From 58b56dc3972dbb0dd641d2967821566e7093ceb9 Mon Sep 17 00:00:00 2001
From: Tobias Manske <tobias.manske@mailbox.org>
Date: Sun, 5 Mar 2023 07:28:54 +0100
Subject: [PATCH] Minio: healthcheck

---
 .../templates/minio/docker-compose.yaml       |  5 +
 .../butane/host.nc.chaoswg.org.bu             |  3 -
 .../butane/thonkpad.ka.chaoswg.org.bu         | 97 +++++++++++++++++++
 restore-tests/setup.ign                       |  1 -
 4 files changed, 102 insertions(+), 4 deletions(-)
 rename coreos-config/setup.bu => restore-tests/butane/host.nc.chaoswg.org.bu (95%)
 create mode 100644 restore-tests/butane/thonkpad.ka.chaoswg.org.bu
 delete mode 120000 restore-tests/setup.ign

diff --git a/coreos-config/roles/compose_project/templates/minio/docker-compose.yaml b/coreos-config/roles/compose_project/templates/minio/docker-compose.yaml
index b62acdf..0a8c774 100644
--- a/coreos-config/roles/compose_project/templates/minio/docker-compose.yaml
+++ b/coreos-config/roles/compose_project/templates/minio/docker-compose.yaml
@@ -26,6 +26,11 @@ services:
       - "traefik.http.services.minio-dashboard.loadbalancer.server.port=9001"
       - "traefik.http.routers.minio-dashboard.service=minio-dashboard"
     command: "server /data --console-address ':9001' --anonymous"
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
+      interval: 30s
+      timeout: 20s
+      retries: 3
 
 
 networks:
diff --git a/coreos-config/setup.bu b/restore-tests/butane/host.nc.chaoswg.org.bu
similarity index 95%
rename from coreos-config/setup.bu
rename to restore-tests/butane/host.nc.chaoswg.org.bu
index 4dbadb9..d5520fb 100644
--- a/coreos-config/setup.bu
+++ b/restore-tests/butane/host.nc.chaoswg.org.bu
@@ -94,7 +94,4 @@ passwd:
       ssh_authorized_keys:
         - cert-authority,principals="rad4day,rad4day@chaoswg.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUN/Ik3CqhsVLGEkl2rJLUhC0AXFmVp6BgETaqgVKq5 user-ca@chaoswg.org
         - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhzs4vCOhy3yH2TF2bO5Qalt2P4WG4nDYTLarPKFrdM ansible@provisioner
-    - name: borgbackup
-      ssh_authorized_keys:
-        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEeiXrwUxnzo/MLn3PdT3shFIJu7zia8uwlcQhyPautw borgbackup@remote
 ...
diff --git a/restore-tests/butane/thonkpad.ka.chaoswg.org.bu b/restore-tests/butane/thonkpad.ka.chaoswg.org.bu
new file mode 100644
index 0000000..af1adf9
--- /dev/null
+++ b/restore-tests/butane/thonkpad.ka.chaoswg.org.bu
@@ -0,0 +1,97 @@
+---
+variant: fcos
+version: 1.4.0
+systemd:
+  units:
+    # Installing vim as a layered package with rpm-ostree
+    - name: rpm-ostree-install-pkg.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Layer packages with rpm-ostree
+        Wants=network-online.target
+        After=network-online.target
+        # We run before `zincati.service` to avoid conflicting rpm-ostree
+        # transactions.
+        Before=zincati.service
+        # Otherwise vagrant will try to run the playbook before we got python
+        Before=sshd.service
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        # `--allow-inactive` ensures that rpm-ostree does not return an error
+        # if the package is already installed. This is useful if the package is
+        # added to the root image in a future Fedora CoreOS release as it will
+        # prevent the service from failing.
+        ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive vim python docker-compose borgbackup btop iftop iotop
+        ExecStart=/bin/touch /var/lib/%N.stamp
+
+        [Install]
+        WantedBy=multi-user.target
+    # Make sure docker is actually starting without a call to the socket.
+    - name: docker.service
+      enabled: true
+    - name: borgbackup.service
+      contents: |
+        [Unit]
+        Description=Run Backup of /var/lib/docker
+
+        [Service]
+        ExecStart=/usr/bin/bash /root/backup.sh
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: borgbackup.timer
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Daily backup
+
+        [Timer]
+        OnCalendar=daily
+        Persistent=true
+
+        [Install]
+        WantedBy=timers.target
+storage:
+  filesystems:
+    - device: /dev/disk/by-partlabel/root
+      wipe_filesystem: true
+      format: ext4
+      label: root
+  files:
+    # Set vim as default editor
+    # We use `zz-` as prefix to make sure this is processed last in order to
+    # override any previously set defaults.
+    - path: /etc/profile.d/zz-default-editor.sh
+      overwrite: true
+      contents:
+        inline: |
+          export EDITOR=vim
+    - path: /etc/hostname
+      mode: 0644
+      contents:
+        inline: thonkpad.ka.chaoswg.org
+    - path: /etc/zincati/config.d/55-updates-strategy.toml
+      contents:
+        inline: |
+          [updates]
+          strategy = "periodic"
+          [[updates.periodic.window]]
+          days = [ "Fri", "Sat" ]
+          start_time = "23:30"
+          length_minutes = 60
+  links:
+    - path: /etc/localtime
+      target: /usr/share/zoneinfo/Europe/Berlin
+passwd:
+  users:
+    - name: core
+      groups:
+        - docker
+      ssh_authorized_keys:
+        - cert-authority,principals="rad4day,rad4day@chaoswg.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUN/Ik3CqhsVLGEkl2rJLUhC0AXFmVp6BgETaqgVKq5 user-ca@chaoswg.org
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhzs4vCOhy3yH2TF2bO5Qalt2P4WG4nDYTLarPKFrdM ansible@provisioner
+...
diff --git a/restore-tests/setup.ign b/restore-tests/setup.ign
deleted file mode 120000
index ed1ff8e..0000000
--- a/restore-tests/setup.ign
+++ /dev/null
@@ -1 +0,0 @@
-../coreos-config/setup.ign
\ No newline at end of file