oglog/script/journal-upload.sh

#!/bin/bash

set -e

LOGFILE="/tmp/ogcore-installer.log"
exec > >(tee -a "$LOGFILE") 2>&1

log() {
  echo "$1" | tee -a "$LOGFILE"
}

log "Inicio instalación ogcore: $(date)"

# Mediciones iniciales
log "Tamaño inicial del disco:" && df -h /
log "Carga inicial CPU:" && uptime

# Variables
IP_SERVER="${IP_SERVER:?La variable IP_SERVER es requerida}"
NFS_SERVER="ognartefactos.evlt.uma.es"
LOCAL_MOUNT="/mnt"

# Montar NFS
if ! mountpoint -q "$LOCAL_MOUNT"; then
  mkdir -p "$LOCAL_MOUNT"
  mount -t nfs "$NFS_SERVER:/" "$LOCAL_MOUNT"
fi

# Actualizar hosts
echo "$IP_SERVER oglog-jrem.mytld" >> /etc/hosts

# Instalar dependencias
apt-get update
apt-get install -y prometheus-node-exporter systemd-journal-remote

# Copiar certificados
cp "$LOCAL_MOUNT/srv/artefactos/oglog/CA/certs/"{ca.crt.pem,ogserver.mytld.crt.pem} /etc/ssl/certs/
cp "$LOCAL_MOUNT/srv/artefactos/oglog/CA/private/ogserver.mytld.key.nopass.pem" /etc/ssl/private/ogserver.mytld.key.pem
chmod 600 /etc/ssl/private/ogserver.mytld.key.pem

# Configuración journal-upload
sed -i -e '/DynamicUser/s/.*/DynamicUser=no/' \
       -e '/User/s/.*/User=root/' \
       /usr/lib/systemd/system/systemd-journal-upload.service

systemctl daemon-reload

cat >/etc/systemd/journal-upload.conf <<EOF
[Upload]
URL=https://oglog-jrem.mytld:19532
ServerKeyFile=/etc/ssl/private/ogserver.mytld.key.pem
ServerCertificateFile=/etc/ssl/certs/ogserver.mytld.crt.pem
TrustedCertificateFile=/etc/ssl/certs/ca.crt.pem
EOF

# Activar servicio robustamente
reiniciar_servicio() {
  systemctl restart "$1"
  log "Esperando que $1 esté activo..."
  for i in {1..10}; do
    if systemctl is-active --quiet "$1"; then
      log "$1 activo."
      return
    fi
    sleep 2
  done
  log "ERROR: $1 no arrancó correctamente."
  exit 1
}

reiniciar_servicio "systemd-journal-upload"

# Mediciones finales
log "Tamaño final del disco:" && df -h /
log "Carga final CPU:" && uptime

log "Instalación ogcore finalizada: $(date)"