| export DB_URL="${DATABASE_URL}" |
| export REDIS_URL="${REDIS_URL:-redis://127.0.0.1:6379/0}" |
| export PORT="${PORT:-8080}" |
| export HOST="${HOST:-0.0.0.0}" |
| export AUTO_SETUP="${AUTO_SETUP:-true}" |
| export ADMIN_EMAIL="${ADMIN_EMAIL:-admin@sub2api.com}" |
| if [ -n "${SUB2API_ADMIN_PASSWORD:-}" ] && [ -z "${ADMIN_PASSWORD:-}" ]; then |
| export ADMIN_PASSWORD="${SUB2API_ADMIN_PASSWORD}" |
| fi |
| if [ -z "${ADMIN_PASSWORD:-}" ]; then |
| echo "[error] ADMIN_PASSWORD is required. Set Space Secret ADMIN_PASSWORD (or SUB2API_ADMIN_PASSWORD)." |
| exit 1 |
| fi |
| export SERVER_HOST="${HOST}" |
| export SERVER_PORT="${PORT}" |
| export DATABASE_HOST="${DATABASE_HOST}" |
| export DATABASE_PORT="${DATABASE_PORT}" |
| export DATABASE_USER="${DATABASE_USER}" |
| export DATABASE_PASSWORD="${DATABASE_PASSWORD}" |
| export DATABASE_DBNAME="${DATABASE_DBNAME}" |
| export DATABASE_SSLMODE="${DATABASE_SSLMODE}" |
| export REDIS_HOST="${REDIS_HOST:-127.0.0.1}" |
| export REDIS_PORT="${REDIS_PORT:-6379}" |
| export REDIS_DB="${REDIS_DB:-0}" |
| export REDIS_PASSWORD="${REDIS_PASSWORD:-}" |
| export REDIS_ENABLE_TLS="${REDIS_ENABLE_TLS:-false}" |
|
|
| echo "[boot] DATABASE_URL=postgresql://${DATABASE_USER}:******@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DBNAME}?sslmode=${DATABASE_SSLMODE}&sslrootcert=${DATABASE_SSLROOTCERT}" |
| echo "[boot] REDIS_URL=${REDIS_URL}" |
| echo "[boot] APP_PORT=${PORT}" |
| echo "[boot] ADMIN_EMAIL=${ADMIN_EMAIL}" |
|
|
| |
| mkdir -p /app/data |
| exec /app/sub2api |
|
|
