Move to v2 format

2020-04-14 12:02:43 +02:00 · 2020-04-14 12:02:43 +02:00 · 45f83b1e56
commit 45f83b1e56
parent ae6b9b6f2f
17 changed files with 52 additions and 199 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -1,17 +1,7 @@
 ---
 kind: pipeline
 name: default
 steps:
  - name: Build Homebase docker image
    image: docker:stable
    volumes:
      - name: docker_sock
        path: /var/run/docker.sock
    commands:
      - docker build --no-cache -t autonomic/homebase:drone .
  - name: Deploy Homebase with Dokku
    image: appleboy/drone-git-push:0.2.0-linux-amd64
    settings:
--- a/README.md
+++ b/README.md
@ -4,7 +4,4 @@
 > https://github.com/beakerbrowser/homebase
-# Deploy
+> https://punkbase.autonomic.zone
 1. Push your changes to master and Dokku will try to automatically release
 1. See the [dashboard to see the build](https://drone.autonomic.zone/autonomic-cooperative/homebase/)
--- a/ansible/.vault.sh
+++ b/ansible/.vault.sh
@ -1,5 +0,0 @@
 #!/bin/bash
 set -eu -o pipefail
 echo $(pass show hosts/autonomic-dokku/vault/password)
--- a/ansible/post-deploy.yml
+++ b/ansible/post-deploy.yml
@ -1,37 +0,0 @@
 ---
 - hosts: all
  gather_facts: false
  tasks:
    - name: Load variables
      include_vars:
        dir: "{{ dokku_lib_root }}/data/ansible/homebase/vars/"
        extensions:
          - yml
    - name: Setup LE certificates
      shell: dokku letsencrypt homebase
      args:
        creates: /home/dokku/homebase/letsencrypt/certs
    - name: Setup LE certificates renew cron job
      shell: dokku letsencrypt:cron-job --add
      args:
        creates: /home/dokku/homebase/letsencrypt/cron-job
    - name: Remove automatically configured ports
      dokku_ports:
        app: homebase
        mappings:
          - "http:{{ dat_port }}:{{ dat_port }}"
          - "http:{{ http_port }}:{{ http_port }}"
        state: absent
    - name: Set HTTP 443 port
      dokku_ports:
        app: homebase
        mappings:
          - "https:443:{{ http_port }}"
        state: present
 # TODO(decentral1se) unlock 3283 port out for dat
 #                    sharing this has been done manually so far.
--- a/ansible/pre-deploy.yml
+++ b/ansible/pre-deploy.yml
@ -1,55 +0,0 @@
 ---
 - hosts: all
  gather_facts: false
  tasks:
    - name: Load variables
      include_vars:
        dir: "{{ dokku_lib_root }}/data/ansible/homebase/vars/"
        extensions:
          - yml
    - name: "Configure {{ domain }} domain"
      dokku_domains:
        app: homebase
        domains:
          - "{{ domain }}"
        state: present
    - name: Create application directories
      file:
        path: "{{ item }}"
        state: directory
        owner: dokku
        group: dokku
      with_items:
        - /var/lib/homebase
      become: true
    - name: Specify docker volume mount
      dokku_storage:
        app: homebase
        mounts:
          - /var/lib/homebase:/root/
    - name: Configure the app environment
      dokku_config:
        app: homebase
        restart: false
        config:
          DOKKU_LETSENCRYPT_EMAIL: "{{ autonomic_admin_mail }}"
    - name: Copy over the homebase configuration file
      template:
        src: homebase.yml.j2
        dest: /var/lib/homebase/.homebase.yml
        owner: dokku
        group: dokku
      become: true
    - name: Set HTTP 80 port proxy
      dokku_ports:
        app: homebase
        mappings:
          - "http:80:{{ http_port }}"
          - "http:{{ dat_port }}:{{ dat_port }}"
        state: present
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -1,6 +0,0 @@
 ---
 - src: dokku_bot.ansible_dokku
  version: v2020.3.24
 - src: https://git.coop/decentral1se/autonomic.gandi/-/archive/0.0.5/autonomic.gandi-0.0.5.tar.gz
  name: autonomic.gandi
--- a/ansible/vars/all.yml
+++ b/ansible/vars/all.yml
@ -1,29 +0,0 @@
 ---
 auto_letsencrypt: "false"
 autonomic_admin_mail: "helo@autonomic.zone"
 dashboard: "false"
 dat_port: "3282"
 dat_root: "/root/.homebase"
 domain: "punkbase.autonomic.zone"
 http_mirror: "true"
 http_port: "8085"
 dats:
  # https://sunbeam.city/@kawaiipunk/103883932490360099
  - "dat://c403b7c92eb5e1b2c293425ee6623635be11211977787053e9797e94b958e6e0"
  # kawaiipunk blog
  - "dat://510b9f5baf4e71269d2681ad4ca5f8186769fcddfee779d12ad339b5eca608cd"
  # Lai Power music
  - "dat://2895678d8a51bfbe0618a717af136b386abbe4b80e8a9705dec7970d44eb9a4c"
  - "dat://cd9cd78a369bfc758144afaf433a1ba2a63ea842e998ad3ea97c9c1d11fd2a71"
  - "dat://f39011f7ea585d5be4f1854700071f6fc6989cbe443d801edb897008a2d71952"
  - "dat://469a88055fe7e2dd33fdf90268e8a9d7f6d0649389552fad346c35ab90cf5960"
  - "dat://fb65190ff1318251e7c504fa70410f3b38e9408ff96e961840c185f8a55a5969"
  - "dat://fc1546d01c1423cf53ac99457a48078deb5734cc6740fb8e23a9f027f257f40e"
  - "dat://d5e1c77b5fc6aecede3b37a1d4537ea2b1737303306dbee0e4e3aac52fae42ec"
  - "dat://0d5dbb32bbc4af74579e35deff0877f05ef80a581da620aabedc8750aa911bbd"
  # Sunbeam City Wiki
  - "dat://cf9de5d87118ad22ecd927df1c1b174632c6a1920ade2ef57f75e8421017ccc5"
--- a/ansible/vars/ansible_become_pass.yml
+++ b/ansible/vars/ansible_become_pass.yml
@ -1,8 +0,0 @@
 ---
 ansible_become_pass: !vault |
  $ANSIBLE_VAULT;1.1;AES256
  34396236353735666531323238656533643465303131663464613162396333313836363630666266
  6539323631656635333864316166633064633366323936610a656137616334313534333635313232
  35323561303763366563316631313638363333393763323935343563303963616334336639386462
  3837383830616637360a373539613630356564363662393836366462666430353439353637303035
  63396633303166343433313439303539313637306637663137313533316531616434
--- a/ansible/vars/webapi_password.yml
+++ b/ansible/vars/webapi_password.yml
@ -1,9 +0,0 @@
 ---
 webapi_password: !vault |
  $ANSIBLE_VAULT;1.1;AES256
  31623434326338636564313833393634653561663134623165373439616265326636633037373066
  3566316362336436656338313766326463643661323930360a363933313761363730636438313137
  38303666336538383631356565636463643464346134343931636438373339353465376566336164
  6665303065643036650a376361313933366130356666326464353665366632363339646531663135
  30303438356531383366643164636235343365363765613362653039363363313932616262383838
  6136393831333263303462373531343466336365636665343938
--- a/ansible/vars/webapi_username.yml
+++ b/ansible/vars/webapi_username.yml
@ -1,8 +0,0 @@
 ---
 webapi_username: !vault |
  $ANSIBLE_VAULT;1.1;AES256
  61656131613735636330666533393534613664616134323564623939353738643937323666396334
  3235363739643361303833646666616137333063316663660a613035656531306638386533363164
  36643262666336306631363663623432623936643134333039373464333237323031303031383564
  3964393437643238630a356364633334343366326338616664646133376332313330306339306139
  3033
--- a/app.json
+++ b/app.json
@ -1,5 +0,0 @@
 {
  "name": "homebase",
  "description": "Self-deployable tool for seeding dat:// websites",
  "repository": "https://git.autonomic.zone/autonomic-cooperative/homebase"
 }
--- a/deploy.d/config.yml
+++ b/deploy.d/config.yml
@ -0,0 +1,33 @@
 ---
 port: "8085"
 domain: "punkbase.autonomic.zone"
 mounts:
  - /var/lib/homebase:/root/
 templates:
  - src: homebase.yml.j2
    dest: /var/lib/homebase/.homebase.yml
    vars:
      auto_letsencrypt: "false"
      dashboard: "false"
      dat_root: "/root/.homebase"
      dats:
        # https://sunbeam.city/@kawaiipunk/103883932490360099
        - "dat://c403b7c92eb5e1b2c293425ee6623635be11211977787053e9797e94b958e6e0"
        # kawaiipunk blog
        - "dat://510b9f5baf4e71269d2681ad4ca5f8186769fcddfee779d12ad339b5eca608cd"
        # Lai Power music
        - "dat://2895678d8a51bfbe0618a717af136b386abbe4b80e8a9705dec7970d44eb9a4c"
        - "dat://cd9cd78a369bfc758144afaf433a1ba2a63ea842e998ad3ea97c9c1d11fd2a71"
        - "dat://f39011f7ea585d5be4f1854700071f6fc6989cbe443d801edb897008a2d71952"
        - "dat://469a88055fe7e2dd33fdf90268e8a9d7f6d0649389552fad346c35ab90cf5960"
        - "dat://fb65190ff1318251e7c504fa70410f3b38e9408ff96e961840c185f8a55a5969"
        - "dat://fc1546d01c1423cf53ac99457a48078deb5734cc6740fb8e23a9f027f257f40e"
        - "dat://d5e1c77b5fc6aecede3b37a1d4537ea2b1737303306dbee0e4e3aac52fae42ec"
        - "dat://0d5dbb32bbc4af74579e35deff0877f05ef80a581da620aabedc8750aa911bbd"
        # Sunbeam City Wiki
        - "dat://cf9de5d87118ad22ecd927df1c1b174632c6a1920ade2ef57f75e8421017ccc5"
      http_mirror: "true"
      webapi_password: "{{ webapi_password }}"
      webapi_username: "{{ webapi_username }}"
 env:
  DOKKU_LETSENCRYPT_EMAIL: "helo@autonomic.zone"
--- a/deploy.d/templates/homebase.yml.j2
+++ b/deploy.d/templates/homebase.yml.j2
@ -1,20 +1,14 @@
 ---
 directory: {{ dat_root }}
 httpMirror: {{ http_mirror }}
 letsencrypt: {{ auto_letsencrypt }}
 dashboard: {{ dashboard }}
 webapi:
  domain: {{ domain }}
  username: {{ webapi_username }}
  password: {{ webapi_password }}
 ports:
-  http: {{ http_port }}
+  http: {{ port }}
 dats:
 {% for dat in dats %}
  - url: "{{ dat }}"
--- a/deploy.d/vault/webapi_password.yml
+++ b/deploy.d/vault/webapi_password.yml
@ -0,0 +1,9 @@
 ---
 webapi_password: !vault |-
  $ANSIBLE_VAULT;1.1;AES256
  32316635653834376565643736643539373336303438353364373239323666633062396435663264
  6139633566616165626335313836383031393233353961340a393831663430343332363661663037
  36353662393535346137313765346362393964363863313131323766663439613164633437343434
  3338386439383961300a663734393539653833343835393838623862306563636338306364336434
  64656137666563303166333639393230613139336566653138363866376433383737366466636362
  3365373461393565393930373033623863616130363230663536
--- a/deploy.d/vault/webapi_username.yml
+++ b/deploy.d/vault/webapi_username.yml
@ -0,0 +1,8 @@
 ---
 webapi_username: !vault |-
  $ANSIBLE_VAULT;1.1;AES256
  30333838353634373236363634366634333132616161643133363833373934313630636234306339
  3065386363663237336565663034336138306636353737310a663733363965306134663837393831
  31376438643663383832393938623734343033343464376265656230613662643232613131623833
  3466383465366637610a346534313463636237383231613038353761656438333834353938666136
  3232
--- a/requirements.txt
+++ b/requirements.txt
@ -1 +0,0 @@
 ansible==2.9.6
--- a/sbin/encrypt.sh
+++ b/sbin/encrypt.sh
@ -1,15 +0,0 @@
 #!/bin/bash
 set -eu -o pipefail
 # Usage
 # ./encrypt.sh mysecretname mysecretvalue
 declare name="$1"
 declare secret="$2"
 ansible-vault \
  encrypt_string \
  --vault-password-file ansible/.vault.sh \
  --name "$name" \
  "$secret"