mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git
synced 2024-11-25 13:01:28 +00:00
generate volumes and location values (disk device name)
This commit is contained in:
parent
2f9903599d
commit
0ec4fc7d5b
19
.drone.yml
19
.drone.yml
|
@ -48,10 +48,16 @@ steps:
|
||||||
STAGING_ACME=true
|
STAGING_ACME=true
|
||||||
|
|
||||||
curl --fail https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/commit/$INFECT_COMMIT_SHA/nixos-infect \
|
curl --fail https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/commit/$INFECT_COMMIT_SHA/nixos-infect \
|
||||||
| bash 2>&1 | tee /root/nixos-infect.log
|
| bash 2>&1 | tee /root/infect.log
|
||||||
EOF
|
EOF
|
||||||
- cat infect.sh
|
- cat infect.sh
|
||||||
- http -v --check-status --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 user_data=@infect.sh automount:=false location=fsn1
|
- location=fsn1
|
||||||
|
- set -o pipefail
|
||||||
|
- >
|
||||||
|
volume_id="$(http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" format=ext4 size:=10 location=$location name=10gb-by-drone-ci automount:=false | jq -re .volume.id)"
|
||||||
|
# TODO pass linux device volume_id name to infect.sh script
|
||||||
|
- >
|
||||||
|
http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 volumes:=[$volume_id] user_data=@infect.sh automount:=false location=$location
|
||||||
|
|
||||||
- name: dns
|
- name: dns
|
||||||
environment:
|
environment:
|
||||||
|
@ -214,6 +220,15 @@ steps:
|
||||||
echo "$ZONE_ID"
|
echo "$ZONE_ID"
|
||||||
- >
|
- >
|
||||||
echo "$result" | jq '.[] | "\(.id)"' | while read id ; do echo "Deleting $id"; http -v --check-status --ignore-stdin DELETE https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$(echo $id | cut -f 2 -d '"') Authorization:"Bearer $CLOUDFLARE_TOKEN"; done
|
echo "$result" | jq '.[] | "\(.id)"' | while read id ; do echo "Deleting $id"; http -v --check-status --ignore-stdin DELETE https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$(echo $id | cut -f 2 -d '"') Authorization:"Bearer $CLOUDFLARE_TOKEN"; done
|
||||||
|
- location="fsn1"
|
||||||
|
- volume_name="10gb-by-drone-ci"
|
||||||
|
- >
|
||||||
|
volumes_json="$(http -d --print=HBb --ignore-stdin GET https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" name=$volume_name)"
|
||||||
|
# as of 2023-12-27 Hetzner ignores "name" query parameter (and others too)!!
|
||||||
|
- >
|
||||||
|
volume_id="$(jq <<<"$volumes_json" -re "(.volumes[] | select(.name == \"$volume_name\")).id")"
|
||||||
|
- >
|
||||||
|
http -d --print=HBb --ignore-stdin DELETE https://api.hetzner.cloud/v1/volumes/$volume_id Authorization:"Bearer $PASSWORD"
|
||||||
when:
|
when:
|
||||||
status:
|
status:
|
||||||
- failure
|
- failure
|
||||||
|
|
50
nixos-infect
50
nixos-infect
|
@ -32,10 +32,27 @@ genOptionalSsh() {
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# TODO receive disk device from outside
|
||||||
|
determine2ndDisk() {
|
||||||
|
case "$PROVIDER" in
|
||||||
|
hetzner)
|
||||||
|
echo "/dev/sdb"
|
||||||
|
;;
|
||||||
|
digitalocean)
|
||||||
|
echo "/dev/sda"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
return 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
# Merge original userdata.json with deployment specific fields and print result.
|
# Merge original userdata.json with deployment specific fields and print result.
|
||||||
genUserdata() {
|
genUserdata() {
|
||||||
local HASHED_PASSWORD userdata_infect release
|
local hashed_password diskDeviceName userdata_infect
|
||||||
HASHED_PASSWORD="$(mkpasswd -m sha-512 "$USER_PASS")"
|
hashed_password="$(mkpasswd -m sha-512 "$USER_PASS")"
|
||||||
|
diskDevice="$(determine2ndDisk)"
|
||||||
|
diskDeviceName="${diskDevice##/dev}"
|
||||||
|
|
||||||
userdata_infect=$(cat << EOF
|
userdata_infect=$(cat << EOF
|
||||||
{
|
{
|
||||||
|
@ -48,9 +65,33 @@ genUserdata() {
|
||||||
"provider": "$PROVIDER"
|
"provider": "$PROVIDER"
|
||||||
},
|
},
|
||||||
"domain": "$DOMAIN",
|
"domain": "$DOMAIN",
|
||||||
"hashedMasterPassword": "$HASHED_PASSWORD",
|
"hashedMasterPassword": "$hashed_password",
|
||||||
"hostname": "$HOSTNAME",
|
"hostname": "$HOSTNAME",
|
||||||
"username": "$LUSER"
|
"username": "$LUSER",
|
||||||
|
"volumes": [
|
||||||
|
{
|
||||||
|
"device": "$diskDevice",
|
||||||
|
"mountPoint": "/volumes/$diskDeviceName",
|
||||||
|
"fsType": "ext4"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"modules": {
|
||||||
|
"bitwarden": {
|
||||||
|
"location": "$diskDeviceName"
|
||||||
|
},
|
||||||
|
"gitea": {
|
||||||
|
"location": "$diskDeviceName"
|
||||||
|
},
|
||||||
|
"nextcloud": {
|
||||||
|
"location": "$diskDeviceName"
|
||||||
|
},
|
||||||
|
"pleroma": {
|
||||||
|
"location": "$diskDeviceName"
|
||||||
|
},
|
||||||
|
"simple-nixos-mailserver": {
|
||||||
|
"location": "$diskDeviceName"
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
)
|
)
|
||||||
|
@ -471,6 +512,7 @@ infect() {
|
||||||
set -o errtrace
|
set -o errtrace
|
||||||
set -o nounset
|
set -o nounset
|
||||||
set -o pipefail
|
set -o pipefail
|
||||||
|
set -o xtrace
|
||||||
shopt -s inherit_errexit
|
shopt -s inherit_errexit
|
||||||
trap 'echo ${LINENO}: "$BASH_COMMAND"; exit 1' ERR
|
trap 'echo ${LINENO}: "$BASH_COMMAND"; exit 1' ERR
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue