diff --git a/packer/config.json b/packer/config.json index 8693dd1..ecfd3a7 100644 --- a/packer/config.json +++ b/packer/config.json @@ -36,6 +36,11 @@ "source": "riju", "destination": "/tmp/riju" }, + { + "type": "file", + "source": "riju-init-volume", + "destination": "/tmp/riju-init-volume" + }, { "type": "file", "source": "riju-deploy", diff --git a/packer/provision.bash b/packer/provision.bash index 218d803..b8ded57 100644 --- a/packer/provision.bash +++ b/packer/provision.bash @@ -28,9 +28,11 @@ unzip -q awscli.zip sudo ./aws/install sudo chown root:root /tmp/riju /tmp/riju-deploy /tmp/riju.service -sudo mv /tmp/riju /tmp/riju-deploy /tmp/riju-install-certbot-hooks /usr/local/bin/ +sudo mv /tmp/riju /tmp/riju-deploy /tmp/riju-init-volume /tmp/riju-install-certbot-hooks /usr/local/bin/ sudo mv /tmp/riju.service /etc/systemd/system/ +sudo riju-init-volume + for user in admin deploy; do if ! grep -vq "PRIVATE KEY" "/tmp/id_${user}.pub"; then echo "${user} public key was set to a private key, aborting" >&2 diff --git a/packer/riju-init-volume b/packer/riju-init-volume new file mode 100755 index 0000000..9219b59 --- /dev/null +++ b/packer/riju-init-volume @@ -0,0 +1,65 @@ +#!/usr/bin/env bash + +set -euo pipefail + +function print { + echo >&2 "riju-init-volume: $@" +} + +mount_point=/mnt/riju/data + +mkdir -p "${mount_point}" + +disks="$(lsblk -l -d -b -o name,size | grep nvme)" +num_disks="$(wc -l <<< "${disks}")" + +if [[ "${num_disks}" != 2 ]]; then + print "found unexpected number of disks from lsblk:" + printf >&2 '%s\n' "${disks}" + exit 1 +fi + +disk="$(sort -n -k2 <<< "${disks}" | tail -n1 | awk '{ print $1 }')" +print "identified data volume: ${disk}" + +num_parts="$(lsblk -l -o name | (grep "${disk}." || true) | wc -l)" +print "volume has ${num_parts} partition(s)" +if [[ "${num_parts}" != 1 ]]; then + print "repartitioning so we have exactly one partition" + sfdisk -X gpt "/dev/${disk}" <<< ";" +fi + +part="$(lsblk -l -o name | (grep "${disk}." || true) | head -n1)" +print "identified data partition: ${part}" + +if ! blkid "/dev/${part}" | grep -q "\bUUID="; then + print "no filesystem detected; initializing with ext4" + mkfs.ext4 "/dev/${part}" +fi + +blkid_env="$(blkid /dev/${part} -o export)" +uuid="$(eval "${blkid_env}"; echo "${UUID}")" + +print "identified filesystem UUID: ${uuid}" + +if ! cat /etc/fstab | grep -q "${uuid}"; then + print "filesystem not listed in /etc/fstab; appending" + cat <> /etc/fstab +UUID=${uuid} ${mount_point} ext4 defaults 0 2 +EOF +fi + +mount -a + +print "filesystem mounted at ${mount_point}" + +docker_args="-g ${mount_point}" + +if ! cat /lib/systemd/system/docker.service | grep -q -- "${docker_args}"; then + print "adding '${docker_args}' to docker.service" + sed -Ei "s|ExecStart=.+|& ${docker_args}|" /lib/systemd/system/docker.service + + print "restarting Docker daemon" + systemctl daemon-reload + systemctl restart docker +fi