Pangolin Docker Stack with Crowdsec Management (Update and Restore) Script Guide

Docker Stack Management Script Guide

Pangolin-Update-Restore-Auto with Crowdsec

https://asciinema.org/a/QnoybaFPNxmZsIhu1LsY7kbsT

Pangolin-Update-Restore-Manual with Crowdsec

https://asciinema.org/a/U97yDZdriFBG8QFFlIsIRnSgp

Overview

This script provides a robust way to manage Docker service deployments by handling two primary operations:

  1. Updating service versions while maintaining a backup of the previous state
  2. Restoring services to a previous known working state

Prerequisites

Before using the script, ensure you have:

  • Docker and Docker Compose installed
  • Proper permissions to execute Docker commands
  • The following services configured in your docker-compose.yml:
    • Pangolin
    • Gerbil
    • CrowdSec
    • Traefik

You need to run the script where you docker-compose.yml file is located for the stack.

Installation

  1. Save the script to your Docker project directory:
wget https://gist.githubusercontent.com/hhftechnology/c96ae19f5bde3f21a4bfd7db3a1fe00d/raw/f7d0db29332eadad9357508ba4ef98c36da7d322/update-stack.sh
  1. Make the script executable:
chmod +x update-stack.sh

Basic Usage

The script supports two main commands:

Updating Services

To update your services to new versions:

./update-stack.sh update

When you run this command, the script will:

  1. Create a backup of your current configuration
  2. Show you the current versions of all services
  3. Ask you which services you want to update
  4. Confirm your choices before proceeding
  5. Perform the update while maintaining a backup

For each service, you can either:

  • Press Enter to keep the current version
  • Type a new version number to upgrade/downgrade
  • Go to the Pangolin/Gerbil repo to find out the version number
    Releases ยท fosrl/pangolin

Example update session:

Current versions:
------------------------
Current Pangolin tag: 1.0.0-beta.9
Enter new Pangolin tag (or press enter to keep current): 1.0.0-beta.10

Current Gerbil tag: 1.0.0-beta.3
Enter new Gerbil tag (or press enter to keep current): 

Current Traefik tag: v3.1
Enter new Traefik tag (or press enter to keep current): v3.2

Current CrowdSec tag: latest
Enter new CrowdSec tag (or press enter to keep current): 

Summary of changes:
------------------------
Pangolin: 1.0.0-beta.9 -> 1.0.0-beta.10
Gerbil: 1.0.0-beta.3 -> 1.0.0-beta.3
Traefik: v3.1 -> v3.2
CrowdSec: latest -> latest
------------------------
Proceed with these changes? (y/N):

Restoring Services

You can restore services in two ways:

  1. Restore to the most recent backup:
./update-stack.sh restore
  1. Restore to a specific backup:
./update-stack.sh restore ./backups/20250205_062549

Backup Management

The script automatically manages backups in the ./backups directory. Each backup includes:

  • A complete copy of your docker-compose.yml
  • Your entire config directory
  • A log file of the operation
  • A record of the image tags used

Backups are named using timestamps (e.g., 20250205_062549), making it easy to identify when each backup was created.

Best Practices

  1. Always test updates in a non-production environment first
  2. Keep multiple backups to ensure you can restore to various points in time
  3. Verify services are running correctly after updates or restores
  4. Monitor the logs during operations for any warnings or errors

Troubleshooting

If you encounter issues:

  1. Check the logs in the backup directory
  2. Ensure all required services are defined in your docker-compose.yml
  3. Verify you have proper permissions
  4. Check that all required directories exist and are accessible

Common issues and solutions:

  • If services fail to start: Check the Docker logs using docker compose logs
  • If restore fails: Ensure the backup directory contains all required files
  • If update fails: Verify the new version tags are correct and the images exist

Safety Features

The script includes several safety measures:

  • Automatic backup before updates
  • Validation of backup contents before restore
  • Graceful shutdown of services
  • Service verification after operations
  • Comprehensive logging of all actions

Tips for Regular Use

  1. Regularly update your services to get the latest security patches
  2. Keep at least the last three backups
  3. Document which versions work well for your setup
  4. Test restore operations periodically to ensure your backup strategy works

Cleanup

To maintain system health:

  1. Periodically clean old backups:
find ./backups -type d -mtime +30 -exec rm -rf {} +
  1. Remove unused Docker images:
docker image prune

This script aims to make service management safer and more reliable. Always refer to your service documentation for specific version compatibility requirements and known issues.