aboutsummaryrefslogtreecommitdiff
path: root/Makefile
blob: 23b23592b466e481bc2cfdcbb19221a82c898412 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

.POSIX:
NAME        = servers
PREFIX      = /usr/local
SHAREDIR    = $(PREFIX)/share
DOCDIR      = $(SHAREDIR)/doc/$(NAME)



all: public src/infrastructure/keys/SSH/root@euandre.org.id_rsa.pub.stripped


packages system: ALWAYS \
		src/infrastructure/keys/SSH/root@euandre.org.id_rsa.pub.stripped
	rm -f $@
	guix build -r $@ -v3 -f src/infrastructure/guix/$@.scm

src/infrastructure/keys/SSH/root@euandre.org.id_rsa.pub.stripped: \
		src/infrastructure/keys/SSH/root@euandre.org.id_rsa.pub.txt
	cut -d' ' -f6- < $(@D)/`basename $(@F) .stripped`.txt > $@

install: all
	mkdir -p \
		'$(DESTDIR)$(DOCDIR)'
	cp -R public/* '$(DESTDIR)$(DOCDIR)'

uninstall:
	rm -rf \
		'$(DESTDIR)$(DOCDIR)'


assert-scripts = \
	tests/assert-shellcheck.sh \

$(assert-scripts): ALWAYS
	sh $@

check: all $(assert-scripts)


installcheck-docdir:
	test -e '$(DESTDIR)$(DOCDIR)'/index.html

installcheck: installcheck-docdir

clean:
	rm -rf \
		public/ src/secrets/*.txt packages system                      \


public/favicon.svg:
	mkdir -p $(@D)
	cp doc/favicon.svg $@

public/style.css:
	mkdir -p $(@D)
	td -S > $@

html-deps = \
	public/favicon.svg \
	public/style.css   \

public/index.html: README.md $(html-deps)
	sh doc/md2html.sh -T 'README' < README.md > $@

public/TODOs.html: TODOs.md $(html-deps)
	td -H | sh doc/md2html.sh -T 'TODOs' > $@

public/ci:
	sh src/infrastructure/scripts/report.sh -o $@

public: \
		public/index.html public/TODOs.html public/ci


prod-secrets.txt.gpg = \
	src/secrets/borg-passphrase.txt.gpg \
	src/secrets/root@euandre.org.id_rsa.txt.gpg
prod-secrets.txt = $(prod-secrets.txt.gpg:.gpg=)

repo-secrets = \
	$(prod-secrets.txt.gpg)                    \




.SUFFIXES: .gpg

.gpg:
	gpg -d < $< > $@

$(repo-secrets):
	gpg -aer eu@euandre.org < $(@D)/`basename $@ .gpg` > $@


upload-secrets: $(prod-secrets.txt)
	ssh euandre.org sudo -u secrets-keeper 'rm -f /opt/secrets/*'
	rsync \
		--rsync-path='sudo -u secrets-keeper rsync' \
		--chmod=000                                 \
		-avzP                                       \
		$(prod-secrets.txt) euandre.org:/opt/secrets/


## Generate the ".ssh/authorized_keys" file and upload
## it to rsync.net.
upload-keys:
	cat src/infrastructure/keys/SSH/*.txt | ssh suyin dd of=.ssh/authorized_keys


ALWAYS:
generated by cgit v1.2.3 (git 2.50.1) at 2025-12-12 22:45:31 +0000