Merge pull request #13 from iv-org/cleanup

Remove old things
This commit is contained in:
Perflyst 2023-12-16 16:57:30 +01:00 committed by GitHub
commit 6b6b77b749
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 2 additions and 471 deletions

View File

@ -8,12 +8,7 @@ This repository contains the invidious infrastructure.
2. Install requirements: `ansible-galaxy install -r requirements.yml -p roles`
## Hosts
### invidious.io (old)
Install old requirements: `ansible-galaxy install -r requirements-old.yml -p roles`
### dia.invidious.io
`ansible-playbook main.yml -i inventory.yml --ask-vault-pass`
### tin.invidious.io
`ansible-playbook tin.yml -i inventory.yml`
`ansible-playbook dia.yml -i inventory.yml`

View File

@ -1,36 +0,0 @@
---
prometheus_web_listen_address: "127.0.0.1:9090"
prometheus_scrape_configs:
- job_name: "prometheus"
static_configs:
- targets: ['localhost:9090']
- job_name: "node"
static_configs:
- targets: ['localhost:9100']
- job_name: "caddy"
static_configs:
- targets: ['127.0.0.1:2019']
grafana_url: "https://grafana.invidious.io"
grafana_domain: grafana.invidious.io
grafana_address: 127.0.0.1
grafana_port: 2000
grafana_security:
admin_user: admin
admin_password: "{{ vault_grafana_admin_password }}"
disable_gravatar: true
cookie_secure: true
grafana_auth:
anonymous:
enabled: true
grafana_datasources:
- name: Prometheus
type: prometheus
url: http://localhost:9090
grafana_dashboards:
- dashboard_id: '1860'
revision_id: '22'
datasource: 'Prometheus'
- dashboard_id: '13460'
revision_id: '2'
datasource: 'Prometheus'

View File

@ -1,13 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
39303330616163326665373337326635386164616335626366333638653464303532643530333762
6636626430613433623534373263633663303431316339640a613930623530623336373663323038
34666363393733363736323166343138656364373439366332623930633635616631386533306533
3666663833353931360a636163646163363661666330633636353532323333386432633037653131
65343530643931303834633961633934613037396336646439663163326635656238623936343165
66386165653839323231333761343663613965326538303032363935643433306366643763393665
30333033626162356564393439643866356266393362643664646365373535613764366130346438
33313330613163623339386130653032333962343235653135653431376165656163336531663162
61653763663162663933373236326365343365653233643830613237626639316666386530386434
33633136393637343863306261396334333533643233633236353531663066613637653236316632
31333435333835346364663638656266643230303163656362336566653638633361373532653834
34396162656135333337

View File

@ -1,3 +0,0 @@
---
docker_compose_version: "1.29.2"
caddy_config: "{{ lookup('template', 'templates/tin-Caddyfile.j2') }}"

View File

@ -3,6 +3,4 @@ all:
children:
main:
hosts:
invidious.io:
tin.invidious.io:
dia.invidious.io:

107
main.yml
View File

@ -1,107 +0,0 @@
---
- hosts: main
handlers:
- name: restart ssh
systemd:
name: sshd
state: restarted
tasks:
- name: SSH config
template:
src: sshd_config.j2
dest: /etc/ssh/sshd_config
mode: 0644
notify: restart ssh
tags: [ssh,base]
- name: SSH keys
template:
src: authorized_keys.j2
dest: /root/.ssh/authorized_keys
mode: 0600
tags: [ssh,base]
- name: Install packages
apt:
name: "{{ apt_packages }}"
tags: [apt,base]
- name: Bind node exporter to localhost
ansible.builtin.lineinfile:
path: /etc/default/prometheus-node-exporter
regexp: '^ARGS='
line: ARGS=--web.listen-address=localhost:9100
tags: [apt,base]
- name: unattended-upgrades
import_role:
name: jnv.unattended-upgrades
tags: [unattended-upgrades]
- name: prometheus
import_role:
name: cloudalchemy.prometheus
tags: [prometheus]
- name: grafana
import_role:
name: cloudalchemy.grafana
tags: [grafana]
- name: pip
import_role:
name: geerlingguy.pip
tags: [pip,docker]
- name: docker
import_role:
name: geerlingguy.docker
tags: [dockerd,docker]
- name: Create Invidious API container
community.docker.docker_container:
name: api
image: quay.io/invidious/instances:latest
pull: true
restart_policy: unless-stopped
published_ports:
- "127.0.0.1:3000:3000"
tags: [api,instances,docker]
- name: Create Invidious redirect container
community.docker.docker_container:
name: redirect
image: quay.io/invidious/invidious-redirect:latest
pull: true
restart_policy: unless-stopped
log_driver: none
published_ports:
- "127.0.0.1:8080:80"
tags: [redirect,docker]
- name: Create wikijs compose folder
file:
path: /root/compose/wikijs/
state: directory
recurse: true
mode: 0755
tags: [wikijs,docker]
- name: Template wikijs docker compose
template:
src: docker-compose-wikijs.yml
dest: /root/compose/wikijs/docker-compose.yml
mode: 0600
tags: [wikijs,docker]
- name: Compose wikijs
community.docker.docker_compose:
project_src: /root/compose/wikijs
pull: true
tags: [wikijs,docker]
- name: caddy
import_role:
name: caddy_ansible.caddy_ansible
tags: [ caddy ]

View File

@ -1,10 +0,0 @@
roles:
- name: jnv.unattended-upgrades
version: v1.10.0
- name: geerlingguy.pip
version: 2.0.0
- name: geerlingguy.docker
version: 3.0.0
- name: caddy_ansible.caddy_ansible
- name: cloudalchemy.prometheus
- name: cloudalchemy.grafana

View File

@ -1,80 +0,0 @@
# {{ ansible_managed }}
(common) {
encode gzip
respond /robots.txt 200 {
body "User-agent: *
Disallow: /
"
}
log {
output file /var/log/caddy/access.log {
roll_size 500mb
roll_keep 5
}
format filter {
wrap json
fields {
common_log delete
request>remote_addr ip_mask {
ipv4 24
ipv6 32
}
}
}
}
}
www.invidio.us {
import common
redir https://invidious.io{uri}
}
invidious.io {
import common
root * /var/www/invidious.io
file_server
}
git.invidious.io {
import common
redir https://github.com/iv-org/invidious
}
invidio.us {
import common
redir https://redirect.invidious.io{uri}
header /api* content-type "application/json"
respond /api* "{\"error\":\"This server no longer hosts the Invidious API.\"}" 410
}
redirect.invidious.io {
import common
reverse_proxy http://127.0.0.1:8080
}
instances.invidio.us {
import common
redir https://api.invidious.io{uri}
}
api.invidious.io {
import common
reverse_proxy http://127.0.0.1:3000
header /static* Cache-Control "max-age=86400"
}
uptime.invidio.us {
import common
redir https://stats.uptimerobot.com/89VnzSKAn{uri}
}
uptime.invidious.io {
import common
redir https://stats.uptimerobot.com/89VnzSKAn{uri}
}
docs.invidious.io {
import common
reverse_proxy http://127.0.0.1:3001
}
grafana.invidious.io {
import common
reverse_proxy http://127.0.0.1:2000
}

View File

@ -1,32 +0,0 @@
version: "3"
services:
db:
image: docker.io/postgres:11-alpine
environment:
POSTGRES_DB: wikijs
POSTGRES_PASSWORD: "{{ vault_wikijs_db_password }}"
POSTGRES_USER: wikijs
logging:
driver: "none"
restart: unless-stopped
volumes:
- db-data:/var/lib/postgresql/data
wiki:
image: requarks/wiki:2.5
depends_on:
- db
environment:
DB_TYPE: postgres
DB_HOST: db
DB_PORT: 5432
DB_USER: wikijs
DB_PASS: "{{ vault_wikijs_db_password }}"
DB_NAME: wikijs
restart: unless-stopped
ports:
- "127.0.0.1:3001:3000"
volumes:
db-data:

View File

@ -1,102 +0,0 @@
# {{ ansible_managed }}
(common) {
encode gzip
log {
output file /var/log/caddy/access.log {
roll_size 500mb
roll_keep 5
}
format filter {
wrap json
fields {
common_log delete
request>remote_addr ip_mask {
ipv4 24
ipv6 32
}
}
}
}
}
(block-robots) {
respond /robots.txt 200 {
body "User-agent: *
Disallow: /
"
}
}
www.invidio.us {
import common
import block-robots
redir https://invidious.io{uri}
}
invidious.io {
import common
reverse_proxy http://127.0.0.1:8081
}
git.invidious.io {
import common
import block-robots
redir https://github.com/iv-org/invidious
}
gitea.invidious.io {
import common
import block-robots
reverse_proxy http://127.0.0.1:3200
}
invidio.us {
import common
import block-robots
redir https://redirect.invidious.io{uri}
header /api* content-type "application/json"
respond /api* "{\"error\":\"This server no longer hosts the Invidious API.\"}" 410
}
redirect.invidious.io {
import common
import block-robots
reverse_proxy http://127.0.0.1:8080
}
instances.invidio.us {
import common
import block-robots
redir https://api.invidious.io{uri}
}
api.invidious.io {
import common
import block-robots
reverse_proxy http://127.0.0.1:3000
header /static* Cache-Control "max-age=86400"
}
uptime.invidio.us {
import common
import block-robots
redir https://stats.uptimerobot.com/89VnzSKAn{uri}
}
uptime.invidious.io {
import common
import block-robots
redir https://stats.uptimerobot.com/89VnzSKAn{uri}
}
docs.invidious.io {
import common
reverse_proxy http://127.0.0.1:8082
}
instances.invidious.io {
import common
redir https://docs.invidious.io/instances/
}
todo.invidious.io {
import common
import block-robots
redir https://github.com/orgs/iv-org/projects
}

79
tin.yml
View File

@ -1,79 +0,0 @@
---
- hosts: tin.invidious.io
handlers:
- name: restart ssh
systemd:
name: sshd
state: restarted
tasks:
- name: SSH config
template:
src: sshd_config.j2
dest: /etc/ssh/sshd_config
mode: 0644
notify: restart ssh
tags: [ssh, base]
- name: SSH keys
template:
src: authorized_keys.j2
dest: /root/.ssh/authorized_keys
mode: 0600
tags: [ssh, base]
- name: Install packages
apt:
name: "{{ apt_packages }}"
update_cache: true
tags: [apt, base]
- name: unattended-upgrades
import_role:
name: jnv.unattended-upgrades
tags: [unattended-upgrades]
- name: pip
import_role:
name: geerlingguy.pip
tags: [pip,docker]
- name: docker
import_role:
name: geerlingguy.docker
tags: [dockerd, docker]
- name: Deploy invidious api
import_tasks: tasks/compose.yml
vars:
app: instances-api
tags: [instances-api, api, docker]
- name: Deploy invidious redirect
import_tasks: tasks/compose.yml
vars:
app: redirect
tags: [redirect, docker]
- name: Deploy invidious website
import_tasks: tasks/compose.yml
vars:
app: invidious.io
tags: [website, docker]
- name: Deploy gitea
import_tasks: tasks/compose.yml
vars:
app: gitea
tags: [gitea, docker]
- name: Deploy docs
import_tasks: tasks/compose.yml
vars:
app: "docs.invidious.io"
tags: [docs, docker]
- name: caddy
import_role:
name: caddy_ansible.caddy_ansible
tags: [caddy]