From bd529b175b4b4d6a2cbc1bb1dcedd1bc7635e9e4 Mon Sep 17 00:00:00 2001 From: Perflyst <26308977+Perflyst@users.noreply.github.com> Date: Tue, 12 Dec 2023 11:38:57 +0000 Subject: [PATCH 1/2] Remove old things --- host_vars/invidious.io/main.yml | 36 ---------- host_vars/invidious.io/vault | 13 ---- host_vars/tin.invidious.io/main.yml | 3 - inventory.yml | 2 - main.yml | 107 ---------------------------- requirements-old.yml | 10 --- templates/Caddyfile.j2 | 80 --------------------- templates/docker-compose-wikijs.yml | 32 --------- templates/tin-Caddyfile.j2 | 102 -------------------------- tin.yml | 79 -------------------- 10 files changed, 464 deletions(-) delete mode 100644 host_vars/invidious.io/main.yml delete mode 100644 host_vars/invidious.io/vault delete mode 100644 host_vars/tin.invidious.io/main.yml delete mode 100644 main.yml delete mode 100644 requirements-old.yml delete mode 100644 templates/Caddyfile.j2 delete mode 100644 templates/docker-compose-wikijs.yml delete mode 100644 templates/tin-Caddyfile.j2 delete mode 100644 tin.yml diff --git a/host_vars/invidious.io/main.yml b/host_vars/invidious.io/main.yml deleted file mode 100644 index e6e4e03..0000000 --- a/host_vars/invidious.io/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -prometheus_web_listen_address: "127.0.0.1:9090" -prometheus_scrape_configs: - - job_name: "prometheus" - static_configs: - - targets: ['localhost:9090'] - - job_name: "node" - static_configs: - - targets: ['localhost:9100'] - - job_name: "caddy" - static_configs: - - targets: ['127.0.0.1:2019'] - -grafana_url: "https://grafana.invidious.io" -grafana_domain: grafana.invidious.io -grafana_address: 127.0.0.1 -grafana_port: 2000 -grafana_security: - admin_user: admin - admin_password: "{{ vault_grafana_admin_password }}" - disable_gravatar: true - cookie_secure: true -grafana_auth: - anonymous: - enabled: true -grafana_datasources: - - name: Prometheus - type: prometheus - url: http://localhost:9090 -grafana_dashboards: - - dashboard_id: '1860' - revision_id: '22' - datasource: 'Prometheus' - - dashboard_id: '13460' - revision_id: '2' - datasource: 'Prometheus' diff --git a/host_vars/invidious.io/vault b/host_vars/invidious.io/vault deleted file mode 100644 index fdfe898..0000000 --- a/host_vars/invidious.io/vault +++ /dev/null @@ -1,13 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -39303330616163326665373337326635386164616335626366333638653464303532643530333762 -6636626430613433623534373263633663303431316339640a613930623530623336373663323038 -34666363393733363736323166343138656364373439366332623930633635616631386533306533 -3666663833353931360a636163646163363661666330633636353532323333386432633037653131 -65343530643931303834633961633934613037396336646439663163326635656238623936343165 -66386165653839323231333761343663613965326538303032363935643433306366643763393665 -30333033626162356564393439643866356266393362643664646365373535613764366130346438 -33313330613163623339386130653032333962343235653135653431376165656163336531663162 -61653763663162663933373236326365343365653233643830613237626639316666386530386434 -33633136393637343863306261396334333533643233633236353531663066613637653236316632 -31333435333835346364663638656266643230303163656362336566653638633361373532653834 -34396162656135333337 diff --git a/host_vars/tin.invidious.io/main.yml b/host_vars/tin.invidious.io/main.yml deleted file mode 100644 index 3b673d3..0000000 --- a/host_vars/tin.invidious.io/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -docker_compose_version: "1.29.2" -caddy_config: "{{ lookup('template', 'templates/tin-Caddyfile.j2') }}" diff --git a/inventory.yml b/inventory.yml index 76af04a..a99cdbd 100644 --- a/inventory.yml +++ b/inventory.yml @@ -3,6 +3,4 @@ all: children: main: hosts: - invidious.io: - tin.invidious.io: dia.invidious.io: diff --git a/main.yml b/main.yml deleted file mode 100644 index 02c2af9..0000000 --- a/main.yml +++ /dev/null @@ -1,107 +0,0 @@ ---- -- hosts: main - handlers: - - name: restart ssh - systemd: - name: sshd - state: restarted - - tasks: - - name: SSH config - template: - src: sshd_config.j2 - dest: /etc/ssh/sshd_config - mode: 0644 - notify: restart ssh - tags: [ssh,base] - - - name: SSH keys - template: - src: authorized_keys.j2 - dest: /root/.ssh/authorized_keys - mode: 0600 - tags: [ssh,base] - - - name: Install packages - apt: - name: "{{ apt_packages }}" - tags: [apt,base] - - - name: Bind node exporter to localhost - ansible.builtin.lineinfile: - path: /etc/default/prometheus-node-exporter - regexp: '^ARGS=' - line: ARGS=--web.listen-address=localhost:9100 - tags: [apt,base] - - - name: unattended-upgrades - import_role: - name: jnv.unattended-upgrades - tags: [unattended-upgrades] - - - name: prometheus - import_role: - name: cloudalchemy.prometheus - tags: [prometheus] - - - name: grafana - import_role: - name: cloudalchemy.grafana - tags: [grafana] - - - name: pip - import_role: - name: geerlingguy.pip - tags: [pip,docker] - - - name: docker - import_role: - name: geerlingguy.docker - tags: [dockerd,docker] - - - name: Create Invidious API container - community.docker.docker_container: - name: api - image: quay.io/invidious/instances:latest - pull: true - restart_policy: unless-stopped - published_ports: - - "127.0.0.1:3000:3000" - tags: [api,instances,docker] - - - name: Create Invidious redirect container - community.docker.docker_container: - name: redirect - image: quay.io/invidious/invidious-redirect:latest - pull: true - restart_policy: unless-stopped - log_driver: none - published_ports: - - "127.0.0.1:8080:80" - tags: [redirect,docker] - - - name: Create wikijs compose folder - file: - path: /root/compose/wikijs/ - state: directory - recurse: true - mode: 0755 - tags: [wikijs,docker] - - - name: Template wikijs docker compose - template: - src: docker-compose-wikijs.yml - dest: /root/compose/wikijs/docker-compose.yml - mode: 0600 - tags: [wikijs,docker] - - - name: Compose wikijs - community.docker.docker_compose: - project_src: /root/compose/wikijs - pull: true - tags: [wikijs,docker] - - - name: caddy - import_role: - name: caddy_ansible.caddy_ansible - tags: [ caddy ] diff --git a/requirements-old.yml b/requirements-old.yml deleted file mode 100644 index ee3e536..0000000 --- a/requirements-old.yml +++ /dev/null @@ -1,10 +0,0 @@ -roles: - - name: jnv.unattended-upgrades - version: v1.10.0 - - name: geerlingguy.pip - version: 2.0.0 - - name: geerlingguy.docker - version: 3.0.0 - - name: caddy_ansible.caddy_ansible - - name: cloudalchemy.prometheus - - name: cloudalchemy.grafana diff --git a/templates/Caddyfile.j2 b/templates/Caddyfile.j2 deleted file mode 100644 index 9ee2896..0000000 --- a/templates/Caddyfile.j2 +++ /dev/null @@ -1,80 +0,0 @@ -# {{ ansible_managed }} - -(common) { - encode gzip - respond /robots.txt 200 { - body "User-agent: * -Disallow: / -" -} - log { - output file /var/log/caddy/access.log { - roll_size 500mb - roll_keep 5 - } - format filter { - wrap json - fields { - common_log delete - request>remote_addr ip_mask { - ipv4 24 - ipv6 32 - } - } - } - } -} - -www.invidio.us { - import common - redir https://invidious.io{uri} -} -invidious.io { - import common - root * /var/www/invidious.io - file_server -} -git.invidious.io { - import common - redir https://github.com/iv-org/invidious -} - -invidio.us { - import common - redir https://redirect.invidious.io{uri} - header /api* content-type "application/json" - respond /api* "{\"error\":\"This server no longer hosts the Invidious API.\"}" 410 -} -redirect.invidious.io { - import common - reverse_proxy http://127.0.0.1:8080 -} - -instances.invidio.us { - import common - redir https://api.invidious.io{uri} -} -api.invidious.io { - import common - reverse_proxy http://127.0.0.1:3000 - header /static* Cache-Control "max-age=86400" -} - -uptime.invidio.us { - import common - redir https://stats.uptimerobot.com/89VnzSKAn{uri} -} -uptime.invidious.io { - import common - redir https://stats.uptimerobot.com/89VnzSKAn{uri} -} - -docs.invidious.io { - import common - reverse_proxy http://127.0.0.1:3001 -} - -grafana.invidious.io { - import common - reverse_proxy http://127.0.0.1:2000 -} diff --git a/templates/docker-compose-wikijs.yml b/templates/docker-compose-wikijs.yml deleted file mode 100644 index b8cae7b..0000000 --- a/templates/docker-compose-wikijs.yml +++ /dev/null @@ -1,32 +0,0 @@ -version: "3" -services: - - db: - image: docker.io/postgres:11-alpine - environment: - POSTGRES_DB: wikijs - POSTGRES_PASSWORD: "{{ vault_wikijs_db_password }}" - POSTGRES_USER: wikijs - logging: - driver: "none" - restart: unless-stopped - volumes: - - db-data:/var/lib/postgresql/data - - wiki: - image: requarks/wiki:2.5 - depends_on: - - db - environment: - DB_TYPE: postgres - DB_HOST: db - DB_PORT: 5432 - DB_USER: wikijs - DB_PASS: "{{ vault_wikijs_db_password }}" - DB_NAME: wikijs - restart: unless-stopped - ports: - - "127.0.0.1:3001:3000" - -volumes: - db-data: diff --git a/templates/tin-Caddyfile.j2 b/templates/tin-Caddyfile.j2 deleted file mode 100644 index 2a86534..0000000 --- a/templates/tin-Caddyfile.j2 +++ /dev/null @@ -1,102 +0,0 @@ -# {{ ansible_managed }} - -(common) { - encode gzip - log { - output file /var/log/caddy/access.log { - roll_size 500mb - roll_keep 5 - } - format filter { - wrap json - fields { - common_log delete - request>remote_addr ip_mask { - ipv4 24 - ipv6 32 - } - } - } - } -} - -(block-robots) { - respond /robots.txt 200 { - body "User-agent: * -Disallow: / -" -} -} - -www.invidio.us { - import common - import block-robots - redir https://invidious.io{uri} -} -invidious.io { - import common - reverse_proxy http://127.0.0.1:8081 -} - -git.invidious.io { - import common - import block-robots - redir https://github.com/iv-org/invidious -} -gitea.invidious.io { - import common - import block-robots - reverse_proxy http://127.0.0.1:3200 -} - -invidio.us { - import common - import block-robots - redir https://redirect.invidious.io{uri} - header /api* content-type "application/json" - respond /api* "{\"error\":\"This server no longer hosts the Invidious API.\"}" 410 -} -redirect.invidious.io { - import common - import block-robots - reverse_proxy http://127.0.0.1:8080 -} - -instances.invidio.us { - import common - import block-robots - redir https://api.invidious.io{uri} -} -api.invidious.io { - import common - import block-robots - reverse_proxy http://127.0.0.1:3000 - header /static* Cache-Control "max-age=86400" -} - -uptime.invidio.us { - import common - import block-robots - redir https://stats.uptimerobot.com/89VnzSKAn{uri} -} -uptime.invidious.io { - import common - import block-robots - redir https://stats.uptimerobot.com/89VnzSKAn{uri} -} - -docs.invidious.io { - import common - reverse_proxy http://127.0.0.1:8082 -} - -instances.invidious.io { - import common - redir https://docs.invidious.io/instances/ -} - -todo.invidious.io { - import common - import block-robots - redir https://github.com/orgs/iv-org/projects -} diff --git a/tin.yml b/tin.yml deleted file mode 100644 index a3b5599..0000000 --- a/tin.yml +++ /dev/null @@ -1,79 +0,0 @@ ---- -- hosts: tin.invidious.io - handlers: - - name: restart ssh - systemd: - name: sshd - state: restarted - - tasks: - - name: SSH config - template: - src: sshd_config.j2 - dest: /etc/ssh/sshd_config - mode: 0644 - notify: restart ssh - tags: [ssh, base] - - - name: SSH keys - template: - src: authorized_keys.j2 - dest: /root/.ssh/authorized_keys - mode: 0600 - tags: [ssh, base] - - - name: Install packages - apt: - name: "{{ apt_packages }}" - update_cache: true - tags: [apt, base] - - - name: unattended-upgrades - import_role: - name: jnv.unattended-upgrades - tags: [unattended-upgrades] - - - name: pip - import_role: - name: geerlingguy.pip - tags: [pip,docker] - - - name: docker - import_role: - name: geerlingguy.docker - tags: [dockerd, docker] - - - name: Deploy invidious api - import_tasks: tasks/compose.yml - vars: - app: instances-api - tags: [instances-api, api, docker] - - - name: Deploy invidious redirect - import_tasks: tasks/compose.yml - vars: - app: redirect - tags: [redirect, docker] - - - name: Deploy invidious website - import_tasks: tasks/compose.yml - vars: - app: invidious.io - tags: [website, docker] - - - name: Deploy gitea - import_tasks: tasks/compose.yml - vars: - app: gitea - tags: [gitea, docker] - - - name: Deploy docs - import_tasks: tasks/compose.yml - vars: - app: "docs.invidious.io" - tags: [docs, docker] - - - name: caddy - import_role: - name: caddy_ansible.caddy_ansible - tags: [caddy] From 463ba35b4cc24c26d1a5ca6c0d2f453882ddf952 Mon Sep 17 00:00:00 2001 From: Perflyst <26308977+Perflyst@users.noreply.github.com> Date: Tue, 12 Dec 2023 11:41:37 +0000 Subject: [PATCH 2/2] Update hosts --- README.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1394f24..b2575c0 100644 --- a/README.md +++ b/README.md @@ -8,12 +8,7 @@ This repository contains the invidious infrastructure. 2. Install requirements: `ansible-galaxy install -r requirements.yml -p roles` ## Hosts -### invidious.io (old) -Install old requirements: `ansible-galaxy install -r requirements-old.yml -p roles` +### dia.invidious.io -`ansible-playbook main.yml -i inventory.yml --ask-vault-pass` - -### tin.invidious.io - -`ansible-playbook tin.yml -i inventory.yml` +`ansible-playbook dia.yml -i inventory.yml`