SelfPrivacy
/
selfprivacy-nixos-infect
6
3
Fork 1
Code Issues 3 Pull Requests Releases Wiki Activity

generate volumes and location values (disk device name)
continuous-integration/drone/push Build is passing Details

tests
Alexander 2023-12-27 20:53:02 +04:00
parent 2f9903599d
commit 0ec4fc7d5b
2 changed files with 63 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
.drone.yml
View File

@ -48,10 +48,16 @@ steps:
STAGING_ACME=true
curl --fail https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/commit/$INFECT_COMMIT_SHA/nixos-infect \
| bash 2>&1 | tee /root/nixos-infect.log
| bash 2>&1 | tee /root/infect.log
EOF
- cat infect.sh
- http -v --check-status --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 user_data=@infect.sh automount:=false location=fsn1
- location=fsn1
- set -o pipefail
- >
volume_id="$(http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" format=ext4 size:=10 location=$location name=10gb-by-drone-ci automount:=false | jq -re .volume.id)"
# TODO pass linux device volume_id name to infect.sh script
- >
http -d --print=HBb --ignore-stdin POST https://api.hetzner.cloud/v1/servers Authorization:"Bearer $PASSWORD" name=ci-sibling server_type=cx11 start_after_create:=true image=ubuntu-20.04 volumes:=[$volume_id] user_data=@infect.sh automount:=false location=$location
- name: dns
environment:
@ -214,6 +220,15 @@ steps:
echo "$ZONE_ID"
- >
echo "$result" | jq '.[] | "\(.id)"' | while read id ; do echo "Deleting $id"; http -v --check-status --ignore-stdin DELETE https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$(echo $id | cut -f 2 -d '"') Authorization:"Bearer $CLOUDFLARE_TOKEN"; done
- location="fsn1"
- volume_name="10gb-by-drone-ci"
- >
volumes_json="$(http -d --print=HBb --ignore-stdin GET https://api.hetzner.cloud/v1/volumes Authorization:"Bearer $PASSWORD" name=$volume_name)"
# as of 2023-12-27 Hetzner ignores "name" query parameter (and others too)!!
- >
volume_id="$(jq <<<"$volumes_json" -re "(.volumes[] | select(.name == \"$volume_name\")).id")"
- >
http -d --print=HBb --ignore-stdin DELETE https://api.hetzner.cloud/v1/volumes/$volume_id Authorization:"Bearer $PASSWORD"
when:
status:
- failure

50
nixos-infect
View File

@ -32,10 +32,27 @@ genOptionalSsh() {
EOF
}
# TODO receive disk device from outside
determine2ndDisk() {
case "$PROVIDER" in
hetzner)
echo "/dev/sdb"
;;
digitalocean)
echo "/dev/sda"
;;
*)
return 1
;;
esac
}
# Merge original userdata.json with deployment specific fields and print result.
genUserdata() {
local HASHED_PASSWORD userdata_infect release
HASHED_PASSWORD="$(mkpasswd -m sha-512 "$USER_PASS")"
local hashed_password diskDeviceName userdata_infect
hashed_password="$(mkpasswd -m sha-512 "$USER_PASS")"
diskDevice="$(determine2ndDisk)"
diskDeviceName="${diskDevice##/dev}"
userdata_infect=$(cat << EOF
{
@ -48,9 +65,33 @@ genUserdata() {
"provider": "$PROVIDER"
},
"domain": "$DOMAIN",
"hashedMasterPassword": "$HASHED_PASSWORD",
"hashedMasterPassword": "$hashed_password",
"hostname": "$HOSTNAME",
"username": "$LUSER"
"username": "$LUSER",
"volumes": [
{
"device": "$diskDevice",
"mountPoint": "/volumes/$diskDeviceName",
"fsType": "ext4"
}
],
"modules": {
"bitwarden": {
"location": "$diskDeviceName"
},
"gitea": {
"location": "$diskDeviceName"
},
"nextcloud": {
"location": "$diskDeviceName"
},
"pleroma": {
"location": "$diskDeviceName"
},
"simple-nixos-mailserver": {
"location": "$diskDeviceName"
}
}
}
EOF
)
@ -471,6 +512,7 @@ infect() {
set -o errtrace
set -o nounset
set -o pipefail
set -o xtrace
shopt -s inherit_errexit
trap 'echo ${LINENO}: "$BASH_COMMAND"; exit 1' ERR