diff --git a/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2 deleted file mode 100644 index 315f639..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/ampache/docker-stack.yml.j2 +++ /dev/null @@ -1,56 +0,0 @@ -# vi: ft=yaml -version: '3.7' - -networks: - traefik: - external: true - -volumes: - ampache_mysql: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/ampache/mysql" - ampache_config: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/ampache/config" - music: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/nextcloud/data/data/pim/files/Music" - -services: - ampache: - image: ampache/ampache:6 - volumes: - - type: volume - source: ampache_mysql - target: /var/lib/mysql - volume: - nocopy: true - - type: volume - source: ampache_config - target: /var/www/config - volume: - nocopy: true - - type: volume - source: music - target: /media - read_only: true - volume: - nocopy: true - networks: - - traefik - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.ampache.entrypoints=websecure - - traefik.http.routers.ampache.rule=Host(`music.kun.is`) - - traefik.http.routers.ampache.tls=true - - traefik.http.routers.ampache.tls.certresolver=letsencrypt - - traefik.http.routers.ampache.service=ampache - - traefik.http.services.ampache.loadbalancer.server.port=80 - - traefik.docker.network=traefik diff --git a/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml deleted file mode 100644 index 3e730ce..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/ampache/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: ampache - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2 deleted file mode 100644 index 4736a50..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/discourse/docker-stack.yml.j2 +++ /dev/null @@ -1,106 +0,0 @@ -# vi: ft=yaml -version: '3' - -networks: - traefik: - external: true - discourse: - -services: - discourse-app: - image: tiredofit/discourse:latest - deploy: - placement: - constraints: - - "node.labels.discourse == true" - labels: - - traefik.enable=true - - traefik.http.routers.discourse.entrypoints=localsecure - - traefik.http.routers.discourse.rule=Host(`tuindersweijde.geokunis2.nl`) - - traefik.http.services.discourse.loadbalancer.server.port=3000 - - traefik.http.routers.discourse.tls=true - - traefik.http.routers.discourse.tls.certresolver=letsencrypt - volumes: - - type: bind - source: /mnt/data/discourse/logs - target: /data/logs - - type: bind - source: /mnt/data/discourse/uploads - target: /data/uploads - - type: bind - source: /mnt/data/discourse/backups - target: /data/backups - environment: - - TIMEZONE=Europe/Amsterdam - - CONTAINER_NAME=discourse-app - - - DB_HOST=discourse-db - - DB_NAME=discourse - - DB_USER=discourse - - DB_PASS={{ database_password }} - - - REDIS_HOST=discourse-redis - - SITE_HOSTNAME=discourse.pim.kunis.nl - - - SMTP_PORT=25 - - SMTP_HOST=smtp.tweak.nl - - - DEVELOPER_EMAILS=niels@kunis.nl - networks: - - traefik - - discourse - - discourse-db: - image: tiredofit/postgres:15-latest - deploy: - placement: - constraints: - - "node.labels.discourse == true" - volumes: - - type: bind - source: /mnt/data/discourse/database - target: /var/lib/postgresql/data - environment: - - TIMEZONE=Europe/Amsterdam - - CONTAINER_NAME=discourse-db - - - POSTGRES_DB=discourse - - POSTGRES_USER=discourse - - POSTGRES_PASSWORD={{ database_password }} - - SUPERUSER_PASS={{ database_password }} - networks: - - discourse - - discourse-redis: - image: tiredofit/redis:7 - deploy: - placement: - constraints: - - "node.labels.discourse == true" - volumes: - - type: bind - source: /mnt/data/discourse/redis - target: /var/lib/redis - environment: - - TIMEZONE=Europe/Amsterdam - - CONTAINER_NAME=discourse-redis - networks: - - discourse - - # discourse-db-backup: - # image: tiredofit/db-backup - # volumes: - # - ./dbbackup:/backup - # environment: - # - TIMEZONE=America/Vancouver - # - CONTAINER_NAME=discourse-db-backup - # - DB_HOST=discourse-db - # - DB_TYPE=postgres - # - DB_NAME=discourse - # - DB_USER=discourse - # - DB_PASS=password - # - DB_DUMP_FREQ=1440 - # - DB_DUMP_BEGIN=0000 - # - DB_CLEANUP_TIME=8640 - # networks: - # - discourse \ No newline at end of file diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml deleted file mode 100644 index c7c9a16..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/discourse/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: discourse - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml deleted file mode 100644 index 05d4fef..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/discourse/vars/main.yml +++ /dev/null @@ -1,7 +0,0 @@ -database_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 32323538323136633363393961343364363933396431376437633361333232383938336531396537 - 3730306164303364363739376633633431383534646135380a326663396338396461623037613637 - 37666630333433393764373864346262383536656664343631386234386438333263626166363633 - 3735633562323361330a353735366562663631363634343438326562646533663839383932343263 - 38366538336466373733313130616330326238653966623037343336326132356565 diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2 deleted file mode 100644 index 0eaa9ac..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2 +++ /dev/null @@ -1,87 +0,0 @@ -# vi: ft=yaml -version: '3.5' - -networks: - traefik: - external: true - jitsi: - -services: - web: - image: jitsi/web:stable-8218 - environment: - - DISABLE_HTTPS=1 - - ENABLE_AUTH=0 - - ENABLE_GUESTS=1 - - ENABLE_IPV6=1 - - ENABLE_LETSENCRYPT=0 - - PUBLIC_URL=https://meet.pim.kunis.nl - - TZ=Europe/Amsterdam - networks: - - jitsi - - traefik - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.jitsi-web.entrypoints=websecure - - traefik.http.routers.jitsi-web.rule=Host(`meet.pim.kunis.nl`) - - traefik.http.routers.jitsi-web.tls=true - - traefik.http.routers.jitsi-web.tls.certresolver=letsencrypt - - traefik.http.services.jitsi-web.loadbalancer.server.port=80 - - traefik.http.routers.jitsi-web.service=jitsi-web - - traefik.docker.network=traefik - - prosody: - image: jitsi/prosody:stable-8218 - expose: - - '5222' - - '5347' - - '5280' - environment: - - AUTH_TYPE=internal - - ENABLE_AUTH=0 - - ENABLE_GUESTS=1 - - ENABLE_IPV6=1 - - ENABLE_LOBBY=1 - - JIBRI_RECORDER_PASSWORD={{ jitsi_password }} - - JIBRI_XMPP_PASSWORD={{ jitsi_password }} - - JICOFO_AUTH_PASSWORD={{ jitsi_password }} - - JIGASI_XMPP_PASSWORD={{ jitsi_password }} - - JVB_AUTH_PASSWORD={{ jitsi_password }} - - PUBLIC_URL=https://meet.pim.kunis.nl - - TZ=Europe/Amsterdam - networks: - jitsi: - aliases: - - xmpp.meet.jitsi - - jicofo: - image: jitsi/jicofo:stable-8218 - environment: - - AUTH_TYPE=internal - - ENABLE_AUTH=0 - - JICOFO_AUTH_PASSWORD={{ jitsi_password }} - - SENTRY_DSN=0 - - TZ=Europe/Amsterdam - depends_on: - - prosody - networks: - - jitsi - - jvb: - image: jitsi/jvb:stable-8218 - ports: - - '54562:54562/udp' - environment: - - JVB_ADVERTISE_IPS=84.245.14.149,192.168.30.8 - - JVB_AUTH_PASSWORD={{ jitsi_password }} - - JVB_PORT=54562 - - PUBLIC_URL=https://meet.pim.kunis.nl - - SENTRY_DSN=0 - - COLIBRI_REST_ENABLED=0 - - TZ=Europe/Amsterdam - depends_on: - - prosody - networks: - - jitsi - - traefik diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml deleted file mode 100644 index 1e46217..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: jitsi - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml deleted file mode 100644 index 090d3aa..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml +++ /dev/null @@ -1,8 +0,0 @@ -jitsi_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 66633139653639396435333239316536326366613338646531373063306333383562613462316561 - 6630373435326631376362643961343936626238663332630a623631613532366539633637333032 - 35383031306566613466643066366361663039633864643733356366386339366265326237653739 - 3062313832313638330a636131393130646564366563626430346436656236333961306363633435 - 39353934386631633132306562396430303738393235656363356666663934626161363365343162 - 6130346338333734653961633037386133396332643831363939 diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2 deleted file mode 100644 index f40c944..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2 +++ /dev/null @@ -1,131 +0,0 @@ -# vi: ft=yaml -version: '3' - -networks: - traefik: - external: true - mastodon: - -volumes: - system: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/mastodon/system" - redis: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/mastodon/redis" - -services: - redis: - image: redis:7-alpine - networks: - mastodon: - aliases: - - redis - healthcheck: - test: ['CMD', 'redis-cli', 'ping'] - volumes: - - type: volume - source: redis - target: /data - volume: - nocopy: true - - web: - image: tootsuite/mastodon:v4.1 - environment: - - 'OTP_SECRET={{ otp_secret }}' - - 'SECRET_KEY_BASE={{ secret_key_base }}' - - 'REDIS_HOST=redis' - - 'DB_HOST=lewis.dmz' - - 'DB_USER=mastodon' - - 'DB_NAME=mastodon' - - 'DB_PASS={{ database_passwords.mastodon }}' - - 'VAPID_PRIVATE_KEY={{ vapid_private_key }}' - - 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g=' - - 'SMTP_SERVER=smtp.tweak.nl' - - 'SMTP_PORT=587' - - 'SMTP_LOGIN=' - - 'SMTP_PASSWORD=' - - 'SMTP_FROM_ADDRESS=mastodon@kunis.nl' - - 'LOCAL_DOMAIN=social.pizzapim.nl' - command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" - networks: - - mastodon - - traefik - healthcheck: - test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1'] - volumes: - - type: volume - source: system - target: /mastodon/public/system - volume: - nocopy: true - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.mastodon.entrypoints=websecure - - traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`) - - traefik.http.routers.mastodon.tls=true - - traefik.http.routers.mastodon.tls.certresolver=letsencrypt - - traefik.http.services.mastodon.loadbalancer.server.port=3000 - - traefik.http.routers.mastodon.service=mastodon - - traefik.docker.network=traefik - depends_on: - - redis - - streaming: - image: tootsuite/mastodon:v4.1 - command: node ./streaming - environment: - - 'REDIS_HOST=redis' - - 'LOCAL_DOMAIN=social.pizzapim.nl' - - 'DB_HOST=lewis.dmz' - - 'DB_USER=mastodon' - - 'DB_NAME=mastodon' - - 'DB_PASS={{ database_passwords.mastodon }}' - networks: - - mastodon - - traefik - healthcheck: - # prettier-ignore - test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1'] - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.mastodon-streaming.entrypoints=websecure - - "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))" - - traefik.http.routers.mastodon-streaming.service=mastodon-streaming - - traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000 - - traefik.http.routers.mastodon-streaming.tls=true - - traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt - - traefik.docker.network=traefik - depends_on: - - redis - - sidekiq: - image: tootsuite/mastodon:v4.1 - command: bundle exec sidekiq - environment: - - 'OTP_SECRET={{ otp_secret }}' - - 'SECRET_KEY_BASE={{ secret_key_base }}' - - 'REDIS_HOST=redis' - - 'DB_HOST=lewis.dmz' - - 'DB_USER=mastodon' - - 'DB_NAME=mastodon' - - 'DB_PASS={{ database_passwords.mastodon }}' - networks: - - mastodon - volumes: - - type: volume - source: system - target: /mastodon/public/system - volume: - nocopy: true - healthcheck: - test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] - depends_on: - - redis diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml deleted file mode 100644 index 531e13e..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/mastodon/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: mastodon - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml deleted file mode 100644 index eed2d71..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/mastodon/vars/main.yml +++ /dev/null @@ -1,42 +0,0 @@ -mastodon_postgres_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 34643131323762373635383736636432643161646130373565333432323337646435656233383131 - 3066353734373938353162656335666536323265643162620a663562303636383737393061396331 - 30353538326333393031373736363933666636383866373763303237376561333061323131303062 - 3532316632613062310a343566393237363364613931353062636537663864383839623930383836 - 32613634616335616462336261303632646266326663383166366236643438616538626263343835 - 6539616439636364626466333163316164633631616132623665 -otp_secret: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 33303436663063313039636335623937343530323636346363306234333135306138653337313034 - 3337363432363734353363623738653630373536653433350a356336383235383430613934623937 - 36316638343439376134383635336630313065623138326630303131333136626636386361313661 - 6134613862366463300a313765366136343431343838363230363134613164373931623564626466 - 32623137666364326234383264396336636561313132313930383964656434656535663861343337 - 65316331323335626464626231653236313932663334316134633837646330303563633162373036 - 66326135656531393839343138376666623337616162653137393764306265323065356431343162 - 36373135303339356366356263623334373361326561396562353332323363623738626132303738 - 38383638616363386536386461353465353765366234353862653765376330663661326138626266 - 30633134643632393630323834323538326339373361363235666133303761323261336637663862 - 326633383933663530653230336364653461 -secret_key_base: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 32373731376166613238303535646633326162613137366165643037643966643637316265653832 - 3035393061616431666162373133393666653634386338350a376136653961646239656534336230 - 33366235343365653234333866393965643131306636373566623665646562353234323065393262 - 6264313430333262390a626338333932363137356338636132636133613239633537623064666438 - 32343063653664393530353536643963353364373830303563346163613862653161343165363062 - 61396630353036333634313033663962613930336637323461313731633136366365623732306337 - 37646265613639306133373736353365366461373264356665623236313836633565343764626238 - 38353637613064306162393430323662616231623965643933383339616561353963663366396363 - 33346332343336386266636165616135343732353365336630653334383533633831636138623733 - 34396266643166386130383334666565303865396135613863336261656135343564376537383634 - 353635336365613765363931373636363465 -vapid_private_key: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 33376430313539346137343237313061653164343861623563656638306539373837393364326235 - 3435396264613533633138346231303137663763323361360a356137306330343939353732356535 - 33396336633966623266396265356435343633373766363637616635326563623130653039343665 - 3465306562306261660a303131666436333137306139366636646232333061383935353263396534 - 63376635393966653636316236316538656361393631626465383233386136313366363531363663 - 3436326431353435653666356266333835303061616436323061 diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2 deleted file mode 100644 index 3fbd2e2..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/monitoring/docker-stack.yml.j2 +++ /dev/null @@ -1,132 +0,0 @@ -# vi: ft=yaml -version: "3.8" - -networks: - traefik: - external: true - grafana: - -configs: - esdatasource: - external: true - name: "{{ esdatasource.config_name }}" - fluentconf: - external: true - name: "{{ fluentconf.config_name }}" - -volumes: - escerts: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/elasticsearch/certs" - esdata: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/elasticsearch/data" - grafanadata: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/grafana/data" - -services: - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:8.8.1 - volumes: - - type: volume - source: escerts - target: /usr/share/elasticsearch/config/certs - volume: - nocopy: true - - type: volume - source: esdata - target: /usr/share/elasticsearch/data - volume: - nocopy: true - ports: - - {{ elasticsearch_port }}:9200 - environment: - - node.name=es01 - - cluster.name=shoarma - - discovery.type=single-node - - bootstrap.memory_lock=true - - xpack.security.enabled=false - - xpack.security.http.ssl.enabled=false - - xpack.security.http.ssl.key=certs/es01/es01.key - - xpack.security.http.ssl.certificate=certs/es01/es01.crt - - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt - - xpack.security.transport.ssl.enabled=false - - xpack.security.transport.ssl.key=certs/es01/es01.key - - xpack.security.transport.ssl.certificate=certs/es01/es01.crt - - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.license.self_generated.type=basic - ulimits: - memlock: - soft: -1 - hard: -1 - healthcheck: - test: - [ - "CMD-SHELL", - "curl http://localhost:9200 | grep -q 'You Know, for Search'", - ] - interval: 10s - timeout: 10s - retries: 120 - - grafana: - image: grafana/grafana-oss - depends_on: - - elasticsearch - networks: - - traefik - - grafana - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.grafana.entrypoints=localsecure - - traefik.http.routers.grafana.rule=Host(`grafana.kun.is`) - - traefik.http.routers.grafana.tls=true - - traefik.http.routers.grafana.tls.certresolver=letsencrypt - - traefik.http.routers.grafana.service=grafana - - traefik.http.services.grafana.loadbalancer.server.port=3000 - - traefik.docker.network=traefik - volumes: - - type: volume - source: grafanadata - target: /var/lib/grafana - volume: - nocopy: true - configs: - - source: esdatasource - target: /etc/grafana/provisioning/datasources/elasticsearch.yaml - - grafana-ntfy: - image: kittyandrew/grafana-to-ntfy:master - depends_on: - - grafana - ports: - - 8080:8080 - networks: - grafana: - aliases: - - grafana-ntfy - environment: - - NTFY_URL=https://ntfy.kun.is/alerts - - NTFY_BAUTH_USER=pim - - NTFY_BAUTH_PASS={{ ntfy_password }} - - BAUTH_USER=admin - - BAUTH_PASS=test - - fluentd: - image: git.kun.is/pim/fluentd:1.0.3 - depends_on: - - elasticsearch - ports: - - {{ fluent_forward_port }}:24224 - configs: - - source: fluentconf - target: /fluentd/etc/fluent.conf diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2 deleted file mode 100644 index 90fee48..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/monitoring/elasticsearch.yml.j2 +++ /dev/null @@ -1,35 +0,0 @@ -# vi: ft=yaml -apiVersion: 1 - -datasources: - - name: cpu - type: elasticsearch - access: proxy - url: http://maestro.dmz:{{ elasticsearch_port }} - jsonData: - index: 'fluentd.cpu-*' - timeField: '@timestamp' - - - name: memory - type: elasticsearch - access: proxy - url: http://maestro.dmz:{{ elasticsearch_port }} - jsonData: - index: 'fluentd.memory-*' - timeField: '@timestamp' - - - name: diskfree - type: elasticsearch - access: proxy - url: http://maestro.dmz:{{ elasticsearch_port }} - jsonData: - index: 'fluentd.diskfree-*' - timeField: '@timestamp' - - - name: traefik_access - type: elasticsearch - access: proxy - url: http://maestro.dmz:{{ elasticsearch_port }} - jsonData: - index: 'fluentd.access.traefik-*' - timeField: '@timestamp' diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2 b/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2 deleted file mode 100644 index dd030ba..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/monitoring/fluent.conf.j2 +++ /dev/null @@ -1,35 +0,0 @@ -# vi: ft=yaml -# Receive events from 24224/tcp -# This is used by log forwarding and the fluent-cat command - - @type forward - port {{ fluent_forward_port }} - - - - @type geoip - geoip_lookup_keys host - backend_library geoip2_c - - latitude ${location.latitude["host"]} - longitude ${location.longitude["host"]} - - skip_adding_null_record true - - - - @type elasticsearch - host maestro.dmz - port {{ elasticsearch_port }} - include_timestamp true - logstash_format true - logstash_prefix fluentd.${tag} - - - - @type null - - - - log_level info - diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml deleted file mode 100644 index 191f846..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/monitoring/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ -- name: Create fluentd config - docker_config: - name: fluentconf - data: "{{ lookup('template', '{{ role_path }}/fluent.conf.j2') }}" - use_ssh_client: true - rolling_versions: true - register: fluentconf - -- name: Create elasticsearch data source config - docker_config: - name: esdatasource - data: "{{ lookup('template', '{{ role_path }}/elasticsearch.yml.j2') }}" - use_ssh_client: true - rolling_versions: true - register: esdatasource - -- name: Deploy Docker stack - docker_stack: - name: monitoring - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml deleted file mode 100644 index 326b722..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/monitoring/vars/main.yml +++ /dev/null @@ -1,8 +0,0 @@ -ntfy_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 36333232393635383732336630626463633038353862333430396437333733376239343531663339 - 6364643930636566326463393963316263323061613032350a383930376537373437633333623639 - 66613439636531393761366534333134383231303637643063633537393535356536636530666665 - 6537653731666130610a346135373562333931646237396233613065353165623336373935386137 - 36313830623931313238333430346238626562353661616465333736346230396162386137363435 - 3362636565336639643832626165613236643466633537633236 diff --git a/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2 deleted file mode 100644 index 033bbb8..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/overleaf/docker-stack.yml.j2 +++ /dev/null @@ -1,112 +0,0 @@ -# vi: ft=yaml -version: '3' -networks: - traefik: - external: true - overleaf: - -volumes: - data: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/overleaf/data" - redis: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/overleaf/redis" - mongodb: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/overleaf/mongodb" - -services: - sharelatex: - image: sharelatex/sharelatex:3 - networks: - - traefik - - overleaf - depends_on: - - overleaf-mongodb - - overleaf-redis - stop_grace_period: 60s - volumes: - - type: volume - source: data - target: /var/lib/sharelatex - volume: - nocopy: true - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.overleaf.entrypoints=websecure - - traefik.http.routers.overleaf.rule=Host(`latex.kun.is`) - - traefik.http.routers.overleaf.tls=true - - traefik.http.routers.overleaf.tls.certresolver=letsencrypt - - traefik.http.routers.overleaf.service=overleaf - - traefik.http.services.overleaf.loadbalancer.server.port=80 - - traefik.docker.network=traefik - environment: - SHARELATEX_APP_NAME: Overleaf Community Edition - - SHARELATEX_MONGO_URL: mongodb://overleaf-mongodb:27017/sharelatex - - # Same property, unfortunately with different names in - # different locations - SHARELATEX_REDIS_HOST: overleaf-redis - REDIS_HOST: overleaf-redis - - ENABLED_LINKED_FILE_TYPES: 'project_file,project_output_file' - - # Enables Thumbnail generation using ImageMagick - ENABLE_CONVERSIONS: 'true' - - # Disables email confirmation requirement - EMAIL_CONFIRMATION_DISABLED: 'true' - - # temporary fix for LuaLaTex compiles - # see https://github.com/overleaf/overleaf/issues/695 - TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var - - SHARELATEX_SITE_URL: https://latex.kun.is - SHARELATEX_ADMIN_EMAIL: pim@kunis.nl - - SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@kunis.nl" - - SHARELATEX_EMAIL_SMTP_HOST: "smtp.tweak.nl" - SHARELATEX_EMAIL_SMTP_PORT: 587 - SHARELATEX_EMAIL_SMTP_USER: "" - SHARELATEX_EMAIL_SMTP_PASS: "" - - overleaf-mongodb: - image: mongo:4.4 - networks: - - overleaf - expose: - - 27017 - volumes: - - type: volume - source: mongodb - target: /data/db - volume: - nocopy: true - healthcheck: - test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet - interval: 10s - timeout: 10s - retries: 5 - - overleaf-redis: - image: redis:5 - networks: - - overleaf - expose: - - 6379 - volumes: - - type: volume - source: redis - target: /data - volume: - nocopy: true diff --git a/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml deleted file mode 100644 index fc3a917..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/overleaf/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: overleaf - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2 deleted file mode 100644 index c7fc2ac..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2 +++ /dev/null @@ -1,73 +0,0 @@ -# vi: ft=yaml -version: '3' - -networks: - traefik: - external: true - seafile: - -volumes: - data: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/seafile/data" - db: - driver_opts: - type: "nfs" - o: "addr=lewis.dmz,nolock,soft,rw" - device: ":/mnt/data/seafile/db" - -services: - db: - image: mariadb:10.5 - environment: - - MYSQL_ROOT_PASSWORD={{ db_root_passwd }} - - MYSQL_LOG_CONSOLE=true - volumes: - - type: volume - source: db - target: /var/lib/mysql - volume: - nocopy: true - networks: - - seafile - - memcached: - image: memcached:1.6 - entrypoint: memcached -m 256 - networks: - - seafile - - seafile: - image: seafileltd/seafile-mc:9.0.10 - volumes: - - type: volume - source: data - target: /shared - volume: - nocopy: true - environment: - - DB_HOST=db - - DB_ROOT_PASSWD={{ db_root_passwd }} - - TIME_ZONE=Europe/Amsterdam - - SEAFILE_ADMIN_EMAIL={{ seafile_admin_email }} - - SEAFILE_ADMIN_PASSWORD={{ seafile_admin_password }} - - SEAFILE_SERVER_LETSENCRYPT=false - - SEAFILE_SERVER_HOSTNAME={{ seafile_domain }} - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.seafile.entrypoints=websecure - - traefik.http.routers.seafile.rule=Host(`{{ seafile_domain }}`) - - traefik.http.routers.seafile.tls=true - - traefik.http.routers.seafile.tls.certresolver=letsencrypt - - traefik.http.services.seafile.loadbalancer.server.port=80 - - traefik.http.routers.seafile.service=seafile - - traefik.docker.network=traefik - depends_on: - - db - - memcached - networks: - - traefik - - seafile diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml deleted file mode 100644 index c63c02d..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: seafile - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml deleted file mode 100644 index 3245d42..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml +++ /dev/null @@ -1,18 +0,0 @@ -db_root_passwd: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 62376163363033396161363264613836623734623835316439666331356464636633393237313236 - 3731383961393939366165393537663435356166643966650a353132616166353630333733636639 - 63616163346566336461313264326562393964643661613831316233326165623463613865636637 - 6363363331333430320a366661356232393036383765353066623334656133313661636130666238 - 32336561323431303730373262343534326539383932613533623232376330646230363363636135 - 3266336663623037663838643936366437663831356634333930 -seafile_admin_email: niels@kunis.nl -seafile_admin_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 34366163396632343065636232363435633039373236363461383563363162626561653763383438 - 3263393539663030363532353238633262616339343436370a613631323064303637623266653832 - 64323834356664316265376132633863666136316239623862643962366637306238343933386134 - 6237396238383232360a386637303639646136653134643737393735383661626539386134643333 - 35313536323963303734353338636162666236343430623062373464653531353230366238326231 - 6661363038393534373861643261383561386536613337396539 -seafile_domain: files.geokunis2.nl diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2 deleted file mode 100644 index 2ac91e8..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/shephard/docker-stack.yml.j2 +++ /dev/null @@ -1,60 +0,0 @@ -# vi: ft=yaml -version: "3" - -networks: - shephard: - -services: - app: - image: mazzolino/shepherd - networks: - - shephard - environment: - TZ: 'Europe/Amsterdam' - FILTER_SERVICES: '' - IGNORELIST_SERVICES: "" - RUN_ONCE_AND_EXIT: "true" - APPRISE_SIDECAR_URL: apprise:5000 - volumes: - - type: bind - source: /var/run/docker.sock - target: /var/run/docker.sock - read_only: true - deploy: - replicas: 0 - restart_policy: - condition: none - labels: - - swarm.cronjob.enable=true - - "swarm.cronjob.schedule=0 2 * * *" - - swarm.cronjob.skip-running=true - placement: - constraints: - - node.role == manager - - scheduler: - image: crazymax/swarm-cronjob:latest - volumes: - - type: bind - source: /var/run/docker.sock - target: /var/run/docker.sock - read_only: true - environment: - - "TZ=Europe/Amsterdam" - - "LOG_LEVEL=info" - - "LOG_JSON=false" - deploy: - placement: - constraints: - - node.role == manager - - apprise: - image: mazzolino/apprise-microservice:0.1 - environment: - NOTIFICATION_URLS: {{ apprise_urls }} - networks: - - shephard - deploy: - placement: - constraints: - - node.role == manager diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml deleted file mode 100644 index 41bf642..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/shephard/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Deploy Docker stack - docker_stack: - name: shephard - compose: - - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml b/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml deleted file mode 100644 index f02cab7..0000000 --- a/legacy/projects/docker_swarm/ansible/roles/shephard/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -apprise_urls: "apprises://apprise.kun.is:444/shephard" diff --git a/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2 index 804b55d..c803f84 100644 --- a/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2 +++ b/legacy/projects/docker_swarm/ansible/roles/traefik/docker-stack.yml.j2 @@ -54,36 +54,6 @@ services: - traefik.http.routers.esrom.rule=Host(`geokunis2.nl`) - traefik.http.routers.esrom.tls=true - traefik.http.routers.esrom.tls.certresolver=letsencrypt - - - traefik.http.routers.uptime.entrypoints=localsecure - - traefik.http.routers.uptime.rule=Host(`uptime.kun.is`) - - traefik.http.routers.uptime.service=uptime@file - - traefik.http.routers.uptime.tls=true - - traefik.http.routers.uptime.tls.certresolver=letsencrypt - - - traefik.http.routers.ntfy.entrypoints=websecure - - traefik.http.routers.ntfy.rule=Host(`ntfy.kun.is`) - - traefik.http.routers.ntfy.service=ntfy@file - - traefik.http.routers.ntfy.tls=true - - traefik.http.routers.ntfy.tls.certresolver=letsencrypt - - - traefik.http.routers.apprise.entrypoints=localsecure - - traefik.http.routers.apprise.rule=Host(`apprise.kun.is`) - - traefik.http.routers.apprise.service=apprise@file - - traefik.http.routers.apprise.tls=true - - traefik.http.routers.apprise.tls.certresolver=letsencrypt - - - traefik.http.routers.concourse.entrypoints=websecure - - traefik.http.routers.concourse.rule=Host(`ci.kun.is`) - - traefik.http.routers.concourse.service=concourse@file - - traefik.http.routers.concourse.tls=true - - traefik.http.routers.concourse.tls.certresolver=letsencrypt - - - traefik.http.routers.discourse.entrypoints=websecure - - traefik.http.routers.discourse.rule=Host(`tuindersweijde.geokunis2.nl`) - - traefik.http.routers.discourse.service=discourse@file - - traefik.http.routers.discourse.tls=true - - traefik.http.routers.discourse.tls.certresolver=letsencrypt volumes: - type: bind source: /var/run/docker.sock diff --git a/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml b/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml index 648519a..9823a9b 100644 --- a/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml +++ b/legacy/projects/docker_swarm/ansible/roles/traefik/services.yml @@ -4,23 +4,3 @@ http: loadBalancer: servers: - url: http://esrom.dmz:80/ - uptime: - loadBalancer: - servers: - - url: http://iris.dmz:3001 - ntfy: - loadBalancer: - servers: - - url: http://iris.dmz:3002 - apprise: - loadBalancer: - servers: - - url: http://iris.dmz:3003 - concourse: - loadBalancer: - servers: - - url: http://concourse.dmz:3000 - discourse: - loadBalancer: - servers: - - url: http://forum.dmz:80 diff --git a/legacy/projects/thecloud/README.md b/legacy/projects/thecloud/README.md deleted file mode 100644 index cdfb7bd..0000000 --- a/legacy/projects/thecloud/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# thecloud - -Thecloud is a Debian VM that provides network availability to all our persistent data: -- NFS for network files -- Postgresql for databases \ No newline at end of file diff --git a/legacy/projects/thecloud/ansible/ansible.cfg b/legacy/projects/thecloud/ansible/ansible.cfg deleted file mode 100644 index 3b55258..0000000 --- a/legacy/projects/thecloud/ansible/ansible.cfg +++ /dev/null @@ -1,8 +0,0 @@ -[defaults] -roles_path=../../../ansible_roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles -inventory=inventory -vault_password_file=$HOME/.config/home/ansible-vault-secret -interpreter_python=/usr/bin/python3 - -[diff] -always = True diff --git a/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml b/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml deleted file mode 100644 index c2b00aa..0000000 --- a/legacy/projects/thecloud/ansible/inventory/host_vars/thecloud.yml +++ /dev/null @@ -1,97 +0,0 @@ -apt_install_packages: - - postgresql - - python3-psycopg2 - - nfs-kernel-server - - qemu-guest-agent - -nfs_exports: [] - -redis_bind_interface: 0.0.0.0 -redis_requirepass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 37323965303638333264653936616563323235363463396330363836653865393835346263383838 - 3030386166316365633538353539623066626434313332390a616131303434373264633934356361 - 30356335643638656433326230363462373533396533366261346630353163353137333865303132 - 3536636165366631310a643538353331366130663464386565343331653031333061333330613532 - 34663932653734336239303536323331396435386332666133343033373566386562326136656330 - 63393766353063646361643565323238376334333637363232626139333664643065613237666532 - 31623032613763303136353232323837376637336431306534306336356165363039666634336433 - 30376464323862373833 - -nfs_shares: - - name: nextcloud_data - path: /mnt/data/nextcloud/data - - name: radicale - path: /mnt/data/radicale - - name: freshrss_data - path: /mnt/data/freshrss/data - - name: freshrss_extensions - path: /mnt/data/freshrss/extensions - - name: pihole_data - path: /mnt/data/pihole/data - - name: pihole_dnsmasq - path: /mnt/data/pihole/dnsmasq - - name: hedgedoc_uploads - path: /mnt/data/hedgedoc/uploads - - name: traefik_acme - path: /mnt/data/traefik/acme - - name: seafile_data - path: /mnt/data/seafile/data - - name: seafile_db - path: /mnt/data/seafile/db - - name: mastodon_system - path: /mnt/data/mastodon/system - - name: mastodon_redis - path: /mnt/data/mastodon/redis - - name: forgejo - path: /mnt/data/forgejo - - name: overleaf - path: /mnt/data/overleaf/data - - name: overleaf_redis - path: /mnt/data/overleaf/redis - - name: overleaf_mongodb - path: /mnt/data/overleaf/mongodb - - name: prometheus_data - path: /mnt/data/prometheus/data - - name: elasticsearch_certs - path: /mnt/data/elasticsearch/certs - - name: elasticsearch_data - path: /mnt/data/elasticsearch/data - - name: grafana_data - path: /mnt/data/grafana/data - - name: kitchenowl_data - path: /mnt/data/kitchenowl/data - - name: ampache_mysql - path: /mnt/data/ampache/mysql - - name: ampache_config - path: /mnt/data/ampache/config - - name: music - path: /mnt/data/nextcloud/data/data/pim/files/Music - - name: syncthing_config - path: /mnt/data/syncthing/config - -database_passwords: - nextcloud: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 66326230303135303930363761316534313439383365376231623661316635393839336431313262 - 3832626365376533646561653863316364313135343366330a356136343938666133356532613263 - 39663037623232363266376335643834353735363431636535386566643763386463353962663930 - 3466343563353162320a376437353933656166323364323166376663323531373338656563653463 - 33346263626430616164613937363836343430383233393061643231346661656539623938333631 - 3632373964346139316637663364646132636636373461613534 - hedgedoc: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363464666633663762393135333362613966636338623533393132376338343339653431396465 - 6634643863623163366235393434343662313735363438610a373065363361326565633766633835 - 38383637343230363031636634623930666365333739323162313937656239646166613738393965 - 3533666462303563360a313233306335396234393932396331313238376464363964363839396164 - 66366662356135343035363935616664613831626131376330643133313530636431613266636165 - 6265613666616164373637356235396165383662333561393939 - mastodon: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63616366396665663161376161373735626466353464393963333136336335376662326232613639 - 6166333137376131633761623163306165386562666639640a313136386431373161306331626638 - 34643433396232383962643964386631313632393161316261353331346163333261336666646563 - 6232666231653732630a396638396462323464613033306662313463663262626430363432663465 - 63623935303861663565633739363539326435623561396535623034663735373232336633303037 - 6266323136316238343963613332396261346337646264646162 diff --git a/legacy/projects/thecloud/ansible/inventory/hosts.yml b/legacy/projects/thecloud/ansible/inventory/hosts.yml deleted file mode 100644 index 19e626d..0000000 --- a/legacy/projects/thecloud/ansible/inventory/hosts.yml +++ /dev/null @@ -1,5 +0,0 @@ -all: - hosts: - thecloud: - ansible_user: root - ansible_host: thecloud.dmz diff --git a/legacy/projects/thecloud/ansible/requirements.yml b/legacy/projects/thecloud/ansible/requirements.yml deleted file mode 100644 index 43e6eca..0000000 --- a/legacy/projects/thecloud/ansible/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ -- name: apt - src: https://github.com/sunscrapers/ansible-role-apt.git - scm: git diff --git a/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml b/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml deleted file mode 100644 index a09812e..0000000 --- a/legacy/projects/thecloud/ansible/roles/postgresql/handlers/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: restart postgres - systemd: - name: postgresql - state: restarted diff --git a/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml b/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml deleted file mode 100644 index d3e811e..0000000 --- a/legacy/projects/thecloud/ansible/roles/postgresql/tasks/main.yml +++ /dev/null @@ -1,15 +0,0 @@ -- name: Open postgres port - ini_file: - path: /etc/postgresql/15/main/postgresql.conf - section: null - option: listen_addresses - value: "'*'" - notify: restart postgres - -- name: Change data directory - ini_file: - path: /etc/postgresql/15/main/postgresql.conf - section: null - option: data_directory - value: "'/mnt/data/postgresql'" - notify: restart postgres diff --git a/legacy/projects/thecloud/ansible/share.yml b/legacy/projects/thecloud/ansible/share.yml deleted file mode 100644 index 7957bf8..0000000 --- a/legacy/projects/thecloud/ansible/share.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Create databases and NFS shares - hosts: thecloud - handlers: - - name: reload nfs - systemd: - name: nfs-kernel-server - state: restarted - - tasks: - - name: Create nfs shares - with_items: "{{ nfs_shares }}" - copy: - dest: "/etc/exports.d/{{ item.name }}.exports" - content: "{{ item.path }} *(rw,sync,no_subtree_check,no_root_squash)" - notify: reload nfs - - - name: Create databases - with_items: "{{ database_passwords | dict2items }}" - include_role: - name: postgresql_database - vars: - database_name: "{{ item.key }}" - database_user: "{{ item.key }}" - database_password: "{{ item.value }}" diff --git a/legacy/projects/thecloud/ansible/thecloud.yml b/legacy/projects/thecloud/ansible/thecloud.yml deleted file mode 100644 index f019457..0000000 --- a/legacy/projects/thecloud/ansible/thecloud.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Wait for Cloud-Init to finish - hosts: all - gather_facts: no - roles: - - cloudinit_wait - -- name: Setup NFS - hosts: thecloud - - roles: - - {role: apt, tags: apt} - - {role: postgresql, tags: postgresql} - - post_tasks: - - name: Ensure NFS exports directory exists - file: - path: /etc/exports.d - state: directory - - - name: Start NFS - systemd: - name: nfs-kernel-server - state: started - enabled: true - - - name: Enable Qemu guest agent - systemd: - name: qemu-guest-agent - state: started - enabled: true diff --git a/legacy/projects/thecloud/data/main.tf b/legacy/projects/thecloud/data/main.tf deleted file mode 100644 index cf09328..0000000 --- a/legacy/projects/thecloud/data/main.tf +++ /dev/null @@ -1,32 +0,0 @@ -terraform { - backend "pg" { - schema_name = "thecloud-data" - conn_str = "postgresql://terraform@jefke.hyp/terraformstates" - } - - required_providers { - libvirt = { - source = "dmacvicar/libvirt" - version = "0.7.1" # https://github.com/dmacvicar/terraform-provider-libvirt/issues/1040 - } - } -} - -# https://libvirt.org/uri.html#libssh-and-libssh2-transport -provider "libvirt" { - uri = "qemu+ssh://root@lewis.hyp/system?known_hosts=/etc/ssh/ssh_known_hosts" -} - -module "data_pool" { - source = "../../../terraform_modules/setup/data" -} - -resource "libvirt_volume" "data" { - name = "thecloud-data.qcow2" - pool = "data" - size = 1024 * 1024 * 1024 * 150 -} - -output "data_disk_id" { - value = libvirt_volume.data.id -} diff --git a/legacy/projects/thecloud/vm/main.tf b/legacy/projects/thecloud/vm/main.tf deleted file mode 100644 index 25307cb..0000000 --- a/legacy/projects/thecloud/vm/main.tf +++ /dev/null @@ -1,40 +0,0 @@ -terraform { - backend "pg" { - schema_name = "thecloud" - conn_str = "postgresql://terraform@jefke.hyp/terraformstates" - } - - required_providers { - libvirt = { - source = "dmacvicar/libvirt" - version = "0.7.1" # https://github.com/dmacvicar/terraform-provider-libvirt/issues/1040 - } - } -} - -# https://libvirt.org/uri.html#libssh-and-libssh2-transport -provider "libvirt" { - alias = "lewis" - uri = "qemu+ssh://root@lewis.hyp/system?known_hosts=/etc/ssh/ssh_known_hosts" -} - -module "setup_lewis" { - source = "../../../terraform_modules/setup" - providers = { - libvirt = libvirt.lewis - } -} - -module "thecloud" { - source = "../../../terraform_modules/debian" - name = "thecloud" - ram = 1024 - storage = 25 - mac = "CA:FE:C0:FF:EE:0A" - data_disk = "/mnt/data/volumes/thecloud-data.qcow2" - providers = { - libvirt = libvirt.lewis - } - - depends_on = [ module.setup_lewis ] -}