From 5a56f7c7664b3f825f953f288243ebe4875ddca1 Mon Sep 17 00:00:00 2001
From: Luna <git@l4.pm>
Date: Wed, 22 Feb 2023 00:07:04 -0300
Subject: [PATCH 1/3] add inventory/production.py

---
 inventory/production.py | 76 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 inventory/production.py

diff --git a/inventory/production.py b/inventory/production.py
new file mode 100644
index 0000000..c6e4426
--- /dev/null
+++ b/inventory/production.py
@@ -0,0 +1,76 @@
+from tasks.nginx import NginxServiceEntry, TLSPreset
+
+pleroma_hosts = [
+    (
+        "95.216.209.28",
+        {
+            "ssh_user": "root",
+            "vpn_enabled": False,
+            "postgresql_version": 15,
+            "pleroma_user": "pleroma_fl4pm",
+            "pleroma_name": "Pleroma/lun-4",
+            "pleroma_email": "pladmin@l4.pm",
+            "pleroma_description": "luna's instance",
+            "pleroma_db_name": "pleroma_dev",
+            "pleroma_db_user": "pleroma",
+            "pleroma_host": "f.l4.pm",
+            "nginx_image": "openresty/openresty:1.21.4.1-4-alpine",
+            "nginx_config_folder": "/usr/local/openresty/nginx/conf/nginx.conf",
+            "nginx_pcre_jit": True,
+            "nginx_user": None,
+            "nginx_mime_types_file": "mime.types",
+            "nginx_lua_package_path": "/etc/lunar/?.lua;/etc/lunar/aproxy/?.lua;;",
+            "nginx_lua_package_cpath": "/etc/lunar/?.lua;/etc/lunar/aproxy/?.lua;;",
+            "nginx_init_by_lua_block": """
+                require("aproxy.main").init()
+            """,
+            "nginx_services": {
+                "f.l4.pm": NginxServiceEntry(
+                    tls=True,
+                    tls_preset=TLSPreset.pleroma,
+                    vpn=False,
+                    internet=True,
+                    proxy_pass="localhost:4000",
+                    client_max_body_size="70m",
+                    http_redirect=True,
+                    lua_code_cache=True,
+                    access_by_lua_block="""
+                        require("aproxy.main").access()
+                    """,
+                )
+            },
+            "nginx_extra_volumes": [
+                ("/opt/aproxy/src", "/etc/lunar/aproxy"),
+                ("/etc/aproxy", "/etc/aproxy"),
+            ],
+            "aproxy_accounts": [
+                "luna@f.l4.pm",
+            ],
+        },
+    )
+]
+
+
+MONITORING_SERVICE = NginxServiceEntry(
+    tls=True,
+    tls_preset=TLSPreset.mozilla_intermediate,
+    vpn=False,
+    internet=True,
+    proxy_pass="localhost:3001",
+)
+
+
+monitoring_hosts = [
+    (
+        "51.158.191.23",
+        {
+            "ssh_user": "root",
+            "vpn_enabled": False,
+            "uptime_kuma_bind_port": 3001,
+            "nginx_allow_php": True,
+            "nginx_services": {
+                "status.l4.pm": MONITORING_SERVICE,
+            },
+        },
+    )
+]

From 442f66ebf45ce78a3d6b4ae3932a2da48184ad14 Mon Sep 17 00:00:00 2001
From: Luna <git@l4.pm>
Date: Wed, 22 Feb 2023 00:07:10 -0300
Subject: [PATCH 2/3] add deploy.py

---
 deploy.py | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 deploy.py

diff --git a/deploy.py b/deploy.py
new file mode 100644
index 0000000..2d59b7f
--- /dev/null
+++ b/deploy.py
@@ -0,0 +1,53 @@
+import os
+import tasks
+
+from pyinfra import host, config
+from pyinfra.facts.server import LinuxName, Which
+from pyinfra.operations import server, apk, apt
+from tasks.secrets import secrets
+from tasks.croc import install_croc
+
+config.REQUIRE_PACKAGES = "requirements.txt"
+
+
+if LinuxName == "Alpine":
+    # make sure template operations work smoothly
+    # because they run under smtp
+    apk.packages(
+        name="add openssh sftp package for pyinfra file operations",
+        packages=[
+            "openssh-sftp-server",
+        ],
+    )
+
+install_croc()
+
+
+def main_operations():
+    if LinuxName == "Ubuntu":
+        if host.data.remove_ubuntu_snap:
+            server.shell("snap remove lxd")
+            server.shell("snap remove core20")
+            server.shell("snap remove snapd")
+            apt.purge(["snapd"])
+
+    if "pleroma_hosts" in host.groups:
+        tasks.pleroma.install()
+        tasks.aproxy.install()
+        tasks.nginx.install_with_services()
+
+    if "static_file_hosts" in host.groups:
+        tasks.nginx.install_with_services()
+
+    if "monitoring_hosts" in host.groups:
+        tasks.uptime_kuma.install()
+        tasks.nginx.install_with_services()
+
+
+# setting so that you can quickly iterate in a specific host
+maybe_specific_group = os.environ.get("DEPLOY_GROUPS")
+if maybe_specific_group:
+    if maybe_specific_group in host.groups:
+        main_operations()
+else:
+    main_operations()

From 2e999f8e9b28832783831e522b391f6227a620e4 Mon Sep 17 00:00:00 2001
From: Luna <git@l4.pm>
Date: Wed, 22 Feb 2023 00:08:30 -0300
Subject: [PATCH 3/3] update README

---
 README.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5d6b7a2..6b37a8d 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,6 @@
 # tower-of-babel-public
 
-a public snapshot of my pyinfra script collection, not upstream
\ No newline at end of file
+a public snapshot of my pyinfra script collection, not upstream
+
+this is for study, not for use. parts of the internal architecture have been
+stripped down to the point i don't know if these scripts will run