The rest.

deployment/deploy_vm.sh

@@ -10,7 +10,7 @@ SSH_STRING="Host ${FQDN}"
 if ! grep -q "$SSH_STRING" "$SSH_HOME/config"; then
 
 ########## BEGIN
-cat >> "$SSH_HOME/config" <<-EOF
+    cat >> "$SSH_HOME/config" <<-EOF
 
 ${SSH_STRING}
     HostName ${FQDN}

deployment/remote.sh

@@ -222,7 +222,7 @@ if wait-for-it -t 20 "$FQDN:8443"; then
     lxc remote add "$REMOTE_NAME" "$FQDN" --password="$LXD_REMOTE_PASSWORD" --protocol=lxd --auth-type=tls --accept-certificate
     lxc remote switch "$REMOTE_NAME"
 
-    echo "INFO: You have create a new remote named '$REMOTE_NAME'. Your lxc client is now target it."
+    echo "INFO: A new remote named '$REMOTE_NAME' has been created. Your LXC client has been switched to it."
 else
     echo "ERROR: Could not detect the LXD endpoint. Something went wrong."
     exit 1
@@ -251,5 +251,7 @@ if ! lxc storage list --format csv | grep -q ss-base; then
     # done
 
 else
-    echo "WARNING! The host '$FQDN' appears to have Sovereign Stack worksloads already provisioned. Proceed with care."
+    echo "WARNING! The host '$FQDN' appears to have Sovereign Stack worksloads already provisioned."
+    echo "INFO: Here are your current Deployments."
+    lxc project list -q
 fi

deployment/stub_lxc_profile.sh

@@ -135,6 +135,9 @@ EOF
             {
                 "registry-mirrors": [
                   "${REGISTRY_URL}"
+                ],
+                "labels": [
+                    "PROJECT_COMMIT=${PROJECT_GIT_COMMIT}"
                 ]
             }
 

deployment/target.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+export TARGET_PROJECT_GIT_COMMIT=7da3f29f42d20fe56f67362fac210dcd1ab863b0

deployment/up.sh

@@ -34,7 +34,7 @@ if lxc remote get-default | grep -q "production"; then
 
 fi
 
-
+OTHER_SITES_LIST=
 PRIMARY_DOMAIN=
 RUN_CERT_RENEWAL=true
 SKIP_BASE_IMAGE_CREATION=false
@@ -151,10 +151,6 @@ export RESTORE_CERTS="$RESTORE_CERTS"
 # todo convert this to Trezor-T
 SSH_PUBKEY_PATH="$SSH_HOME/id_rsa.pub"
 export SSH_PUBKEY_PATH="$SSH_PUBKEY_PATH"
-if [ ! -f "$SSH_PUBKEY_PATH" ]; then
-    # generate a new SSH key for the base vm image.
-    ssh-keygen -f "$SSH_HOME/id_rsa" -t ecdsa -b 521 -N ""
-fi
 
 # ensure our remote path is created.
 mkdir -p "$REMOTE_PATH"
@@ -192,7 +188,7 @@ function stub_site_definition {
 
             # stub out a site.conf with new passwords.
             cat >"$SITE_DEFINITION_PATH" <<EOL
-# https://www.sovereign-stack.org/ss-deploy/#siteconf
+# https://www.sovereign-stack.org/ss-up/#siteconf
 
 DOMAIN_NAME="${DOMAIN_NAME}"
 # BTCPAY_ALT_NAMES="tip,store,pay,send"
@@ -240,7 +236,7 @@ if [ ! -f "$PROJECT_DEFINITION_PATH" ]; then
 
         # stub out a project.conf
     cat >"$PROJECT_DEFINITION_PATH" <<EOL
-# see https://www.sovereign-stack.org/ss-deploy/#projectconf for more info.
+# see https://www.sovereign-stack.org/ss-up/#projectconf for more info.
 
 PRIMARY_DOMAIN="domain0.tld"
 # OTHER_SITES_LIST="domain1.tld,domain2.tld,domain3.tld"
@@ -258,7 +254,7 @@ EOL
 
     chmod 0744 "$PROJECT_DEFINITION_PATH"
     echo "INFO: we stubbed a new project.conf for you at '$PROJECT_DEFINITION_PATH'. Go update it!"
-    echo "INFO: Learn more at https://www.sovereign-stack.org/ss-deploy/"
+    echo "INFO: Learn more at https://www.sovereign-stack.org/ss-up/"
 
     exit 1
 fi
@@ -423,7 +419,6 @@ done
 # now let's run the www and btcpay-specific provisioning scripts.
 if [ "$SKIP_WWW" = false ]; then
     ./project/www/go.sh
-    ssh ubuntu@"$PRIMARY_WWW_FQDN" "echo $LATEST_GIT_COMMIT > /home/ubuntu/.ss-githead"
 else
     echo "INFO: Skipping www VM."
 fi
@@ -432,8 +427,6 @@ export DOMAIN_NAME="$PRIMARY_DOMAIN"
 export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
 if [ "$SKIP_BTCPAY" = false ]; then    
     ./project/btcpayserver/go.sh
-
-    ssh ubuntu@"$BTCPAY_FQDN" "echo $LATEST_GIT_COMMIT > /home/ubuntu/.ss-githead"
 else
     echo "INFO: Skipping the btcpayserver VM."
 fi

deployment/update.sh

@@ -49,7 +49,7 @@ for VM in www btcpayserver; do
 
     # if the VM doesn't exist, the we emit an error message and hard quit.
     if ! lxc list --format csv | grep -q "$LXD_NAME"; then
-        echo "ERROR: there is no VM named '$LXD_NAME'. You probably need to run ss-deploy again."
+        echo "ERROR: there is no VM named '$LXD_NAME'. You probably need to run ss-up again."
         exit 1
     fi
 done

install.sh

@@ -219,3 +219,17 @@ fi
 if [ "$ADDED_COMMAND" = true ]; then
     echo "NOTICE! You need to run 'source ~/.bashrc' before continuing. After that, type 'ss-manage' to enter your management environment."
 fi
+
+. ./deployment/target.sh
+
+# As part of the install script, we pull down any other sovereign-stack git repos
+PROJECTS_SCRIPTS_REPO_URL="https://git.sovereign-stack.org/ss/project"
+PROJECTS_SCRIPTS_PATH="$(pwd)/deployment/project"
+if [ ! -d "$PROJECTS_SCRIPTS_PATH" ]; then
+    git clone "$PROJECTS_SCRIPTS_REPO_URL" "$PROJECTS_SCRIPTS_PATH"
+else
+    cd "$PROJECTS_SCRIPTS_PATH"
+    git -c advice.detachedHead=false pull origin main
+    git checkout "$TARGET_PROJECT_GIT_COMMIT"
+    cd -
+fi