Browse Source

chore: cleanup

pull/2/head
Karan Sharma 8 months ago
parent
commit
1e3e3d0268
  1. 0
      ansible/Makefile
  2. 0
      ansible/README.md
  3. 0
      ansible/ansible.cfg
  4. 0
      ansible/inventory.hydra
  5. 0
      ansible/inventory.sample
  6. 0
      ansible/playbook.yml
  7. 0
      ansible/roles/bootstrap-node/handlers/main.yml
  8. 0
      ansible/roles/bootstrap-node/tasks/apt.yml
  9. 0
      ansible/roles/bootstrap-node/tasks/hostname.yml
  10. 0
      ansible/roles/bootstrap-node/tasks/locale.yml
  11. 0
      ansible/roles/bootstrap-node/tasks/main.yml
  12. 0
      ansible/roles/bootstrap-node/tasks/node-exporter.yml
  13. 0
      ansible/roles/bootstrap-node/tasks/ssh.yml
  14. 0
      ansible/roles/bootstrap-node/tasks/timezone.yml
  15. 0
      ansible/roles/bootstrap-node/tasks/user.yml
  16. 0
      ansible/roles/bootstrap-node/templates/ssh-banner.j2
  17. 0
      ansible/roles/bootstrap-node/vars/main.yml
  18. 0
      ansible/roles/setup-docker/handlers/main.yml
  19. 0
      ansible/roles/setup-docker/tasks/main.yml
  20. 0
      ansible/roles/setup-docker/templates/daemon.json
  21. 0
      ansible/roles/setup-tailscale/handlers/main.yml
  22. 0
      ansible/roles/setup-tailscale/tasks/main.yml
  23. 0
      ansible/roles/viasite-ansible.zsh/.gitignore
  24. 0
      ansible/roles/viasite-ansible.zsh/.gitlab-ci.yml
  25. 0
      ansible/roles/viasite-ansible.zsh/.travis.yml
  26. 0
      ansible/roles/viasite-ansible.zsh/CHANGELOG.md
  27. 0
      ansible/roles/viasite-ansible.zsh/README.md
  28. 0
      ansible/roles/viasite-ansible.zsh/Vagrantfile
  29. 0
      ansible/roles/viasite-ansible.zsh/defaults/main.yml
  30. 0
      ansible/roles/viasite-ansible.zsh/install.sh
  31. 0
      ansible/roles/viasite-ansible.zsh/meta/.galaxy_install_info
  32. 0
      ansible/roles/viasite-ansible.zsh/meta/main.yml
  33. 0
      ansible/roles/viasite-ansible.zsh/molecule/default/molecule.yml
  34. 0
      ansible/roles/viasite-ansible.zsh/molecule/default/tests/test_default.py
  35. 0
      ansible/roles/viasite-ansible.zsh/molecule/resources/converge.yml
  36. 0
      ansible/roles/viasite-ansible.zsh/molecule/resources/prepare.yml
  37. 0
      ansible/roles/viasite-ansible.zsh/molecule/shared/molecule.yml
  38. 0
      ansible/roles/viasite-ansible.zsh/molecule/user/molecule.yml
  39. 0
      ansible/roles/viasite-ansible.zsh/molecule/user/prepare.yml
  40. 0
      ansible/roles/viasite-ansible.zsh/playbook.yml
  41. 0
      ansible/roles/viasite-ansible.zsh/scripts/generate-changelog
  42. 0
      ansible/roles/viasite-ansible.zsh/tasks/configure.yml
  43. 0
      ansible/roles/viasite-ansible.zsh/tasks/install.yml
  44. 0
      ansible/roles/viasite-ansible.zsh/tasks/main.yml
  45. 0
      ansible/roles/viasite-ansible.zsh/tasks/post-install.yml
  46. 0
      ansible/roles/viasite-ansible.zsh/templates/zshrc.j2
  47. 0
      ansible/roles/viasite-ansible.zsh/tests/vagrant.yml
  48. 0
      ansible/roles/viasite-ansible.zsh/vars/main.yml
  49. 8
      hydra/terraform/modules/caddy/conf/Caddyfile-public.tpl
  50. 0
      terraform/.terraform.lock.hcl
  51. 0
      terraform/Makefile
  52. 3
      terraform/env.sample
  53. 1
      terraform/main.tf
  54. 0
      terraform/modules/caddy/conf/Caddyfile-internal
  55. 17
      terraform/modules/caddy/conf/Caddyfile-public
  56. 30
      terraform/modules/caddy/conf/caddy.nomad
  57. 4
      terraform/modules/caddy/data.tf
  58. 2
      terraform/modules/caddy/job.tf
  59. 0
      terraform/modules/caddy/variables.tf
  60. 12
      terraform/modules/cloudflare/records.tf
  61. 0
      terraform/modules/cloudflare/variables.tf
  62. 0
      terraform/modules/cloudflare/versions.tf
  63. 0
      terraform/modules/cloudflare/zones.tf
  64. 0
      terraform/modules/digitalocean/README.md
  65. 0
      terraform/modules/digitalocean/firewalls.tf
  66. 0
      terraform/modules/digitalocean/floyd.tf
  67. 0
      terraform/modules/digitalocean/output.tf
  68. 0
      terraform/modules/digitalocean/project.tf
  69. 0
      terraform/modules/digitalocean/ssh.tf
  70. 0
      terraform/modules/digitalocean/versions.tf
  71. 13
      terraform/modules/pihole/conf/pihole.nomad
  72. 0
      terraform/modules/pihole/job.tf
  73. 28
      terraform/modules/shynet/conf/shynet.nomad
  74. 2
      terraform/modules/shynet/job.tf
  75. 0
      terraform/modules/shynet/variables.tf
  76. 0
      terraform/providers.tf
  77. 5
      terraform/variables.tf
  78. 0
      terraform/versions.tf

0
hydra/ansible/Makefile → ansible/Makefile

0
hydra/ansible/README.md → ansible/README.md

0
hydra/ansible/ansible.cfg → ansible/ansible.cfg

0
hydra/ansible/inventory.hydra → ansible/inventory.hydra

0
hydra/ansible/inventory.sample → ansible/inventory.sample

0
hydra/ansible/playbook.yml → ansible/playbook.yml

0
hydra/ansible/roles/bootstrap-node/handlers/main.yml → ansible/roles/bootstrap-node/handlers/main.yml

0
hydra/ansible/roles/bootstrap-node/tasks/apt.yml → ansible/roles/bootstrap-node/tasks/apt.yml

0
hydra/ansible/roles/bootstrap-node/tasks/hostname.yml → ansible/roles/bootstrap-node/tasks/hostname.yml

0
hydra/ansible/roles/bootstrap-node/tasks/locale.yml → ansible/roles/bootstrap-node/tasks/locale.yml

0
hydra/ansible/roles/bootstrap-node/tasks/main.yml → ansible/roles/bootstrap-node/tasks/main.yml

0
hydra/ansible/roles/bootstrap-node/tasks/node-exporter.yml → ansible/roles/bootstrap-node/tasks/node-exporter.yml

0
hydra/ansible/roles/bootstrap-node/tasks/ssh.yml → ansible/roles/bootstrap-node/tasks/ssh.yml

0
hydra/ansible/roles/bootstrap-node/tasks/timezone.yml → ansible/roles/bootstrap-node/tasks/timezone.yml

0
hydra/ansible/roles/bootstrap-node/tasks/user.yml → ansible/roles/bootstrap-node/tasks/user.yml

0
hydra/ansible/roles/bootstrap-node/templates/ssh-banner.j2 → ansible/roles/bootstrap-node/templates/ssh-banner.j2

0
hydra/ansible/roles/bootstrap-node/vars/main.yml → ansible/roles/bootstrap-node/vars/main.yml

0
hydra/ansible/roles/setup-docker/handlers/main.yml → ansible/roles/setup-docker/handlers/main.yml

0
hydra/ansible/roles/setup-docker/tasks/main.yml → ansible/roles/setup-docker/tasks/main.yml

0
hydra/ansible/roles/setup-docker/templates/daemon.json → ansible/roles/setup-docker/templates/daemon.json

0
hydra/ansible/roles/setup-tailscale/handlers/main.yml → ansible/roles/setup-tailscale/handlers/main.yml

0
hydra/ansible/roles/setup-tailscale/tasks/main.yml → ansible/roles/setup-tailscale/tasks/main.yml

0
hydra/ansible/roles/viasite-ansible.zsh/.gitignore → ansible/roles/viasite-ansible.zsh/.gitignore

0
hydra/ansible/roles/viasite-ansible.zsh/.gitlab-ci.yml → ansible/roles/viasite-ansible.zsh/.gitlab-ci.yml

0
hydra/ansible/roles/viasite-ansible.zsh/.travis.yml → ansible/roles/viasite-ansible.zsh/.travis.yml

0
hydra/ansible/roles/viasite-ansible.zsh/CHANGELOG.md → ansible/roles/viasite-ansible.zsh/CHANGELOG.md

0
hydra/ansible/roles/viasite-ansible.zsh/README.md → ansible/roles/viasite-ansible.zsh/README.md

0
hydra/ansible/roles/viasite-ansible.zsh/Vagrantfile → ansible/roles/viasite-ansible.zsh/Vagrantfile

0
hydra/ansible/roles/viasite-ansible.zsh/defaults/main.yml → ansible/roles/viasite-ansible.zsh/defaults/main.yml

0
hydra/ansible/roles/viasite-ansible.zsh/install.sh → ansible/roles/viasite-ansible.zsh/install.sh

0
hydra/ansible/roles/viasite-ansible.zsh/meta/.galaxy_install_info → ansible/roles/viasite-ansible.zsh/meta/.galaxy_install_info

0
hydra/ansible/roles/viasite-ansible.zsh/meta/main.yml → ansible/roles/viasite-ansible.zsh/meta/main.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/default/molecule.yml → ansible/roles/viasite-ansible.zsh/molecule/default/molecule.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/default/tests/test_default.py → ansible/roles/viasite-ansible.zsh/molecule/default/tests/test_default.py

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/resources/converge.yml → ansible/roles/viasite-ansible.zsh/molecule/resources/converge.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/resources/prepare.yml → ansible/roles/viasite-ansible.zsh/molecule/resources/prepare.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/shared/molecule.yml → ansible/roles/viasite-ansible.zsh/molecule/shared/molecule.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/user/molecule.yml → ansible/roles/viasite-ansible.zsh/molecule/user/molecule.yml

0
hydra/ansible/roles/viasite-ansible.zsh/molecule/user/prepare.yml → ansible/roles/viasite-ansible.zsh/molecule/user/prepare.yml

0
hydra/ansible/roles/viasite-ansible.zsh/playbook.yml → ansible/roles/viasite-ansible.zsh/playbook.yml

0
hydra/ansible/roles/viasite-ansible.zsh/scripts/generate-changelog → ansible/roles/viasite-ansible.zsh/scripts/generate-changelog

0
hydra/ansible/roles/viasite-ansible.zsh/tasks/configure.yml → ansible/roles/viasite-ansible.zsh/tasks/configure.yml

0
hydra/ansible/roles/viasite-ansible.zsh/tasks/install.yml → ansible/roles/viasite-ansible.zsh/tasks/install.yml

0
hydra/ansible/roles/viasite-ansible.zsh/tasks/main.yml → ansible/roles/viasite-ansible.zsh/tasks/main.yml

0
hydra/ansible/roles/viasite-ansible.zsh/tasks/post-install.yml → ansible/roles/viasite-ansible.zsh/tasks/post-install.yml

0
hydra/ansible/roles/viasite-ansible.zsh/templates/zshrc.j2 → ansible/roles/viasite-ansible.zsh/templates/zshrc.j2

0
hydra/ansible/roles/viasite-ansible.zsh/tests/vagrant.yml → ansible/roles/viasite-ansible.zsh/tests/vagrant.yml

0
hydra/ansible/roles/viasite-ansible.zsh/vars/main.yml → ansible/roles/viasite-ansible.zsh/vars/main.yml

8
hydra/terraform/modules/caddy/conf/Caddyfile-public.tpl

@ -1,8 +0,0 @@
shynet.mrkaran.dev {
{{ range service "shynet-web" }}
reverse_proxy {{ .Address }}:{{ .Port }}
{{ end }}
tls {
dns cloudflare "${cloudflare_api_token}"
}
}

0
hydra/terraform/.terraform.lock.hcl → terraform/.terraform.lock.hcl

0
hydra/terraform/Makefile → terraform/Makefile

3
hydra/terraform/env.sample → terraform/env.sample

@ -2,4 +2,5 @@ DIGITALOCEAN_TOKEN=
CLOUDFLARE_API_TOKEN=
TF_VAR_cloudflare_caddy_api_token=
TF_VAR_shynet_postgresql_password=
TF_VAR_shynet_django_secret_key=
TF_VAR_shynet_django_secret_key=
TF_VAR_nextcloud_postgresql_password=

1
hydra/terraform/main.tf → terraform/main.tf

@ -28,7 +28,6 @@ module "pihole" {
}
}
module "shynet" {
source = "./modules/shynet"
shynet_postgresql_password = var.shynet_postgresql_password

0
hydra/terraform/modules/caddy/conf/Caddyfile-internal.tpl → terraform/modules/caddy/conf/Caddyfile-internal

17
terraform/modules/caddy/conf/Caddyfile-public

@ -0,0 +1,17 @@
shynet.mrkaran.dev {
{{ range service "shynet-web" }}
reverse_proxy {{ .Address }}:{{ .Port }}
{{ end }}
tls {
dns cloudflare "${cloudflare_api_token}"
}
}
nextcloud.mrkaran.dev {
{{ range service "nextcloud-web" }}
reverse_proxy {{ .Address }}:{{ .Port }}
{{ end }}
tls {
dns cloudflare "${cloudflare_api_token}"
}
}

30
hydra/terraform/modules/caddy/conf/caddy.nomad.tpl → terraform/modules/caddy/conf/caddy.nomad

@ -1,46 +1,58 @@
job "caddy" {
datacenters = ["hydra"]
type = "service"
group "proxy" {
count = 1
network {
port "http-internal" {
static = 80
to = 80
host_network = "tailscale"
}
port "https-internal" {
static = 443
to = 443
host_network = "tailscale"
}
port "https-public" {
static = 80
to = 80
# host_network = "public"
}
port "http-public" {
static = 443
to = 443
# host_network = "public"
}
}
restart {
attempts = 2
interval = "2m"
delay = "30s"
mode = "fail"
}
task "internal" {
driver = "docker"
config {
image = "mrkaran/caddy:latest"
# Bind the config file to container.
mount {
type = "bind"
source = "configs"
target = "/etc/caddy" # Bind mount the template from `NOMAD_TASK_DIR`.
}
# Bind the data directory to preserve certs.
mount {
type = "bind"
@ -48,31 +60,40 @@ job "caddy" {
source = "/data/caddy"
readonly = false
}
ports = ["http-internal", "https-internal"]
}
resources {
cpu = 100
memory = 100
}
template {
data = <<EOF
data = <<EOF
${caddyfile_internal}
EOF
destination = "configs/Caddyfile" # Rendered template.
# Caddy doesn't support reload via signals as of
change_mode = "restart"
}
}
task "public" {
driver = "docker"
config {
image = "mrkaran/caddy:latest"
# Bind the config file to container.
mount {
type = "bind"
source = "configs"
target = "/etc/caddy" # Bind mount the template from `NOMAD_TASK_DIR`.
}
# Bind the data directory to preserve certs.
mount {
type = "bind"
@ -80,17 +101,22 @@ EOF
source = "/data/caddy"
readonly = false
}
ports = ["http-public", "https-public"]
}
resources {
cpu = 100
memory = 100
}
template {
data = <<EOF
data = <<EOF
${caddyfile_public}
EOF
destination = "configs/Caddyfile" # Rendered template.
# Caddy doesn't support reload via signals as of
change_mode = "restart"
}

4
hydra/terraform/modules/caddy/data.tf → terraform/modules/caddy/data.tf

@ -1,12 +1,12 @@
data "template_file" "caddyfile-internal" {
template = file("${path.module}/conf/Caddyfile-internal.tpl")
template = file("${path.module}/conf/Caddyfile-internal")
vars = {
cloudflare_api_token = var.cloudflare_api_token
}
}
data "template_file" "caddyfile-public" {
template = file("${path.module}/conf/Caddyfile-public.tpl")
template = file("${path.module}/conf/Caddyfile-public")
vars = {
cloudflare_api_token = var.cloudflare_api_token
}

2
hydra/terraform/modules/caddy/job.tf → terraform/modules/caddy/job.tf

@ -1,5 +1,5 @@
resource "nomad_job" "app" {
jobspec = templatefile("${path.module}/conf/caddy.nomad.tpl", {
jobspec = templatefile("${path.module}/conf/caddy.nomad", {
caddyfile_internal = data.template_file.caddyfile-internal.rendered
caddyfile_public = data.template_file.caddyfile-public.rendered
})

0
hydra/terraform/modules/caddy/variables.tf → terraform/modules/caddy/variables.tf

12
hydra/terraform/modules/cloudflare/records.tf → terraform/modules/cloudflare/records.tf

@ -69,3 +69,15 @@ resource "cloudflare_record" "shynet" {
value = "68.183.87.4"
}
resource "cloudflare_record" "nextcloud" {
zone_id = cloudflare_zone.mrkaran_dev.id
name = "nextcloud"
type = "A"
ttl = "1"
proxied = "true"
# TODO: shift to floating IP
value = "68.183.87.4"
}

0
hydra/terraform/modules/cloudflare/variables.tf → terraform/modules/cloudflare/variables.tf

0
hydra/terraform/modules/cloudflare/versions.tf → terraform/modules/cloudflare/versions.tf

0
hydra/terraform/modules/cloudflare/zones.tf → terraform/modules/cloudflare/zones.tf

0
hydra/terraform/modules/digitalocean/README.md → terraform/modules/digitalocean/README.md

0
hydra/terraform/modules/digitalocean/firewalls.tf → terraform/modules/digitalocean/firewalls.tf

0
hydra/terraform/modules/digitalocean/floyd.tf → terraform/modules/digitalocean/floyd.tf

0
hydra/terraform/modules/digitalocean/output.tf → terraform/modules/digitalocean/output.tf

0
hydra/terraform/modules/digitalocean/project.tf → terraform/modules/digitalocean/project.tf

0
hydra/terraform/modules/digitalocean/ssh.tf → terraform/modules/digitalocean/ssh.tf

0
hydra/terraform/modules/digitalocean/versions.tf → terraform/modules/digitalocean/versions.tf

13
hydra/terraform/modules/pihole/conf/pihole.nomad → terraform/modules/pihole/conf/pihole.nomad

@ -1,38 +1,47 @@
job "pihole" {
datacenters = ["hydra"]
type = "service"
group "web" {
count = 1
network {
port "dns" {
static = 53
to = 53
host_network = "tailscale"
}
port "http" {
to = 80
host_network = "tailscale"
}
port "https" {
to = 443
host_network = "tailscale"
}
}
service {
name = "pihole-admin"
tags = ["pihole", "admin"]
port = "http"
}
restart {
attempts = 2
interval = "2m"
delay = "30s"
mode = "fail"
}
task "app" {
driver = "docker"
config {
image = "pihole/pihole:v5.6"
# Bind the data directory to preserve config.
mount {
type = "bind"
@ -40,17 +49,21 @@ job "pihole" {
source = "/data/pihole/dnsmasq.d/"
readonly = false
}
mount {
type = "bind"
target = "/etc/pihole"
source = "/data/pihole/conf/"
readonly = false
}
ports = ["http", "https", "dns"]
}
env {
TZ = "Asia/Kolkata"
}
resources {
cpu = 200
memory = 100

0
hydra/terraform/modules/pihole/job.tf → terraform/modules/pihole/job.tf

28
hydra/terraform/modules/shynet/conf/shynet.nomad.tpl → terraform/modules/shynet/conf/shynet.nomad

@ -1,32 +1,40 @@
job "shynet" {
datacenters = ["hydra"]
type = "service"
group "app" {
count = 1
network {
port "http" {
to = 8080
}
port "db" {
to = 5432
host_network = "tailscale"
}
}
restart {
attempts = 2
interval = "2m"
delay = "30s"
mode = "fail"
}
task "web" {
driver = "docker"
service {
name = "shynet-web"
tags = ["shynet", "web"]
port = "http"
}
config {
image = "milesmcc/shynet:0.7.3"
# Bind the data directory to preserve config.
mount {
type = "bind"
@ -34,14 +42,16 @@ job "shynet" {
source = "/data/shynet/app/"
readonly = false
}
ports = ["http"]
}
env {
DB_NAME = "shynet"
DB_PORT = 5432
DB_USER = "shynet"
DB_PASSWORD = shynet_postgresql_password
DJANGO_SECRET_KEY = shynet_django_secret_key
DB_PASSWORD = "${shynet_postgresql_password}"
DJANGO_SECRET_KEY = "${shynet_django_secret_key}"
TIME_ZONE = "Asia/Kolkata"
ACCOUNT_SIGNUPS_ENABLED = "False"
SCRIPT_USE_HTTPS = "True"
@ -50,8 +60,9 @@ job "shynet" {
PORT = 8080
ONLY_SUPERUSERS_CREATE = "True"
}
template {
data = <<EOH
data = <<EOH
{{- with service "shynet-db" }}
{{- with index . 0 }}
DB_HOST="{{.Address}}"
@ -59,23 +70,29 @@ job "shynet" {
{{- end }}
{{ end }}
EOH
destination = "secrets/file.env"
env = true
}
resources {
cpu = 200
memory = 100
}
}
task "db" {
driver = "docker"
service {
name = "shynet-db"
tags = ["shynet", "db"]
port = "db"
}
config {
image = "postgres:13"
# Bind the data directory to preserve config.
mount {
type = "bind"
@ -83,13 +100,16 @@ job "shynet" {
source = "/data/shynet/db/"
readonly = false
}
ports = ["db"]
}
env {
POSTGRES_DB = "shynet"
POSTGRES_USER = "shynet"
POSTGRES_PASSWORD = shynet_postgresql_password
POSTGRES_PASSWORD = "${shynet_postgresql_password}"
}
# resources {
# cpu = 200
# memory = 200

2
hydra/terraform/modules/shynet/job.tf → terraform/modules/shynet/job.tf

@ -1,5 +1,5 @@
resource "nomad_job" "app" {
jobspec = templatefile("${path.module}/conf/shynet.nomad.tpl", {
jobspec = templatefile("${path.module}/conf/shynet.nomad", {
shynet_django_secret_key = var.shynet_django_secret_key,
shynet_postgresql_password = var.shynet_postgresql_password
})

0
hydra/terraform/modules/shynet/variables.tf → terraform/modules/shynet/variables.tf

0
hydra/terraform/providers.tf → terraform/providers.tf

5
hydra/terraform/variables.tf → terraform/variables.tf

@ -20,3 +20,8 @@ variable "shynet_django_secret_key" {
type = string
description = "Django secret key generated for Shynet"
}
variable "nextcloud_postgresql_password" {
type = string
description = "Password for nextcloud PostgreSQL server"
}

0
hydra/terraform/versions.tf → terraform/versions.tf

Loading…
Cancel
Save