Adding script/makefile rule for initializing restic

.gitignore

@@ -6,21 +6,13 @@
 flatcar/flatcar_production_qemu_image.img
 flatcar/flatcar_production_qemu_image.img.fresh
 
-ignition.json
-
-
 terraform.tfstate
 terraform.tfstate.backup
 
-app
-
 config/apps.config
 config/production.tfvars
 config/ssh-keys
 
-restic-env
-restic-password
-
 # generated files
 all-apps/lb/Caddyfile
 all-apps/nextcloud/nextcloud.env
@@ -31,3 +23,7 @@ all-apps/nextcloud/postgres_user
 all-apps/nextcloud/postgres_password
 all-apps/nextcloud/redis_password
 generated.tfvars
+restic-env
+restic-password
+ignition.json
+app

Makefile

@@ -66,6 +66,10 @@ apply: ignition.json $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars
 destroy: ignition.json $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars
 	bash -c "terraform destroy -var-file=<(cat $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars)"
 
+.PHONY: restic-init
+restic-init: $(apps_config) restic-password
+	./init-restic.sh $(apps_config)
+
 ## to help me remember the command to run to test the config locally
 testlocalhost:
 	curl -k --resolve localhost:443:146.190.12.129 https://localhost

config/apps.config.tmpl

@@ -6,3 +6,7 @@ NEXTCLOUD_POSTGRES_DB=nextcloud
 NEXTCLOUD_POSTGRES_USER=nextcloud
 NEXTCLOUD_POSTGRES_PASSWORD=
 NEXTCLOUD_REDIS_PASSWORD=
+BACKBLAZE_KEY_ID=
+BACKBLAZE_APPLICATION_KEY=
+BACKBLAZE_BUCKET_URL=
+RESTIC_PASSWORD=

init-restic.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+. $1 # source the apps.config file with then env vars
+
+mkdir -p emptydir
+docker run --rm --volume $PWD/emptydir:/nassella --volume $PWD/restic-password:/restic-password -e AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" -e AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" -i restic/restic:0.18.0 init --repo s3:$BACKBLAZE_BUCKET_URL --password-file /restic-password
+rm -Rf emptydir