Initialize ansible and docker web stuff

README.md

@@ -0,0 +1,22 @@
+# infrastructure
+
+## pbrinkmeier.de
+
+| Hostname | `h2954114`                                                                |
+| Domains  | `{wiki.,codi.}pbrinkmeier.de`, `tichy.click`, `h2954114.stratoserver.net` |
+
+### Personal Website
+
+[pbrinkmeier.de](https://pbrinkmeier.de)
+
+### Personal Wiki
+
+[wiki.pbrinkmeier.de](https://wiki.pbrinkmeier.de)
+
+### Collaborative Markdown Editing
+
+[codi.pbrinkmeier.de](https://codi.pbrinkmeier.de)
+
+### Tichy-Clicker
+
+[tichy.click](https://tichy.click)

ansible/.gitignore

@@ -0,0 +1 @@
+venv

ansible/README.md

@@ -0,0 +1,14 @@
+# ansible
+
+## Ansible Control Node Setup
+
+In a Python 3 environment (perhaps a venv):
+
+```
+pip install -r requirements.txt
+```
+
+## `misc.yaml`
+
+Server for miscellaneous stuff, e.g. the website.
+Expects to have a user `andi` who can `sudo`.

ansible/ansible.cfg

@@ -0,0 +1,2 @@
+[defaults]
+inventory = ./inventory

ansible/group_vars/misc/vars.yaml

@@ -0,0 +1,3 @@
+---
+ansible_user: andi
+ansible_python_interpreter: /usr/bin/python3

ansible/inventory

@@ -0,0 +1,2 @@
+[misc]
+h2954114.stratoserver.net

ansible/misc.yaml

@@ -0,0 +1,33 @@
+---
+- hosts: misc
+  tasks:
+    - include_role:
+        name: docker
+    - name: Install pip prerequisites
+      become: yes
+      apt:
+        name:
+          - python3-pip
+          - python3-setuptools
+          - python3-virtualenv
+    - name: Install global python docker package
+      become: yes
+      pip:
+        name:
+          - docker
+          - docker-compose
+          - requests
+    - name: Upload docker configuration
+      become: yes
+      copy:
+        src: ../docker
+        dest: /etc/pbri
+    - name: Set up docker stuff
+      become: yes
+      docker_compose:
+        project_src: "/etc/pbri/docker/{{ item.name }}"
+        state: "{{ item.state }}"
+        debug: yes
+      loop:
+        - name: web
+          state: present

ansible/roles/docker/README.md

@@ -0,0 +1,4 @@
+# docker
+
+Installs the Docker repositories and packages as described in [the Docker documentation](https://docs.docker.com/engine/install/debian/#install-using-the-repository).
+Currently only works for Ubuntu since ubuntu is hardcoded into the `.list` file.

ansible/roles/docker/tasks/main.yaml

@@ -0,0 +1,38 @@
+---
+- name: Install Docker installation prerequisites
+  become: yes
+  apt:
+    update_cache: yes
+    state: latest
+    name:
+      - ca-certificates
+      - curl
+      - gnupg
+      - lsb-release
+
+- name: Add Docker GPG key
+  become: yes
+  shell: "curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg"
+  args:
+    creates: /usr/share/keyrings/docker-archive-keyring.gpg
+
+- name: Retrieve dpkg architecture
+  shell: dpkg --print-architecture
+  register: dpkg_architecture
+  changed_when: False
+
+- name: Add Docker apt repository
+  become: yes
+  template:
+    src: docker.list.j2
+    dest: /etc/apt/sources.list.d/docker.list
+
+- name: Install Docker
+  become: yes
+  apt:
+    update_cache: yes
+    state: latest
+    name:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io

ansible/roles/docker/templates/docker.list.j2

@@ -0,0 +1 @@
+deb [arch={{ dpkg_architecture.stdout }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable

docker/web/Caddyfile

@@ -0,0 +1,5 @@
+h2954114.stratoserver.net {
+    file_server browse {
+        root /usr/share
+    }
+}

docker/web/Dockerfile

@@ -0,0 +1,3 @@
+FROM caddy
+
+COPY Caddyfile /etc/caddy/Caddyfile

docker/web/README.md

@@ -0,0 +1,3 @@
+# web
+
+Contains stuff exposed via HTTP(S) to the Internet, e.g. personal website, Wiki, etc.

docker/web/docker-compose.yaml

@@ -0,0 +1,17 @@
+version: "3"
+
+services:
+  web:
+    image: pbrinkmeier/web
+    build: .
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - caddy_data:/data
+      - caddy_config:/config
+    restart: always
+
+volumes:
+  caddy_data:
+  caddy_config: