nassella/app
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Generate restic configs from apps.config

Browse Source
This commit is contained in:
Thomas Hintz
2025-09-15 15:49:25 -07:00
parent 0d45d269a1
commit f7a339732e
6 changed files with 29 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -15,10 +15,11 @@ terraform.tfstate.backup
app app
config/apps.config config/apps.config
config/restic-env
config/restic-password
config/production.tfvars config/production.tfvars
restic-env
restic-password
# generated files # generated files
all-apps/lb/Caddyfile all-apps/lb/Caddyfile
all-apps/nextcloud/nextcloud.env all-apps/nextcloud/nextcloud.env

10
Makefile
View File

@@ -34,6 +34,12 @@ all-apps/nextcloud/redis_password: $(apps_config)
all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh
./make-nextcloud-env.sh $(apps_config) ./make-nextcloud-env.sh $(apps_config)
# Backups / Restic / Backblaze
restic-env: $(apps_config) make-restic-generated.sh
./make-restic-generated.sh $(apps_config) > restic-env
restic-password: $(apps_config) make-restic-password.sh
./make-restic-password.sh $(apps_config) > restic-password
ignition.json: cl.yaml app/.dirstamp \ ignition.json: cl.yaml app/.dirstamp \
all-apps/lb/Caddyfile \ all-apps/lb/Caddyfile \
all-apps/nextcloud/nextcloud_admin_user \ all-apps/nextcloud/nextcloud_admin_user \
@@ -42,7 +48,9 @@ all-apps/nextcloud/postgres_db \
all-apps/nextcloud/postgres_user \ all-apps/nextcloud/postgres_user \
all-apps/nextcloud/postgres_password \ all-apps/nextcloud/postgres_password \
all-apps/nextcloud/redis_password \ all-apps/nextcloud/redis_password \
all-apps/nextcloud/nextcloud.env all-apps/nextcloud/nextcloud.env \
restic-env \
restic-password
cat cl.yaml | docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json cat cl.yaml | docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json
generated.tfvars: $(apps_config) make-generated.sh generated.tfvars: $(apps_config) make-generated.sh

4
cl.yaml
View File

@@ -88,10 +88,10 @@ storage:
files: files:
- path: /restic-password - path: /restic-password
contents: contents:
local: config/restic-password local: restic-password
- path: /restic-env - path: /restic-env
contents: contents:
local: config/restic-env local: restic-env
### docker-compose sysext ### docker-compose sysext
### https://flatcar.github.io/sysext-bakery/docker_compose/ ### https://flatcar.github.io/sysext-bakery/docker_compose/
- path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw - path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw

2
config/restic-env.tmpl
View File

@@ -1,2 +0,0 @@
AWS_ACCESS_KEY_ID=""
AWS_SECRET_ACCESS_KEY=""

8
make-restic-generated.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
set -e
. $1 # source the apps.config file with then env vars
echo "AWS_ACCESS_KEY_ID=\"$BACKBLAZE_KEY_ID\""
echo "AWS_SECRET_ACCESS_KEY=\"$BACKBLAZE_APPLICATION_KEY\""

7
make-restic-password.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
set -e
. $1 # source the apps.config file with then env vars
echo "$RESTIC_PASSWORD"