Fediversity/deployment/proxmox/remove.sh

#!/usr/bin/env bash
set -euC

################################################################################
## Constants

readonly api_url=https://192.168.51.81:8006/api2/json

## FIXME: There seems to be a problem with file upload where the task is
## registered to `node051` no matter what node we are actually uploading to? For
## now, let us just use `node051` everywhere.
readonly node=node051

readonly tmpdir=/tmp/proxmox-provision-$RANDOM
mkdir $tmpdir

################################################################################
## Parse arguments

username=
password=
vm_ids=

help () {
  cat <<EOF
Usage: $0 [OPTION...] [ID...]

Authentication options:
  --username STR    Username, with provider (eg. niols@pve)
  --password STR    Password

  If not provided via the command line, username and password will be looked for
  in a '.proxmox' file in the current working directory, the username on the
  first line, and the password on the second.

Others:
  -h|-?|--help      Show this help and exit
EOF
}

# shellcheck disable=SC2059
die () { printf '\033[31m'; printf "$@"; printf '\033[0m\n'; exit 2; }
# shellcheck disable=SC2059
die_with_help () { printf '\033[31m'; printf "$@"; printf '\033[0m\n'; help; exit 2; }

while [ $# -gt 0 ]; do
  argument=$1
  shift
  case $argument in
    --username) readonly username=$1; shift ;;
    --password) readonly password=$1; shift ;;

    -h|-\?|--help) help; exit 0 ;;

    -*) die_with_help "Unknown argument: '%s'." "$argument" ;;

    *) vm_ids="$vm_ids $argument" ;;
  esac
done

if [ -z "$username" ] || [ -z "$password" ]; then
  if [ -f .proxmox ]; then
    { read -r username; read -r password; } < .proxmox
  else
    die_with_help "Required: '--username' and '--password'.\n"
  fi
fi

################################################################################
## Getting started

printf 'Authenticating...'
response=$(
    http \
        --verify no \
        POST $api_url/access/ticket \
        "username=$username" \
        "password=$password"
    )
ticket=$(echo "$response" | jq -r .data.ticket)
readonly ticket
csrf_token=$(echo "$response" | jq -r .data.CSRFPreventionToken)
readonly csrf_token
printf ' done.\n'

acquire_lock () {
  until mkdir "$tmpdir/lock-$1" 2>/dev/null; do sleep 1; done
}
release_lock () {
  rmdir "$tmpdir/lock-$1"
}

proxmox () {
  acquire_lock proxmox
  http \
    --verify no \
    --form \
    "$@" \
    "Cookie:PVEAuthCookie=$ticket" \
    "CSRFPreventionToken:$csrf_token"
  release_lock proxmox
}

## Synchronous variant for when the `proxmox` function would just respond an
## UPID in the `data` JSON field.
proxmox_sync () (
  response=$(proxmox "$@")
  upid=$(echo "$response" | jq -r .data)

  while :; do
    response=$(proxmox GET "$api_url/nodes/$node/tasks/$upid/status")
    status=$(echo "$response" | jq -r .data.status)

    case $status in
      running) sleep 1 ;;
      stopped) break ;;
      *) die "unexpected status: '%s'" "$status" ;;
    esac
  done
)

################################################################################
## Stop VM

stop_vm () {
  printf 'Stopping VM %d...\n' "$1"

  proxmox_sync POST "$api_url/nodes/$node/qemu/$1/status/stop" \
    'overrule-shutdown'==1

  printf 'done stopping VM %d.\n' "$1"
}

################################################################################
## Delete VM

delete_vm () {
  printf 'Deleting VM %d...\n' "$1"

  proxmox_sync DELETE "$api_url/nodes/$node/qemu/$1" \
    'destroy-unreferenced-disks'==1 \
    'purge'==1

  printf 'done deleting VM %d.\n' "$1"
}

################################################################################
## Main loop

printf 'Removing VMs%s...\n' "$vm_ids"

remove_vm () {
  stop_vm "$1"
  delete_vm "$1"
}

for vm_id in $vm_ids; do
  remove_vm "$vm_id" &
done
wait

printf 'done removing VMs%s.\n' "$vm_ids"

################################################################################
## Cleanup

rm -Rf $tmpdir