From 0e9e7732b27357ebd0648a7c9d38441d4b622bf7 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Thu, 11 Nov 2021 18:12:47 +0100
Subject: [PATCH] Initialize ansible and docker web stuff

---
 README.md                                     | 22 +++++++++++
 ansible/.gitignore                            |  1 +
 ansible/README.md                             | 14 +++++++
 ansible/ansible.cfg                           |  2 +
 ansible/group_vars/misc/vars.yaml             |  3 ++
 ansible/inventory                             |  2 +
 ansible/misc.yaml                             | 33 ++++++++++++++++
 ansible/roles/docker/README.md                |  4 ++
 ansible/roles/docker/tasks/main.yaml          | 38 +++++++++++++++++++
 ansible/roles/docker/templates/docker.list.j2 |  1 +
 docker/web/Caddyfile                          |  5 +++
 docker/web/Dockerfile                         |  3 ++
 docker/web/README.md                          |  3 ++
 docker/web/docker-compose.yaml                | 17 +++++++++
 14 files changed, 148 insertions(+)
 create mode 100644 README.md
 create mode 100644 ansible/.gitignore
 create mode 100644 ansible/README.md
 create mode 100644 ansible/ansible.cfg
 create mode 100644 ansible/group_vars/misc/vars.yaml
 create mode 100644 ansible/inventory
 create mode 100644 ansible/misc.yaml
 create mode 100644 ansible/roles/docker/README.md
 create mode 100644 ansible/roles/docker/tasks/main.yaml
 create mode 100644 ansible/roles/docker/templates/docker.list.j2
 create mode 100644 docker/web/Caddyfile
 create mode 100644 docker/web/Dockerfile
 create mode 100644 docker/web/README.md
 create mode 100644 docker/web/docker-compose.yaml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..1021c4c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,22 @@
+# infrastructure
+
+## pbrinkmeier.de
+
+| Hostname | `h2954114`                                                                |
+| Domains  | `{wiki.,codi.}pbrinkmeier.de`, `tichy.click`, `h2954114.stratoserver.net` |
+
+### Personal Website
+
+[pbrinkmeier.de](https://pbrinkmeier.de)
+
+### Personal Wiki
+
+[wiki.pbrinkmeier.de](https://wiki.pbrinkmeier.de)
+
+### Collaborative Markdown Editing
+
+[codi.pbrinkmeier.de](https://codi.pbrinkmeier.de)
+
+### Tichy-Clicker
+
+[tichy.click](https://tichy.click)
diff --git a/ansible/.gitignore b/ansible/.gitignore
new file mode 100644
index 0000000..5ceb386
--- /dev/null
+++ b/ansible/.gitignore
@@ -0,0 +1 @@
+venv
diff --git a/ansible/README.md b/ansible/README.md
new file mode 100644
index 0000000..10d122a
--- /dev/null
+++ b/ansible/README.md
@@ -0,0 +1,14 @@
+# ansible
+
+## Ansible Control Node Setup
+
+In a Python 3 environment (perhaps a venv):
+
+```
+pip install -r requirements.txt
+```
+
+## `misc.yaml`
+
+Server for miscellaneous stuff, e.g. the website.
+Expects to have a user `andi` who can `sudo`.
\ No newline at end of file
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 0000000..73ee9b1
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,2 @@
+[defaults]
+inventory = ./inventory
diff --git a/ansible/group_vars/misc/vars.yaml b/ansible/group_vars/misc/vars.yaml
new file mode 100644
index 0000000..2363063
--- /dev/null
+++ b/ansible/group_vars/misc/vars.yaml
@@ -0,0 +1,3 @@
+---
+ansible_user: andi
+ansible_python_interpreter: /usr/bin/python3
\ No newline at end of file
diff --git a/ansible/inventory b/ansible/inventory
new file mode 100644
index 0000000..48dbb1b
--- /dev/null
+++ b/ansible/inventory
@@ -0,0 +1,2 @@
+[misc]
+h2954114.stratoserver.net
diff --git a/ansible/misc.yaml b/ansible/misc.yaml
new file mode 100644
index 0000000..adef274
--- /dev/null
+++ b/ansible/misc.yaml
@@ -0,0 +1,33 @@
+---
+- hosts: misc
+  tasks:
+    - include_role:
+        name: docker
+    - name: Install pip prerequisites
+      become: yes
+      apt:
+        name:
+          - python3-pip
+          - python3-setuptools
+          - python3-virtualenv
+    - name: Install global python docker package
+      become: yes
+      pip:
+        name:
+          - docker
+          - docker-compose
+          - requests
+    - name: Upload docker configuration
+      become: yes
+      copy:
+        src: ../docker
+        dest: /etc/pbri
+    - name: Set up docker stuff
+      become: yes
+      docker_compose:
+        project_src: "/etc/pbri/docker/{{ item.name }}"
+        state: "{{ item.state }}"
+        debug: yes
+      loop:
+        - name: web
+          state: present
\ No newline at end of file
diff --git a/ansible/roles/docker/README.md b/ansible/roles/docker/README.md
new file mode 100644
index 0000000..9e66c61
--- /dev/null
+++ b/ansible/roles/docker/README.md
@@ -0,0 +1,4 @@
+# docker
+
+Installs the Docker repositories and packages as described in [the Docker documentation](https://docs.docker.com/engine/install/debian/#install-using-the-repository).
+Currently only works for Ubuntu since ubuntu is hardcoded into the `.list` file.
diff --git a/ansible/roles/docker/tasks/main.yaml b/ansible/roles/docker/tasks/main.yaml
new file mode 100644
index 0000000..93ee022
--- /dev/null
+++ b/ansible/roles/docker/tasks/main.yaml
@@ -0,0 +1,38 @@
+---
+- name: Install Docker installation prerequisites
+  become: yes
+  apt:
+    update_cache: yes
+    state: latest
+    name:
+      - ca-certificates
+      - curl
+      - gnupg
+      - lsb-release
+
+- name: Add Docker GPG key
+  become: yes
+  shell: "curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg"
+  args:
+    creates: /usr/share/keyrings/docker-archive-keyring.gpg
+
+- name: Retrieve dpkg architecture
+  shell: dpkg --print-architecture
+  register: dpkg_architecture
+  changed_when: False
+
+- name: Add Docker apt repository
+  become: yes
+  template:
+    src: docker.list.j2
+    dest: /etc/apt/sources.list.d/docker.list
+
+- name: Install Docker
+  become: yes
+  apt:
+    update_cache: yes
+    state: latest
+    name:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
diff --git a/ansible/roles/docker/templates/docker.list.j2 b/ansible/roles/docker/templates/docker.list.j2
new file mode 100644
index 0000000..e8c0e30
--- /dev/null
+++ b/ansible/roles/docker/templates/docker.list.j2
@@ -0,0 +1 @@
+deb [arch={{ dpkg_architecture.stdout }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
diff --git a/docker/web/Caddyfile b/docker/web/Caddyfile
new file mode 100644
index 0000000..21a8f86
--- /dev/null
+++ b/docker/web/Caddyfile
@@ -0,0 +1,5 @@
+h2954114.stratoserver.net {
+    file_server browse {
+        root /usr/share
+    }
+}
\ No newline at end of file
diff --git a/docker/web/Dockerfile b/docker/web/Dockerfile
new file mode 100644
index 0000000..6423087
--- /dev/null
+++ b/docker/web/Dockerfile
@@ -0,0 +1,3 @@
+FROM caddy
+
+COPY Caddyfile /etc/caddy/Caddyfile
\ No newline at end of file
diff --git a/docker/web/README.md b/docker/web/README.md
new file mode 100644
index 0000000..ea90606
--- /dev/null
+++ b/docker/web/README.md
@@ -0,0 +1,3 @@
+# web
+
+Contains stuff exposed via HTTP(S) to the Internet, e.g. personal website, Wiki, etc.
\ No newline at end of file
diff --git a/docker/web/docker-compose.yaml b/docker/web/docker-compose.yaml
new file mode 100644
index 0000000..39a9d4c
--- /dev/null
+++ b/docker/web/docker-compose.yaml
@@ -0,0 +1,17 @@
+version: "3"
+
+services:
+  web:
+    image: pbrinkmeier/web
+    build: .
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - caddy_data:/data
+      - caddy_config:/config
+    restart: always
+
+volumes:
+  caddy_data:
+  caddy_config:
\ No newline at end of file