diff --git a/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2
deleted file mode 100644
index 315f639..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2
+++ /dev/null
@@ -1,56 +0,0 @@
-# vi: ft=yaml
-version: '3.7'
-
-networks:
- traefik:
- external: true
-
-volumes:
- ampache_mysql:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/ampache/mysql"
- ampache_config:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/ampache/config"
- music:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/nextcloud/data/data/pim/files/Music"
-
-services:
- ampache:
- image: ampache/ampache:6
- volumes:
- - type: volume
- source: ampache_mysql
- target: /var/lib/mysql
- volume:
- nocopy: true
- - type: volume
- source: ampache_config
- target: /var/www/config
- volume:
- nocopy: true
- - type: volume
- source: music
- target: /media
- read_only: true
- volume:
- nocopy: true
- networks:
- - traefik
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.ampache.entrypoints=websecure
- - traefik.http.routers.ampache.rule=Host(`music.kun.is`)
- - traefik.http.routers.ampache.tls=true
- - traefik.http.routers.ampache.tls.certresolver=letsencrypt
- - traefik.http.routers.ampache.service=ampache
- - traefik.http.services.ampache.loadbalancer.server.port=80
- - traefik.docker.network=traefik
diff --git a/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml
deleted file mode 100644
index 3e730ce..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: ampache
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2
deleted file mode 100644
index 4736a50..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2
+++ /dev/null
@@ -1,106 +0,0 @@
-# vi: ft=yaml
-version: '3'
-
-networks:
- traefik:
- external: true
- discourse:
-
-services:
- discourse-app:
- image: tiredofit/discourse:latest
- deploy:
- placement:
- constraints:
- - "node.labels.discourse == true"
- labels:
- - traefik.enable=true
- - traefik.http.routers.discourse.entrypoints=localsecure
- - traefik.http.routers.discourse.rule=Host(`tuindersweijde.geokunis2.nl`)
- - traefik.http.services.discourse.loadbalancer.server.port=3000
- - traefik.http.routers.discourse.tls=true
- - traefik.http.routers.discourse.tls.certresolver=letsencrypt
- volumes:
- - type: bind
- source: /mnt/data/discourse/logs
- target: /data/logs
- - type: bind
- source: /mnt/data/discourse/uploads
- target: /data/uploads
- - type: bind
- source: /mnt/data/discourse/backups
- target: /data/backups
- environment:
- - TIMEZONE=Europe/Amsterdam
- - CONTAINER_NAME=discourse-app
-
- - DB_HOST=discourse-db
- - DB_NAME=discourse
- - DB_USER=discourse
- - DB_PASS={{ database_password }}
-
- - REDIS_HOST=discourse-redis
- - SITE_HOSTNAME=discourse.pim.kunis.nl
-
- - SMTP_PORT=25
- - SMTP_HOST=smtp.tweak.nl
-
- - DEVELOPER_EMAILS=niels@kunis.nl
- networks:
- - traefik
- - discourse
-
- discourse-db:
- image: tiredofit/postgres:15-latest
- deploy:
- placement:
- constraints:
- - "node.labels.discourse == true"
- volumes:
- - type: bind
- source: /mnt/data/discourse/database
- target: /var/lib/postgresql/data
- environment:
- - TIMEZONE=Europe/Amsterdam
- - CONTAINER_NAME=discourse-db
-
- - POSTGRES_DB=discourse
- - POSTGRES_USER=discourse
- - POSTGRES_PASSWORD={{ database_password }}
- - SUPERUSER_PASS={{ database_password }}
- networks:
- - discourse
-
- discourse-redis:
- image: tiredofit/redis:7
- deploy:
- placement:
- constraints:
- - "node.labels.discourse == true"
- volumes:
- - type: bind
- source: /mnt/data/discourse/redis
- target: /var/lib/redis
- environment:
- - TIMEZONE=Europe/Amsterdam
- - CONTAINER_NAME=discourse-redis
- networks:
- - discourse
-
- # discourse-db-backup:
- # image: tiredofit/db-backup
- # volumes:
- # - ./dbbackup:/backup
- # environment:
- # - TIMEZONE=America/Vancouver
- # - CONTAINER_NAME=discourse-db-backup
- # - DB_HOST=discourse-db
- # - DB_TYPE=postgres
- # - DB_NAME=discourse
- # - DB_USER=discourse
- # - DB_PASS=password
- # - DB_DUMP_FREQ=1440
- # - DB_DUMP_BEGIN=0000
- # - DB_CLEANUP_TIME=8640
- # networks:
- # - discourse
\ No newline at end of file
diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml
deleted file mode 100644
index c7c9a16..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: discourse
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml
deleted file mode 100644
index 05d4fef..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-database_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 32323538323136633363393961343364363933396431376437633361333232383938336531396537
- 3730306164303364363739376633633431383534646135380a326663396338396461623037613637
- 37666630333433393764373864346262383536656664343631386234386438333263626166363633
- 3735633562323361330a353735366562663631363634343438326562646533663839383932343263
- 38366538336466373733313130616330326238653966623037343336326132356565
diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2
deleted file mode 100644
index 0eaa9ac..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2
+++ /dev/null
@@ -1,87 +0,0 @@
-# vi: ft=yaml
-version: '3.5'
-
-networks:
- traefik:
- external: true
- jitsi:
-
-services:
- web:
- image: jitsi/web:stable-8218
- environment:
- - DISABLE_HTTPS=1
- - ENABLE_AUTH=0
- - ENABLE_GUESTS=1
- - ENABLE_IPV6=1
- - ENABLE_LETSENCRYPT=0
- - PUBLIC_URL=https://meet.pim.kunis.nl
- - TZ=Europe/Amsterdam
- networks:
- - jitsi
- - traefik
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.jitsi-web.entrypoints=websecure
- - traefik.http.routers.jitsi-web.rule=Host(`meet.pim.kunis.nl`)
- - traefik.http.routers.jitsi-web.tls=true
- - traefik.http.routers.jitsi-web.tls.certresolver=letsencrypt
- - traefik.http.services.jitsi-web.loadbalancer.server.port=80
- - traefik.http.routers.jitsi-web.service=jitsi-web
- - traefik.docker.network=traefik
-
- prosody:
- image: jitsi/prosody:stable-8218
- expose:
- - '5222'
- - '5347'
- - '5280'
- environment:
- - AUTH_TYPE=internal
- - ENABLE_AUTH=0
- - ENABLE_GUESTS=1
- - ENABLE_IPV6=1
- - ENABLE_LOBBY=1
- - JIBRI_RECORDER_PASSWORD={{ jitsi_password }}
- - JIBRI_XMPP_PASSWORD={{ jitsi_password }}
- - JICOFO_AUTH_PASSWORD={{ jitsi_password }}
- - JIGASI_XMPP_PASSWORD={{ jitsi_password }}
- - JVB_AUTH_PASSWORD={{ jitsi_password }}
- - PUBLIC_URL=https://meet.pim.kunis.nl
- - TZ=Europe/Amsterdam
- networks:
- jitsi:
- aliases:
- - xmpp.meet.jitsi
-
- jicofo:
- image: jitsi/jicofo:stable-8218
- environment:
- - AUTH_TYPE=internal
- - ENABLE_AUTH=0
- - JICOFO_AUTH_PASSWORD={{ jitsi_password }}
- - SENTRY_DSN=0
- - TZ=Europe/Amsterdam
- depends_on:
- - prosody
- networks:
- - jitsi
-
- jvb:
- image: jitsi/jvb:stable-8218
- ports:
- - '54562:54562/udp'
- environment:
- - JVB_ADVERTISE_IPS=84.245.14.149,192.168.30.8
- - JVB_AUTH_PASSWORD={{ jitsi_password }}
- - JVB_PORT=54562
- - PUBLIC_URL=https://meet.pim.kunis.nl
- - SENTRY_DSN=0
- - COLIBRI_REST_ENABLED=0
- - TZ=Europe/Amsterdam
- depends_on:
- - prosody
- networks:
- - jitsi
- - traefik
diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml
deleted file mode 100644
index 1e46217..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: jitsi
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml
deleted file mode 100644
index 090d3aa..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-jitsi_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 66633139653639396435333239316536326366613338646531373063306333383562613462316561
- 6630373435326631376362643961343936626238663332630a623631613532366539633637333032
- 35383031306566613466643066366361663039633864643733356366386339366265326237653739
- 3062313832313638330a636131393130646564366563626430346436656236333961306363633435
- 39353934386631633132306562396430303738393235656363356666663934626161363365343162
- 6130346338333734653961633037386133396332643831363939
diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2
deleted file mode 100644
index f40c944..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2
+++ /dev/null
@@ -1,131 +0,0 @@
-# vi: ft=yaml
-version: '3'
-
-networks:
- traefik:
- external: true
- mastodon:
-
-volumes:
- system:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/mastodon/system"
- redis:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/mastodon/redis"
-
-services:
- redis:
- image: redis:7-alpine
- networks:
- mastodon:
- aliases:
- - redis
- healthcheck:
- test: ['CMD', 'redis-cli', 'ping']
- volumes:
- - type: volume
- source: redis
- target: /data
- volume:
- nocopy: true
-
- web:
- image: tootsuite/mastodon:v4.1
- environment:
- - 'OTP_SECRET={{ otp_secret }}'
- - 'SECRET_KEY_BASE={{ secret_key_base }}'
- - 'REDIS_HOST=redis'
- - 'DB_HOST=lewis.dmz'
- - 'DB_USER=mastodon'
- - 'DB_NAME=mastodon'
- - 'DB_PASS={{ database_passwords.mastodon }}'
- - 'VAPID_PRIVATE_KEY={{ vapid_private_key }}'
- - 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g='
- - 'SMTP_SERVER=smtp.tweak.nl'
- - 'SMTP_PORT=587'
- - 'SMTP_LOGIN='
- - 'SMTP_PASSWORD='
- - 'SMTP_FROM_ADDRESS=mastodon@kunis.nl'
- - 'LOCAL_DOMAIN=social.pizzapim.nl'
- command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
- networks:
- - mastodon
- - traefik
- healthcheck:
- test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
- volumes:
- - type: volume
- source: system
- target: /mastodon/public/system
- volume:
- nocopy: true
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.mastodon.entrypoints=websecure
- - traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
- - traefik.http.routers.mastodon.tls=true
- - traefik.http.routers.mastodon.tls.certresolver=letsencrypt
- - traefik.http.services.mastodon.loadbalancer.server.port=3000
- - traefik.http.routers.mastodon.service=mastodon
- - traefik.docker.network=traefik
- depends_on:
- - redis
-
- streaming:
- image: tootsuite/mastodon:v4.1
- command: node ./streaming
- environment:
- - 'REDIS_HOST=redis'
- - 'LOCAL_DOMAIN=social.pizzapim.nl'
- - 'DB_HOST=lewis.dmz'
- - 'DB_USER=mastodon'
- - 'DB_NAME=mastodon'
- - 'DB_PASS={{ database_passwords.mastodon }}'
- networks:
- - mastodon
- - traefik
- healthcheck:
- # prettier-ignore
- test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.mastodon-streaming.entrypoints=websecure
- - "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))"
- - traefik.http.routers.mastodon-streaming.service=mastodon-streaming
- - traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000
- - traefik.http.routers.mastodon-streaming.tls=true
- - traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt
- - traefik.docker.network=traefik
- depends_on:
- - redis
-
- sidekiq:
- image: tootsuite/mastodon:v4.1
- command: bundle exec sidekiq
- environment:
- - 'OTP_SECRET={{ otp_secret }}'
- - 'SECRET_KEY_BASE={{ secret_key_base }}'
- - 'REDIS_HOST=redis'
- - 'DB_HOST=lewis.dmz'
- - 'DB_USER=mastodon'
- - 'DB_NAME=mastodon'
- - 'DB_PASS={{ database_passwords.mastodon }}'
- networks:
- - mastodon
- volumes:
- - type: volume
- source: system
- target: /mastodon/public/system
- volume:
- nocopy: true
- healthcheck:
- test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
- depends_on:
- - redis
diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml
deleted file mode 100644
index 531e13e..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: mastodon
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml
deleted file mode 100644
index eed2d71..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-mastodon_postgres_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 34643131323762373635383736636432643161646130373565333432323337646435656233383131
- 3066353734373938353162656335666536323265643162620a663562303636383737393061396331
- 30353538326333393031373736363933666636383866373763303237376561333061323131303062
- 3532316632613062310a343566393237363364613931353062636537663864383839623930383836
- 32613634616335616462336261303632646266326663383166366236643438616538626263343835
- 6539616439636364626466333163316164633631616132623665
-otp_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 33303436663063313039636335623937343530323636346363306234333135306138653337313034
- 3337363432363734353363623738653630373536653433350a356336383235383430613934623937
- 36316638343439376134383635336630313065623138326630303131333136626636386361313661
- 6134613862366463300a313765366136343431343838363230363134613164373931623564626466
- 32623137666364326234383264396336636561313132313930383964656434656535663861343337
- 65316331323335626464626231653236313932663334316134633837646330303563633162373036
- 66326135656531393839343138376666623337616162653137393764306265323065356431343162
- 36373135303339356366356263623334373361326561396562353332323363623738626132303738
- 38383638616363386536386461353465353765366234353862653765376330663661326138626266
- 30633134643632393630323834323538326339373361363235666133303761323261336637663862
- 326633383933663530653230336364653461
-secret_key_base: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 32373731376166613238303535646633326162613137366165643037643966643637316265653832
- 3035393061616431666162373133393666653634386338350a376136653961646239656534336230
- 33366235343365653234333866393965643131306636373566623665646562353234323065393262
- 6264313430333262390a626338333932363137356338636132636133613239633537623064666438
- 32343063653664393530353536643963353364373830303563346163613862653161343165363062
- 61396630353036333634313033663962613930336637323461313731633136366365623732306337
- 37646265613639306133373736353365366461373264356665623236313836633565343764626238
- 38353637613064306162393430323662616231623965643933383339616561353963663366396363
- 33346332343336386266636165616135343732353365336630653334383533633831636138623733
- 34396266643166386130383334666565303865396135613863336261656135343564376537383634
- 353635336365613765363931373636363465
-vapid_private_key: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 33376430313539346137343237313061653164343861623563656638306539373837393364326235
- 3435396264613533633138346231303137663763323361360a356137306330343939353732356535
- 33396336633966623266396265356435343633373766363637616635326563623130653039343665
- 3465306562306261660a303131666436333137306139366636646232333061383935353263396534
- 63376635393966653636316236316538656361393631626465383233386136313366363531363663
- 3436326431353435653666356266333835303061616436323061
diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2
deleted file mode 100644
index 3fbd2e2..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2
+++ /dev/null
@@ -1,132 +0,0 @@
-# vi: ft=yaml
-version: "3.8"
-
-networks:
- traefik:
- external: true
- grafana:
-
-configs:
- esdatasource:
- external: true
- name: "{{ esdatasource.config_name }}"
- fluentconf:
- external: true
- name: "{{ fluentconf.config_name }}"
-
-volumes:
- escerts:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/elasticsearch/certs"
- esdata:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/elasticsearch/data"
- grafanadata:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/grafana/data"
-
-services:
- elasticsearch:
- image: docker.elastic.co/elasticsearch/elasticsearch:8.8.1
- volumes:
- - type: volume
- source: escerts
- target: /usr/share/elasticsearch/config/certs
- volume:
- nocopy: true
- - type: volume
- source: esdata
- target: /usr/share/elasticsearch/data
- volume:
- nocopy: true
- ports:
- - {{ elasticsearch_port }}:9200
- environment:
- - node.name=es01
- - cluster.name=shoarma
- - discovery.type=single-node
- - bootstrap.memory_lock=true
- - xpack.security.enabled=false
- - xpack.security.http.ssl.enabled=false
- - xpack.security.http.ssl.key=certs/es01/es01.key
- - xpack.security.http.ssl.certificate=certs/es01/es01.crt
- - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
- - xpack.security.transport.ssl.enabled=false
- - xpack.security.transport.ssl.key=certs/es01/es01.key
- - xpack.security.transport.ssl.certificate=certs/es01/es01.crt
- - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
- - xpack.security.transport.ssl.verification_mode=certificate
- - xpack.license.self_generated.type=basic
- ulimits:
- memlock:
- soft: -1
- hard: -1
- healthcheck:
- test:
- [
- "CMD-SHELL",
- "curl http://localhost:9200 | grep -q 'You Know, for Search'",
- ]
- interval: 10s
- timeout: 10s
- retries: 120
-
- grafana:
- image: grafana/grafana-oss
- depends_on:
- - elasticsearch
- networks:
- - traefik
- - grafana
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.grafana.entrypoints=localsecure
- - traefik.http.routers.grafana.rule=Host(`grafana.kun.is`)
- - traefik.http.routers.grafana.tls=true
- - traefik.http.routers.grafana.tls.certresolver=letsencrypt
- - traefik.http.routers.grafana.service=grafana
- - traefik.http.services.grafana.loadbalancer.server.port=3000
- - traefik.docker.network=traefik
- volumes:
- - type: volume
- source: grafanadata
- target: /var/lib/grafana
- volume:
- nocopy: true
- configs:
- - source: esdatasource
- target: /etc/grafana/provisioning/datasources/elasticsearch.yaml
-
- grafana-ntfy:
- image: kittyandrew/grafana-to-ntfy:master
- depends_on:
- - grafana
- ports:
- - 8080:8080
- networks:
- grafana:
- aliases:
- - grafana-ntfy
- environment:
- - NTFY_URL=https://ntfy.kun.is/alerts
- - NTFY_BAUTH_USER=pim
- - NTFY_BAUTH_PASS={{ ntfy_password }}
- - BAUTH_USER=admin
- - BAUTH_PASS=test
-
- fluentd:
- image: git.kun.is/pim/fluentd:1.0.3
- depends_on:
- - elasticsearch
- ports:
- - {{ fluent_forward_port }}:24224
- configs:
- - source: fluentconf
- target: /fluentd/etc/fluent.conf
diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2
deleted file mode 100644
index 90fee48..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2
+++ /dev/null
@@ -1,35 +0,0 @@
-# vi: ft=yaml
-apiVersion: 1
-
-datasources:
- - name: cpu
- type: elasticsearch
- access: proxy
- url: http://maestro.dmz:{{ elasticsearch_port }}
- jsonData:
- index: 'fluentd.cpu-*'
- timeField: '@timestamp'
-
- - name: memory
- type: elasticsearch
- access: proxy
- url: http://maestro.dmz:{{ elasticsearch_port }}
- jsonData:
- index: 'fluentd.memory-*'
- timeField: '@timestamp'
-
- - name: diskfree
- type: elasticsearch
- access: proxy
- url: http://maestro.dmz:{{ elasticsearch_port }}
- jsonData:
- index: 'fluentd.diskfree-*'
- timeField: '@timestamp'
-
- - name: traefik_access
- type: elasticsearch
- access: proxy
- url: http://maestro.dmz:{{ elasticsearch_port }}
- jsonData:
- index: 'fluentd.access.traefik-*'
- timeField: '@timestamp'
diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2
deleted file mode 100644
index dd030ba..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2
+++ /dev/null
@@ -1,35 +0,0 @@
-# vi: ft=yaml
-# Receive events from 24224/tcp
-# This is used by log forwarding and the fluent-cat command
-
-
-
- @type geoip
- geoip_lookup_keys host
- backend_library geoip2_c
-
- latitude ${location.latitude["host"]}
- longitude ${location.longitude["host"]}
-
- skip_adding_null_record true
-
-
-
- @type elasticsearch
- host maestro.dmz
- port {{ elasticsearch_port }}
- include_timestamp true
- logstash_format true
- logstash_prefix fluentd.${tag}
-
-
-
- @type null
-
-
-
- log_level info
-
diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml
deleted file mode 100644
index 191f846..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-- name: Create fluentd config
- docker_config:
- name: fluentconf
- data: "{{ lookup('template', '{{ role_path }}/fluent.conf.j2') }}"
- use_ssh_client: true
- rolling_versions: true
- register: fluentconf
-
-- name: Create elasticsearch data source config
- docker_config:
- name: esdatasource
- data: "{{ lookup('template', '{{ role_path }}/elasticsearch.yml.j2') }}"
- use_ssh_client: true
- rolling_versions: true
- register: esdatasource
-
-- name: Deploy Docker stack
- docker_stack:
- name: monitoring
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml
deleted file mode 100644
index 326b722..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-ntfy_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 36333232393635383732336630626463633038353862333430396437333733376239343531663339
- 6364643930636566326463393963316263323061613032350a383930376537373437633333623639
- 66613439636531393761366534333134383231303637643063633537393535356536636530666665
- 6537653731666130610a346135373562333931646237396233613065353165623336373935386137
- 36313830623931313238333430346238626562353661616465333736346230396162386137363435
- 3362636565336639643832626165613236643466633537633236
diff --git a/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2
deleted file mode 100644
index 033bbb8..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2
+++ /dev/null
@@ -1,112 +0,0 @@
-# vi: ft=yaml
-version: '3'
-networks:
- traefik:
- external: true
- overleaf:
-
-volumes:
- data:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/overleaf/data"
- redis:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/overleaf/redis"
- mongodb:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/overleaf/mongodb"
-
-services:
- sharelatex:
- image: sharelatex/sharelatex:3
- networks:
- - traefik
- - overleaf
- depends_on:
- - overleaf-mongodb
- - overleaf-redis
- stop_grace_period: 60s
- volumes:
- - type: volume
- source: data
- target: /var/lib/sharelatex
- volume:
- nocopy: true
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.overleaf.entrypoints=websecure
- - traefik.http.routers.overleaf.rule=Host(`latex.kun.is`)
- - traefik.http.routers.overleaf.tls=true
- - traefik.http.routers.overleaf.tls.certresolver=letsencrypt
- - traefik.http.routers.overleaf.service=overleaf
- - traefik.http.services.overleaf.loadbalancer.server.port=80
- - traefik.docker.network=traefik
- environment:
- SHARELATEX_APP_NAME: Overleaf Community Edition
-
- SHARELATEX_MONGO_URL: mongodb://overleaf-mongodb:27017/sharelatex
-
- # Same property, unfortunately with different names in
- # different locations
- SHARELATEX_REDIS_HOST: overleaf-redis
- REDIS_HOST: overleaf-redis
-
- ENABLED_LINKED_FILE_TYPES: 'project_file,project_output_file'
-
- # Enables Thumbnail generation using ImageMagick
- ENABLE_CONVERSIONS: 'true'
-
- # Disables email confirmation requirement
- EMAIL_CONFIRMATION_DISABLED: 'true'
-
- # temporary fix for LuaLaTex compiles
- # see https://github.com/overleaf/overleaf/issues/695
- TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var
-
- SHARELATEX_SITE_URL: https://latex.kun.is
- SHARELATEX_ADMIN_EMAIL: pim@kunis.nl
-
- SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@kunis.nl"
-
- SHARELATEX_EMAIL_SMTP_HOST: "smtp.tweak.nl"
- SHARELATEX_EMAIL_SMTP_PORT: 587
- SHARELATEX_EMAIL_SMTP_USER: ""
- SHARELATEX_EMAIL_SMTP_PASS: ""
-
- overleaf-mongodb:
- image: mongo:4.4
- networks:
- - overleaf
- expose:
- - 27017
- volumes:
- - type: volume
- source: mongodb
- target: /data/db
- volume:
- nocopy: true
- healthcheck:
- test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet
- interval: 10s
- timeout: 10s
- retries: 5
-
- overleaf-redis:
- image: redis:5
- networks:
- - overleaf
- expose:
- - 6379
- volumes:
- - type: volume
- source: redis
- target: /data
- volume:
- nocopy: true
diff --git a/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml
deleted file mode 100644
index fc3a917..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: overleaf
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2
deleted file mode 100644
index c7fc2ac..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2
+++ /dev/null
@@ -1,73 +0,0 @@
-# vi: ft=yaml
-version: '3'
-
-networks:
- traefik:
- external: true
- seafile:
-
-volumes:
- data:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/seafile/data"
- db:
- driver_opts:
- type: "nfs"
- o: "addr=lewis.dmz,nolock,soft,rw"
- device: ":/mnt/data/seafile/db"
-
-services:
- db:
- image: mariadb:10.5
- environment:
- - MYSQL_ROOT_PASSWORD={{ db_root_passwd }}
- - MYSQL_LOG_CONSOLE=true
- volumes:
- - type: volume
- source: db
- target: /var/lib/mysql
- volume:
- nocopy: true
- networks:
- - seafile
-
- memcached:
- image: memcached:1.6
- entrypoint: memcached -m 256
- networks:
- - seafile
-
- seafile:
- image: seafileltd/seafile-mc:9.0.10
- volumes:
- - type: volume
- source: data
- target: /shared
- volume:
- nocopy: true
- environment:
- - DB_HOST=db
- - DB_ROOT_PASSWD={{ db_root_passwd }}
- - TIME_ZONE=Europe/Amsterdam
- - SEAFILE_ADMIN_EMAIL={{ seafile_admin_email }}
- - SEAFILE_ADMIN_PASSWORD={{ seafile_admin_password }}
- - SEAFILE_SERVER_LETSENCRYPT=false
- - SEAFILE_SERVER_HOSTNAME={{ seafile_domain }}
- deploy:
- labels:
- - traefik.enable=true
- - traefik.http.routers.seafile.entrypoints=websecure
- - traefik.http.routers.seafile.rule=Host(`{{ seafile_domain }}`)
- - traefik.http.routers.seafile.tls=true
- - traefik.http.routers.seafile.tls.certresolver=letsencrypt
- - traefik.http.services.seafile.loadbalancer.server.port=80
- - traefik.http.routers.seafile.service=seafile
- - traefik.docker.network=traefik
- depends_on:
- - db
- - memcached
- networks:
- - traefik
- - seafile
diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml
deleted file mode 100644
index c63c02d..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: seafile
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml
deleted file mode 100644
index 3245d42..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-db_root_passwd: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 62376163363033396161363264613836623734623835316439666331356464636633393237313236
- 3731383961393939366165393537663435356166643966650a353132616166353630333733636639
- 63616163346566336461313264326562393964643661613831316233326165623463613865636637
- 6363363331333430320a366661356232393036383765353066623334656133313661636130666238
- 32336561323431303730373262343534326539383932613533623232376330646230363363636135
- 3266336663623037663838643936366437663831356634333930
-seafile_admin_email: niels@kunis.nl
-seafile_admin_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 34366163396632343065636232363435633039373236363461383563363162626561653763383438
- 3263393539663030363532353238633262616339343436370a613631323064303637623266653832
- 64323834356664316265376132633863666136316239623862643962366637306238343933386134
- 6237396238383232360a386637303639646136653134643737393735383661626539386134643333
- 35313536323963303734353338636162666236343430623062373464653531353230366238326231
- 6661363038393534373861643261383561386536613337396539
-seafile_domain: files.geokunis2.nl
diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2
deleted file mode 100644
index 2ac91e8..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2
+++ /dev/null
@@ -1,60 +0,0 @@
-# vi: ft=yaml
-version: "3"
-
-networks:
- shephard:
-
-services:
- app:
- image: mazzolino/shepherd
- networks:
- - shephard
- environment:
- TZ: 'Europe/Amsterdam'
- FILTER_SERVICES: ''
- IGNORELIST_SERVICES: ""
- RUN_ONCE_AND_EXIT: "true"
- APPRISE_SIDECAR_URL: apprise:5000
- volumes:
- - type: bind
- source: /var/run/docker.sock
- target: /var/run/docker.sock
- read_only: true
- deploy:
- replicas: 0
- restart_policy:
- condition: none
- labels:
- - swarm.cronjob.enable=true
- - "swarm.cronjob.schedule=0 2 * * *"
- - swarm.cronjob.skip-running=true
- placement:
- constraints:
- - node.role == manager
-
- scheduler:
- image: crazymax/swarm-cronjob:latest
- volumes:
- - type: bind
- source: /var/run/docker.sock
- target: /var/run/docker.sock
- read_only: true
- environment:
- - "TZ=Europe/Amsterdam"
- - "LOG_LEVEL=info"
- - "LOG_JSON=false"
- deploy:
- placement:
- constraints:
- - node.role == manager
-
- apprise:
- image: mazzolino/apprise-microservice:0.1
- environment:
- NOTIFICATION_URLS: {{ apprise_urls }}
- networks:
- - shephard
- deploy:
- placement:
- constraints:
- - node.role == manager
diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml
deleted file mode 100644
index 41bf642..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Deploy Docker stack
- docker_stack:
- name: shephard
- compose:
- - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml
deleted file mode 100644
index f02cab7..0000000
--- a/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-apprise_urls: "apprises://apprise.kun.is:444/shephard"
diff --git a/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2
index 804b55d..c803f84 100644
--- a/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2
+++ b/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2
@@ -54,36 +54,6 @@ services:
- traefik.http.routers.esrom.rule=Host(`geokunis2.nl`)
- traefik.http.routers.esrom.tls=true
- traefik.http.routers.esrom.tls.certresolver=letsencrypt
-
- - traefik.http.routers.uptime.entrypoints=localsecure
- - traefik.http.routers.uptime.rule=Host(`uptime.kun.is`)
- - traefik.http.routers.uptime.service=uptime@file
- - traefik.http.routers.uptime.tls=true
- - traefik.http.routers.uptime.tls.certresolver=letsencrypt
-
- - traefik.http.routers.ntfy.entrypoints=websecure
- - traefik.http.routers.ntfy.rule=Host(`ntfy.kun.is`)
- - traefik.http.routers.ntfy.service=ntfy@file
- - traefik.http.routers.ntfy.tls=true
- - traefik.http.routers.ntfy.tls.certresolver=letsencrypt
-
- - traefik.http.routers.apprise.entrypoints=localsecure
- - traefik.http.routers.apprise.rule=Host(`apprise.kun.is`)
- - traefik.http.routers.apprise.service=apprise@file
- - traefik.http.routers.apprise.tls=true
- - traefik.http.routers.apprise.tls.certresolver=letsencrypt
-
- - traefik.http.routers.concourse.entrypoints=websecure
- - traefik.http.routers.concourse.rule=Host(`ci.kun.is`)
- - traefik.http.routers.concourse.service=concourse@file
- - traefik.http.routers.concourse.tls=true
- - traefik.http.routers.concourse.tls.certresolver=letsencrypt
-
- - traefik.http.routers.discourse.entrypoints=websecure
- - traefik.http.routers.discourse.rule=Host(`tuindersweijde.geokunis2.nl`)
- - traefik.http.routers.discourse.service=discourse@file
- - traefik.http.routers.discourse.tls=true
- - traefik.http.routers.discourse.tls.certresolver=letsencrypt
volumes:
- type: bind
source: /var/run/docker.sock
diff --git a/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml b/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml
index 648519a..9823a9b 100644
--- a/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml
+++ b/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml
@@ -4,23 +4,3 @@ http:
loadBalancer:
servers:
- url: http://esrom.dmz:80/
- uptime:
- loadBalancer:
- servers:
- - url: http://iris.dmz:3001
- ntfy:
- loadBalancer:
- servers:
- - url: http://iris.dmz:3002
- apprise:
- loadBalancer:
- servers:
- - url: http://iris.dmz:3003
- concourse:
- loadBalancer:
- servers:
- - url: http://concourse.dmz:3000
- discourse:
- loadBalancer:
- servers:
- - url: http://forum.dmz:80
diff --git a/legacy/projects/thecloud/README.md b/legacy/projects/thecloud/README.md
deleted file mode 100644
index cdfb7bd..0000000
--- a/legacy/projects/thecloud/README.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# thecloud
-
-Thecloud is a Debian VM that provides network availability to all our persistent data:
-- NFS for network files
-- Postgresql for databases
\ No newline at end of file
diff --git a/legacy/projects/thecloud/ansible/ansible.cfg b/legacy/projects/thecloud/ansible/ansible.cfg
deleted file mode 100644
index 3b55258..0000000
--- a/legacy/projects/thecloud/ansible/ansible.cfg
+++ /dev/null
@@ -1,8 +0,0 @@
-[defaults]
-roles_path=../../../ansible_roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
-inventory=inventory
-vault_password_file=$HOME/.config/home/ansible-vault-secret
-interpreter_python=/usr/bin/python3
-
-[diff]
-always = True
diff --git a/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml b/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml
deleted file mode 100644
index c2b00aa..0000000
--- a/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml
+++ /dev/null
@@ -1,97 +0,0 @@
-apt_install_packages:
- - postgresql
- - python3-psycopg2
- - nfs-kernel-server
- - qemu-guest-agent
-
-nfs_exports: []
-
-redis_bind_interface: 0.0.0.0
-redis_requirepass: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 37323965303638333264653936616563323235363463396330363836653865393835346263383838
- 3030386166316365633538353539623066626434313332390a616131303434373264633934356361
- 30356335643638656433326230363462373533396533366261346630353163353137333865303132
- 3536636165366631310a643538353331366130663464386565343331653031333061333330613532
- 34663932653734336239303536323331396435386332666133343033373566386562326136656330
- 63393766353063646361643565323238376334333637363232626139333664643065613237666532
- 31623032613763303136353232323837376637336431306534306336356165363039666634336433
- 30376464323862373833
-
-nfs_shares:
- - name: nextcloud_data
- path: /mnt/data/nextcloud/data
- - name: radicale
- path: /mnt/data/radicale
- - name: freshrss_data
- path: /mnt/data/freshrss/data
- - name: freshrss_extensions
- path: /mnt/data/freshrss/extensions
- - name: pihole_data
- path: /mnt/data/pihole/data
- - name: pihole_dnsmasq
- path: /mnt/data/pihole/dnsmasq
- - name: hedgedoc_uploads
- path: /mnt/data/hedgedoc/uploads
- - name: traefik_acme
- path: /mnt/data/traefik/acme
- - name: seafile_data
- path: /mnt/data/seafile/data
- - name: seafile_db
- path: /mnt/data/seafile/db
- - name: mastodon_system
- path: /mnt/data/mastodon/system
- - name: mastodon_redis
- path: /mnt/data/mastodon/redis
- - name: forgejo
- path: /mnt/data/forgejo
- - name: overleaf
- path: /mnt/data/overleaf/data
- - name: overleaf_redis
- path: /mnt/data/overleaf/redis
- - name: overleaf_mongodb
- path: /mnt/data/overleaf/mongodb
- - name: prometheus_data
- path: /mnt/data/prometheus/data
- - name: elasticsearch_certs
- path: /mnt/data/elasticsearch/certs
- - name: elasticsearch_data
- path: /mnt/data/elasticsearch/data
- - name: grafana_data
- path: /mnt/data/grafana/data
- - name: kitchenowl_data
- path: /mnt/data/kitchenowl/data
- - name: ampache_mysql
- path: /mnt/data/ampache/mysql
- - name: ampache_config
- path: /mnt/data/ampache/config
- - name: music
- path: /mnt/data/nextcloud/data/data/pim/files/Music
- - name: syncthing_config
- path: /mnt/data/syncthing/config
-
-database_passwords:
- nextcloud: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 66326230303135303930363761316534313439383365376231623661316635393839336431313262
- 3832626365376533646561653863316364313135343366330a356136343938666133356532613263
- 39663037623232363266376335643834353735363431636535386566643763386463353962663930
- 3466343563353162320a376437353933656166323364323166376663323531373338656563653463
- 33346263626430616164613937363836343430383233393061643231346661656539623938333631
- 3632373964346139316637663364646132636636373461613534
- hedgedoc: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 63363464666633663762393135333362613966636338623533393132376338343339653431396465
- 6634643863623163366235393434343662313735363438610a373065363361326565633766633835
- 38383637343230363031636634623930666365333739323162313937656239646166613738393965
- 3533666462303563360a313233306335396234393932396331313238376464363964363839396164
- 66366662356135343035363935616664613831626131376330643133313530636431613266636165
- 6265613666616164373637356235396165383662333561393939
- mastodon: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 63616366396665663161376161373735626466353464393963333136336335376662326232613639
- 6166333137376131633761623163306165386562666639640a313136386431373161306331626638
- 34643433396232383962643964386631313632393161316261353331346163333261336666646563
- 6232666231653732630a396638396462323464613033306662313463663262626430363432663465
- 63623935303861663565633739363539326435623561396535623034663735373232336633303037
- 6266323136316238343963613332396261346337646264646162
diff --git a/legacy/projects/thecloud/ansible/inventory/hosts.yml b/legacy/projects/thecloud/ansible/inventory/hosts.yml
deleted file mode 100644
index 19e626d..0000000
--- a/legacy/projects/thecloud/ansible/inventory/hosts.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-all:
- hosts:
- thecloud:
- ansible_user: root
- ansible_host: thecloud.dmz
diff --git a/legacy/projects/thecloud/ansible/requirements.yml b/legacy/projects/thecloud/ansible/requirements.yml
deleted file mode 100644
index 43e6eca..0000000
--- a/legacy/projects/thecloud/ansible/requirements.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: apt
- src: https://github.com/sunscrapers/ansible-role-apt.git
- scm: git
diff --git a/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml b/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml
deleted file mode 100644
index a09812e..0000000
--- a/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- name: restart postgres
- systemd:
- name: postgresql
- state: restarted
diff --git a/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml b/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml
deleted file mode 100644
index d3e811e..0000000
--- a/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: Open postgres port
- ini_file:
- path: /etc/postgresql/15/main/postgresql.conf
- section: null
- option: listen_addresses
- value: "'*'"
- notify: restart postgres
-
-- name: Change data directory
- ini_file:
- path: /etc/postgresql/15/main/postgresql.conf
- section: null
- option: data_directory
- value: "'/mnt/data/postgresql'"
- notify: restart postgres
diff --git a/legacy/projects/thecloud/ansible/share.yml b/legacy/projects/thecloud/ansible/share.yml
deleted file mode 100644
index 7957bf8..0000000
--- a/legacy/projects/thecloud/ansible/share.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-- name: Create databases and NFS shares
- hosts: thecloud
- handlers:
- - name: reload nfs
- systemd:
- name: nfs-kernel-server
- state: restarted
-
- tasks:
- - name: Create nfs shares
- with_items: "{{ nfs_shares }}"
- copy:
- dest: "/etc/exports.d/{{ item.name }}.exports"
- content: "{{ item.path }} *(rw,sync,no_subtree_check,no_root_squash)"
- notify: reload nfs
-
- - name: Create databases
- with_items: "{{ database_passwords | dict2items }}"
- include_role:
- name: postgresql_database
- vars:
- database_name: "{{ item.key }}"
- database_user: "{{ item.key }}"
- database_password: "{{ item.value }}"
diff --git a/legacy/projects/thecloud/ansible/thecloud.yml b/legacy/projects/thecloud/ansible/thecloud.yml
deleted file mode 100644
index f019457..0000000
--- a/legacy/projects/thecloud/ansible/thecloud.yml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-- name: Wait for Cloud-Init to finish
- hosts: all
- gather_facts: no
- roles:
- - cloudinit_wait
-
-- name: Setup NFS
- hosts: thecloud
-
- roles:
- - {role: apt, tags: apt}
- - {role: postgresql, tags: postgresql}
-
- post_tasks:
- - name: Ensure NFS exports directory exists
- file:
- path: /etc/exports.d
- state: directory
-
- - name: Start NFS
- systemd:
- name: nfs-kernel-server
- state: started
- enabled: true
-
- - name: Enable Qemu guest agent
- systemd:
- name: qemu-guest-agent
- state: started
- enabled: true
diff --git a/legacy/projects/thecloud/data/main.tf b/legacy/projects/thecloud/data/main.tf
deleted file mode 100644
index cf09328..0000000
--- a/legacy/projects/thecloud/data/main.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-terraform {
- backend "pg" {
- schema_name = "thecloud-data"
- conn_str = "postgresql://terraform@jefke.hyp/terraformstates"
- }
-
- required_providers {
- libvirt = {
- source = "dmacvicar/libvirt"
- version = "0.7.1" # https://github.com/dmacvicar/terraform-provider-libvirt/issues/1040
- }
- }
-}
-
-# https://libvirt.org/uri.html#libssh-and-libssh2-transport
-provider "libvirt" {
- uri = "qemu+ssh://root@lewis.hyp/system?known_hosts=/etc/ssh/ssh_known_hosts"
-}
-
-module "data_pool" {
- source = "../../../terraform_modules/setup/data"
-}
-
-resource "libvirt_volume" "data" {
- name = "thecloud-data.qcow2"
- pool = "data"
- size = 1024 * 1024 * 1024 * 150
-}
-
-output "data_disk_id" {
- value = libvirt_volume.data.id
-}
diff --git a/legacy/projects/thecloud/vm/main.tf b/legacy/projects/thecloud/vm/main.tf
deleted file mode 100644
index 25307cb..0000000
--- a/legacy/projects/thecloud/vm/main.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-terraform {
- backend "pg" {
- schema_name = "thecloud"
- conn_str = "postgresql://terraform@jefke.hyp/terraformstates"
- }
-
- required_providers {
- libvirt = {
- source = "dmacvicar/libvirt"
- version = "0.7.1" # https://github.com/dmacvicar/terraform-provider-libvirt/issues/1040
- }
- }
-}
-
-# https://libvirt.org/uri.html#libssh-and-libssh2-transport
-provider "libvirt" {
- alias = "lewis"
- uri = "qemu+ssh://root@lewis.hyp/system?known_hosts=/etc/ssh/ssh_known_hosts"
-}
-
-module "setup_lewis" {
- source = "../../../terraform_modules/setup"
- providers = {
- libvirt = libvirt.lewis
- }
-}
-
-module "thecloud" {
- source = "../../../terraform_modules/debian"
- name = "thecloud"
- ram = 1024
- storage = 25
- mac = "CA:FE:C0:FF:EE:0A"
- data_disk = "/mnt/data/volumes/thecloud-data.qcow2"
- providers = {
- libvirt = libvirt.lewis
- }
-
- depends_on = [ module.setup_lewis ]
-}