sovereign-stack/deployment/deploy_vm.sh

#!/bin/bash

set -exu
cd "$(dirname "$0")"

. ./base.sh

## This is a weird if clause since we need to LEFT-ALIGN the statement below.
SSH_STRING="Host ${FQDN}"
if ! grep -q "$SSH_STRING" "$SSH_HOME/config"; then

########## BEGIN
    cat >> "$SSH_HOME/config" <<-EOF

${SSH_STRING}
    HostName ${FQDN}
    User ubuntu
EOF
###

fi

# if the machine doesn't exist, we create it.
if ! lxc list --format csv | grep -q "$LXD_VM_NAME"; then

    # create a base image if needed and instantiate a VM.
    if [ -z "$MAC_ADDRESS_TO_PROVISION" ]; then
        echo "ERROR: You MUST define a MAC Address for all your machines in your project definition."
        echo "INFO: IMPORTANT! You MUST have DHCP Reservations for these MAC addresses. You also need records established the DNS."
        exit 1
    fi

    # TODO ensure we are only GROWING the volume--never shrinking per zfs volume docs.
    BACKUP_DISK_SIZE_GB=
    SSDATA_DISK_SIZE_GB=
    DOCKER_DISK_SIZE_GB=
    if [ "$VIRTUAL_MACHINE" = www ]; then
        if [ -z "$BTCPAY_SERVER_MAC_ADDRESS" ]; then
            exit 0
        fi

        BACKUP_DISK_SIZE_GB="$WWW_BACKUP_DISK_SIZE_GB"
        SSDATA_DISK_SIZE_GB="$WWW_SSDATA_DISK_SIZE_GB"
        DOCKER_DISK_SIZE_GB="$WWW_DOCKER_DISK_SIZE_GB"
    fi

    if [ "$VIRTUAL_MACHINE" = btcpayserver ]; then
        if [ -z "$BTCPAY_SERVER_MAC_ADDRESS" ]; then
            exit 0
        fi

        BACKUP_DISK_SIZE_GB="$BTCPAYSERVER_BACKUP_DISK_SIZE_GB"
        SSDATA_DISK_SIZE_GB="$BTCPAYSERVER_SSDATA_DISK_SIZE_GB"
        DOCKER_DISK_SIZE_GB="$BTCPAYSERVER_DOCKER_DISK_SIZE_GB"
    fi

    if [ "$VIRTUAL_MACHINE" = lnplayserver ]; then
        if [ -z "$LNPLAY_SERVER_MAC_ADDRESS" ]; then
            exit 0
        fi

        BACKUP_DISK_SIZE_GB="$BTCPAYSERVER_BACKUP_DISK_SIZE_GB"
        SSDATA_DISK_SIZE_GB="$BTCPAYSERVER_SSDATA_DISK_SIZE_GB"
        DOCKER_DISK_SIZE_GB="$BTCPAYSERVER_DOCKER_DISK_SIZE_GB"
    fi

    # with lnplay server, we wrap everything up into an image.
    # everything else gets ZFS storage volumes.
    if [ "$VIRTUAL_MACHINE" != lnplayserver ]; then
        EXISTING_STORAGE_VOLUMES=$(lxc storage volume list ss-base -q --format csv)
        if ! echo "$EXISTING_STORAGE_VOLUMES" | grep -q docker; then
            lxc storage volume create ss-base docker --type=block >> /dev/null
            lxc storage volume set ss-base docker size="${DOCKER_DISK_SIZE_GB}GB"
        fi

        if ! echo "$EXISTING_STORAGE_VOLUMES" | grep -q backup; then
            lxc storage volume create ss-base backup --type=filesystem >> /dev/null
            lxc storage volume set ss-base backup size="${BACKUP_DISK_SIZE_GB}GB"
        fi

        if ! lxc storage volume list ss-base --format csv -q --project default | grep -q ss-data; then
            lxc storage volume create ss-base ss-data --type=filesystem >> /dev/null
            lxc storage volume set ss-base ss-data size="${SSDATA_DISK_SIZE_GB}GB"
        fi
    fi

    bash -c "./stub_lxc_profile.sh --vm=$VIRTUAL_MACHINE --lxd-hostname=$LXD_VM_NAME"

    # we need to do this in a pseduo-TTY since it doesn't execute within a docker container
    mkdir -p /tmp/ss

    # lnplayserver uses a different base image, but that's ok.
    BASE_IMAGE_NAME="$DOCKER_BASE_IMAGE_NAME"
    if [ "$VIRTUAL_MACHINE" = lnplayserver ] && lxc image list -q --format csv | grep -q "$LNPLAY_BASE_IMAGE_NAME,"; then
        BASE_IMAGE_NAME="$LNPLAY_BASE_IMAGE_NAME"
    fi

    script -q -f /tmp/ss/typescript -c "lxc init -q $BASE_IMAGE_NAME $LXD_VM_NAME --vm --profile=$LXD_VM_NAME" >> /dev/null

    # let's PIN the HW address for now so we don't exhaust IP
    # and so we can set DNS internally.
    lxc config set "$LXD_VM_NAME" "volatile.enp5s0.hwaddr=$MAC_ADDRESS_TO_PROVISION"

    # record the expiration date of the VM in the user data.
    if [ -n "$VM_EXPIRATION_DATE" ]; then
        lxc config set "$LXD_VM_NAME" user.expiration_date "$VM_EXPIRATION_DATE"
    fi

    # record the order id in the VM user data.
    if [ -n "$ORDER_ID" ]; then
        lxc config set "$LXD_VM_NAME" user.order_id "$ORDER_ID"
    fi

    # lnplayserver doesnt have any ZFS volumes; everything is built into the image.
    if [ "$VIRTUAL_MACHINE" != lnplayserver ]; then
        # attach the docker block device.
        lxc storage volume attach ss-base docker "$LXD_VM_NAME"

        # attach the ss-data volume.
        lxc storage volume attach ss-base ss-data "$LXD_VM_NAME" ss-data "$REMOTE_DATA_PATH"
    fi

    # fi
    # if [ "$VIRTUAL_MACHINE" = btcpayserver ]; then
    #     # attach any volumes
    #     for CHAIN in testnet mainnet; do
    #         for DATA in blocks chainstate; do
    #             MOUNT_PATH="/$CHAIN-$DATA"
    #             lxc config device add "$LXD_VM_NAME" "$CHAIN-$DATA" disk pool=ss-base source="$CHAIN-$DATA" path="$MOUNT_PATH"
    #         done
    #     done
    # fi

    lxc start "$LXD_VM_NAME"
    sleep 15

    bash -c "./wait_for_lxc_ip.sh --lxd-name=$LXD_VM_NAME"

    # scan the remote machine and install it's identity in our SSH known_hosts file.
    ssh-keyscan -H "$FQDN" >> "$SSH_HOME/known_hosts"

    SSH_PUBKEY=$(cat "$SSH_PUBKEY_PATH")

    # we push the management environment's ssh public key to the ubuntu  user via the lxc management plane.
    # this is needed in case the management plane's SSH key changes since the base image was created.
    lxc file push "$SSH_PUBKEY_PATH" "$LXD_VM_NAME/$REMOTE_HOME/.ssh/authorized_keys" >> /dev/null

    if [ "$VIRTUAL_MACHINE" != lnplayserver ]; then
        ssh "ubuntu@$FQDN" "sudo chown ubuntu:ubuntu $REMOTE_DATA_PATH"
        ssh "ubuntu@$FQDN" "sudo chown -R ubuntu:ubuntu $REMOTE_BACKUP_PATH"
    fi
fi