aboutsummaryrefslogtreecommitdiff
path: root/scripts (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove --progress from borg createEuAndreh2019-06-101-1/+0
| | | | It shows filenames in CI output log.
* Use create_known_hosts_file function instead of duplicating behaviourEuAndreh2019-06-101-3/+6
|
* Fail CI run if backup failsEuAndreh2019-06-101-3/+3
|
* Don't run restore backup Ansible task when not requiredEuAndreh2019-06-101-7/+0
| | | | | | | Instead of performing this task on the generated =restore-backup.sh= file, do it on provision.yaml. The boolean logic is less confusing and the interpolation is less tricky.
* Create generated-known-hosts.txt twiceEuAndreh2019-06-101-0/+1
| | | | | Since it can change after being destroyed by Terraform, we can't create it before and use it later.
* Allow shutdown process to failEuAndreh2019-06-101-2/+2
|
* Provision DNS entries using DigitalOcean instead of DNS registrarEuAndreh2019-06-102-2/+2
| | | | | | | | | | | | | This way we can implement dynamic (provision-time) Floating IP, instead of a hardcoded pre-created Floating IP address. Related changes: - remove =terraform-godaddy= provider, use =digitalocean_record= instead; - create =generated-known-hosts= after provisioning instead of during =setup.sh=: use the =$(terraform output public_floating_ip)= value to make this file dynamic; - remote the =$PINNED_IP= and =$TF_VAR_floating_ip= variables; - add type and descriptions to variable declarations in Terraform recipe.
* Revert "Create Terraform plan before shutting down running containers"EuAndreh2019-06-091-6/+6
| | | | This reverts commit c8963acd02a5095bafb46c79abd45eec45059707.
* Don't use terraform-full derivationEuAndreh2019-06-091-3/+1
|
* Create Terraform plan before shutting down running containersEuAndreh2019-06-091-8/+8
|
* Quote $() call (ShellCheck offense)EuAndreh2019-06-091-1/+1
|
* Make terraform-provider-godaddy available for TerraformEuAndreh2019-06-091-0/+3
|
* Add quote around nested quote expansionEuAndreh2019-06-081-1/+1
| | | | Thanks ShellCheck :)
* Remove unused $PUBLIC_KEY_ONLYEuAndreh2019-06-081-1/+0
| | | | Thanks ShellCheck.
* Generate UserKnownHostsFile dynamically instead of when rotating keysEuAndreh2019-06-081-0/+2
| | | | | | | | | | | | The previous solution would hardcode the server IP. This way we can change the server IP address that is hosting everything and keep the SSH keypair. Previously changing the IP address would require either calling the =./rotate-ssh-keys.sh= script or manually changing the IP address on the known-hosts.txt file. The IP address being duplicated itself was a code smell. Both SSH keypair and IP address can now be changed independently.
* CI debug: remove --verbose flag from borg create commandEuAndreh2019-06-081-1/+0
| | | | THe objective is to remove the logged files from the CI log.
* Revert "Add verbose logging for Ansible playbook command"EuAndreh2019-06-071-1/+1
| | | | This reverts commit 80ee903ac9f09c22b4ef3458393242fa929cff89.
* Add verbose logging for Ansible playbook commandEuAndreh2019-06-071-1/+1
|
* Fix boolean logic bug on ${DESTROY_VOLUME} usageEuAndreh2019-06-071-2/+2
|
* Disable SC2034 for ${DOLLAR} interpolated variableEuAndreh2019-06-071-0/+3
|
* Add ${DESTROY_VOLUME} operational toggleEuAndreh2019-06-062-2/+13
| | | | | | | | | | | | | This way I can dynamically control whether to destroy and recreate all the existing infrastructure entirely from scratch. The advantages of doing so are: - test the non-existence of local state on every deployment; - make sure I can always recreate everything from scratch. The disadvantages are: - slower deployment times; - longer downtime during deployments.
* Remove invalid --stats option from borg extract commandEuAndreh2019-06-061-1/+0
|
* Fail fast on copied Bash filesEuAndreh2019-06-062-0/+2
|
* Unify quoted strings from restore-backup.env.shEuAndreh2019-06-061-1/+1
|
* Use ${DOLLAR}{VAR} to double scape bash variable in .env templatesEuAndreh2019-06-062-2/+7
|
* Notify when backup fails instead od saying nothingEuAndreh2019-06-061-1/+1
|
* Allow backups to fail for nowEuAndreh2019-06-061-1/+1
|
* Remove debug echoEuAndreh2019-06-051-1/+0
|
* Fix ShellCheck offensesEuAndreh2019-06-053-3/+5
|
* Restore backup in Ansible instead of BashEuAndreh2019-06-052-7/+4
|
* Restore from backup in fresh volumeEuAndreh2019-06-053-10/+46
|
* Add volume to VPSEuAndreh2019-06-051-4/+0
| | | | Don't destroy everything on deploy. This would destroy the volume too.
* Always destroy infrastructure before applyingEuAndreh2019-06-051-0/+4
|
* Uncomment accidentally commented codeEuAndreh2019-06-051-6/+6
|
* Remove duplicate chmod on borg-remoteEuAndreh2019-06-051-1/+0
|
* Remove ansible-lintEuAndreh2019-06-051-6/+6
| | | | It wasn't trivial to configure: Ansible tried to work on /homeless-shelter :facepalm:
* Use specific known keys for connecting with the backup serverEuAndreh2019-06-052-3/+4
|
* Change permission of borg client keyEuAndreh2019-06-051-0/+1
|
* Uncomment phases from provision.shEuAndreh2019-06-051-13/+13
| | | | | I was letting it be commented during iteration, it shouldn't have been committed this way.
* TODOs.orgEuAndreh2019-06-051-13/+14
|
* Remove unused cloud-config.env.yamlEuAndreh2019-06-051-1/+0
|
* Fix ShellCheck offensesEuAndreh2019-06-052-2/+5
|
* Use Ansible instead of Bash for provisioningEuAndreh2019-06-054-8/+22
| | | | | | | | | | | | | | | | | | The deployment is not quite working, and I'm unable to test right now: DigitalOcean is returning 503 for my requests. As of this commit, I can run =ansible-playbook provider.yml= more than once and it will actually be idempotent. Notes: - SSH fingerprint are now taken from the public key file instead of manually supplying it in the terraform template using the =digitalocean_ssh_key= resource; - use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets created by Terraform; - use the =filename.env.extension= to create the concrete files in CI; - use the =user_data= to add the know SSH key pair to the newly created Droplet; - add =rotate-ssh-keys.sh= utils;
* Split $VPS_COMMIT_SHA variable declaration for exportingEuAndreh2019-05-281-1/+2
| | | | ShellCheck offense.
* Rotate SSH key and use correct VPS_COMMIT_SHA on provisioningEuAndreh2019-05-281-4/+5
|
* Configure git for vps-state repo in ./scripts/ci/setup.shEuAndreh2019-05-282-3/+5
|
* Add git config metadata to enable commiting in CIEuAndreh2019-05-281-0/+2
|
* Fix mixed usage of $PLAN_FILE variableEuAndreh2019-05-281-4/+5
| | | | Split $PLAN_FILE into $PLAN_FILE_NAME and $PLAN_FILE_PATH.
* Store plan file in vps-state tooEuAndreh2019-05-281-4/+18
|
* Fix shell.nix path in nix-shell custom shebangEuAndreh2019-05-282-2/+2
|