-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathlion_torches
executable file
·144 lines (126 loc) · 4.35 KB
/
lion_torches
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#!/bin/sh
# =======================================================================
# ‼️ PLEASE DO NOT USE VAULTRON IN PRODUCTION ‼️
#
# lion_torches
#
# This script is the nuclear option; it removes all traces of Vaultron
# created data so that the user can start over. It does not invoke
# Terraform and instead uses only OS and docker commands.
#
# shellcheck disable=SC1091
# =======================================================================
. ./skydome
# Preflight checks
check_flavor
TF_VAR_vault_flavor=$TF_VAR_vault_flavor || TF_VAR_vault_flavor=consul
if [ "$VAULTRON_KATACODA" = "false" ]; then
check_docker
fi
msg greeting "Lion Torches activated ..."
msg info "Removing all Vaultron generated data ..."
msg info "Target flavor: $TF_VAR_vault_flavor storage backend; export TF_VAR_vault_flavor to override."
if ! cd ./flavors/"$TF_VAR_vault_flavor"
then
msg error "Cannot select flavor."
exit 1
fi
# The nuclear options for Vaultron's imminent demise
if ! for d in $(docker ps -a | grep vaultron | cut -d ' ' -f 1); \
do docker stop "$d"; docker rm "$d"; done;
then
msg alert "Cannot remove Docker containers!"
msg info "Use 'docker ps -a' to identify, stop, and remove all vaultron containers."
exit 1
fi
# If we cannot write to the Consul data, alert user and attempt to change
# ownership of consul/vault folders to avoid failure with Terraform destroy
# NB: This occurs on Docker on Linux but not Docker for Mac
# This should be resolved by using SKIP_CHOWN now as well
if [ "$TF_VAR_vault_flavor" = "consul" ]; then
if [ "$(uname)" = "Linux" ]; then
if ! [ -w ./consul/consuls0 ]; then
msg notice "Consul data not writable; attempting to change ownership of consul & vault folders to $VAULTRON_USER:$VAULTRON_GROUP ..."
msg notice "You could be prompted by sudo for your user password to make this change ..."
if ! sudo chown -R "${VAULTRON_USER}":"${VAULTRON_GROUP}" ./consul; then
msg alert "Failed to change ownership of consul data to $VAULTRON_USER:$VAULTRON_GROUP"
msg alert "Manual cleanup of consul folder contents required:"
ls -lha ./consul/
fi
if ! sudo chown -R "${VAULTRON_USER}":"${VAULTRON_GROUP}" ./vault; then
msg alert "Failed to change ownership of vault data to $VAULTRON_USER:$VAULTRON_GROUP"
msg alert "Manual cleanup of vault folder contents required:"
ls -lha ./vault/
fi
fi
fi
fi
# Remove Consul client data
if [ "$TF_VAR_vault_flavor" = "consul" ]; then
msg info "Removing Consul storage data ..."
rm -rf ./consul/consulc0
errors=$((errors + $?))
rm -rf ./consul/consulc1
errors=$((errors + $?))
rm -rf ./consul/consulc2
errors=$((errors + $?))
rm -rf ./consul/consuls0
errors=$((errors + $?))
rm -rf ./consul/consuls1
errors=$((errors + $?))
rm -rf ./consul/consuls2
errors=$((errors + $?))
# Remove Vault server data for Consul storage
rm -rf ./vault/vault0
errors=$((errors + $?))
rm -rf ./vault/vault1
errors=$((errors + $?))
rm -rf ./vault/vault2
errors=$((errors + $?))
rm -f ./vault/vault0/vault_DEV_ONLY*.tmp
errors=$((errors + $?))
msg success "Removed Consul storage data."
fi
# Remove Vault server data for Integrated Storage
if [ "$TF_VAR_vault_flavor" = "raft" ]; then
msg info "Removing integrated storage (Raft) data ..."
rm -rf ./vault/vault0
errors=$((errors + $?))
rm -rf ./vault/vault1
errors=$((errors + $?))
rm -rf ./vault/vault2
errors=$((errors + $?))
rm -rf ./vault/vault3
errors=$((errors + $?))
rm -rf ./vault/vault4
errors=$((errors + $?))
rm -f ./vault/vault0/vault_DEV_ONLY*.tmp
errors=$((errors + $?))
msg info "Removed integrated storage (Raft) data."
fi
# Remove Telemetry data
msg info "Removing telemetry data."
rm -rf ./yellow_lion/grafana_data
errors=$((errors + $?))
msg info "Removed telemetry data."
# Remove Terraform state, plans, backend configuration, and logs
rm -f ./tfstate/terraform.tfstate*
errors=$((errors + $?))
rm -f ./tfstate/vaultron*.plan
errors=$((errors + $?))
rm -rf ./.terraform/modules
errors=$((errors + $?))
rm -f ./.terraform/terraform.tfstate*
errors=$((errors + $?))
rm -rf ./log/*
errors=$((errors + $?))
if [ $errors -gt 0 ]; then
msg alert "Vaultron destroyed (with $errors errors)!"
tput sgr0
else
msg boom "Vaultron destroyed!"
tput sgr0
fi
tput sgr0
cd - > /dev/null 2>&1 || return
exit $errors