chore: init
This commit is contained in:
25
script/build-binary.sh
Executable file
25
script/build-binary.sh
Executable file
@@ -0,0 +1,25 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
: "${FLAVOUR_NAME:?}"
|
||||
: "${CUDA_HOME:?}"
|
||||
: "${CARGO_FEATURES:?}"
|
||||
: "${CUDA_COMPUTE_CAP:?}"
|
||||
: "${SRC_DIR:?}"
|
||||
|
||||
export PATH="${CUDA_HOME}/bin:${PATH}"
|
||||
export LD_LIBRARY_PATH="${CUDA_HOME}/targets/x86_64-linux/lib:${CUDA_HOME}/lib64:${LD_LIBRARY_PATH:-}"
|
||||
|
||||
cd "${SRC_DIR}"
|
||||
|
||||
# --locked ensures Cargo.lock is respected; fails loud if it's out of sync
|
||||
# rather than silently resolving to different versions.
|
||||
cargo build --release --locked --features "${CARGO_FEATURES}"
|
||||
|
||||
mkdir -p ../artifacts
|
||||
cp target/release/mistralrs-server "../artifacts/mistralrs-server-${FLAVOUR_NAME}"
|
||||
|
||||
# Also grab the other binaries if you want them
|
||||
cp target/release/mistralrs "../artifacts/mistralrs-${FLAVOUR_NAME}" 2>/dev/null || true
|
||||
|
||||
echo "Built $(../artifacts/mistralrs-server-${FLAVOUR_NAME} --version 2>&1 | head -1)"
|
||||
24
script/publish-repo.sh
Executable file
24
script/publish-repo.sh
Executable file
@@ -0,0 +1,24 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
RPM_DIR="${1:?usage: $0 <rpm-directory>}"
|
||||
REMOTE_DIR="/var/www/rpm/mistralrs/fedora-43/x86_64"
|
||||
|
||||
# sign each rpm with the imported gpg key
|
||||
for rpm in "${RPM_DIR}"/*.rpm; do
|
||||
rpm --addsign "${rpm}"
|
||||
done
|
||||
|
||||
install --directory --mode 700 ~/.ssh
|
||||
echo "${RSYNC_SSH_KEY}" | install --mode 600 /dev/stdin ~/.ssh/id_ed25519
|
||||
ssh-keyscan -H oolon.kosherinata.internal > ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
rsync \
|
||||
--archive \
|
||||
--verbose \
|
||||
--chmod D755,F644 \
|
||||
"${RPM_DIR}/"*.rpm \
|
||||
"${RSYNC_TARGET}:${REMOTE_DIR}/"
|
||||
ssh "${RSYNC_TARGET}" "cd ${REMOTE_DIR} && createrepo_c --update ."
|
||||
|
||||
echo "Published $(ls ${RPM_DIR}/*.rpm | wc -l) RPMs"
|
||||
17
script/setup/cert.sh
Executable file
17
script/setup/cert.sh
Executable file
@@ -0,0 +1,17 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
tld=lair.cafe
|
||||
fqdn=rpm.${tld}
|
||||
sudo certbot certonly \
|
||||
-m ops@${tld} \
|
||||
--agree-tos \
|
||||
--no-eff-email \
|
||||
--noninteractive \
|
||||
--cert-name ${fqdn} \
|
||||
--expand \
|
||||
--allow-subset-of-names \
|
||||
--key-type ecdsa \
|
||||
--dns-cloudflare \
|
||||
--dns-cloudflare-credentials /root/.cloudflare/${tld} \
|
||||
--dns-cloudflare-propagation-seconds 60 \
|
||||
-d ${fqdn}
|
||||
44
script/setup/dns.sh
Executable file
44
script/setup/dns.sh
Executable file
@@ -0,0 +1,44 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
cloudflare_api_token=$(cat ~/.cloudflare/lair.cafe | cut -d ' ' -f 3)
|
||||
cloudflare_dns_zone_name=lair.cafe
|
||||
cloudflare_dns_record_name=rpm.${cloudflare_dns_zone_name}
|
||||
cloudflare_dns_record_type=CNAME
|
||||
cloudflare_dns_record_content=bl.thgttg.com
|
||||
cloudflare_dns_zone_id=$(curl \
|
||||
--silent \
|
||||
--request GET \
|
||||
--header "Content-Type: application/json" \
|
||||
--header "Authorization: Bearer ${cloudflare_api_token}" \
|
||||
--url "https://api.cloudflare.com/client/v4/zones?name=${cloudflare_dns_zone_name}&status=active" \
|
||||
| jq -r '.result[0].id//empty')
|
||||
if [ -z ${cloudflare_dns_zone_id} ]; then
|
||||
echo "cloudflare dns zone not found"
|
||||
exit 1
|
||||
else
|
||||
echo "cloudflare dns zone found: ${cloudflare_dns_zone_name} (${cloudflare_dns_zone_id})"
|
||||
fi
|
||||
cloudflare_dns_record_id=$(curl \
|
||||
--silent \
|
||||
--request GET \
|
||||
--header "Content-Type: application/json" \
|
||||
--header "Authorization: Bearer ${cloudflare_api_token}" \
|
||||
--url "https://api.cloudflare.com/client/v4/zones/${cloudflare_dns_zone_id}/dns_records?type=${cloudflare_dns_record_type}&name=${cloudflare_dns_record_name}" \
|
||||
| jq -r '.result[0].id//empty')
|
||||
if [ -z ${cloudflare_dns_record_id} ] && curl \
|
||||
--silent \
|
||||
--request POST \
|
||||
--header "Content-Type: application/json" \
|
||||
--header "Authorization: Bearer ${cloudflare_api_token}" \
|
||||
--data "{\"type\":\"${cloudflare_dns_record_type}\",\"name\":\"${cloudflare_dns_record_name}\",\"content\":\"${cloudflare_dns_record_content}\",\"ttl\":1,\"proxied\":false}" \
|
||||
--url "https://api.cloudflare.com/client/v4/zones/${cloudflare_dns_zone_id}/dns_records"; then
|
||||
echo "${cloudflare_dns_record_name} ${cloudflare_dns_record_type} record created with content: ${cloudflare_dns_record_content} in zone: ${cloudflare_dns_zone_name} (${cloudflare_dns_zone_id}), record: ${cloudflare_dns_record_name} (${cloudflare_dns_record_id})"
|
||||
elif curl \
|
||||
--silent \
|
||||
--request PUT \
|
||||
--header "Content-Type: application/json" \
|
||||
--header "Authorization: Bearer ${cloudflare_api_token}" \
|
||||
--data "{\"type\":\"${cloudflare_dns_record_type}\",\"name\":\"${cloudflare_dns_record_name}\",\"content\":\"${cloudflare_dns_record_content}\",\"ttl\":1,\"proxied\":false}" \
|
||||
--url "https://api.cloudflare.com/client/v4/zones/${cloudflare_dns_zone_id}/dns_records/${cloudflare_dns_record_id}"; then
|
||||
echo "${cloudflare_dns_record_name} ${cloudflare_dns_record_type} record updated with content: ${cloudflare_dns_record_content} in zone: ${cloudflare_dns_zone_name} (${cloudflare_dns_zone_id}), record: ${cloudflare_dns_record_name} (${cloudflare_dns_record_id})"
|
||||
fi
|
||||
48
script/setup/nginx.sh
Executable file
48
script/setup/nginx.sh
Executable file
@@ -0,0 +1,48 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
script_dir="$(dirname "$0")"
|
||||
|
||||
nginx_conf_local_path="${script_dir}/../../asset/nginx/rpm.lair.cafe.conf"
|
||||
nginx_conf_remote_path="/etc/nginx/sites-available/rpm.lair.cafe.conf"
|
||||
nginx_host=oolon
|
||||
if [ ! -s ~/.ssh/id_gitea_ci.pub ]; then
|
||||
echo "gitea_ci ssh key not found in ~/.ssh/id_gitea_ci.pub"
|
||||
exit 1
|
||||
fi
|
||||
gitea_ssh_key=$(cat ~/.ssh/id_gitea_ci.pub)
|
||||
|
||||
if rsync \
|
||||
--archive \
|
||||
--compress \
|
||||
--verbose \
|
||||
${nginx_conf_local_path} \
|
||||
${nginx_host}:${nginx_conf_remote_path}; then
|
||||
echo "sync'd ${nginx_conf_local_path} to ${nginx_host}:${nginx_conf_remote_path}"
|
||||
else
|
||||
echo "failed to sync ${nginx_conf_local_path} to ${nginx_host}:${nginx_conf_remote_path}"
|
||||
exit 1
|
||||
fi
|
||||
if ssh ${nginx_host} "id gitea_ci &> /dev/null || sudo useradd --system --create-home --home-dir /var/lib/gitea_ci gitea_ci"; then
|
||||
echo "gitea_ci user created or observed on ${nginx_host}"
|
||||
if ssh ${nginx_host} "sudo --user gitea_ci install --directory --mode 0700 /var/lib/gitea_ci/.ssh && echo '${gitea_ssh_key}' | sudo --user gitea_ci install --mode 0600 /dev/stdin /var/lib/gitea_ci/.ssh/authorized_keys"; then
|
||||
echo "gitea_ci ssh key installed on ${nginx_host}"
|
||||
else
|
||||
echo "failed to install gitea_ci ssh key on ${nginx_host}"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "failed to create or observe gitea_ci user on ${nginx_host}"
|
||||
exit 1
|
||||
fi
|
||||
if ssh ${nginx_host} "sudo install --directory /var/www/rpm && sudo setfacl -R -m u:gitea_ci:rwx /var/www/rpm/ && sudo chcon -Rt httpd_sys_content_t /var/www/rpm/"; then
|
||||
echo "rpm repo directory created and permissions set on ${nginx_host}"
|
||||
else
|
||||
echo "failed to create rpm repo directory on ${nginx_host}"
|
||||
exit 1
|
||||
fi
|
||||
if ssh ${nginx_host} "sudo ln -sf ${nginx_conf_remote_path} ${nginx_conf_remote_path/available/enabled} && sudo nginx -t ${nginx_conf_remote_path} && sudo systemctl reload nginx"; then
|
||||
echo "nginx config reload on ${nginx_host} successful"
|
||||
else
|
||||
echo "nginx config reload on ${nginx_host} failed"
|
||||
exit 1
|
||||
fi
|
||||
Reference in New Issue
Block a user