Initial version of instance control and snapshot triggering

Makefile

@@ -6,8 +6,11 @@ apps_config := $(config_dir)apps.config
 # .dirstamp plus && $@ is like make magic to get this rule
 # to only run if the contents of all-apps changes
 app/.dirstamp: all-apps/app.service all-apps/docker-compose.yaml all-apps/.env \
+all-apps/restic-snapshot.service \
+all-apps/instance-control-webhooks/webhook_secret \
 all-apps/lb/Caddyfile \
 $(wildcard all-apps/lb/*) \
+$(wildcard all-apps/instance-control-webhooks/*) \
 $(wildcard all-apps/nextcloud/*) \
 $(wildcard all-apps/wg-easy/*) \
 $(wildcard all-apps/ghost/*) \
@@ -19,8 +22,10 @@ $(wildcard all-apps/dozzle/*)
 	rm -Rf app/
 	mkdir app/
 	cp all-apps/app.service app/
+	cp all-apps/restic-snapshot.service app/
 	cp all-apps/docker-compose.yaml app/
 	cp all-apps/.env app/
+	cp -a all-apps/instance-control-webhooks app/ # TODO remove once this is added to DNS/LB/app-config
 	./copy-apps.sh $(apps_config) && touch $@
 
 # compose .env files
@@ -33,6 +38,9 @@ all-apps/lb/Caddyfile: $(apps_config) make-caddyfile.sh
 	mkdir -p all-apps/lb
 	./make-caddyfile.sh $(apps_config) > all-apps/lb/Caddyfile
 
+all-apps/instance-control-webhooks/webhook_secret: $(apps_config)
+	bash -c 'source $(apps_config); printf "%s\n" "$$INSTANCE_CONTROL_WEBHOOKS_SECRET" > $@'
+
 # Nextcloud
 all-apps/nextcloud/nextcloud_admin_user: $(apps_config)
 	bash -c 'source $(apps_config); printf "%s\n" "$$NEXTCLOUD_ADMIN_USER" > $@'
@@ -89,6 +97,7 @@ restic-password: $(apps_config) make-restic-password.sh
 
 ignition.json: cl.yaml app/.dirstamp \
 all-apps/lb/Caddyfile \
+all-apps/instance-control-webhooks/webhook_secret \
 all-apps/nextcloud/nextcloud_admin_user \
 all-apps/nextcloud/nextcloud_admin_password \
 all-apps/nextcloud/postgres_db \
@@ -112,6 +121,7 @@ all-apps/ghost/.compose-env \
 restic-env \
 restic-password \
 restic-restore.sh \
+restic-snapshot.sh \
 all-apps/.env \
 $(config_dir)ssh-keys
 	cat cl.yaml | docker run --rm --volume $(config_dir)/ssh-keys:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json
@@ -148,7 +158,7 @@ restic-snapshots: $(apps_config) restic-password
 .PHONY: archive
 archive:
 	tar -cf nassella-latest.tar all-apps cl.yaml init-restic.sh main.tf make-caddyfile.sh Makefile \
-		make-generated.sh make-nextcloud-env.sh make-ghost-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh copy-apps.sh restic-restore.sh \
+		make-generated.sh make-nextcloud-env.sh make-ghost-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh copy-apps.sh restic-restore.sh restic-snapshot.sh \
 		make-nassella-authelia-config.sh make-nassella-lldap-config.sh .terraform.lock.hcl
 	cp nassella-latest.tar src/