README.md |
srv
scaffold one or all of the dnim
api, database, ui on a bare debian image
re-runnable and idempotent; changes to configuration does the same work as initial setup without losing state.
inputs
script input is read from ./config.yml
:
db:
linux_user:
username: "foo_db"
allowed_ssh_public_keys: ['ssh-ed25519 <snip> my special ssh key']
persist: ["data"] # files not listed will be deleted when script is re-run. relative paths are resolved from /home/<db.linux_user.username>
port:
local: 5432
public: 0 # `0` means not publicly accessible; only local traffic (e.g. ssh sessions) may connect
domain: "db.dnim.org"
pg_admin:
username: "postgres"
password: "password"
api:
linux_user:
username: "foo_api"
allowed_ssh_public_keys: ['ssh-ed25519 <snip> my special ssh key']
persist: ["data"] # files not listed will be deleted when script is re-run. relative paths are resolved from /home/<api.linux_user.username>
port:
local: 1234
public: 1234
domain: "api.dnim.org"
ui:
linux_user:
username: "foo_ui"
allowed_ssh_public_keys: ['ssh-ed25519 <snip> my special ssh key']
persist: ["data"] # files not listed will be deleted when script is re-run. relative paths are resolved from /home/<ui.linux_user.username>
port:
local: 1234
public: 1234
domain: "dnim.org"
top-level keys db
, api
, or ui
may be omitted to separately deploy instances of each service.
observable outputs
- linux user
db.linux_user.username
is created- runs postgres 15.3 instance
- listens on port
db.port.local
(anddb.port.public
if nonzero) - stores postgres data at
/home/<db.linux_user.username>/data
- instance has a user with credentials of
db.pg_admin
- listens on port
- runs postgres 15.3 instance
running
copy this repository to the debian image, ex with sshfs:
> mkdir ./ext
> sshfs user@host:/mnt ./ext
> rm ./ext/*
> cp ./src/* ./ext/
then on the host:
> /mnt/000-entry.sh