diff options
Diffstat (limited to 'Makefile')
| -rw-r--r-- | Makefile | 124 |
1 files changed, 62 insertions, 62 deletions
@@ -1,111 +1,111 @@ .POSIX: -NAME = server -PREFIX = /usr/local -SHAREDIR = $(PREFIX)/share -DOCDIR = $(SHAREDIR)/doc/$(NAME) +NAME = server +NAME_UC = $(NAME) +TLD = euandre.org +OFFSITE_SSH = zh3051@zh3051.rsync.net +APP = app -all: public src/keys/SSH/root@euandre.org.id_rsa.pub.stripped +.SUFFIXES: -packages system: ALWAYS \ - src/keys/SSH/root@euandre.org.id_rsa.pub.stripped - rm -f $@ - guix build -r $@ -v3 -f src/guix/$@.scm -src/keys/SSH/root@euandre.org.id_rsa.pub.stripped: \ - src/keys/SSH/root@euandre.org.id_rsa.pub.txt - cut -d' ' -f8- < $(@D)/`basename $(@F) .stripped`.txt > $@ +all: +include deps.mk -install: all - mkdir -p \ - '$(DESTDIR)$(DOCDIR)' - cp -R public/* '$(DESTDIR)$(DOCDIR)' -uninstall: - rm -rf \ - '$(DESTDIR)$(DOCDIR)' +prod-secrets.txt = $(prod-secrets.txt.gpg:.gpg=) +repo-secrets.txt = $(repo-secrets.txt.gpg:.gpg=) -assert-scripts = \ - tests/assert-shellcheck.sh \ +derived-assets = \ + src/config/tld.txt \ + system.scm.sentinel \ -$(assert-scripts): ALWAYS - sh $@ +side-assets = \ + $(prod-secrets.txt) \ + $(repo-secrets.txt) \ + system.scm \ -check: all $(assert-scripts) -installcheck-docdir: - test -e '$(DESTDIR)$(DOCDIR)'/index.html +## Default target. Builds all artifacts required for testing +## and installation. +all: $(derived-assets) -installcheck: installcheck-docdir -clean: - rm -rf \ - public/ src/secrets/*.txt packages system \ +$(derived-assets): Makefile +src/config/tld.txt: + echo '$(TLD)' > $@ -public/favicon.svg: - mkdir -p $(@D) - cp doc/favicon.svg $@ +system.scm.sentinel: src/guix/system.scm src/config/tld.txt + rm -f `basename $@ .sentinel`* + guix build -v3 -r`basename $@ .sentinel` -Kf src/guix/`basename $@ .sentinel` + touch $@ -public/style.css: - mkdir -p $(@D) - echo td -S > $@ +.SUFFIXES: .stripped +src/keys/SSH/root@$(TLD).id_rsa.pub.stripped: \ + src/keys/SSH/root@$(TLD).id_rsa.pub.txt + cut -d' ' -f8- < $*.txt > $@ -html-deps = \ - public/favicon.svg \ - public/style.css \ -public/index.html: README.md $(html-deps) - sh doc/md2html.sh -T 'README' < README.md > $@ -public/TODOs.html: TODOs.md $(html-deps) - td -H | sh doc/md2html.sh -T 'TODOs' > $@ +check-unit: -public/ci: - sh src/infrastructure/scripts/report.sh -o $@ +check-integration: -public: \ - public/index.html public/TODOs.html public/ci +## Run all tests. Each test suite is isolated, so that a parallel +## build can run tests at the same time. The required artifacts +## are created if missing. +check: check-unit check-integration -prod-secrets.txt.gpg = \ - src/secrets/nginx.conf.txt.gpg \ - src/secrets/borg-passphrase.txt.gpg \ - src/secrets/root@euandre.org.id_rsa.txt.gpg -prod-secrets.txt = $(prod-secrets.txt.gpg:.gpg=) - -repo-secrets = \ - $(prod-secrets.txt.gpg) \ +## Remove *all* derived artifacts produced during the build. +## A dedicated test asserts that this is always true. +clean: + rm -rf $(derived-assets) $(side-assets) .SUFFIXES: .gpg - .gpg: gpg -d < $< > $@ -$(repo-secrets): - gpg -aer eu@euandre.org < $(@D)/`basename $@ .gpg` > $@ +$(all-secrets.txt.gpg): + gpg -aer eu@euandre.org < $* > $@ + + +## Prints the latest 500 lines of the application and keeps tailing it. +logs: + ssh $(TLD) tail -fn500 /var/log/$(APP).log + +## Print *all* logs available on the server. +all-logs: + ssh $(TLD) 'nicely cat /var/log/$(APP).log.* && \ + nicely gzip -c /var/log/$(APP).log' | gunzip +## Decrypt $(prod-secrets.txt) in `src/secrets/` and put them in their +## correct location in the server. upload-secrets: $(prod-secrets.txt) - ssh euandre.org sudo -u secrets-keeper 'rm -f /opt/secrets/*' + ssh $(TLD) sudo -u secrets-keeper 'rm -f /opt/secrets/*' rsync \ --rsync-path='sudo -u secrets-keeper rsync' \ --chmod=000 \ -avzP \ - $(prod-secrets.txt) euandre.org:/opt/secrets/ + $(prod-secrets.txt) $(TLD):/opt/secrets/ ## Generate the ".ssh/authorized_keys" file and upload -## it to rsync.net. +## it to $(OFFSITE_SSH). upload-keys: - cat src/keys/SSH/*.txt | ssh suyin dd of=.ssh/authorized_keys + find src/keys/SSH/*.txt | \ + LANG=POSIX.UTF-8 sort | \ + xargs cat | \ + ssh $(OFFSITE_SSH) dd of=.ssh/authorized_keys ALWAYS: |