Update 18 files

- /home/Cloud/Private/remove_dot_gitkeep - /home/Cloud/Public/remove_dot_gitkeep - /home/dot_config/docker/plugins.json - /home/dot_config/rclone/merge_rclone.conf - /home/dot_config/rclone/s3-docker.service.tmpl - /home/dot_config/rclone/s3-private.service.tmpl - /home/dot_config/rclone/s3-public.service.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl - /home/dot_config/rclone/s3-user.service.tmpl - /home/dot_config/rclone/private_system-rclone.conf.tmpl - /home/dot_config/rclone/merge_private_rclone.conf - /home/dot_config/rclone/system/s3-private.service.tmpl - /home/dot_config/rclone/system/s3-public.service.tmpl - /home/dot_config/rclone/private_docker-rclone.conf.tmpl - /home/Cloud/symlink_Private - /home/Cloud/symlink_Public - /home/Cloud/symlink_User
2023-01-30 04:44:55 +00:00 · 2023-01-30 04:44:55 +00:00 · ea26c8038e
commit ea26c8038e
parent d8769e8ad1
16 changed files with 119 additions and 124 deletions
--- a/home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl
@ -6,30 +6,8 @@
 {{ includeTemplate "universal/profile" }}
 {{ includeTemplate "universal/logg" }}

-### Docker Clip
-if [ -f "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-clip" ]; then
-    logg info 'Adding Docker clip commands. For more details check out https://github.com/lukaszlach/clip/'
-    docker clip add || EXIT_CODE=$?
-    if [ -n "$EXIT_CODE" ]; then
-        logg error 'Failed to run `docker clip add`'
-    fi
-fi
-
-### Docker Convoy
-if [ ! -f /etc/docker/plugins/convoy.spec ]; then
-    logg info 'Adding the Docker Convoy plugin'
-    sudo mkdir -p /etc/docker/plugins
-    sudo bash -c 'echo "unix:///var/run/convoy/convoy.sock" > /etc/docker/plugins/convoy.spec'
-    cd "$HOME/.local/src"
-    tar xvzf convoy.tar.gz
-    sudo cp convoy/convoy convoy/convoy-pdata_tools /usr/local/bin/
-    rm -rf convoy
-else
-    logg info 'Docker Convoy already added at /etc/docker/plugins/convoy.spec'
-fi
-
 ### Docker push-rm
-if [ ! -f "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm" ]; then
+if [ ! -f "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm" ]; then
    logg info 'Acquiring release information for Docker push-rm'
    RELEASE_TAG="$(curl -sSL https://api.github.com/repos/christian-korneck/docker-pushrm/releases/latest | jq -r '.tag_name')"
    mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins"
@ -41,15 +19,20 @@ else
    logg info 'Docker push-rm already added'
 fi

-{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-digitalocean-pat")) -}}
-### Docker DigitalOcean Block Storage
-docker plugin install --grant-all-permissions rexray/dobs DOBS_TOKEN={{ includeTemplate "secrets/key-digitalocean-pat" | decrypt -}} DOBS_REGION={{ .host.docker.doRegion }} LINUX_VOLUME_FILEMODE=0775
-{{ end -}}
+### Docker Rclone plugin
+# Source: https://rclone.org/docker/
+if [ ! -d /var/lib/docker-plugins/rclone/config ]; then
+    logg info 'Creating directory /var/lib/docker-plugins/rclone/config'
+    sudo mkdir -p /var/lib/docker-plugins/rclone/config
+fi
+if [ ! -d /var/lib/docker-plugins/rclone/cache ]; then
+    logg info 'Creating directory /var/lib/docker-plugins/rclone/cache'
+    sudo mkdir -p /var/lib/docker-plugins/rclone/cache
+fi
+sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/docker-rclone.conf /var/lib/docker-plugins/rclone/config/rclone.conf
+if ! docker plugin ls | grep 'rclone:latest' > /dev/null; then
+    docker plugin install rclone/docker-volume-rclone:amd64 args="-v" --alias rclone --grant-all-permissions
+fi

-### Docker plugins (defined in ~/.config/docker/plugins.json)
-jq -r '.plugins[]' "${XDG_CONFIG_HOME:-$HOME/.config}/docker/plugins.json" | while read PLUGIN; do
-    logg info 'Installing the `'"$PLUGIN"'` Docker plugin'
-    docker plugin install --grant-all-permissions "$PLUGIN"
-done

 {{ end -}}
--- a/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl
@ -4,18 +4,16 @@
 {{ includeTemplate "universal/profile" }}
 {{ includeTemplate "universal/logg" }}

-if rclone -v rclone > /dev/null; then
+if command -v rclone > /dev/null; then
    logg info 'Ensuring /var/cache/rclone exists'
    sudo mkdir -p /var/cache/rclone
    sudo chmod 700 /var/cache/rclone
+    sudo chown -Rf rclone:rclone /var/cache/rclone

    logg info 'Ensuring /var/log/rclone exists'
    sudo mkdir -p /var/log/rclone
    sudo chmod 700 /var/log/rclone
-
-    logg info 'Ensuring /mnt/s3-docker exists'
-    sudo mkdir -p /mnt/s3-docker
-    sudo chmod 700 /mnt/s3-docker
+    sudo chown -Rf rclone:rclone /var/log/rclone

    logg info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin'
    sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount
@ -25,13 +23,31 @@ if rclone -v rclone > /dev/null; then
    sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/rcloneignore" /etc/rcloneignore
    sudo chmod 644 /etc/rcloneignore

-    if [ -d /etc/systemd/system ]; then
-        logg info 'Adding Docker S3 rclone mount (available at /mnt/docker-s3)'
-        sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/s3-docker.service" /etc/systemd/system/docker-s3.service
-        logg info 'Enabling / restarting the S3 Docker mount'
-        sudo systemctl enable docker-s3
-        sudo systemctl restart docker-s3
+    logg info 'Adding ~/.config/rclone/system-rclone.conf to /etc/rclone.conf'
+    sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/system-rclone.conf /etc/rclone.conf

+    ### Add / configure service files
+    if [ -d /etc/systemd/system ]; then
+        find "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/system" -mindepth 1 -maxdepth 1 -type f | while read RCLONE_SERVICE; do
+            ### Add systemd service file
+            logg info "Adding S3 system mount service defined at $RCLONE_SERVICE"
+            FILENAME="$(basename "$RCLONE_SERVICE")"
+            SERVICE_ID="$(echo "$FILENAME" | sed 's/.service//')"
+            sudo cp -f "$RCLONE_SERVICE" "/etc/systemd/system/$(basename "$RCLONE_SERVICE")"
+
+            ### Ensure mount folder is created
+            logg info "Ensuring /mnt/$SERVICE_ID is created with proper permissions"
+            sudo mkdir -p "/mnt/$SERVICE_ID"
+            sudo chmod 770 "/mnt/$SERVICE_ID"
+            sudo chown -Rf rclone:rclone "/mnt/$SERVICE_ID"
+
+            ### Enable / restart the service
+            logg info "Enabling / restarting the $ S3 service"
+            sudo systemctl enable "$SERVICE_ID"
+            sudo systemctl restart "$SERVICE_ID"
+        done
+
+        ### Add user Rclone mount
        logg info 'Adding user S3 rclone mount (available at ~/.local/mnt/s3)'
        sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/s3-user.service" "/etc/systemd/system/${USER}-s3.service"
        logg info 'Enabling / restarting the S3 user mount'
--- a/home/Cloud/Private/remove_dot_gitkeep
+++ b/home/Cloud/Private/remove_dot_gitkeep
--- a/home/Cloud/Public/remove_dot_gitkeep
+++ b/home/Cloud/Public/remove_dot_gitkeep
--- a/home/Cloud/symlink_Private
+++ b/home/Cloud/symlink_Private
@ -0,0 +1,3 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+/mnt/s3-private
+{{- end -}}
--- a/home/Cloud/symlink_Public
+++ b/home/Cloud/symlink_Public
@ -0,0 +1,3 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+/mnt/s3-public
+{{- end -}}
--- a/home/Cloud/symlink_User
+++ b/home/Cloud/symlink_User
@ -0,0 +1,3 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+{{ .host.home }}/.local/mnt/s3
+{{- end -}}
--- a/home/dot_config/docker/plugins.json
+++ b/home/dot_config/docker/plugins.json
@ -1,6 +0,0 @@
-{
-    "plugins" [
-        "sapk/plugin-rclone",
-        "vieux/sshfs"
-    ]
-}
--- a/home/dot_config/rclone/merge_private_rclone.conf
+++ b/home/dot_config/rclone/merge_private_rclone.conf
@ -0,0 +1,28 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+#!/usr/bin/env bash
+
+CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
+if cat "$CONFIG_FILE" | grep '# MEGABYTE LABS MANAGED S3'; then
+  # TODO: Remove old block
+  START_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
+  END_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
+  if command -v gsed > /dev/null; then
+    gsed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE"
+  else
+    sed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE"
+  fi
+fi
+
+tee -a "$CONFIG_FILE" > /dev/null <<EOT
+# MEGABYTE LABS MANAGED S3
+[{{ .user.username}}-s3]
+type = s3
+provider = Cloudflare
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
+region = auto
+endpoint = {{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/user
+acl = private
+# MEGABYTE LABS MANAGED S3
+EOT
+{{- end }}
--- a/home/dot_config/rclone/merge_rclone.conf
+++ b/home/dot_config/rclone/merge_rclone.conf
@ -1,60 +0,0 @@
-{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
-#!/usr/bin/env bash
-
-CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
-if cat "$CONFIG_FILE" | grep '# MEGABYTE LABS MANAGED S3'; then
-  # TODO: Remove old block
-  START_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
-  END_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
-  if command -v gsed > /dev/null; then
-    gsed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE"
-  else
-    sed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE"
-  fi
-fi
-
-tee -a "$CONFIG_FILE" > /dev/null <<EOT
-# MEGABYTE LABS MANAGED S3
-[{{ .user.username}}-s3]
-type = s3
-provider = Cloudflare
-access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-region = auto
-endpoint = https://{{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/user
-acl = private
-[docker]
-type = s3
-provider = Cloudflare
-env_auth = false
-access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-endpoint = open.nyc3.digitaloceanspaces.com
-acl = private
-[private]
-type = s3
-provider = Cloudflare
-env_auth = false
-access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-endpoint = {{ }}
-acl = private
-[public]
-type = s3
-provider = Cloudflare
-env_auth = false
-access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-endpoint = open.nyc3.digitaloceanspaces.com
-acl = public-read
-[system]
-type = s3
-provider = Cloudflare
-env_auth = false
-access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-endpoint = open.nyc3.digitaloceanspaces.com
-acl = private
-# MEGABYTE LABS MANAGED S3
-EOT
-{{- end }}
--- a/home/dot_config/rclone/private_docker-rclone.conf.tmpl
+++ b/home/dot_config/rclone/private_docker-rclone.conf.tmpl
@ -0,0 +1,11 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+[docker]
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
+acl = private
+endpoint = {{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/docker
+env_auth = false
+provider = Cloudflare
+region = auto
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
+type = s3
+{{ end -}}
--- a/home/dot_config/rclone/private_system-rclone.conf.tmpl
+++ b/home/dot_config/rclone/private_system-rclone.conf.tmpl
@ -0,0 +1,28 @@
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
+[private]
+type = s3
+provider = Cloudflare
+env_auth = false
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
+endpoint = {{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/private
+acl = private
+
+[public]
+type = s3
+provider = Cloudflare
+env_auth = false
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
+endpoint = {{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/public
+acl = public-read
+
+[system]
+type = s3
+provider = Cloudflare
+env_auth = false
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
+endpoint = {{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/system
+acl = private
+{{ end -}}
--- a/home/dot_config/rclone/s3-docker.service.tmpl
+++ b/home/dot_config/rclone/s3-docker.service.tmpl
@ -1,14 +0,0 @@
-[Unit]
-Description=rclone S3 system service (docker)
-After=network-online.target
-
-[Service]
-Type=simple
-User=rclone
-ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "s3-docker"
-ExecStop=/bin/fusermount -u /mnt/s3-docker
-Restart=always
-RestartSec=10
-
-[Install]
-WantedBy=default.target
--- a/home/dot_config/rclone/s3-user.service.tmpl
+++ b/home/dot_config/rclone/s3-user.service.tmpl
@ -12,4 +12,4 @@ Restart=always
 RestartSec=10

 [Install]
-WantedBy=default.target
+WantedBy=default.target
--- a/home/dot_config/rclone/system/s3-private.service.tmpl
+++ b/home/dot_config/rclone/system/s3-private.service.tmpl
--- a/home/dot_config/rclone/system/s3-public.service.tmpl
+++ b/home/dot_config/rclone/system/s3-public.service.tmpl