diff options
| author | EuAndreh <eu@euandre.org> | 2019-05-26 11:51:51 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2019-05-26 11:51:51 -0300 |
| commit | da00227813b1fbeebae8c90e2122a8b73acb1af9 (patch) | |
| tree | edbd087c4868d78a709b1290cf241a4a439e527e /deploy.sh | |
| parent | Add 1 git-crypt collaborator (diff) | |
| download | toph-da00227813b1fbeebae8c90e2122a8b73acb1af9.tar.gz toph-da00227813b1fbeebae8c90e2122a8b73acb1af9.tar.xz | |
Automate provisioning and deployment of VPS
In order to perform that I had to remove Terraform's =.tfstate= files from the
repository. Terraform does support "backends" for storing the state files, but I
settled for storing it on a separate repo (vps-state).
For now it solves the state management problem:
- it has history of states;
- all state files are GPG encrypted;
- there's no coordination however, but only the CI should perform a deploy in
order to avoid race conditions.
I had to add GPG and SSH keys to sr.ht to achieve that:
- SSH public key to my profile to authorize it to push to vps-state repo;
- SSH private key to the secret builds.sr.ht environment to enable push to the
repository from the pipeline;
- GPG public key to git-crypt to make it possible for the pipeline to unlock the
encrypted content;
- GPG private key to the secret builds.sr.ht environment to enable decrypting
git-crypt content from the pipeline.
In order to avoid divergent environment from local and CI, the ./provision.sh
script is ran through nix-shell.
Diffstat (limited to 'deploy.sh')
| -rwxr-xr-x | deploy.sh | 34 |
1 files changed, 27 insertions, 7 deletions
@@ -2,22 +2,42 @@ set -Eeuo pipefail cd "${BASH_SOURCE%/*}/" -yellow "Ubuntu maintenence..." +alias ssh="ssh -i secrets/id_rsa root@$TLD" + +apt_wait() { + local i=0 + tput sc + while fuser /var/lib/apt/lists/lock >/dev/null 2>&1 ; do + case $((i % 4)) in + 0 ) j="-" ;; + 1 ) j="\\" ;; + 2 ) j="|" ;; + 3 ) j="/" ;; + esac + tput rc + echo -en "\r[$j] Waiting for other software managers to finish..." + sleep 0.5 + ((i=i+1)) + done +} + +apt_wait + +echo "Ubuntu update and install docker-compose..." ssh "$TLD" sudo apt-get update ssh "$TLD" sudo apt-get upgrade -y ssh "$TLD" sudo apt-get install -y docker-compose ssh "$TLD" sudo apt-get autoremove -y -green "Done.\n" +echo "Done.\n" -yellow "Copy over files..." +echo "Copy over files..." ssh "$TLD" mkdir -p /home/vps/ envsubst < docker-compose.yaml > docker-compose.yaml.fd scp docker-compose.yaml.fd "$TLD":/home/vps/docker-compose.yaml rm docker-compose.yaml.fd -green "Done.\n" +echo "Done.\n" -yellow "Restart docker-compose" -ssh "$TLD" "cd /home/vps/ && docker-compose down" +echo "Restart docker-compose" ssh "$TLD" "cd /home/vps/ && docker-compose pull" ssh "$TLD" "cd /home/vps/ && docker-compose up -d" -green "Done.\n" +echo "Done.\n" |