.gitignore

@@ -8,16 +8,17 @@ flatcar/flatcar_production_qemu_image.img.fresh
 
 ignition.json
 
+production.tfvars
 
 terraform.tfstate
 terraform.tfstate.backup
 
 app
 
-config/apps.config
-config/restic-env
-config/restic-password
-config/production.tfvars
+apps.config
+
+restic-env
+restic-password
 
 # generated files
 all-apps/lb/Caddyfile

Makefile

@@ -1,7 +1,4 @@
-TERRAFORM_ENV := production
-
-config_dir := ./config/
-apps_config := $(config_dir)apps.config
+TERRAFORM_ENV=production
 
 # .dirstamp plus && $@ is like make magic to get this rule
 # to only run if the contents of all-apps changes
@@ -15,24 +12,24 @@ $(wildcard all-apps/dozzle/*)
 	cp -a all-apps app && touch $@
 
 # Caddy / lb
-all-apps/lb/Caddyfile: $(apps_config) make-caddyfile.sh
-	./make-caddyfile.sh $(apps_config) > all-apps/lb/Caddyfile
+all-apps/lb/Caddyfile: apps.config make-caddyfile.sh
+	./make-caddyfile.sh > all-apps/lb/Caddyfile
 
 # Nextcloud
-all-apps/nextcloud/nextcloud_admin_user: $(apps_config)
-	bash -c 'source $(apps_config); printf "%s\n" "$$NEXTCLOUD_ADMIN_USER" > $@'
-all-apps/nextcloud/nextcloud_admin_password: $(apps_config)
-	bash -c 'source $(apps_config); printf "%s\n" "$$NEXTCLOUD_ADMIN_PASSWORD" > $@'
-all-apps/nextcloud/postgres_db: $(apps_config)
-	bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_DB" > $@'
-all-apps/nextcloud/postgres_user: $(apps_config)
-	bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_USER" > $@'
-all-apps/nextcloud/postgres_password: $(apps_config)
-	bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_PASSWORD" > $@'
-all-apps/nextcloud/redis_password: $(apps_config)
-	bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_REDIS_PASSWORD" > $@'
-all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh
-	./make-nextcloud-env.sh $(apps_config)
+all-apps/nextcloud/nextcloud_admin_user: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_ADMIN_USER" > $@'
+all-apps/nextcloud/nextcloud_admin_password: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_ADMIN_PASSWORD" > $@'
+all-apps/nextcloud/postgres_db: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_POSTGRES_DB" > $@'
+all-apps/nextcloud/postgres_user: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_POSTGRES_USER" > $@'
+all-apps/nextcloud/postgres_password: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_POSTGRES_PASSWORD" > $@'
+all-apps/nextcloud/redis_password: apps.config
+	bash -c 'source ./apps.config; printf "%s\n" "$$NEXTCLOUD_REDIS_PASSWORD" > $@'
+all-apps/nextcloud/nextcloud.env: apps.config make-nextcloud-env.sh
+	./make-nextcloud-env.sh
 
 ignition.json: cl.yaml app/.dirstamp \
 all-apps/lb/Caddyfile \
@@ -45,17 +42,17 @@ all-apps/nextcloud/redis_password \
 all-apps/nextcloud/nextcloud.env
 	cat cl.yaml | docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json
 
-generated.tfvars: $(apps_config) make-generated.sh
-	./make-generated.sh $(apps_config) > generated.tfvars
+generated.tfvars: apps.config make-generated.sh
+	./make-generated.sh > generated.tfvars
 
-plan: ignition.json $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars
-	bash -c "terraform plan -var-file=<(cat $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars)"
+plan: ignition.json $(TERRAFORM_ENV).tfvars generated.tfvars
+	bash -c "terraform plan -var-file=<(cat $(TERRAFORM_ENV).tfvars generated.tfvars)"
 
-apply: ignition.json $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars
-	bash -c "terraform apply -var-file=<(cat $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars)"
+apply: ignition.json $(TERRAFORM_ENV).tfvars generated.tfvars
+	bash -c "terraform apply -var-file=<(cat $(TERRAFORM_ENV).tfvars generated.tfvars)"
 
-destroy: ignition.json $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars
-	bash -c "terraform destroy -var-file=<(cat $(config_dir)$(TERRAFORM_ENV).tfvars generated.tfvars)"
+destroy: ignition.json $(TERRAFORM_ENV).tfvars generated.tfvars
+	bash -c "terraform destroy -var-file=<(cat $(TERRAFORM_ENV).tfvars generated.tfvars)"
 
 ## to help me remember the command to run to test the config locally
 testlocalhost:

cl.yaml

@@ -88,10 +88,10 @@ storage:
   files:
     - path: /restic-password
       contents:
-        local: config/restic-password
+        local: restic-password
     - path: /restic-env
       contents:
-        local: config/restic-env
+        local: restic-env
     ### docker-compose sysext
     ### https://flatcar.github.io/sysext-bakery/docker_compose/
     - path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw

make-caddyfile.sh

@@ -13,9 +13,9 @@
 
 set -e
 
-. $1 # source the apps.config file with then env vars
+. apps.config
 
-host_admin_password_encoded=`echo "$HOST_ADMIN_PASSWORD" | docker run --rm -i caddy:2 caddy hash-password`
+host_admin_password_encoded=`echo "$HOST_ADMIN_PASSWORD" | sudo docker run --rm -i caddy:2 caddy hash-password`
 
 
 read -r -a APP_CONFIGS <<< "$APP_CONFIGS"

make-generated.sh

@@ -13,7 +13,7 @@
 
 set -e
 
-. $1 # source the apps.config file with then env vars
+. apps.config
 
 read -r -a APP_CONFIGS <<< "$APP_CONFIGS"
 APP_CONFIGS+=('lb,root')

make-nextcloud-env.sh

@@ -2,7 +2,7 @@
 
 set -e
 
-. $1 # source the apps.config file with then env vars
+. apps.config
 
 read -r -a APP_CONFIGS <<< "$APP_CONFIGS"