fixup! Makefile: reset only if config.json is changed

Makefile: reset only if config.json is changed
config.yaml: reverse proxy matrix stuff
2026-02-21 08:36:59 +00:00 · 2026-02-08 06:07:29 +02:00 · 2026-02-08 06:05:57 +02:00 · 2026-02-08 05:42:19 +02:00 · 2026-02-08 05:41:58 +02:00 · 2026-02-08 04:51:20 +02:00
2 changed files with 46 additions and 15 deletions
--- a/13
+++ b/13
@@ -5,11 +5,8 @@ config.json: config.yaml
 	  --pretty \
 	  < config.yaml > config.json
-reset: config.json
+.reset: config.json
-	if ! [[ -f config.json && -s config.json ]]; then \
+	-rm .reset
 	  echo "No config.json" && \
 	  exit 1; \
 	fi; \
 	ssh -o ControlMaster=auto -o ControlPath=/tmp/ssh_mux_%h_%p_%r -o ControlPersist=10s -fN akpella && \
 	TEMPDIR=$$(ssh -o ControlPath=/tmp/ssh_mux_%h_%p_%r akpella "cd /tmp && mktemp -d") && \
 	scp -o ControlPath=/tmp/ssh_mux_%h_%p_%r config.json akpella:$${TEMPDIR} && \
@@ -17,10 +14,14 @@ reset: config.json
 	  sudo flatcar-reset \
 	  --ignition-file $${TEMPDIR}/config.json \
 	  --keep-machine-id \
-	  --keep-paths '/etc/ssh/ssh_host_.*' /var/log && \
+	  --keep-paths '/etc/ssh/ssh_host_.*' '/opt/caddy/' '/opt/matrixdotorg-synapse/' /var/log && \
 	ssh -o ControlPath=/tmp/ssh_mux_%h_%p_%r akpella \
 	  sudo systemctl reboot && \
 	ssh -o ControlPath=/tmp/ssh_mux_%h_%p_%r -O exit akpella;
 	touch .reset
 reset: .reset
 .PHONY: reset
 update:
 	VER=$$(curl -fsSL https://stable.release.flatcar-linux.net/amd64-usr/current/version.txt | grep FLATCAR_VERSION= | cut -d = -f 2) && \
--- a/config.yaml
+++ b/config.yaml
@@ -41,10 +41,11 @@ storage:
          127.0.0.1       localhost akpella.fst.ee
          ::1             localhost akpella.fst.ee
    - path: /opt/caddy/etc/caddy/Caddyfile
      overwrite: true
      contents:
        inline: |
          {
-            acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
+            #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
            email akpall+akpella@fst.ee
          }
@@ -53,27 +54,51 @@ storage:
            file_server
          }
          fst.ee:8448 {
            reverse_proxy /_matrix/* matrixdotorg-synapse:8008
          }
          matrix.fst.ee {
-            reverse_proxy http://[::1]:8008
+            reverse_proxy /_matrix/* matrixdotorg-synapse:8008
            reverse_proxy /_synapse/client/* matrixdotorg-synapse:8008
          }
    - path: /opt/caddy/var/www/html/index.html
      overwrite: true
      contents:
        inline: |
          <h1>no</h1>
 systemd:
  units:
-    - name: matrixdotorg-synapse.service
+    - name: docker-network-setup.service
      enabled: true
      contents: |
        [Unit]
-        Description=Synapse: Matrix homeserver written in Python/Twisted + Rust
+        Description=Create docker network: caddy-network
        After=docker.service
        Requires=docker.service
        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/usr/bin/docker network create caddy-network
        [Install]
        WantedBy=multi-user.target
    - name: docker-matrixdotorg-synapse.service
      enabled: true
      contents: |
        [Unit]
        Description=Synapse: Matrix homeserver written in Python/Twisted + Rust
        After=docker.service \
              docker-network-setup
        Requires=docker.service \
                 docker-network-setup
        [Service]
        ExecStartPre=/usr/bin/docker run \
          --name=matrixdotorg-synapse \
          --network=caddy-network \
          --rm \
          --mount type=bind,src=/opt/matrixdotorg-synapse/data,dst=/data \
          -e SYNAPSE_SERVER_NAME=matrix.fst.ee \
@@ -81,29 +106,34 @@ systemd:
          matrixdotorg/synapse:latest generate
        ExecStart=docker run \
          --name=matrixdotorg-synapse \
          --network=caddy-network \
          --rm \
          --mount type=bind,src=/opt/matrixdotorg-synapse/data,dst=/data \
          -p 127.0.0.1:8008:8008 \
          -p [::1]:8008:8008 \
          matrixdotorg/synapse:latest
        [Install]
        WantedBy=multi-user.target
-    - name: caddy.service
+    - name: docker-caddy.service
      enabled: true
      contents: |
        [Unit]
        Description=Caddy 2 is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go.
-        After=docker.service
+        After=docker.service \
-        Requires=docker.service
+              docker-network-setup
        Requires=docker.service \
                 docker-network-setup
        [Service]
        ExecStart=docker run \
          --name=caddy \
          --network=caddy-network \
          --rm \
          --mount type=bind,src=/opt/caddy/etc/caddy,dst=/etc/caddy \
          --mount type=bind,src=/opt/caddy/var/www/html,dst=/var/www/html \
          --mount type=bind,src=/opt/caddy/data,dst=/data \
          -p 80:80 \
          -p 443:443 \
          -p 8448:8448 \
          caddy:latest
        [Install]
Author	SHA1	Message	Date
Allen-Kristjan Päll	2e70874bfc	fixup! Makefile: reset only if config.json is changed	2026-02-08 06:07:29 +02:00
Allen-Kristjan Päll	d091d71e8c	Makefile: reset only if config.json is changed	2026-02-08 06:05:57 +02:00
Allen-Kristjan Päll	6ae03a65cf	config.yaml: reverse proxy matrix stuff	2026-02-08 05:42:19 +02:00
Allen-Kristjan Päll	11a2902cc8	config.yaml: create docker network and use it	2026-02-08 05:41:58 +02:00
Allen-Kristjan Päll	3aeadacca5	config.yaml: comment out staging letsencrypt, use live	2026-02-08 04:51:20 +02:00
Allen-Kristjan Päll	8ab19813c5	config.yaml: rm containers after exit	2026-02-08 04:51:20 +02:00
Allen-Kristjan Päll	b27ca56e3e	config.yaml: overwrite	2026-02-08 04:51:20 +02:00
Allen-Kristjan Päll	7b0c188c84	Makefile: more --keep-paths	2026-02-08 04:51:20 +02:00