blob: 1da13b89ac5c3d719aeffce8fa43c859cfad5fd9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
#!/usr/bin/env bash
set -eu
set -o pipefail
echo "Creating droplet for mail..."
data=$(doctl \
-t "$(cat /mnt/digitalocean)" \
compute droplet create \
mail \
--image debian-9-x64 \
--region nyc3 \
--size s-1vcpu-1gb \
--ssh-keys 23160354 \
--volumes 5e4d8c7b-f840-11e8-b59e-0a58ac1467fb \
--format ID,PublicIPv4 \
--no-header \
--wait)
id=$(echo "$data" | awk '{print $1}')
ip=$(echo "$data" | awk '{print $2}')
echo "Created droplet with id $id and ip $ip"
echo "Creating DNS entry for $ip..."
record_id=$(doctl \
-t "$(cat /mnt/digitalocean)" \
compute domain records list \
tozt.net \
--format Name,Type,ID \
--no-header \
| grep '^newsmtp \+A ' \
| awk '{print $3}'
)
doctl \
-t "$(cat /mnt/digitalocean)" \
compute domain records update \
tozt.net \
--record-id "$record_id" \
--record-type A \
--record-name newsmtp \
--record-data "$ip" \
--record-ttl 600
echo "Done creating DNS entry"
echo "Provisioning droplet..."
conf_location="/usr/local/share/puppet-tozt"
conf_repo="git://github.com/doy/puppet-tozt"
remote() {
# shellcheck disable=SC2029
ssh root@"$ip" "$@"
}
ensure_conf_exists() {
if remote test -d "$conf_location"; then
remote "cd '$conf_location' && git pull"
else
remote "mkdir -p '$conf_location'"
remote "cd '$conf_location' && git clone '$conf_repo' ."
fi
remote "cd '$conf_location' && git submodule update --init --recursive"
}
while ! remote true; do
sleep 5
done
if remote test ! -e /usr/bin/pacman; then
remote apt-get -y update
remote apt-get -y install git
ensure_conf_exists
remote "cd '$conf_location/digitalocean-debian-to-arch' && bash install.sh --i_understand_that_this_droplet_will_be_completely_wiped --extra_packages 'puppet git ruby-shadow'"
sleep 30
while ! remote true; do
sleep 30
done
fi
ensure_conf_exists
scp -r /mnt/puppet/tozt/ root@"$ip":/usr/local/share/puppet-tozt/modules/secret/files
remote "cd '$conf_location' && puppet apply --modulepath=./modules manifests"
echo "Done provisioning"
echo "Creating DKIM entry"
dkim=$(remote "perl -pe'chomp; s/.*\"(.*)\".*/\$1/' /media/persistent/dkim/new.tozt.net.dkim.pub")
dkim_record_id=$(doctl \
-t "$(cat /mnt/digitalocean)" \
compute domain records list \
tozt.net \
--format Name,Type,ID \
--no-header \
| grep '^dkim._domainkey.new \+TXT ' \
| awk '{print $3}'
)
doctl \
-t "$(cat /mnt/digitalocean)" \
compute domain records update \
tozt.net \
--record-id "$dkim_record_id" \
--record-type TXT \
--record-name dkim._domainkey.new \
--record-data "$dkim" \
--record-ttl 600
echo "Done creating DKIM entry"
echo "Done"
|