| Commit message (Expand) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Remove git rev-parse from .envrc | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| * | Add backup routing before possibly tearing down machine•••Create a new backup entry before running =terraform apply=, which may (or may not) destroy the current machine. This shouldn't be an issue for the backup itself, since all of the data should be stored in a separate Block Storage Volume, but we can take advantage of the sevices already needing to be taken down in order to perform a full backup of the data. | EuAndreh | 2019-05-28 | 1 | -2/+5 |
| * | WIP: take a backup during deployment•••Before possibly tearing down the machine, while all services are stopped (after the =docker-compose down= command), create a new backup with the current data. The backup tag should include the commit SHA of the deployment. | EuAndreh | 2019-05-27 | 1 | -2/+3 |
| * | Run terraform init before running terraform apply | EuAndreh | 2019-05-26 | 1 | -0/+1 |
| * | ci dbg | EuAndreh | 2019-05-26 | 1 | -0/+1 |
| * | Fix missing argument to ssh | EuAndreh | 2019-05-26 | 1 | -1/+1 |
| * | Specify shell type to ShellCheck in nix-shell shebang files | EuAndreh | 2019-05-26 | 1 | -0/+1 |
| * | Use more robust Bash cd approach | EuAndreh | 2019-05-26 | 1 | -1/+1 |
| * | Use nix-shell shebang to run CI scripts | EuAndreh | 2019-05-26 | 1 | -1/+2 |
| * | Prepare builds.sr.ht CI environment before running build tasks•••Make content of .envrc available to subsequent build jobs. | EuAndreh | 2019-05-26 | 1 | -5/+0 |
| * | Unlock with git-crypt in setup phase | EuAndreh | 2019-05-26 | 1 | -8/+2 |
| * | Disable shellcheck 2139 offense | EuAndreh | 2019-05-26 | 1 | -0/+1 |
| * | Remove extra newline at "Done.\n" messages | EuAndreh | 2019-05-26 | 1 | -5/+5 |
| * | Fix unexpected shell scaping | EuAndreh | 2019-05-26 | 1 | -1/+1 |
| * | Automate provisioning and deployment of VPS•••In order to perform that I had to remove Terraform's =.tfstate= files from the repository. Terraform does support "backends" for storing the state files, but I settled for storing it on a separate repo (vps-state). For now it solves the state management problem: - it has history of states; - all state files are GPG encrypted; - there's no coordination however, but only the CI should perform a deploy in order to avoid race conditions. I had to add GPG and SSH keys to sr.ht to achieve that: - SSH public key to my profile to authorize it to push to vps-state repo; - SSH private key to the secret builds.sr.ht environment to enable push to the repository from the pipeline; - GPG public key to git-crypt to make it possible for the pipeline to unlock the encrypted content; - GPG private key to the secret builds.sr.ht environment to enable decrypting git-crypt content from the pipeline. In order to avoid divergent environment from local and CI, the ./provision.sh script is ran through nix-shell. | EuAndreh | 2019-05-26 | 1 | -0/+36 |
| * | Remove provisioning from Terraform | EuAndreh | 2019-05-25 | 1 | -24/+0 |
| * | Use apt_wait before interacting with apt-get | EuAndreh | 2019-05-25 | 1 | -3/+20 |
| * | Move provisioning code into provision.sh | EuAndreh | 2019-05-25 | 1 | -0/+7 |
