Deploy my own app baybeeee

hosts.yml

@@ -5,7 +5,7 @@
 # 10.89.0.1xx for VMs running the actual apps I host
 all:
   children:
-    servers:
+    bare_metal:
       hosts:
         node1:
           ansible_host: 10.89.0.13

playbooks/local-docker.yml

@@ -0,0 +1,6 @@
+---
+- name: Install docker
+  hosts: localhost
+  become: true
+  roles:
+    - docker/install

playbooks/nodes/apps.yml

@@ -3,9 +3,9 @@
   hosts: apps
   become: true
   roles:
-    - role: apps/kan
-      vars:
-        port: 7070
+    # - role: apps/kan
+    #   vars:
+    #     port: 7070
     - role: apps/memos
       vars:
         port: 7071
@@ -21,10 +21,13 @@
     - role: apps/stirling-pdf
       vars:
         port: 7075
-    - role: apps/dumbware-todo
+    # - role: apps/dumbware-todo
+    #   vars:
+    #     port: 7076
+    #     pin: 8989
+    - role: apps/flowtodo
       vars:
         port: 7076
-        pin: 8989
     - role: apps/filebrowser
       vars:
         port: 7078
@@ -63,6 +66,10 @@
       vars:
         port: 7085
         url: "https://tasks.thegrind.dev"
+    - role: apps/planka
+      vars:
+        port: 7085
+        url: "https://tasks.thegrind.dev"
   tasks:
     - name: Personal DW drop
       ansible.builtin.include_role:

playbooks/observability.yml

@@ -0,0 +1,7 @@
+---
+- name: Set up observability on all relevant hosts
+  hosts: vms 
+  become: true
+  roles:
+    # - role: docker/install # Needed for the node exporter
+    - role: observability/prometheus-node-exporter

playbooks/pve-user.yml

@@ -0,0 +1,8 @@
+- name: Set up javi as a user with ssh key on PVE hosts
+  hosts: node1
+  remote_user: root
+  roles:
+    - role: server/install-sudo
+    - role: server/users
+    - role: server/setup/sshkey
+    - role: server/kitty

playbooks/server/base.yml

@@ -1,10 +1,11 @@
 ---
 - name: set up a new virtual machine
-  hosts: vms
+  hosts: apps
   become: true
   roles:
     # - role: observability/prometheus-node-exporter
+    - role: server/kitty
     # - role: observability/beszel-agent
     # - role: docker/install
     # - role: docker/portainer
-    # - role: server/setup/sshkey
+    - role: server/setup/sshkey

playbooks/util/templates/prometheus.yml.j2

@@ -12,4 +12,17 @@ scrape_configs:
       - targets: ['{{ hostvars[host].ansible_host }}:9100']
         labels:
           name: '{{ host }}'
+          group: 'vms'
+      {% endfor %}
+      {% for host in groups['proxies'] %}
+      - targets: ['{{ hostvars[host].ansible_host }}:9100']
+        labels:
+          name: '{{ host }}'
+          group: 'proxies'
+      {% endfor %}
+      {% for host in groups['utility'] %}
+      - targets: ['{{ hostvars[host].ansible_host }}:9100']
+        labels:
+          name: '{{ host }}'
+          group: 'utility'
       {% endfor %}

roles/apps/flowtodo/tasks/main.yml

@@ -0,0 +1,25 @@
+- name: Create database
+  ansible.builtin.include_role:
+    role: app/database
+  vars:
+    app_name: "flowtodo"
+
+- name: Deploy container
+  community.docker.docker_container:
+    image: gitgud.foo/thegrind/flowtodo
+    name: flowtodo
+    pull: true
+    state: started
+    ports:
+      - "{{ port }}:8000"
+    env:
+      APP_URL: "https://do.thatshit.live"
+      APP_TIMEZONE: "America/New_York"
+      APP_KEY: "base64:7qHvFe7hgCjspoQfBBqMn1nqA6jrRMkYfee/hYlCNt8="
+      OCTANE_HTTPS: "true"
+      DB_CONNECTION: "pgsql"
+      DB_HOST: "{{ pg_host }}" 
+      DB_PORT: "{{ pg_port | string }}"
+      DB_DATABASE: "flowtodo"
+      DB_USERNAME: "flowtodo"
+      DB_PASSWORD: "password"

roles/docker/install/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: Update apt cache
   ansible.builtin.apt:
-    update_cache: yes
+    update_cache: true
 
 - name: Install prerequisite packages
   ansible.builtin.apt:

roles/server/install-sudo/tasks/main.yml

@@ -0,0 +1,27 @@
+- name: Disable Proxmox Enterprise repo
+  ansible.builtin.replace:
+    path: /etc/apt/sources.list.d/pve-enterprise.list
+    regexp: '^deb'
+    replace: '# deb'
+
+- name: Comment out Proxmox Ceph Enterprise repo
+  ansible.builtin.replace:
+    path: /etc/apt/sources.list.d/ceph.list
+    regexp: '^deb '
+    replace: '# deb '
+  ignore_errors: true
+
+- name: Add no-subscription Proxmox repo
+  ansible.builtin.copy:
+    dest: /etc/apt/sources.list.d/pve-no-subscription.list
+    content: |
+      deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Install sudo
+  ansible.builtin.apt:
+    update_cache: true
+    name: sudo
+    state: present

roles/server/kitty/defaults/main.yml

@@ -0,0 +1,3 @@
+users:
+  - xbazzi
+  - ansible

roles/server/kitty/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+# Pre-requisite:
+# ❯ infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo    
+# - name: Check if kitty term-info exists
+#   ansible.builtin.stat:
+#     path: "/home/javi/.xterm-kitty.terminfo" 
+#   register: file_check
+
+# - name: Fail if file does not exist
+#   ansible.builtin.fail:
+#     msg: "Kitty term info does't exist. Please run: infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo"
+#   when: not file_check.stat.exists
+
+- name: Copy pre-generated kitty terminfo to remote users
+  copy:
+    src: "/home/javi/.xterm-kitty.terminfo"
+    dest: /home/javi/.xterm-kitty.terminfo
+    owner: "javi"
+    group: "javi"
+    mode: '0644'
+
+- name: Compile terminfo for each user
+  ansible.builtin.command: >
+    tic -x -o /home/javi/.terminfo/ /home/javi/.xterm-kitty.terminfo
+
+- name: Clean up xterm-kitty.terminfo from home directory
+  ansible.builtin.file:
+    path: "/home/javi/.xterm-kitty.terminfo"
+    state: absent

roles/server/users/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+- name: Add javi group
+  ansible.builtin.group:
+    name: javi
+    gid: 1000
+    state: present
+
+- name: Add javi user
+  ansible.builtin.user:
+    name: javi
+    create_home: true
+    shell: /bin/bash
+    groups: "sudo,javi"
+    uid: 1000
+    state: present
+    append: true
+
+- name: Add javi to sudoers w/ no password
+  community.general.sudoers:
+    name: sudoers
+    user: javi
+    state: present
+    commands: ALL
+    nopassword: true