docker image su registry e create con pyinstaller

2025-11-30 21:19:06 +01:00
parent 3943172db8
commit fd192c7f6b
12 changed files with 701 additions and 87 deletions
--- a/scripts/sync_modifche_vm.sh
+++ b/scripts/sync_modifche_vm.sh
@@ -1,6 +1,186 @@
 #!/bin/bash
+# sync_modifche_vm.sh
+# Sincronizza i file necessari per lo stack Docker sui server remoti
+# NOTA: env/ è ora OBBLIGATORIO perché montato come volume esterno (non più nell'immagine)

-rsync -avz --exclude='*.pyc' --exclude '__pycache__/' /home/alex/devel/ASE/src /home/alex/devel/proxmox-ha-setup/vm1/
-#rsync -avz --exclude='*.pyc' --exclude '__pycache__/' /home/alex/devel/ASE/src /home/alex/devel/proxmox-ha-setup/vm2/
-rsync -avz -e "ssh -p 2222" /home/alex/devel/proxmox-ha-setup/vm1/ root@192.168.1.201:/opt/ase/
-rsync -avz -e "ssh -p 2222" /home/alex/devel/proxmox-ha-setup/vm2/ root@192.168.1.202:/opt/ase/
+set -e
+
+# Configurazione
+VM1_IP="192.168.1.201"
+VM2_IP="192.168.1.202"
+SSH_PORT="2222"
+SSH_USER="root"
+DEST_DIR="/opt/ase"
+SOURCE_VM1="/home/alex/devel/proxmox-ha-setup/vm1/"
+SOURCE_VM2="/home/alex/devel/proxmox-ha-setup/vm2/"
+
+# Colors
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+NC='\033[0m'
+
+print_info() { echo -e "${CYAN}ℹ $1${NC}"; }
+print_success() { echo -e "${GREEN}✓ $1${NC}"; }
+print_warning() { echo -e "${YELLOW}⚠ $1${NC}"; }
+
+echo "================================================"
+echo "Sincronizzazione file Docker stack"
+echo "================================================"
+echo ""
+
+print_info "Configurazione:"
+print_info "  VM1: ${VM1_IP}:${SSH_PORT} → ${DEST_DIR}"
+print_info "  VM2: ${VM2_IP}:${SSH_PORT} → ${DEST_DIR}"
+echo ""
+
+# File da ESCLUDERE (non necessari sui server):
+# - src/ (codice sorgente, ormai nell'immagine come .pyc)
+# - Dockerfile* (non serve se usi immagini dal registry)
+# - pyproject.toml (non serve se usi immagini dal registry)
+# - *.md (documentazione)
+# - __pycache__/ e *.pyc (generati automaticamente)
+
+print_warning "IMPORTANTE: env/ sarà sincronizzato (necessario come volume esterno)"
+echo ""
+
+read -p "Procedere con la sincronizzazione? (Y/n) " -n 1 -r
+echo
+if [[ $REPLY =~ ^[Nn]$ ]]; then
+    print_warning "Sincronizzazione annullata"
+    exit 0
+fi
+
+echo ""
+print_info "Sincronizzazione VM1 (${VM1_IP})..."
+rsync -avz -e "ssh -p ${SSH_PORT}" \
+    --exclude 'src' \
+    --exclude 'Dockerfile' \
+    --exclude 'Dockerfile.distroless' \
+    --exclude 'pyproject.toml' \
+    --exclude '*.md' \
+    --exclude '*.backup' \
+    --exclude '*.example' \
+    --exclude '__pycache__' \
+    --exclude '*.pyc' \
+    "${SOURCE_VM1}" "${SSH_USER}@${VM1_IP}:${DEST_DIR}/"
+
+print_success "VM1 sincronizzata"
+echo ""
+
+print_info "Sincronizzazione VM2 (${VM2_IP})..."
+rsync -avz -e "ssh -p ${SSH_PORT}" \
+    --exclude 'src' \
+    --exclude 'Dockerfile' \
+    --exclude 'Dockerfile.distroless' \
+    --exclude 'pyproject.toml' \
+    --exclude '*.md' \
+    --exclude '*.backup' \
+    --exclude '*.example' \
+    --exclude '__pycache__' \
+    --exclude '*.pyc' \
+    "${SOURCE_VM2}" "${SSH_USER}@${VM2_IP}:${DEST_DIR}/"
+
+print_success "VM2 sincronizzata"
+echo ""
+
+# Configurazione certificati registry privato
+REGISTRY_CERT_SOURCE="/var/snap/docker/common/etc/docker/certs.d/192.168.1.204:5000/ca.crt"
+REGISTRY_DOMAIN="192.168.1.204:5000"
+
+if [ -f "$REGISTRY_CERT_SOURCE" ]; then
+    print_info "Installazione certificati registry privato..."
+
+    # Verifica se Docker è installato tramite Snap o APT
+    print_info "Installazione certificato registry su VM1..."
+    ssh -p "${SSH_PORT}" "${SSH_USER}@${VM1_IP}" << 'EOF'
+        REGISTRY_DOMAIN="192.168.1.204:5000"
+
+        # Verifica se Docker è installato via Snap
+        if [ -d "/var/snap/docker" ]; then
+            echo "  → Docker Snap detectato"
+            CERT_DIR="/var/snap/docker/common/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+        else
+            echo "  → Docker standard detectato"
+            CERT_DIR="/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+        fi
+
+        mkdir -p "${CERT_DIR}"
+        echo "  → Directory certificati: ${CERT_DIR}"
+EOF
+
+    # Copia il certificato
+    if ssh -p "${SSH_PORT}" "${SSH_USER}@${VM1_IP}" "[ -d /var/snap/docker ]"; then
+        REMOTE_CERT_DIR="/var/snap/docker/common/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+    else
+        REMOTE_CERT_DIR="/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+    fi
+
+    ssh -p "${SSH_PORT}" "${SSH_USER}@${VM1_IP}" "mkdir -p ${REMOTE_CERT_DIR}"
+    scp -P "${SSH_PORT}" "${REGISTRY_CERT_SOURCE}" "${SSH_USER}@${VM1_IP}:${REMOTE_CERT_DIR}/ca.crt"
+    print_success "Certificato registry installato su VM1"
+
+    print_info "Installazione certificato registry su VM2..."
+    ssh -p "${SSH_PORT}" "${SSH_USER}@${VM2_IP}" << 'EOF'
+        REGISTRY_DOMAIN="192.168.1.204:5000"
+
+        # Verifica se Docker è installato via Snap
+        if [ -d "/var/snap/docker" ]; then
+            echo "  → Docker Snap detectato"
+            CERT_DIR="/var/snap/docker/common/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+        else
+            echo "  → Docker standard detectato"
+            CERT_DIR="/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+        fi
+
+        mkdir -p "${CERT_DIR}"
+        echo "  → Directory certificati: ${CERT_DIR}"
+EOF
+
+    # Copia il certificato
+    if ssh -p "${SSH_PORT}" "${SSH_USER}@${VM2_IP}" "[ -d /var/snap/docker ]"; then
+        REMOTE_CERT_DIR="/var/snap/docker/common/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+    else
+        REMOTE_CERT_DIR="/etc/docker/certs.d/${REGISTRY_DOMAIN}"
+    fi
+
+    ssh -p "${SSH_PORT}" "${SSH_USER}@${VM2_IP}" "mkdir -p ${REMOTE_CERT_DIR}"
+    scp -P "${SSH_PORT}" "${REGISTRY_CERT_SOURCE}" "${SSH_USER}@${VM2_IP}:${REMOTE_CERT_DIR}/ca.crt"
+    print_success "Certificato registry installato su VM2"
+    echo ""
+else
+    print_warning "Certificato registry non trovato: ${REGISTRY_CERT_SOURCE}"
+    print_warning "Salta installazione certificati - il pull dal registry potrebbe fallire"
+    echo ""
+fi
+
+print_success "Sincronizzazione completata!"
+echo ""
+print_info "File sincronizzati:"
+print_info "  ✓ docker-compose.yml"
+print_info "  ✓ env/ (configurazioni - OBBLIGATORIO)"
+print_info "  ✓ aseftp/ (directory FTP/SFTP)"
+print_info "  ✓ certs/ (certificati applicazione)"
+print_info "  ✓ matlab_func/ (funzioni MATLAB)"
+print_info "  ✓ haproxy.cfg, keepalived*.conf, alloy-config.alloy"
+print_info "  ✓ ssh_host_key* (chiavi SSH)"
+echo ""
+print_info "Certificati registry:"
+if [ -f "$REGISTRY_CERT_SOURCE" ]; then
+    print_info "  ✓ Certificato registry installato su VM1 e VM2"
+    print_info "    → ${REGISTRY_DOMAIN}"
+else
+    print_warning "  ✗ Certificato registry NON trovato"
+fi
+echo ""
+print_info "File ESCLUSI (non necessari):"
+print_info "  ✗ src/ (codice sorgente, già nell'immagine Docker)"
+print_info "  ✗ Dockerfile* (non serve se usi registry)"
+print_info "  ✗ pyproject.toml (non serve se usi registry)"
+print_info "  ✗ *.md (documentazione)"
+echo ""
+print_info "Prossimi passi sui server:"
+print_info "  1. Verifica certificato registry: docker pull ${REGISTRY_DOMAIN}/orchestrator-app:latest"
+print_info "  2. Avvia lo stack: cd ${DEST_DIR} && docker-compose up -d"
+print_info "  3. Verifica log: docker-compose logs -f"
+echo ""