infra/Taskfile.yml

120 lines
3.2 KiB
YAML

version: "3"
vars:
# https://stackoverflow.com/a/20428030
# -J root@nulo.ar:993
ssh_generic_params: " -o ControlPath=~/.ssh/master-$$ -o ControlMaster=auto -o ControlPersist=60"
ssh_params: ""
scp_params: ""
#ssh_target: "root@dorsiblanco.nulo.in"
ssh_target: "root@dorsiblanco"
includes:
container: ./containers/Taskfile.yml
tasks:
melange-keygen:
cmds:
- task: melange
vars: { CMD: "keygen" }
status:
- test -f melange.rsa
build-package:
deps:
- task: melange-keygen
cmds:
- task: melange
vars:
CMD: build melange/{{.PACKAGE}}.yml --arch x86_64 --signing-key melange.rsa
sources:
- melange/{{.PACKAGE}}.yml
generates:
- packages/x86_64/{{.PACKAGE}}*
install-repo:
deps:
- task: melange-keygen
cmds:
- task: scp
vars:
FILES: melange.rsa.pub
TARGET: /etc/apk/keys/
- task: ssh
vars:
CMD: '"grep -x /tmp/packages /etc/apk/repositories || echo /tmp/packages >> /etc/apk/repositories"'
upload-package:
deps:
- task: build-package
vars: { PACKAGE: "{{.PACKAGE}}" }
cmds:
- task: ssh
vars:
CMD: mkdir -p /tmp/packages/x86_64/
- task: scp
vars:
FILES: "packages/x86_64/APKINDEX.tar.gz packages/x86_64/{{.PACKAGE}}*"
TARGET: /tmp/packages/x86_64/
install-package:
deps:
- task: upload-package
vars: { PACKAGE: "{{.PACKAGE}}" }
- task: install-repo
cmds:
- task: ssh
vars:
CMD: '"apk update && apk upgrade --available {{.PACKAGE}} || apk install {{.PACKAGE}}"'
copy-files:
cmds:
- task: scp
vars:
FILES: docker-compose.yml .env Caddyfile static-recv radicale.htpasswd ddnser.json containers
TARGET: config/
- task: scp
vars:
FILES: periodic/photos
TARGET: /etc/periodic/daily/
- task: scp
vars:
FILES: periodic/backblaze-backup
TARGET: /etc/periodic/daily/
# Corremos semanalmente porque cuesta plata:
# https://forum.restic.net/t/initial-backup-almost-doubled-in-size-on-b2-target/5682
- task: scp
vars:
FILES: periodic/backblaze-backup-check
TARGET: /etc/periodic/weekly/
- task: scp
vars:
FILES: periodic/crontab.root
TARGET: /etc/crontabs/root
# https://dev.to/milolav/reload-cron-jobs-in-an-alpine-linux-container-486b
- task: ssh
vars:
CMD: touch /etc/crontabs/cron.update
update-compose:
deps:
- task: copy-files
cmds:
- task: ssh
vars:
CMD: '"cd config/ && docker compose up --detach --remove-orphans {{.ARGS | default "--pull always"}}"'
- task: ssh
vars:
CMD: '"cd config/ && docker compose exec -w /etc/caddy caddy caddy reload"'
melange:
internal: true
cmds:
- podman run --privileged --rm -v "$PWD":/work:Z cgr.dev/chainguard/melange {{.CMD}}
ssh:
internal: true
cmds:
- ssh {{.ssh_generic_params}} {{.ssh_params}} {{.ssh_target}} {{.CMD}}
scp:
internal: true
cmds:
- scp {{.ssh_generic_params}} {{.scp_params}} -r {{.FILES}} {{.ssh_target}}:{{.TARGET}}