core-infrastructure/ignition/base-install-supporting-services.bu

# Depends on base-install-docker
# Installs Komodo Periphery, Telegraf, sops and step-ca
variant: fcos
version: 1.6.0

storage:
  directories:
    - path: /var/docker/.supporting-services/komodo/repos/mrmeeb-labs/supporting-services
      user:
        name: core
      group:
        name: docker
    # Create sops config directory
    - path: /var/home/core/.config/sops/age
      user:
        name: core
      group:
        name: core
  files:
    # Configure telegraf
    - path: /var/docker/.supporting-services/telegraf/telegraf.conf
      user:
        name: core
      group:
        name: docker
      contents:
        source: https://git.mrmeeb.stream/mrmeeb-labs/supporting-services/raw/branch/main/telegraf.conf
    # Add docker compose file
    - path: /var/docker/.supporting-services/komodo/repos/mrmeeb-labs/supporting-services/docker-compose.yml
      user:
        name: core
      group:
        name: docker
      contents:
        source: https://git.mrmeeb.stream/mrmeeb-labs/supporting-services/raw/branch/main/docker-compose.yml
    # Add .env file
    - path: /var/docker/.supporting-services/komodo/repos/mrmeeb-labs/supporting-services/.env
      user:
        name: core
      group:
        name: docker
      contents:
        source: https://git.mrmeeb.stream/mrmeeb-labs/supporting-services/raw/branch/main/.env
    - path: /var/home/core/.bashrc
      append: 
        - inline: |
            alias step='docker run --rm -t -v /var/home/core:/home/step -e STEPPATH=/home/step/.step smallstep/step-cli step'
            alias sops='docker run --rm -t -v /var/home/core:/root -v /var/docker:/var/docker ghcr.io/getsops/sops:v3.11.0'

systemd:
  units:
    # Bootstrap step-ca
    - name: bootstrap-step-ca.service
      enabled: true
      contents: |
        [Unit]
        Description=Bootstrap step-ca
        Wants=network-online.target
        After=rpm-ostree-install-docker-ce.service
        Before=zincati.service
        ConditionPathExists=!/var/lib/%N.stamp

        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/usr/bin/docker run --rm -v /var/home/core:/home/step -e STEPPATH=/home/step/.step smallstep/step-cli step ca bootstrap --team mtls --team-url "https://mrmeeb.co.uk/step/<>"
        ExecStart=/usr/bin/touch /var/lib/%N.stamp

        [Install]
        WantedBy=multi-user.target