From da00227813b1fbeebae8c90e2122a8b73acb1af9 Mon Sep 17 00:00:00 2001 From: EuAndreh Date: Sun, 26 May 2019 11:51:51 -0300 Subject: Automate provisioning and deployment of VPS In order to perform that I had to remove Terraform's =.tfstate= files from the repository. Terraform does support "backends" for storing the state files, but I settled for storing it on a separate repo (vps-state). For now it solves the state management problem: - it has history of states; - all state files are GPG encrypted; - there's no coordination however, but only the CI should perform a deploy in order to avoid race conditions. I had to add GPG and SSH keys to sr.ht to achieve that: - SSH public key to my profile to authorize it to push to vps-state repo; - SSH private key to the secret builds.sr.ht environment to enable push to the repository from the pipeline; - GPG public key to git-crypt to make it possible for the pipeline to unlock the encrypted content; - GPG private key to the secret builds.sr.ht environment to enable decrypting git-crypt content from the pipeline. In order to avoid divergent environment from local and CI, the ./provision.sh script is ran through nix-shell. --- deploy.sh | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) (limited to 'deploy.sh') diff --git a/deploy.sh b/deploy.sh index 3d12517..f96cfe5 100755 --- a/deploy.sh +++ b/deploy.sh @@ -2,22 +2,42 @@ set -Eeuo pipefail cd "${BASH_SOURCE%/*}/" -yellow "Ubuntu maintenence..." +alias ssh="ssh -i secrets/id_rsa root@$TLD" + +apt_wait() { + local i=0 + tput sc + while fuser /var/lib/apt/lists/lock >/dev/null 2>&1 ; do + case $((i % 4)) in + 0 ) j="-" ;; + 1 ) j="\\" ;; + 2 ) j="|" ;; + 3 ) j="/" ;; + esac + tput rc + echo -en "\r[$j] Waiting for other software managers to finish..." + sleep 0.5 + ((i=i+1)) + done +} + +apt_wait + +echo "Ubuntu update and install docker-compose..." ssh "$TLD" sudo apt-get update ssh "$TLD" sudo apt-get upgrade -y ssh "$TLD" sudo apt-get install -y docker-compose ssh "$TLD" sudo apt-get autoremove -y -green "Done.\n" +echo "Done.\n" -yellow "Copy over files..." +echo "Copy over files..." ssh "$TLD" mkdir -p /home/vps/ envsubst < docker-compose.yaml > docker-compose.yaml.fd scp docker-compose.yaml.fd "$TLD":/home/vps/docker-compose.yaml rm docker-compose.yaml.fd -green "Done.\n" +echo "Done.\n" -yellow "Restart docker-compose" -ssh "$TLD" "cd /home/vps/ && docker-compose down" +echo "Restart docker-compose" ssh "$TLD" "cd /home/vps/ && docker-compose pull" ssh "$TLD" "cd /home/vps/ && docker-compose up -d" -green "Done.\n" +echo "Done.\n" -- cgit v1.2.3