generate volumes and location values (disk device name)

.drone.yml

@@ -48,10 +48,16 @@ steps:
     STAGING_ACME=true
 
     curl --fail https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/commit/$INFECT_COMMIT_SHA/nixos-infect \
-    | bash 2>&1 | tee /root/nixos-infect.log
+    | bash 2>&1 | tee /root/infect.log
     EOF
   - cat infect.sh
-  - http -v --check-status --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 user_data=@infect.sh automount:=false location=fsn1
+  - location=fsn1
+  - set -o pipefail
+  - >
+    volume_id="$(http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" format=ext4 size:=10 location=$location name=10gb-by-drone-ci automount:=false | jq -re .volume.id)"
+  # TODO pass linux device volume_id name to infect.sh script
+  - >
+    http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 volumes:=[$volume_id] user_data=@infect.sh automount:=false location=$location
 
 - name: dns
   environment:
@@ -214,6 +220,15 @@ steps:
     echo "$ZONE_ID"
   - >
     echo "$result" | jq '.[] | "\(.id)"' | while read id ; do echo "Deleting $id"; http -v --check-status --ignore-stdin DELETE https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$(echo $id | cut -f 2 -d '"') Authorization:"Bearer $CLOUDFLARE_TOKEN"; done
+  - location="fsn1"
+  - volume_name="10gb-by-drone-ci"
+  - >
+    volumes_json="$(http -d --print=HBb --ignore-stdin GET https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" name=$volume_name)"
+    # as of 2023-12-27 Hetzner ignores "name" query parameter (and others too)!!
+  - >
+    volume_id="$(jq <<<"$volumes_json" -re "(.volumes[] | select(.name == \"$volume_name\")).id")"
+  - >
+    http -d --print=HBb --ignore-stdin DELETE https://api.hetzner.cloud/v1/volumes/$volume_id Authorization:"Bearer $PASSWORD"
   when:
     status:
     - failure

nixos-infect

@@ -32,10 +32,27 @@ genOptionalSsh() {
 EOF
 }
 
+# TODO receive disk device from outside
+determine2ndDisk() {
+  case "$PROVIDER" in
+      hetzner)
+          echo "/dev/sdb"
+          ;;
+      digitalocean)
+          echo "/dev/sda"
+          ;;
+      *)
+          return 1
+          ;;
+  esac
+}
+
 # Merge original userdata.json with deployment specific fields and print result.
 genUserdata() {
-  local HASHED_PASSWORD userdata_infect release
+  local hashed_password diskDeviceName userdata_infect
-  HASHED_PASSWORD="$(mkpasswd -m sha-512 "$USER_PASS")"
+  hashed_password="$(mkpasswd -m sha-512 "$USER_PASS")"
+  diskDevice="$(determine2ndDisk)"
+  diskDeviceName="${diskDevice##/dev}"
 
   userdata_infect=$(cat << EOF
 {
@@ -48,9 +65,33 @@ genUserdata() {
         "provider": "$PROVIDER"
     },
     "domain": "$DOMAIN",
-    "hashedMasterPassword": "$HASHED_PASSWORD",
+    "hashedMasterPassword": "$hashed_password",
     "hostname": "$HOSTNAME",
-    "username": "$LUSER"
+    "username": "$LUSER",
+    "volumes": [
+        {
+            "device": "$diskDevice",
+            "mountPoint": "/volumes/$diskDeviceName",
+            "fsType": "ext4"
+        }
+    ],
+    "modules": {
+        "bitwarden": {
+            "location": "$diskDeviceName"
+        },
+        "gitea": {
+            "location": "$diskDeviceName"
+        },
+        "nextcloud": {
+            "location": "$diskDeviceName"
+        },
+        "pleroma": {
+            "location": "$diskDeviceName"
+        },
+        "simple-nixos-mailserver": {
+            "location": "$diskDeviceName"
+        }
+    }
 }
 EOF
 )
@@ -471,6 +512,7 @@ infect() {
 set -o errtrace
 set -o nounset
 set -o pipefail
+set -o xtrace
 shopt -s inherit_errexit
 trap 'echo ${LINENO}: "$BASH_COMMAND"; exit 1' ERR