This repository has been archived by the owner on Oct 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Taskfile.yaml
184 lines (167 loc) · 6.19 KB
/
Taskfile.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
---
# yaml-language-server: $schema=https://taskfile.dev/schema.json
version: "3"
env:
SOPS_AGE_KEY_FILE: '{{.ROOT_DIR}}/age.key'
vars:
# renovate: datasource=github-releases depName=getsops/sops
SOPS_VERSION: v3.8.1
includes:
app: ./apps
x-preconditions:
- ¬-root
msg: must not be run as root
sh: '[[ $LOGNAME != "root" ]]'
- &container-service-not-found
msg: container service '{{.container}}' not found
sh: systemctl status {{.container}}
- &container-not-found
msg: container '{{.container}}' not found
sh: sudo podman inspect {{.container}}
- &container-file-not-found
msg: file 'apps/{{.container}}/{{.container}}.container' not found
sh: test -f {{.ROOT_DIR}}/apps/{{.container}}/{{.container}}.container
- &container-directory-not-found
msg: directory 'apps/{{.container}}/data' not found
sh: test -d {{.ROOT_DIR}}/apps/{{.container}}/data
tasks:
default:
cmd: go-task -l
silent: true
deps:
desc: Install System Deps
cmds:
- sudo rpm-ostree install --idempotent --assumeyes age bind-utils direnv expect fastfetch fish fzf gh git go-task gron htop moreutils nano net-tools netcat nmap rsync systemd-networkd tcpdump telnet tree wget yq zoxide
- sudo rpm-ostree install --idempotent --assumeyes https://github.com/getsops/sops/releases/download/{{.SOPS_VERSION}}/sops-{{.SOPS_VERSION | replace "v" ""}}.x86_64.rpm
- sudo rpm-ostree install --idempotent --assumeyes https://downloads.1password.com/linux/rpm/stable/x86_64/1password-cli-latest.x86_64.rpm
preconditions:
- *not-root
start-*:
desc: Start a container service
cmds:
- task: reload-{{.container}}
- sudo systemctl start {{.container}}
- sudo systemctl is-active --quiet {{.container}} || exit 1
- sudo podman ps --all --filter name={{.container}} --format "{{ `{{.Names}} - {{.Image}} - {{.Status}}` }}"
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
stop-*:
desc: Stop a container service
cmd: sudo systemctl stop {{.container}}
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
- *container-service-not-found
restart-*:
desc: Restart a container service
cmds:
- task: reload-{{.container}}
- sudo systemctl restart {{.container}}
- sudo systemctl is-active --quiet {{.container}} || exit 1
- sudo podman ps --all --filter name={{.container}} --format "{{ `{{.Names}} - {{.Image}} - {{.Status}}` }}"
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
- *container-service-not-found
status-*:
desc: Status of a container service
cmd: sudo systemctl status {{.container}}
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
- *container-service-not-found
reload-*:
desc: Reload a container service
cmds:
- sudo rsync -rv {{.ROOT_DIR}}/apps/{{.container}}/{{.container}}.container /etc/containers/systemd/
- sudo rsync -rv --mkpath --delete {{.ROOT_DIR}}/apps/{{.container}}/data/{{- if eq .CLI_FORCE false }}config/{{ end }} /etc/containers/systemd/{{.container}}{{- if eq .CLI_FORCE false }}/config{{ end }}
- sudo --preserve-env bash -c "find /etc/containers/systemd/{{.container}}/config -type f -name "*.sops.*" -print0 | xargs -0 -I {} sops --config {{.ROOT_DIR}}/.sops.yaml --decrypt --in-place {}"
- sudo systemctl daemon-reload
sources:
- '{{.ROOT_DIR}}/apps/{{.container}}/{{.container}}.container'
- '{{.ROOT_DIR}}/apps/{{.container}}/data/config/**/**'
generates:
- /etc/containers/systemd/{{.container}}.container
- /etc/containers/systemd/{{.container}}/config/**/**
- /run/systemd/generator/{{.container}}.service
label: reload-{{.container}}
preconditions:
- *not-root
- *container-file-not-found
- *container-directory-not-found
vars:
container: '{{index .MATCH 0}}'
remove-*:
desc: Remove a container service
prompt: Remove the '{{.container}}' container ... continue?
cmds:
- task: stop-{{.container}}
- sudo rm /etc/containers/systemd/{{.container}}.container
- sudo rm -rf /etc/containers/systemd/{{.container}}
- sudo rm -rf /run/systemd/generator/{{.container}}.service
- sudo systemctl daemon-reload
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
logs-*:
desc: Tail logs of a container
cmd: sudo podman logs -f {{.container}}
vars:
container: '{{index .MATCH 0}}'
preconditions:
- *not-root
- *container-not-found
list:
desc: List all containers
cmd: sudo podman ps --all --format '{{ `{{.Names}}\t{{.Status}}\t{{.Networks}}` }}' --sort names | column -s$'\t' --table
preconditions:
- *not-root
dotfiles:
desc: Setup dotfiles
cmds:
- | # Nano
git -C ~/.nano pull || git clone https://github.com/galenguyer/nano-syntax-highlighting ~/.nano
- | # Direnv
mkdir -p /home/$LOGNAME/.config/direnv && \
tee /home/$LOGNAME/.config/direnv/direnv.toml > /dev/null <<EOF
[whitelist]
prefix = [ "/var/opt/home-service" ]
EOF
- | # Fish Hooks
tee /home/$LOGNAME/.config/fish/conf.d/hooks.fish > /dev/null <<EOF
if status is-interactive
if type -q direnv
direnv hook fish | source
end
if type -q starship
starship init fish | source
end
if type -q zoxide
zoxide init fish | source
end
end
EOF
- | # Fish Aliases
tee /home/$LOGNAME/.config/fish/conf.d/aliases.fish > /dev/null <<EOF
alias task go-task
EOF
- | # Fish Greeting
tee /home/$LOGNAME/.config/fish/conf.d/fish_greeting.fish > /dev/null <<EOF
function fish_greeting
fastfetch
end
EOF
- | # Fish Completions
curl -fsSL -o /home/$LOGNAME/.config/fish/completions/task.fish \
https://raw.githubusercontent.com/go-task/task/main/completion/fish/task.fish
preconditions:
- *not-root
ips:
desc: Get container IPs
cmd: ./hack/ipvlanaddrs.sh