Deploy my own app baybeeee

hosts.yml

@@ -5,7 +5,7 @@
 # 10.89.0.1xx for VMs running the actual apps I host
 all:
   children:
-    servers:
+    bare_metal:
       hosts:
         node1:
           ansible_host: 10.89.0.13

playbooks/local-docker.yml

@@ -0,0 +1,6 @@
+---
+- name: Install docker
+  hosts: localhost
+  become: true
+  roles:
+    - docker/install

playbooks/nodes/apps.yml

@@ -3,9 +3,9 @@
   hosts: apps
   become: true
   roles:
-    - role: apps/kan
-      vars:
-        port: 7070
+    # - role: apps/kan
+    #   vars:
+    #     port: 7070
     - role: apps/memos
       vars:
         port: 7071
@@ -21,10 +21,13 @@
     - role: apps/stirling-pdf
       vars:
         port: 7075
-    - role: apps/dumbware-todo
+    # - role: apps/dumbware-todo
+    #   vars:
+    #     port: 7076
+    #     pin: 8989
+    - role: apps/flowtodo
       vars:
         port: 7076
-        pin: 8989
     - role: apps/filebrowser
       vars:
         port: 7078
@@ -63,6 +66,10 @@
       vars:
         port: 7085
         url: "https://tasks.thegrind.dev"
+    - role: apps/planka
+      vars:
+        port: 7085
+        url: "https://tasks.thegrind.dev"
   tasks:
     - name: Personal DW drop
       ansible.builtin.include_role:

playbooks/nodes/observability-hub.yml

@@ -6,8 +6,8 @@
     # - docker/install
     # - docker/portainer
     # - observability/grafana
-    # - observability/prometheus
-    - observability/beszel-hub
+    - observability/prometheus
+    # - observability/beszel-hub
   tasks:
     # - name: Deploy promlens
     #   community.docker.docker_container:

playbooks/observability.yml

@@ -0,0 +1,7 @@
+---
+- name: Set up observability on all relevant hosts
+  hosts: vms 
+  become: true
+  roles:
+    # - role: docker/install # Needed for the node exporter
+    - role: observability/prometheus-node-exporter

playbooks/pve-user.yml

@@ -0,0 +1,8 @@
+- name: Set up javi as a user with ssh key on PVE hosts
+  hosts: node1
+  remote_user: root
+  roles:
+    - role: server/install-sudo
+    - role: server/users
+    - role: server/setup/sshkey
+    - role: server/kitty

playbooks/server/base.yml

@@ -1,10 +1,11 @@
 ---
 - name: set up a new virtual machine
-  hosts: vms
+  hosts: apps
   become: true
   roles:
     # - role: observability/prometheus-node-exporter
-    - role: observability/beszel-agent
+    - role: server/kitty
+    # - role: observability/beszel-agent
     # - role: docker/install
     # - role: docker/portainer
-    # - role: server/setup/sshkey
+    - role: server/setup/sshkey

playbooks/util/prometheus-config.yml

@@ -6,7 +6,7 @@
     - name: Generate Prometheus config from template
       ansible.builtin.template:
         src: templates/prometheus.yml.j2
-        dest: "{{ container_data_base_path }}/prometheus/prometheus.yml" 
+        dest: "/home/docker/prometheus/prometheus.yml" 
 
     - name: Restart prometheus container
       community.docker.docker_container:

playbooks/util/templates/prometheus.yml.j2

@@ -1,7 +1,7 @@
 #jinja2: trim_blocks: True, lstrip_blocks: True
 
 global:
-  scrape_interval: "15s"
+  scrape_interval: "5s"
 
 scrape_configs:
   - job_name: node
@@ -11,5 +11,18 @@ scrape_configs:
       {% for host in groups['vms'] %}
       - targets: ['{{ hostvars[host].ansible_host }}:9100']
         labels:
-          instance_name: '{{ host }}'
+          name: '{{ host }}'
+          group: 'vms'
+      {% endfor %}
+      {% for host in groups['proxies'] %}
+      - targets: ['{{ hostvars[host].ansible_host }}:9100']
+        labels:
+          name: '{{ host }}'
+          group: 'proxies'
+      {% endfor %}
+      {% for host in groups['utility'] %}
+      - targets: ['{{ hostvars[host].ansible_host }}:9100']
+        labels:
+          name: '{{ host }}'
+          group: 'utility'
       {% endfor %}

roles/apps/flowtodo/tasks/main.yml

@@ -0,0 +1,25 @@
+- name: Create database
+  ansible.builtin.include_role:
+    role: app/database
+  vars:
+    app_name: "flowtodo"
+
+- name: Deploy container
+  community.docker.docker_container:
+    image: gitgud.foo/thegrind/flowtodo
+    name: flowtodo
+    pull: true
+    state: started
+    ports:
+      - "{{ port }}:8000"
+    env:
+      APP_URL: "https://do.thatshit.live"
+      APP_TIMEZONE: "America/New_York"
+      APP_KEY: "base64:7qHvFe7hgCjspoQfBBqMn1nqA6jrRMkYfee/hYlCNt8="
+      OCTANE_HTTPS: "true"
+      DB_CONNECTION: "pgsql"
+      DB_HOST: "{{ pg_host }}" 
+      DB_PORT: "{{ pg_port | string }}"
+      DB_DATABASE: "flowtodo"
+      DB_USERNAME: "flowtodo"
+      DB_PASSWORD: "password"

roles/docker/install/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: Update apt cache
   ansible.builtin.apt:
-    update_cache: yes
+    update_cache: true
 
 - name: Install prerequisite packages
   ansible.builtin.apt:

roles/observability/beszel-hub/tasks/main.yml

@@ -3,6 +3,7 @@
     name: beszel
     image: henrygd/beszel:latest
     restart_policy: unless-stopped
+    state: started
     ports:
       - 8090:8090
     volumes:
@@ -10,11 +11,12 @@
       - ./beszel_socket:/beszel_socket
 
 - name: Deploy local agent
-  community.docker.docker_config:
+  community.docker.docker_container:
     name: beszel-agent
     image: henrygd/beszel-agent:latest
     restart_policy: unless-stopped
     network_mode: host
+    state: started
     volumes:
       - ./beszel_socket:/beszel_socket
       - /var/run/docker.sock:/var/run/docker.sock:ro

roles/observability/prometheus-node-exporter/tasks/main.yml

@@ -4,6 +4,7 @@
     image: quay.io/prometheus/node-exporter:latest
     command: "--path.rootfs=/host"
     state: started
+    restart: true
     network_mode: host
     pid_mode: host
     restart_policy: unless-stopped

roles/observability/prometheus/tasks/main.yml

@@ -1,12 +1,12 @@
-- name: Create data folder on NAS
-  ansible.builtin.include_role:
-    role: docker/container-data
-  vars:
-    dir_name: "prometheus"
+- name: Create data folder
+  ansible.builtin.file:
+    dest: "/home/docker/prometheus/data"
+    state: directory
+    mode: '0777'
 
 - name: Set facts
   ansible.builtin.set_fact:
-    data_dir: "{{ container_data_base_path }}/prometheus" 
+    data_dir: "/home/docker/prometheus" 
 
 - name: Create config file
   ansible.builtin.file:
@@ -19,11 +19,12 @@
     name: prometheus
     image: prom/prometheus
     state: started
+    restart: true
     restart_policy: unless-stopped
     # env:
     #   GF_SERVER_ROOT_URL: "https://dash.lan.thegrind.dev" 
     ports:
       - '9090:9090'
     volumes:
-      - "{{ data_dir }}:/prometheus"
+      - "{{ data_dir }}/data:/prometheus"
       - "{{ data_dir }}/prometheus.yml:/etc/prometheus/prometheus.yml"

roles/server/install-sudo/tasks/main.yml

@@ -0,0 +1,27 @@
+- name: Disable Proxmox Enterprise repo
+  ansible.builtin.replace:
+    path: /etc/apt/sources.list.d/pve-enterprise.list
+    regexp: '^deb'
+    replace: '# deb'
+
+- name: Comment out Proxmox Ceph Enterprise repo
+  ansible.builtin.replace:
+    path: /etc/apt/sources.list.d/ceph.list
+    regexp: '^deb '
+    replace: '# deb '
+  ignore_errors: true
+
+- name: Add no-subscription Proxmox repo
+  ansible.builtin.copy:
+    dest: /etc/apt/sources.list.d/pve-no-subscription.list
+    content: |
+      deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Install sudo
+  ansible.builtin.apt:
+    update_cache: true
+    name: sudo
+    state: present

roles/server/kitty/defaults/main.yml

@@ -0,0 +1,3 @@
+users:
+  - xbazzi
+  - ansible

roles/server/kitty/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+# Pre-requisite:
+# ❯ infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo    
+# - name: Check if kitty term-info exists
+#   ansible.builtin.stat:
+#     path: "/home/javi/.xterm-kitty.terminfo" 
+#   register: file_check
+
+# - name: Fail if file does not exist
+#   ansible.builtin.fail:
+#     msg: "Kitty term info does't exist. Please run: infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo"
+#   when: not file_check.stat.exists
+
+- name: Copy pre-generated kitty terminfo to remote users
+  copy:
+    src: "/home/javi/.xterm-kitty.terminfo"
+    dest: /home/javi/.xterm-kitty.terminfo
+    owner: "javi"
+    group: "javi"
+    mode: '0644'
+
+- name: Compile terminfo for each user
+  ansible.builtin.command: >
+    tic -x -o /home/javi/.terminfo/ /home/javi/.xterm-kitty.terminfo
+
+- name: Clean up xterm-kitty.terminfo from home directory
+  ansible.builtin.file:
+    path: "/home/javi/.xterm-kitty.terminfo"
+    state: absent

roles/server/users/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+- name: Add javi group
+  ansible.builtin.group:
+    name: javi
+    gid: 1000
+    state: present
+
+- name: Add javi user
+  ansible.builtin.user:
+    name: javi
+    create_home: true
+    shell: /bin/bash
+    groups: "sudo,javi"
+    uid: 1000
+    state: present
+    append: true
+
+- name: Add javi to sudoers w/ no password
+  community.general.sudoers:
+    name: sudoers
+    user: javi
+    state: present
+    commands: ALL
+    nopassword: true