From f7a339732eaf5917e83db029cbc19c73e309de80 Mon Sep 17 00:00:00 2001 From: Thomas Hintz Date: Mon, 15 Sep 2025 15:49:25 -0700 Subject: [PATCH] Generate restic configs from apps.config --- .gitignore | 5 +++-- Makefile | 10 +++++++++- cl.yaml | 4 ++-- config/restic-env.tmpl | 2 -- make-restic-generated.sh | 8 ++++++++ make-restic-password.sh | 7 +++++++ 6 files changed, 29 insertions(+), 7 deletions(-) delete mode 100644 config/restic-env.tmpl create mode 100755 make-restic-generated.sh create mode 100755 make-restic-password.sh diff --git a/.gitignore b/.gitignore index f2b6e79..8a6e84b 100644 --- a/.gitignore +++ b/.gitignore @@ -15,10 +15,11 @@ terraform.tfstate.backup app config/apps.config -config/restic-env -config/restic-password config/production.tfvars +restic-env +restic-password + # generated files all-apps/lb/Caddyfile all-apps/nextcloud/nextcloud.env diff --git a/Makefile b/Makefile index 78f769c..a6e4bfe 100644 --- a/Makefile +++ b/Makefile @@ -34,6 +34,12 @@ all-apps/nextcloud/redis_password: $(apps_config) all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh ./make-nextcloud-env.sh $(apps_config) +# Backups / Restic / Backblaze +restic-env: $(apps_config) make-restic-generated.sh + ./make-restic-generated.sh $(apps_config) > restic-env +restic-password: $(apps_config) make-restic-password.sh + ./make-restic-password.sh $(apps_config) > restic-password + ignition.json: cl.yaml app/.dirstamp \ all-apps/lb/Caddyfile \ all-apps/nextcloud/nextcloud_admin_user \ @@ -42,7 +48,9 @@ all-apps/nextcloud/postgres_db \ all-apps/nextcloud/postgres_user \ all-apps/nextcloud/postgres_password \ all-apps/nextcloud/redis_password \ -all-apps/nextcloud/nextcloud.env +all-apps/nextcloud/nextcloud.env \ +restic-env \ +restic-password cat cl.yaml | docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json generated.tfvars: $(apps_config) make-generated.sh diff --git a/cl.yaml b/cl.yaml index 69bcea1..d065e44 100644 --- a/cl.yaml +++ b/cl.yaml @@ -88,10 +88,10 @@ storage: files: - path: /restic-password contents: - local: config/restic-password + local: restic-password - path: /restic-env contents: - local: config/restic-env + local: restic-env ### docker-compose sysext ### https://flatcar.github.io/sysext-bakery/docker_compose/ - path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw diff --git a/config/restic-env.tmpl b/config/restic-env.tmpl deleted file mode 100644 index 36bc184..0000000 --- a/config/restic-env.tmpl +++ /dev/null @@ -1,2 +0,0 @@ -AWS_ACCESS_KEY_ID="" -AWS_SECRET_ACCESS_KEY="" \ No newline at end of file diff --git a/make-restic-generated.sh b/make-restic-generated.sh new file mode 100755 index 0000000..3957aea --- /dev/null +++ b/make-restic-generated.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +set -e + +. $1 # source the apps.config file with then env vars + +echo "AWS_ACCESS_KEY_ID=\"$BACKBLAZE_KEY_ID\"" +echo "AWS_SECRET_ACCESS_KEY=\"$BACKBLAZE_APPLICATION_KEY\"" diff --git a/make-restic-password.sh b/make-restic-password.sh new file mode 100755 index 0000000..917dc61 --- /dev/null +++ b/make-restic-password.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +set -e + +. $1 # source the apps.config file with then env vars + +echo "$RESTIC_PASSWORD"