Add non-deploy tooling: validate stacks, print plan, Makefile targets (bootstrap|validate|plan)
This commit is contained in:
admin
12
Makefile
Normal file
12
Makefile
Normal file
@@ -0,0 +1,12 @@
|
||||
SHELL := /usr/bin/bash
|
||||
|
||||
.PHONY: bootstrap validate plan
|
||||
|
||||
bootstrap:
|
||||
bash stacks/scripts/bootstrap.sh
|
||||
|
||||
validate:
|
||||
bash stacks/scripts/validate.sh
|
||||
|
||||
plan:
|
||||
bash stacks/scripts/plan.sh
|
||||
36
stacks/scripts/plan.sh
Executable file
36
stacks/scripts/plan.sh
Executable file
@@ -0,0 +1,36 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
printf "Planned deployment order (no actions performed):\n\n"
|
||||
cat <<ORDER
|
||||
1) Core
|
||||
- stacks/core/traefik.yml
|
||||
- stacks/databases/postgresql-primary.yml
|
||||
- stacks/databases/mariadb-primary.yml
|
||||
- stacks/databases/redis-cluster.yml
|
||||
|
||||
2) Monitoring
|
||||
- stacks/monitoring/netdata.yml
|
||||
|
||||
3) Apps (wave 1)
|
||||
- stacks/apps/homeassistant.yml
|
||||
- stacks/apps/immich.yml
|
||||
- stacks/apps/nextcloud.yml
|
||||
- stacks/apps/paperless.yml
|
||||
- stacks/apps/jellyfin.yml
|
||||
|
||||
4) Apps (wave 2)
|
||||
- stacks/apps/gitea.yml
|
||||
- stacks/apps/appflowy.yml
|
||||
- stacks/apps/vaultwarden.yml
|
||||
- stacks/apps/adguard.yml
|
||||
|
||||
5) Native/web
|
||||
- stacks/web/caddy.yml
|
||||
- stacks/ai/ollama.yml
|
||||
|
||||
Safety:
|
||||
- Use blue/green: keep legacy running until switchover verified.
|
||||
- DB: prefer replication options documented in WORLD_CLASS_MIGRATION_TODO.md.
|
||||
- DNS: lower TTL 48h before each cutover.
|
||||
ORDER
|
||||
49
stacks/scripts/validate.sh
Executable file
49
stacks/scripts/validate.sh
Executable file
@@ -0,0 +1,49 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
red() { printf "\033[31m%s\033[0m\n" "$*"; }
|
||||
grn() { printf "\033[32m%s\033[0m\n" "$*"; }
|
||||
yel() { printf "\033[33m%s\033[0m\n" "$*"; }
|
||||
|
||||
ROOT_DIR=$(cd "$(dirname "$0")/../.." && pwd)
|
||||
cd "$ROOT_DIR"
|
||||
|
||||
fail=0
|
||||
|
||||
# Validate YAML via docker stack config
|
||||
while IFS= read -r -d '' file; do
|
||||
yel "Validating: $file"
|
||||
if docker stack config -c "$file" >/dev/null 2>&1; then
|
||||
grn "OK: $file"
|
||||
else
|
||||
red "ERROR: docker stack config failed for $file"
|
||||
fail=1
|
||||
fi
|
||||
|
||||
# Check external networks referenced exist
|
||||
nets=$(awk '/networks:/,/^$/' "$file" | awk '/external: true/{print prev}{prev=$1}' | sed 's/://g' | sed 's/^[[:space:]]*//g' | sort -u || true)
|
||||
for n in $nets; do
|
||||
if docker network inspect "$n" >/dev/null 2>&1; then
|
||||
grn " network OK: $n"
|
||||
else
|
||||
yel " network MISSING: $n"
|
||||
fi
|
||||
done
|
||||
|
||||
# Check external secrets referenced exist
|
||||
secs=$(awk '/secrets:/,/^$/' "$file" | awk '/external: true/{print prev}{prev=$1}' | sed 's/://g' | sed 's/^[[:space:]]*//g' | sort -u || true)
|
||||
for s in $secs; do
|
||||
if docker secret inspect "$s" >/dev/null 2>&1; then
|
||||
grn " secret OK: $s"
|
||||
else
|
||||
yel " secret MISSING: $s"
|
||||
fi
|
||||
done
|
||||
|
||||
done < <(find stacks -type f -name "*.yml" -print0 | sort -z)
|
||||
|
||||
# List NFS volumes for operator verification
|
||||
yel "NFS volumes referenced (verify exports exist on omv800.local):"
|
||||
grep -R "device: :/export/" -n stacks || true
|
||||
|
||||
exit $fail
|
||||
Reference in New Issue
Block a user