zishuo/oneterm
1
0
Fork 0
mirror of https://github.com/veops/oneterm.git synced 2025-09-26 19:31:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
oneterm/deploy
History
pycook 467dcb86d8 chore: release v25.9.1
2025-09-16 19:04:19 +08:00
..
.env
fix(api): close session when terminal away & refactor(api): deploy
2024-09-04 14:56:39 +08:00
.gitignore
feat(deploy): add password management scripts with setup and migration tools #75
2025-08-17 10:02:44 +08:00
acl.sql
fix(api): close session when terminal away & refactor(api): deploy
2024-09-04 14:56:39 +08:00
config.yaml
feat(backend): store SSH private key encrypted in database instead of config file
2025-09-05 18:25:49 +08:00
create-users.sql
fix(api): close session when terminal away & refactor(api): deploy
2024-09-04 14:56:39 +08:00
DEV_README.md
docs: update DEV_README
2025-08-17 21:07:51 +08:00
DEV_README.zh.md
docs: update DEV_README
2025-08-17 21:07:51 +08:00
dev-config.example.yaml
feat(deploy): add development environment startup script
2025-08-17 14:15:33 +08:00
dev-start.sh
refactor(deploy): frontend dev env
2025-08-18 19:10:59 +08:00
docker-compose.backend-dev.yaml
chore: release v25.9.1
2025-09-16 19:04:19 +08:00
docker-compose.domain.yaml
chore: release v25.9.1
2025-09-16 19:04:19 +08:00
docker-compose.frontend-dev.yaml
chore: release v25.9.1
2025-09-16 19:04:19 +08:00
docker-compose.yaml
chore: release v25.9.1
2025-09-16 19:04:19 +08:00
migrate-passwords.sh
fix(deploy): add cross-platform sed compatibility for macOS and Linux
2025-08-18 19:30:21 +08:00
mysqld.cnf
fix(api): close session when terminal away & refactor(api): deploy
2024-09-04 14:56:39 +08:00
nginx.frontend-dev.conf
refactor(deploy): frontend dev env
2025-08-18 19:10:59 +08:00
nginx.oneterm.conf.example
chore: release v25.6.2
2025-06-18 21:41:55 +08:00
nginx.webproxy.conf.example
feat(deploy): add domain-based deployment configuration with webproxy support
2025-09-16 19:01:40 +08:00
README.md
feat(deploy): add password management scripts with setup and migration tools #75
2025-08-17 10:02:44 +08:00
setup.sh
fix(deploy): add cross-platform sed compatibility for macOS and Linux
2025-08-18 19:30:21 +08:00

README.md

OneTerm Deployment Scripts

This directory contains scripts to help you deploy and manage OneTerm with custom database passwords.

Quick Start

For New Installations

If you're installing OneTerm for the first time:

# Clone the repository and navigate to deploy directory
cd oneterm/deploy

# Run the setup script to configure passwords
./setup.sh

# Start OneTerm services
docker compose up -d

# Check service status
docker compose ps

For Existing Installations

If you already have OneTerm running and want to change passwords:

# Navigate to your OneTerm deploy directory
cd oneterm/deploy

# Run the migration script
./migrate-passwords.sh

# The script will guide you through the password change process

Script Details

setup.sh

Purpose: Initial configuration for new OneTerm deployments
When to use: Before first docker compose up command
What it does:

  • Configures database passwords in all configuration files
  • Creates backup of original files
  • Generates random passwords or accepts custom ones
  • Updates docker-compose.yaml, config.yaml, create-users.sql, and .env

Usage:

./setup.sh

Options:

  • Option 1: Enter custom passwords manually
  • Option 2: Generate random passwords automatically (recommended)

migrate-passwords.sh

Purpose: Password migration for existing OneTerm installations
When to use: When OneTerm is already running and you want to change passwords
What it does:

  • Creates database backup before changes
  • Verifies current passwords
  • Updates database user passwords
  • Updates all configuration files
  • Restarts services with new configuration
  • Performs health checks

Usage:

./migrate-passwords.sh

Safety features:

  • Creates automatic backups
  • Verifies passwords before proceeding
  • Graceful service restart
  • Rollback instructions if issues occur

File Structure

After running setup.sh, your directory will contain:

deploy/
├── docker-compose.yaml       # Updated with new MySQL root password
├── config.yaml              # Updated with OneTerm DB password
├── create-users.sql          # Updated with ACL/OneTerm passwords
├── .env                      # Updated with ACL configuration
├── .passwords               # Password reference file (keep secure!)
├── setup.sh                 # Setup script for new installations
├── migrate-passwords.sh     # Migration script for existing systems
└── *.backup.*              # Backup files (created during migration)

Security Considerations

  1. Password Storage: The .passwords file contains sensitive information. Keep it secure and consider deleting after noting passwords elsewhere.

  2. Backup Files: Migration creates backup files with timestamps. Review and clean up old backups periodically.

  3. Default Passwords: Never use default passwords (123456) in production environments.

  4. Network Security: Ensure proper firewall configuration and network isolation.

Troubleshooting

Services Won't Start After Password Change

  1. Check service logs:

    docker compose logs oneterm-api
docker compose logs oneterm-acl-api
docker compose logs oneterm-mysql

  2. Verify database connections:

    docker exec oneterm-mysql mysql -u root -p[NEW_PASSWORD] -e "SELECT 1;"

  3. If migration failed, restore from backup:

    # Stop services
docker compose down

# Restore configuration files
cp docker-compose.yaml.backup.TIMESTAMP docker-compose.yaml
cp config.yaml.backup.TIMESTAMP config.yaml
cp .env.backup.TIMESTAMP .env

# Restore database if needed
docker compose up -d mysql
docker exec oneterm-mysql mysql -u root -p[OLD_PASSWORD] < backup_TIMESTAMP.sql

# Start all services
docker compose up -d

ACL Service Connection Issues

If ACL service can't connect to database after password change:

  1. Verify .env file contains correct database URL
  2. Check ACL container logs for connection errors
  3. Ensure the updated ACL image supports environment variable overrides

Permission Denied Errors

If you get permission errors running scripts:

chmod +x setup.sh migrate-passwords.sh

Advanced Configuration

Custom Database Configuration

You can manually edit configuration files if needed:

  1. docker-compose.yaml: MySQL root password
  2. config.yaml: OneTerm database connection
  3. create-users.sql: Database user creation
  4. .env: ACL service database configuration

Using External Database

To use an external MySQL database:

  1. Update database host in config.yaml and .env
  2. Ensure network connectivity
  3. Create required databases and users manually
  4. Skip MySQL container in docker-compose.yaml

Support

For issues or questions:

  1. Check the main OneTerm documentation
  2. Review container logs for error messages
  3. Ensure all prerequisites are met
  4. Verify network connectivity between containers

Version Compatibility

These scripts are designed for OneTerm v25.8.2 later. For older versions, manual configuration may be required.