diff --git a/.gitignore b/.gitignore index c4024fc..b8e51a6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ data/ corpus/raw/ +patterns/watch.yaml log/ __pycache__/ *.pyc diff --git a/patterns/watch.yaml b/patterns/watch.yaml deleted file mode 100644 index b14008e..0000000 --- a/patterns/watch.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Turnstone live watch sources — entries here are tailed continuously. -# The watcher starts automatically when Turnstone starts. -# -# Source types: -# journald — system journal via `journalctl -f -o json` (requires journalctl in container) -# file — tail a log file by path (handles rotation; auto-detects format) -# docker — container logs via `docker logs -f --timestamps ` -# podman — container logs via `podman logs -f --timestamps ` -# -# For journald, optional args filter by unit: -# args: ["-u", "nginx", "-u", "sshd"] -# -# For docker/podman, args[0] is the container name (required). -# -# Leave this file empty (just the header) to disable live watching. -# Missing containers are skipped with a warning — safe to leave entries -# for services that are temporarily down. - -sources: [] - -# ── Examples ──────────────────────────────────────────────────────────────── -# -# - type: journald -# id: system-journal -# -# - type: journald -# id: sshd-journal -# args: ["-u", "sshd"] -# -# - type: podman -# id: podman:turnstone -# args: ["turnstone"] -# -# - type: docker -# id: docker:nginx -# args: ["nginx-proxy"] diff --git a/scripts/update.sh b/scripts/update.sh new file mode 100644 index 0000000..50c7e7d --- /dev/null +++ b/scripts/update.sh @@ -0,0 +1,74 @@ +#!/usr/bin/env bash +# update.sh — pull a branch and rebuild the Turnstone container. +# +# Usage (must run as root): +# sudo bash /opt/turnstone/scripts/update.sh # pull main +# sudo bash /opt/turnstone/scripts/update.sh feat/live-watch # test a branch +# +# Local files preserved across updates: +# patterns/watch.yaml — site-specific watch source config +# data/ — database and live journal files (bind-mounted, untouched) + +set -euo pipefail + +BRANCH="${1:-main}" +REPO_DIR=/opt/turnstone +IMAGE=localhost/turnstone:latest + +cd "$REPO_DIR" + +echo "==> Turnstone update: branch=$BRANCH" + +# ── Preserve site-local config ──────────────────────────────────────────────── +# watch.yaml is tracked in git as a template but overridden per-host. +# Back it up before the pull and restore it after. +WATCH_YAML="$REPO_DIR/patterns/watch.yaml" +WATCH_BACKUP="" +if [ -f "$WATCH_YAML" ]; then + WATCH_BACKUP=$(mktemp /tmp/watch-yaml.XXXXXX) + cp "$WATCH_YAML" "$WATCH_BACKUP" +fi + +# ── Pull ────────────────────────────────────────────────────────────────────── +git fetch --all --tags --quiet + +# Switch branch if needed, creating a local tracking branch on first use +CURRENT=$(git rev-parse --abbrev-ref HEAD) +if [ "$CURRENT" != "$BRANCH" ]; then + echo "==> Switching $CURRENT -> $BRANCH" + git checkout "$BRANCH" 2>/dev/null \ + || git checkout -b "$BRANCH" "origin/$BRANCH" +fi + +git pull --ff-only origin "$BRANCH" +COMMIT=$(git log -1 --format='%h %s') +echo "==> At: $COMMIT" + +# ── Restore site-local config ───────────────────────────────────────────────── +if [ -n "$WATCH_BACKUP" ]; then + cp "$WATCH_BACKUP" "$WATCH_YAML" + rm -f "$WATCH_BACKUP" + echo "==> Restored patterns/watch.yaml" +fi + +# ── Build ───────────────────────────────────────────────────────────────────── +echo "==> Building $IMAGE ..." +podman build -t "$IMAGE" "$REPO_DIR" + +# ── Restart ─────────────────────────────────────────────────────────────────── +echo "==> Restarting turnstone service ..." +systemctl restart turnstone + +# ── Health check ───────────────────────────────────────────────────────────── +echo "==> Waiting for health check ..." +for i in $(seq 1 12); do + sleep 3 + if curl -sf http://localhost:8534/turnstone/health > /dev/null 2>&1; then + echo "==> OK — Turnstone up on branch '$BRANCH' @ ${COMMIT%% *}" + exit 0 + fi + echo " attempt $i/12 ..." +done + +echo "ERROR: health check timed out — check: journalctl -u turnstone -n 50" +exit 1