From 2292283dca4a2c525d9d93c99a605f926e93585a Mon Sep 17 00:00:00 2001
From: EuAndreh <eu@euandre.org>
Date: Mon, 10 Jun 2019 16:01:26 -0300
Subject: Send logs via email after finishing provision.sh

The email will be send for both sucessfull and failed runs.
---
 .gitignore                       |   5 ++++-
 TODOs.org                        |   2 ++
 logs/.gitignore                  |   3 +++
 logs/placeholder.txt             |   1 +
 scripts/box/create-backup.env.sh |   2 ++
 scripts/ci/mail.sh               |  33 +++++++++++++++++++++++++++++++++
 scripts/ci/provision.sh          |  11 +++++++++--
 secrets/envrc.sh                 | Bin 2397 -> 2738 bytes
 8 files changed, 54 insertions(+), 3 deletions(-)
 create mode 100644 logs/.gitignore
 create mode 100644 logs/placeholder.txt
 create mode 100755 scripts/ci/mail.sh

diff --git a/.gitignore b/.gitignore
index 7fc8c05..c509eb0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,7 @@
 /user-data.sh
 /scripts/box/create-backup.sh
 /scripts/box/restore-backup.sh
-/generated-known-hosts.txt
\ No newline at end of file
+/generated-known-hosts.txt
+
+# Logs
+/ansible-logs.txt
\ No newline at end of file
diff --git a/TODOs.org b/TODOs.org
index 19182ce..dbd9dc8 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -312,6 +312,8 @@ Raspberry Pi vs VPS
 
 Imagine 2 Raspberry Pis, doing immutable blue/green deployments on it, with a large local of a few TBs!
 ** README with setup instructions
+** Improve rotation of SSH port
+Remove need for manual intervention
 * Resources
 ** [[https://github.com/mail-in-a-box/mailinabox][Mail-in-a-Box]]
 ** [[https://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/][NSA-proof your e-mail in 2 hours]]
diff --git a/logs/.gitignore b/logs/.gitignore
new file mode 100644
index 0000000..af144f4
--- /dev/null
+++ b/logs/.gitignore
@@ -0,0 +1,3 @@
+*
+!.gitignore
+!placeholder.txt
diff --git a/logs/placeholder.txt b/logs/placeholder.txt
new file mode 100644
index 0000000..e126580
--- /dev/null
+++ b/logs/placeholder.txt
@@ -0,0 +1 @@
+Placeholder log file so =cat logs/*= won't fail after being trapped.
diff --git a/scripts/box/create-backup.env.sh b/scripts/box/create-backup.env.sh
index 2c97594..f5cd3b0 100755
--- a/scripts/box/create-backup.env.sh
+++ b/scripts/box/create-backup.env.sh
@@ -6,7 +6,9 @@ export BORG_PASSPHRASE="${BORG_PASSPHRASE}"
 # The configured $BORG_REPO is already the rsync remote.
 # No need to send the files after the backup is done.
 borg create                                               \
+     --verbose                                            \
      --stats                                              \
+     --progress                                           \
      --compression lzma,6                                 \
      "${BORG_REPO}::{hostname}-{now}-${VPS_COMMIT_SHA}"   \
      "${VOLUME_HOME}"/*
diff --git a/scripts/ci/mail.sh b/scripts/ci/mail.sh
new file mode 100755
index 0000000..d15c5db
--- /dev/null
+++ b/scripts/ci/mail.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+cd "$(dirname "${BASH_SOURCE[0]}")"
+cd ../../
+
+VPS_COMMIT_SHA="${1:-}"
+[[ -z "${VPS_COMMIT_SHA}" ]] && {
+  echo 'Error: missing $VPS_COMMIT_SHA positional argument.'
+  exit 2
+}
+
+SUBJECT="VPS CI run #${JOB_ID} logs"
+ATTACHMENT_PATH='logs.txt'
+BODY=$(cat <<EOF
+CI run for commit ${VPS_COMMIT_SHA}.
+See failed run:
+https://builds.sr.ht/~euandreh/job/${JOB_ID}
+
+Logs are attached.
+
+EOF
+)
+
+cat ./logs/*.txt > "${ATTACHMENT_PATH}"
+
+curl "${MAILGUN_URL}"          \
+     -s                        \
+     --user "${MAILGUN_USER}"  \
+     -F from="${MAILGUN_FROM}" \
+     -F to="${MAILGUN_TO}"     \
+     -F subject="${SUBJECT}"   \
+     -F text="${BODY}"         \
+     -F attachment="@${ATTACHMENT_PATH}"
diff --git a/scripts/ci/provision.sh b/scripts/ci/provision.sh
index 8b058e2..ff71cb6 100755
--- a/scripts/ci/provision.sh
+++ b/scripts/ci/provision.sh
@@ -8,6 +8,13 @@ cd ../../
 VPS_COMMIT_SHA="$(git rev-parse HEAD)"
 export VPS_COMMIT_SHA
 
+mail_debug_log() {
+  echo "Sending logs via email..."
+  ./scripts/ci/mail.sh "${VPS_COMMIT_SHA}"
+  echo "Done."
+}
+trap mail_debug_log EXIT
+
 create_known_hosts_file() {
   echo "${TLD},$(terraform output public_floating_ip) ssh-rsa $(awk '{print $2}' < ./secrets/ssh/vps-box-server.pub)" > ./generated-known-hosts.txt
 }
@@ -29,7 +36,7 @@ echo "Shutting down running containers and backing up data..."
 create_known_hosts_file
 ssh "$TLD" "cd /home/vps/ && docker-compose down"
 setup_borg_files ./scripts/box/create-backup.env.sh create-backup.sh
-ssh "$TLD" /home/vps/create-backup.sh
+ssh "$TLD" /home/vps/create-backup.sh 2>&1 > ./logs/borg-create.txt
 echo "Done."
 
 echo "Initializing Terraform..."
@@ -71,7 +78,7 @@ echo "Done."
 
 echo "Running the Ansible playbook..."
 create_known_hosts_file
-ansible-playbook provision.yaml
+ansible-playbook -vvv provision.yaml 2>&1 > ./logs/ansible.txt
 echo "Done."
 
 echo "Locking git-crypt repositories back..."
diff --git a/secrets/envrc.sh b/secrets/envrc.sh
index 12e65b4..62b27c6 100644
Binary files a/secrets/envrc.sh and b/secrets/envrc.sh differ
-- 
cgit v1.2.3