From 45f83b1e560e5af67d7185c1d4cf88c60cea1c51 Mon Sep 17 00:00:00 2001 From: Luke Murphy Date: Tue, 14 Apr 2020 12:02:43 +0200 Subject: [PATCH] Move to v2 format --- .drone.yml | 10 ---- README.md | 5 +- ansible/.vault.sh | 5 -- ansible/post-deploy.yml | 37 ------------- ansible/pre-deploy.yml | 55 ------------------- ansible/requirements.yml | 6 -- ansible/vars/all.yml | 29 ---------- ansible/vars/ansible_become_pass.yml | 8 --- ansible/vars/webapi_password.yml | 9 --- ansible/vars/webapi_username.yml | 8 --- app.json | 5 -- deploy.d/config.yml | 33 +++++++++++ .../templates/homebase.yml.j2 | 8 +-- deploy.d/vault/webapi_password.yml | 9 +++ deploy.d/vault/webapi_username.yml | 8 +++ requirements.txt | 1 - sbin/encrypt.sh | 15 ----- 17 files changed, 52 insertions(+), 199 deletions(-) delete mode 100755 ansible/.vault.sh delete mode 100644 ansible/post-deploy.yml delete mode 100644 ansible/pre-deploy.yml delete mode 100644 ansible/requirements.yml delete mode 100644 ansible/vars/all.yml delete mode 100644 ansible/vars/ansible_become_pass.yml delete mode 100644 ansible/vars/webapi_password.yml delete mode 100644 ansible/vars/webapi_username.yml delete mode 100644 app.json create mode 100644 deploy.d/config.yml rename {ansible => deploy.d}/templates/homebase.yml.j2 (90%) create mode 100644 deploy.d/vault/webapi_password.yml create mode 100644 deploy.d/vault/webapi_username.yml delete mode 100644 requirements.txt delete mode 100755 sbin/encrypt.sh diff --git a/.drone.yml b/.drone.yml index 690bb64..3ec1b09 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,17 +1,7 @@ --- kind: pipeline - name: default - steps: - - name: Build Homebase docker image - image: docker:stable - volumes: - - name: docker_sock - path: /var/run/docker.sock - commands: - - docker build --no-cache -t autonomic/homebase:drone . - - name: Deploy Homebase with Dokku image: appleboy/drone-git-push:0.2.0-linux-amd64 settings: diff --git a/README.md b/README.md index d8650ec..7b9c4ed 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,4 @@ > https://github.com/beakerbrowser/homebase -# Deploy - -1. Push your changes to master and Dokku will try to automatically release -1. See the [dashboard to see the build](https://drone.autonomic.zone/autonomic-cooperative/homebase/) +> https://punkbase.autonomic.zone diff --git a/ansible/.vault.sh b/ansible/.vault.sh deleted file mode 100755 index 8f30d37..0000000 --- a/ansible/.vault.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -echo $(pass show hosts/autonomic-dokku/vault/password) diff --git a/ansible/post-deploy.yml b/ansible/post-deploy.yml deleted file mode 100644 index b90d5fa..0000000 --- a/ansible/post-deploy.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- hosts: all - gather_facts: false - tasks: - - name: Load variables - include_vars: - dir: "{{ dokku_lib_root }}/data/ansible/homebase/vars/" - extensions: - - yml - - - name: Setup LE certificates - shell: dokku letsencrypt homebase - args: - creates: /home/dokku/homebase/letsencrypt/certs - - - name: Setup LE certificates renew cron job - shell: dokku letsencrypt:cron-job --add - args: - creates: /home/dokku/homebase/letsencrypt/cron-job - - - name: Remove automatically configured ports - dokku_ports: - app: homebase - mappings: - - "http:{{ dat_port }}:{{ dat_port }}" - - "http:{{ http_port }}:{{ http_port }}" - state: absent - - - name: Set HTTP 443 port - dokku_ports: - app: homebase - mappings: - - "https:443:{{ http_port }}" - state: present - -# TODO(decentral1se) unlock 3283 port out for dat -# sharing this has been done manually so far. diff --git a/ansible/pre-deploy.yml b/ansible/pre-deploy.yml deleted file mode 100644 index c6a2896..0000000 --- a/ansible/pre-deploy.yml +++ /dev/null @@ -1,55 +0,0 @@ ---- -- hosts: all - gather_facts: false - tasks: - - name: Load variables - include_vars: - dir: "{{ dokku_lib_root }}/data/ansible/homebase/vars/" - extensions: - - yml - - - name: "Configure {{ domain }} domain" - dokku_domains: - app: homebase - domains: - - "{{ domain }}" - state: present - - - name: Create application directories - file: - path: "{{ item }}" - state: directory - owner: dokku - group: dokku - with_items: - - /var/lib/homebase - become: true - - - name: Specify docker volume mount - dokku_storage: - app: homebase - mounts: - - /var/lib/homebase:/root/ - - - name: Configure the app environment - dokku_config: - app: homebase - restart: false - config: - DOKKU_LETSENCRYPT_EMAIL: "{{ autonomic_admin_mail }}" - - - name: Copy over the homebase configuration file - template: - src: homebase.yml.j2 - dest: /var/lib/homebase/.homebase.yml - owner: dokku - group: dokku - become: true - - - name: Set HTTP 80 port proxy - dokku_ports: - app: homebase - mappings: - - "http:80:{{ http_port }}" - - "http:{{ dat_port }}:{{ dat_port }}" - state: present diff --git a/ansible/requirements.yml b/ansible/requirements.yml deleted file mode 100644 index e2e3214..0000000 --- a/ansible/requirements.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- src: dokku_bot.ansible_dokku - version: v2020.3.24 - -- src: https://git.coop/decentral1se/autonomic.gandi/-/archive/0.0.5/autonomic.gandi-0.0.5.tar.gz - name: autonomic.gandi diff --git a/ansible/vars/all.yml b/ansible/vars/all.yml deleted file mode 100644 index 0b31b7b..0000000 --- a/ansible/vars/all.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -auto_letsencrypt: "false" -autonomic_admin_mail: "helo@autonomic.zone" -dashboard: "false" -dat_port: "3282" -dat_root: "/root/.homebase" -domain: "punkbase.autonomic.zone" -http_mirror: "true" -http_port: "8085" - -dats: - # https://sunbeam.city/@kawaiipunk/103883932490360099 - - "dat://c403b7c92eb5e1b2c293425ee6623635be11211977787053e9797e94b958e6e0" - - # kawaiipunk blog - - "dat://510b9f5baf4e71269d2681ad4ca5f8186769fcddfee779d12ad339b5eca608cd" - - # Lai Power music - - "dat://2895678d8a51bfbe0618a717af136b386abbe4b80e8a9705dec7970d44eb9a4c" - - "dat://cd9cd78a369bfc758144afaf433a1ba2a63ea842e998ad3ea97c9c1d11fd2a71" - - "dat://f39011f7ea585d5be4f1854700071f6fc6989cbe443d801edb897008a2d71952" - - "dat://469a88055fe7e2dd33fdf90268e8a9d7f6d0649389552fad346c35ab90cf5960" - - "dat://fb65190ff1318251e7c504fa70410f3b38e9408ff96e961840c185f8a55a5969" - - "dat://fc1546d01c1423cf53ac99457a48078deb5734cc6740fb8e23a9f027f257f40e" - - "dat://d5e1c77b5fc6aecede3b37a1d4537ea2b1737303306dbee0e4e3aac52fae42ec" - - "dat://0d5dbb32bbc4af74579e35deff0877f05ef80a581da620aabedc8750aa911bbd" - - # Sunbeam City Wiki - - "dat://cf9de5d87118ad22ecd927df1c1b174632c6a1920ade2ef57f75e8421017ccc5" diff --git a/ansible/vars/ansible_become_pass.yml b/ansible/vars/ansible_become_pass.yml deleted file mode 100644 index abb21b9..0000000 --- a/ansible/vars/ansible_become_pass.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -ansible_become_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 34396236353735666531323238656533643465303131663464613162396333313836363630666266 - 6539323631656635333864316166633064633366323936610a656137616334313534333635313232 - 35323561303763366563316631313638363333393763323935343563303963616334336639386462 - 3837383830616637360a373539613630356564363662393836366462666430353439353637303035 - 63396633303166343433313439303539313637306637663137313533316531616434 diff --git a/ansible/vars/webapi_password.yml b/ansible/vars/webapi_password.yml deleted file mode 100644 index da0a6d1..0000000 --- a/ansible/vars/webapi_password.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -webapi_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 31623434326338636564313833393634653561663134623165373439616265326636633037373066 - 3566316362336436656338313766326463643661323930360a363933313761363730636438313137 - 38303666336538383631356565636463643464346134343931636438373339353465376566336164 - 6665303065643036650a376361313933366130356666326464353665366632363339646531663135 - 30303438356531383366643164636235343365363765613362653039363363313932616262383838 - 6136393831333263303462373531343466336365636665343938 diff --git a/ansible/vars/webapi_username.yml b/ansible/vars/webapi_username.yml deleted file mode 100644 index d06b432..0000000 --- a/ansible/vars/webapi_username.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -webapi_username: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 61656131613735636330666533393534613664616134323564623939353738643937323666396334 - 3235363739643361303833646666616137333063316663660a613035656531306638386533363164 - 36643262666336306631363663623432623936643134333039373464333237323031303031383564 - 3964393437643238630a356364633334343366326338616664646133376332313330306339306139 - 3033 diff --git a/app.json b/app.json deleted file mode 100644 index 5a28976..0000000 --- a/app.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "name": "homebase", - "description": "Self-deployable tool for seeding dat:// websites", - "repository": "https://git.autonomic.zone/autonomic-cooperative/homebase" -} diff --git a/deploy.d/config.yml b/deploy.d/config.yml new file mode 100644 index 0000000..6c0a103 --- /dev/null +++ b/deploy.d/config.yml @@ -0,0 +1,33 @@ +--- +port: "8085" +domain: "punkbase.autonomic.zone" +mounts: + - /var/lib/homebase:/root/ +templates: + - src: homebase.yml.j2 + dest: /var/lib/homebase/.homebase.yml + vars: + auto_letsencrypt: "false" + dashboard: "false" + dat_root: "/root/.homebase" + dats: + # https://sunbeam.city/@kawaiipunk/103883932490360099 + - "dat://c403b7c92eb5e1b2c293425ee6623635be11211977787053e9797e94b958e6e0" + # kawaiipunk blog + - "dat://510b9f5baf4e71269d2681ad4ca5f8186769fcddfee779d12ad339b5eca608cd" + # Lai Power music + - "dat://2895678d8a51bfbe0618a717af136b386abbe4b80e8a9705dec7970d44eb9a4c" + - "dat://cd9cd78a369bfc758144afaf433a1ba2a63ea842e998ad3ea97c9c1d11fd2a71" + - "dat://f39011f7ea585d5be4f1854700071f6fc6989cbe443d801edb897008a2d71952" + - "dat://469a88055fe7e2dd33fdf90268e8a9d7f6d0649389552fad346c35ab90cf5960" + - "dat://fb65190ff1318251e7c504fa70410f3b38e9408ff96e961840c185f8a55a5969" + - "dat://fc1546d01c1423cf53ac99457a48078deb5734cc6740fb8e23a9f027f257f40e" + - "dat://d5e1c77b5fc6aecede3b37a1d4537ea2b1737303306dbee0e4e3aac52fae42ec" + - "dat://0d5dbb32bbc4af74579e35deff0877f05ef80a581da620aabedc8750aa911bbd" + # Sunbeam City Wiki + - "dat://cf9de5d87118ad22ecd927df1c1b174632c6a1920ade2ef57f75e8421017ccc5" + http_mirror: "true" + webapi_password: "{{ webapi_password }}" + webapi_username: "{{ webapi_username }}" +env: + DOKKU_LETSENCRYPT_EMAIL: "helo@autonomic.zone" diff --git a/ansible/templates/homebase.yml.j2 b/deploy.d/templates/homebase.yml.j2 similarity index 90% rename from ansible/templates/homebase.yml.j2 rename to deploy.d/templates/homebase.yml.j2 index 82d24d2..0027c28 100644 --- a/ansible/templates/homebase.yml.j2 +++ b/deploy.d/templates/homebase.yml.j2 @@ -1,20 +1,14 @@ --- directory: {{ dat_root }} - httpMirror: {{ http_mirror }} - letsencrypt: {{ auto_letsencrypt }} - dashboard: {{ dashboard }} - webapi: domain: {{ domain }} username: {{ webapi_username }} password: {{ webapi_password }} - ports: - http: {{ http_port }} - + http: {{ port }} dats: {% for dat in dats %} - url: "{{ dat }}" diff --git a/deploy.d/vault/webapi_password.yml b/deploy.d/vault/webapi_password.yml new file mode 100644 index 0000000..64c9cb8 --- /dev/null +++ b/deploy.d/vault/webapi_password.yml @@ -0,0 +1,9 @@ +--- +webapi_password: !vault |- + $ANSIBLE_VAULT;1.1;AES256 + 32316635653834376565643736643539373336303438353364373239323666633062396435663264 + 6139633566616165626335313836383031393233353961340a393831663430343332363661663037 + 36353662393535346137313765346362393964363863313131323766663439613164633437343434 + 3338386439383961300a663734393539653833343835393838623862306563636338306364336434 + 64656137666563303166333639393230613139336566653138363866376433383737366466636362 + 3365373461393565393930373033623863616130363230663536 diff --git a/deploy.d/vault/webapi_username.yml b/deploy.d/vault/webapi_username.yml new file mode 100644 index 0000000..2c65ec9 --- /dev/null +++ b/deploy.d/vault/webapi_username.yml @@ -0,0 +1,8 @@ +--- +webapi_username: !vault |- + $ANSIBLE_VAULT;1.1;AES256 + 30333838353634373236363634366634333132616161643133363833373934313630636234306339 + 3065386363663237336565663034336138306636353737310a663733363965306134663837393831 + 31376438643663383832393938623734343033343464376265656230613662643232613131623833 + 3466383465366637610a346534313463636237383231613038353761656438333834353938666136 + 3232 diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 130e91f..0000000 --- a/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -ansible==2.9.6 diff --git a/sbin/encrypt.sh b/sbin/encrypt.sh deleted file mode 100755 index d328761..0000000 --- a/sbin/encrypt.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -# Usage -# ./encrypt.sh mysecretname mysecretvalue - -declare name="$1" -declare secret="$2" - -ansible-vault \ - encrypt_string \ - --vault-password-file ansible/.vault.sh \ - --name "$name" \ - "$secret"