-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdeploy-android-key-fix.sh
More file actions
executable file
·278 lines (224 loc) · 8.26 KB
/
deploy-android-key-fix.sh
File metadata and controls
executable file
·278 lines (224 loc) · 8.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
#!/bin/bash
# Android-Key 认证格式修复部署脚本
# 用途:将修改同步到远程服务器并重启服务
# 日期:2026-02-04
set -e # 遇到错误立即退出
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 服务器配置
SSH_KEY="~/.ssh/fido2_cluster"
SSH_PORT="22"
SERVERS=(
"ubuntu@153.126.159.43"
"ubuntu@153.127.20.133"
)
# 远程路径(根据实际情况调整)
REMOTE_BASE_PATH="/home/ubuntu/fido2-node"
# 本地文件路径
LOCAL_BASE_PATH="/Users/dqj/HDD/fido2Prjs/fido2-node"
FILES_TO_SYNC=(
"fido2-node-lib/attestations/androidKey.js"
"fido2-node-lib/main.js"
)
# 时间戳用于备份
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_SUFFIX="_backup_${TIMESTAMP}"
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE}Android-Key 认证格式修复部署${NC}"
echo -e "${BLUE}========================================${NC}"
echo ""
# 函数:在远程服务器执行命令
remote_exec() {
local server=$1
local command=$2
echo -e "${YELLOW}[${server}]${NC} 执行: ${command}"
ssh -i ${SSH_KEY} -p ${SSH_PORT} ${server} "${command}"
}
# 函数:备份远程文件
backup_remote_file() {
local server=$1
local file_path=$2
local remote_full_path="${REMOTE_BASE_PATH}/${file_path}"
echo -e "${YELLOW}[${server}]${NC} 备份: ${file_path}"
# 检查文件是否存在
if ssh -i ${SSH_KEY} -p ${SSH_PORT} ${server} "test -f ${remote_full_path}"; then
# 创建备份
remote_exec ${server} "cp ${remote_full_path} ${remote_full_path}${BACKUP_SUFFIX}"
echo -e "${GREEN}[${server}]${NC} ✓ 备份成功: ${file_path}${BACKUP_SUFFIX}"
else
echo -e "${YELLOW}[${server}]${NC} ⚠ 文件不存在,跳过备份: ${file_path}"
fi
}
# 函数:同步文件到远程服务器
sync_file() {
local server=$1
local file_path=$2
local local_full_path="${LOCAL_BASE_PATH}/${file_path}"
local remote_full_path="${REMOTE_BASE_PATH}/${file_path}"
local remote_dir=$(dirname ${remote_full_path})
echo -e "${YELLOW}[${server}]${NC} 同步: ${file_path}"
# 确保远程目录存在
remote_exec ${server} "mkdir -p ${remote_dir}"
# 使用 rsync 同步文件
rsync -avz -e "ssh -i ${SSH_KEY} -p ${SSH_PORT}" \
${local_full_path} \
${server}:${remote_full_path}
echo -e "${GREEN}[${server}]${NC} ✓ 同步成功: ${file_path}"
}
# 函数:在服务器上部署
deploy_to_server() {
local server=$1
echo ""
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE}部署到服务器: ${server}${NC}"
echo -e "${BLUE}========================================${NC}"
# 1. 备份文件
echo -e "${BLUE}步骤 1/4: 备份现有文件${NC}"
for file in "${FILES_TO_SYNC[@]}"; do
backup_remote_file ${server} ${file}
done
# 2. 同步新文件
echo ""
echo -e "${BLUE}步骤 2/4: 同步新文件${NC}"
for file in "${FILES_TO_SYNC[@]}"; do
sync_file ${server} ${file}
done
# 3. 验证文件
echo ""
echo -e "${BLUE}步骤 3/4: 验证文件${NC}"
remote_exec ${server} "ls -lh ${REMOTE_BASE_PATH}/fido2-node-lib/attestations/androidKey.js"
# 4. 重启服务
echo ""
echo -e "${BLUE}步骤 4/4: 重启 FIDO2 服务${NC}"
# 尝试使用 pm2 重启
echo -e "${YELLOW}[${server}]${NC} 尝试使用 pm2 重启服务..."
if remote_exec ${server} "command -v pm2 > /dev/null 2>&1"; then
# pm2 存在,尝试重启
remote_exec ${server} "cd ${REMOTE_BASE_PATH} && pm2 restart fido2-node || pm2 restart all || true"
echo -e "${GREEN}[${server}]${NC} ✓ PM2 重启命令已执行"
else
echo -e "${YELLOW}[${server}]${NC} PM2 未安装,尝试查找并重启 Node 进程..."
# 查找 main.js 进程并重启
remote_exec ${server} "pkill -f 'node.*main.js' || true"
sleep 2
remote_exec ${server} "cd ${REMOTE_BASE_PATH} && nohup node main.js >> logs/start.log 2>&1 &"
echo -e "${GREEN}[${server}]${NC} ✓ 服务已重启"
fi
# 等待服务启动
echo -e "${YELLOW}[${server}]${NC} 等待服务启动..."
sleep 3
# 检查进程状态
echo -e "${YELLOW}[${server}]${NC} 检查服务状态..."
if remote_exec ${server} "pgrep -f 'node.*main.js' > /dev/null 2>&1"; then
echo -e "${GREEN}[${server}]${NC} ✓ 服务运行正常"
else
echo -e "${RED}[${server}]${NC} ✗ 警告:未检测到服务进程"
fi
echo -e "${GREEN}[${server}]${NC} ✓ 部署完成"
}
# 函数:创建回滚脚本
create_rollback_script() {
local rollback_script="rollback-android-key-${TIMESTAMP}.sh"
echo -e "${BLUE}创建回滚脚本: ${rollback_script}${NC}"
cat > ${rollback_script} << 'ROLLBACK_EOF'
#!/bin/bash
# Android-Key 修复回滚脚本
# 生成时间: TIMESTAMP_PLACEHOLDER
set -e
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
SSH_KEY="~/.ssh/fido2_cluster"
SSH_PORT="22"
SERVERS=(
"ubuntu@153.126.159.43"
"ubuntu@153.127.20.133"
)
REMOTE_BASE_PATH="/home/ubuntu/fido2-node"
BACKUP_SUFFIX="BACKUP_SUFFIX_PLACEHOLDER"
FILES=(
"fido2-node-lib/main.js"
)
echo -e "${RED}========================================${NC}"
echo -e "${RED}回滚 Android-Key 修复${NC}"
echo -e "${RED}========================================${NC}"
echo ""
read -p "确认要回滚所有服务器吗?(yes/no): " confirm
if [ "$confirm" != "yes" ]; then
echo "已取消"
exit 0
fi
for server in "${SERVERS[@]}"; do
echo ""
echo -e "${BLUE}回滚服务器: ${server}${NC}"
for file in "${FILES[@]}"; do
remote_file="${REMOTE_BASE_PATH}/${file}"
backup_file="${remote_file}${BACKUP_SUFFIX}"
echo -e "${YELLOW}[${server}]${NC} 恢复: ${file}"
ssh -i ${SSH_KEY} -p ${SSH_PORT} ${server} \
"if [ -f ${backup_file} ]; then cp ${backup_file} ${remote_file}; echo '✓ 已恢复'; else echo '✗ 备份文件不存在'; fi"
done
# 删除 androidKey.js
echo -e "${YELLOW}[${server}]${NC} 删除: fido2-node-lib/attestations/androidKey.js"
ssh -i ${SSH_KEY} -p ${SSH_PORT} ${server} \
"rm -f ${REMOTE_BASE_PATH}/fido2-node-lib/attestations/androidKey.js"
# 重启服务
echo -e "${YELLOW}[${server}]${NC} 重启服务..."
ssh -i ${SSH_KEY} -p ${SSH_PORT} ${server} \
"cd ${REMOTE_BASE_PATH} && (pm2 restart fido2-node || pm2 restart all || (pkill -f 'node.*main.js' && nohup node main.js >> logs/start.log 2>&1 &))"
echo -e "${GREEN}[${server}]${NC} ✓ 回滚完成"
done
echo ""
echo -e "${GREEN}所有服务器回滚完成${NC}"
ROLLBACK_EOF
# 替换占位符
sed -i '' "s/TIMESTAMP_PLACEHOLDER/${TIMESTAMP}/g" ${rollback_script}
sed -i '' "s/BACKUP_SUFFIX_PLACEHOLDER/${BACKUP_SUFFIX}/g" ${rollback_script}
chmod +x ${rollback_script}
echo -e "${GREEN}✓ 回滚脚本已创建: ${rollback_script}${NC}"
echo -e "${YELLOW}如需回滚,请执行: ./${rollback_script}${NC}"
}
# 主流程
main() {
echo "准备部署到 ${#SERVERS[@]} 个服务器节点"
echo "备份后缀: ${BACKUP_SUFFIX}"
echo ""
# 确认
read -p "确认开始部署?(yes/no): " confirm
if [ "$confirm" != "yes" ]; then
echo "已取消部署"
exit 0
fi
# 创建回滚脚本
create_rollback_script
echo ""
# 部署到每个服务器
for server in "${SERVERS[@]}"; do
deploy_to_server ${server}
echo ""
done
# 完成
echo ""
echo -e "${GREEN}========================================${NC}"
echo -e "${GREEN}部署完成!${NC}"
echo -e "${GREEN}========================================${NC}"
echo ""
echo -e "${BLUE}部署摘要:${NC}"
echo -e " - 部署时间: ${TIMESTAMP}"
echo -e " - 服务器数量: ${#SERVERS[@]}"
echo -e " - 备份后缀: ${BACKUP_SUFFIX}"
echo ""
echo -e "${YELLOW}测试建议:${NC}"
echo -e " 1. 在各服务器测试 Android 设备认证"
echo -e " 2. 检查服务器日志是否有错误"
echo -e " 3. 如有问题,使用回滚脚本恢复"
echo ""
}
# 执行主流程
main