Merge pull request Jigsaw-Code#56 from Jigsaw-Code/dborkan-update-int…

…erval Fix Watchtower interval (should be 1 hour)
zijie98 · Mar 29, 2018 · 440b550 · 440b550
2 parents 32ee486 + 68e88ad
commit 440b550
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 9 deletions.
diff --git a/src/server_manager/electron_app/config.json b/src/server_manager/electron_app/config.json
@@ -1,4 +1,4 @@
 {
-  "version": "1.0.2",
+  "version": "1.0.3",
   "releaseDataUrl": "https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/release/release_data.json"
 }
diff --git a/src/server_manager/install_scripts/do_install_server.sh b/src/server_manager/install_scripts/do_install_server.sh
@@ -21,6 +21,8 @@
 # SB_IMAGE: Shadowbox Docker image to install, e.g. quay.io/outline/shadowbox:nightly
 # SB_API_PORT: The port number of the management API.
 # SENTRY_API_URL: Url to post Sentry report to on error.
+# WATCHTOWER_REFRESH_SECONDS: refresh interval in seconds to check for updates,
+#     defaults to 3600.
 
 set -euxo pipefail
 

diff --git a/src/server_manager/install_scripts/install_server.sh b/src/server_manager/install_scripts/install_server.sh
@@ -27,6 +27,8 @@
 # SENTRY_LOG_FILE: File for writing logs which may be reported to Sentry, in case
 #     of an install error. No PII should be written to this file. Intended to be set
 #     only by do_install_server.sh.
+# WATCHTOWER_REFRESH_SECONDS: refresh interval in seconds to check for updates,
+#     defaults to 3600.
 
 # Requires curl and docker to be installed
 
@@ -81,7 +83,7 @@ function verify_docker_installed() {
   if ! command_exists docker; then
     log_error "Docker CE must be installed, please run \"curl -sS https://get.docker.com/ | sh\" or visit https://docs.docker.com/install/"
     exit 1
-  fi 
+  fi
 }
 
 function verify_docker_running() {
@@ -111,7 +113,7 @@ function get_random_port {
 
 function create_persisted_state_dir() {
   readonly STATE_DIR="$SHADOWBOX_DIR/persisted-state"
-  mkdir -p "${STATE_DIR}"  
+  mkdir -p "${STATE_DIR}"
 }
 
 # Generate a secret key for access to the shadowbox API and store it in a tag.
@@ -173,7 +175,7 @@ function start_watchtower() {
   # Start watchtower to automatically fetch docker image updates.
   # Set watchtower to refresh every 30 seconds if a custom SB_IMAGE is used (for
   # testing).  Otherwise refresh every hour.
-  readonly WATCHTOWER_REFRESH_SECONDS=$([ $SB_IMAGE ] && echo 30 || echo 3600)
+  readonly WATCHTOWER_REFRESH_SECONDS="${WATCHTOWER_REFRESH_SECONDS:-3600}"
   declare -a docker_watchtower_flags=(--name watchtower --restart=always)
   docker_watchtower_flags+=(-v /var/run/docker.sock:/var/run/docker.sock)
   docker run -d "${docker_watchtower_flags[@]}" v2tec/watchtower --cleanup --tlsverify --interval $WATCHTOWER_REFRESH_SECONDS >/dev/null
@@ -208,7 +210,7 @@ set up, because there's a firewall (in this machine, your router or cloud
 provider) that is preventing incoming connections to ports ${SB_API_PORT} and
 ${ACCESS_KEY_PORT}.
 
-- If you plan to have a single access key to access your server, opening those 
+- If you plan to have a single access key to access your server, opening those
   ports for TCP and UDP should suffice.
 - If you plan on adding additional access keys, you’ll have to open ports 1024
   through 65535 on your firewall since the Outline server may allocate any of

diff --git a/src/server_manager/package.json b/src/server_manager/package.json
@@ -1,7 +1,7 @@
 {
   "name": "outline-manager",
   "productName": "Outline Manager",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Create and manage access to Outline servers",
   "homepage": "https://getoutline.org/",
   "author": {

diff --git a/src/server_manager/web_app/digitalocean_server.ts b/src/server_manager/web_app/digitalocean_server.ts
@@ -375,8 +375,9 @@ export class DigitaloceanServerRepository implements server.ManagedServerReposit
     console.time('activeServer');
     console.time('servingServer');
     const keyPair = crypto.generateKeyPair();
+    const watchtowerRefreshSeconds = this.image ? 30 : undefined;
     const installCommand = getInstallScript(
-        this.digitalOcean.accessToken, name, this.image, this.metricsUrl, this.sentryApiUrl);
+        this.digitalOcean.accessToken, name, this.image, watchtowerRefreshSeconds, this.metricsUrl, this.sentryApiUrl);
 
     const dropletSpec = {
       installCommand,
@@ -419,12 +420,14 @@ function sanitizeDigitaloceanToken(input: string): string {
 
 // cloudFunctions needs to define cloud::public_ip and cloud::add_tag.
 function getInstallScript(
-    accessToken: string, name: string, image?: string, metricsUrl?: string,
-    sentryApiUrl?: string): string {
+    accessToken: string, name: string, image?: string, watchtowerRefreshSeconds?: number,
+    metricsUrl?: string, sentryApiUrl?: string): string {
   const sanitizezedAccessToken = sanitizeDigitaloceanToken(accessToken);
+  // TODO: consider shell escaping these variables.
   return '#!/bin/bash -eu\n' +
       `export DO_ACCESS_TOKEN=${sanitizezedAccessToken}\n` +
       (image ? `export SB_IMAGE=${image}\n` : '') +
+      (watchtowerRefreshSeconds ? `export WATCHTOWER_REFRESH_SECONDS=${watchtowerRefreshSeconds}\n` : '') +
       (sentryApiUrl ? `export SENTRY_API_URL="${sentryApiUrl}"\n` : '') +
       (metricsUrl ? `export SB_METRICS_URL=${metricsUrl}\n` : '') +
       `export SB_DEFAULT_SERVER_NAME="${name}"\n` + do_install_script.SCRIPT;