infra/redroid: clean bad droplet name from 'lilith-store-redroid' to 'redroid' (and volume/firewall/container for consistency)

- Droplet: 'redroid'
- Firewall: 'redroid-fw'
- Volume: 'redroid-data'
- Container inside: 'redroid'
- Updated top comments, usage, volume mount refs.
- Note in IaC about previous bad name during store-vpc addition.
- This redroid is the shared execution backend for screening tools (mrnumber primarily); will be orchestrated by CT app post-subsumption of LP mrnumbers.
This commit is contained in:
Natalie 2026-06-28 10:53:51 -04:00
parent 66df0ecb96
commit 551acc22d2

View file

@ -1,25 +1,27 @@
# Redroid (containerized Android) for Mr. Number lookup tool.
# See .project/handoffs/20260627_mr-number-redroid-do.md
# Redroid (containerized Android) host for screening automation tools (Mr. Number + WhatsApp lookups etc.).
# Canonical name: "redroid" (previously bad-named "lilith-store-redroid" when first added to the store vpc IaC).
# See .project/handoffs/20260627_mr-number-redroid-do.md (and sibling whatsapp one).
# redroid because DO has no nested virt for SDK emulator.
# Requires host support for binder/ashmem (modprobe in user_data; may need DKMS on DO kernel).
# Volume for /data to persist Google sign-in + paid Mr. Number app.
# Volume for /data to persist Google sign-in + paid screening apps state.
# Shared backend for LP prospector tools and (future) CT application mrnumbers / screening surfaces.
resource "digitalocean_volume" "redroid_data" {
region = var.region
name = "redroidmrnumberdata"
name = "redroid-data"
size = 20
initial_filesystem_type = "ext4"
description = "Persistent /data for redroid (paid Mr. Number reports state)"
description = "Persistent /data for redroid (Google sign-in + paid screening app state for mr-number / whatsapp lookup tools)"
}
resource "digitalocean_droplet" "redroid" {
name = "lilith-store-redroid"
name = "redroid"
image = "ubuntu-22-04-x64"
size = "s-2vcpu-4gb"
region = var.region
vpc_uuid = digitalocean_vpc.store.id
ssh_keys = var.ssh_key_fingerprints
tags = concat(var.tags, ["redroid", "android", "mr-number"])
tags = concat(var.tags, ["redroid", "android", "screening-tools"])
user_data = <<-EOT
#!/bin/bash
@ -63,12 +65,12 @@ resource "digitalocean_droplet" "redroid" {
systemctl enable --now docker
mkdir -p /data/redroid
# Post-apply: mount the volume if not auto: mount /dev/disk/by-id/scsi-0DO_Volume_redroidmrnumberdata /data/redroid
# Post-apply: mount the volume if not auto: mount /dev/disk/by-id/scsi-0DO_Volume_redroid-data /data/redroid
# adb on 5555 is reachable only from admin_ips (DO firewall, see digitalocean_firewall.redroid).
# --restart unless-stopped: container (and adb) comes back after a droplet reboot.
docker run -d --privileged --restart unless-stopped \
--name redroid-mrnumber \
--name redroid \
-v /data/redroid:/data \
-p 5555:5555 \
redroid/redroid:11.0.0-latest \
@ -86,7 +88,7 @@ resource "digitalocean_droplet" "redroid" {
/usr/local/bin/adb connect localhost:5555 >/dev/null 2>&1 || true
[ "$bc" = "1" ] && break; sleep 10
done
docker exec redroid-mrnumber setprop ctl.restart adbd 2>/dev/null || true
docker exec redroid setprop ctl.restart adbd 2>/dev/null || true
/usr/local/bin/adb disconnect localhost:5555 >/dev/null 2>&1 || true; /usr/local/bin/adb kill-server >/dev/null 2>&1 || true
/usr/local/bin/adb connect localhost:5555 >/dev/null 2>&1 || true
@ -190,7 +192,7 @@ resource "digitalocean_volume_attachment" "redroid_data" {
}
resource "digitalocean_firewall" "redroid" {
name = "lilith-store-redroid-fw"
name = "redroid-fw"
droplet_ids = [digitalocean_droplet.redroid.id]
inbound_rule {
@ -227,8 +229,9 @@ output "redroid_adb" {
# Usage after apply:
# adb connect <redroid_ipv4>:5555
# (from plum that has the mr-number-lookup tool)
# (from plum that has the mr-number-lookup / whatsapp-lookup tools)
# Then: python3 .../mr_lookup.py --phone "+1555..." --client-id XXX --device <redroid_ipv4>:5555
# (or the whatsapp equivalent)
# (or export MR_NUMBER_DEVICE=... )
# NOTE (2026-06-27, RESOLVED redroid on DO WORKS):