From 92012a42e1ec24d77d4e0624c972fac348d99318 Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Thu, 23 Feb 2023 19:50:44 +0000
Subject: [PATCH] Remove authentik

It's a bigger application than I need, and I wasn't actually using it for anything anyway
---
 ansible/main.yml                              |  1 -
 .../roles/authentik/files/docker-compose.yml  | 67 -------------------
 ansible/roles/authentik/handlers/main.yml     |  4 --
 ansible/roles/authentik/tasks/main.yml        | 20 ------
 ansible/roles/authentik/vars/main.yml         |  4 --
 ansible/roles/authentik/vars/vault.yml        | 19 ------
 terraform/jakehoward.tech.tf                  |  8 ---
 7 files changed, 123 deletions(-)
 delete mode 100644 ansible/roles/authentik/files/docker-compose.yml
 delete mode 100644 ansible/roles/authentik/handlers/main.yml
 delete mode 100644 ansible/roles/authentik/tasks/main.yml
 delete mode 100644 ansible/roles/authentik/vars/main.yml
 delete mode 100644 ansible/roles/authentik/vars/vault.yml

diff --git a/ansible/main.yml b/ansible/main.yml
index c345239..3f3e129 100644
--- a/ansible/main.yml
+++ b/ansible/main.yml
@@ -66,7 +66,6 @@
     - privatebin
     - vaultwarden
     - tandoor
-    - authentik
     - mastodon
     - gitea
 
diff --git a/ansible/roles/authentik/files/docker-compose.yml b/ansible/roles/authentik/files/docker-compose.yml
deleted file mode 100644
index 050fee6..0000000
--- a/ansible/roles/authentik/files/docker-compose.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-version: "2.3"
-
-x-authentik: &authentik
-  image: ghcr.io/goauthentik/server:2023.1.2
-  restart: unless-stopped
-  environment:
-    - TIMEZONE={{ timezone }}
-    - AUTHENTIK_REDIS__HOST=redis
-    - AUTHENTIK_POSTGRESQL__HOST=db
-    - AUTHENTIK_POSTGRESQL__USER=authentik
-    - AUTHENTIK_POSTGRESQL__NAME=authentik
-    - AUTHENTIK_POSTGRESQL__PASSWORD=authentik
-    - AUTHENTIK_SECRET_KEY="{{ authentik_secret_key }}"
-    - AUTHENTIK_DISABLE_STARTUP_ANALYTICS=true  # Sending the hash of my secret key? No thanks
-    - AUTHENTIK_EMAIL__HOST=smtp.eu.mailgun.org
-    - AUTHENTIK_EMAIL__PORT=465
-    - AUTHENTIK_EMAIL__USERNAME={{ authentik_email_username }}
-    - AUTHENTIK_EMAIL__PASSWORD={{ authentik_email_password }}
-    - AUTHENTIK_EMAIL__USE_TLS=true
-    - AUTHENTIK_EMAIL__FROM={{ authentik_email_from }}
-    - AUTHENTIK_WEB__WORKERS=2
-    - AUTHENTIK_WEB__THREADS=2
-  volumes:
-    - "{{ app_data_dir }}/authentik/media:/media"
-    - "{{ app_data_dir }}/authentik/custom-templates:/templates"
-    - "{{ app_data_dir }}/authentik/certs:/certs"
-  depends_on:
-    - db
-    - redis
-
-services:
-  authentik:
-    <<: *authentik
-    command: server
-    networks:
-      - default
-      - traefik
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.authentik.rule=Host(`auth.jakehoward.tech`)
-      - traefik.http.services.authentik-authentik.loadbalancer.server.port=9000
-      - traefik.http.middlewares.authentik-ratelimit.ratelimit.average=5
-      - traefik.http.middlewares.authentik-ratelimit.ratelimit.burst=1000
-      - traefik.http.routers.authentik.middlewares=authentik-ratelimit
-
-  worker:
-    <<: *authentik
-    command: worker
-
-  db:
-    image: postgres:14-alpine
-    restart: unless-stopped
-    volumes:
-      - /mnt/tank/dbs/postgres/authentik/:/var/lib/postgresql/data
-    environment:
-      - POSTGRES_PASSWORD=authentik
-      - POSTGRES_USER=authentik
-
-  redis:
-    image: redis:7-alpine
-    restart: unless-stopped
-    volumes:
-      - /mnt/tank/dbs/redis/authentik:/data
-
-networks:
-  traefik:
-    external: true
diff --git a/ansible/roles/authentik/handlers/main.yml b/ansible/roles/authentik/handlers/main.yml
deleted file mode 100644
index 3aa4d8d..0000000
--- a/ansible/roles/authentik/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- name: restart authentik
-  shell:
-    chdir: /opt/authentik
-    cmd: "{{ docker_update_command }}"
diff --git a/ansible/roles/authentik/tasks/main.yml b/ansible/roles/authentik/tasks/main.yml
deleted file mode 100644
index 56122e2..0000000
--- a/ansible/roles/authentik/tasks/main.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: Include vault
-  include_vars: vault.yml
-
-- name: Create install directory
-  file:
-    path: /opt/authentik
-    state: directory
-    owner: "{{ docker_user.name }}"
-    mode: "{{ docker_compose_directory_mask }}"
-  become: true
-
-- name: Install compose file
-  template:
-    src: files/docker-compose.yml
-    dest: /opt/authentik/docker-compose.yml
-    mode: "{{ docker_compose_file_mask }}"
-    owner: "{{ docker_user.name }}"
-    validate: docker-compose -f %s config
-  notify: restart authentik
-  become: true
diff --git a/ansible/roles/authentik/vars/main.yml b/ansible/roles/authentik/vars/main.yml
deleted file mode 100644
index d20adb1..0000000
--- a/ansible/roles/authentik/vars/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-authentik_secret_key: "{{ vault_authentik_secret_key }}"
-authentik_email_username: "{{ vault_authentik_email_username }}"
-authentik_email_password: "{{ vault_authentik_email_password }}"
-authentik_email_from: "{{ vault_authentik_email_from }}"
diff --git a/ansible/roles/authentik/vars/vault.yml b/ansible/roles/authentik/vars/vault.yml
deleted file mode 100644
index 2051e58..0000000
--- a/ansible/roles/authentik/vars/vault.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-32393634306638613666643266653033656339366533633839383665653164383862393839323933
-6664613835646261643834336263616139623932386632300a393030393837363835373634303938
-34353732653634386137313261316139636461663765623031383934656162393931336333376661
-3766663461356565360a663434386664396433666235313266333162643066383032633838653736
-32623364326533663465343833653533333032663733356134376437356461373066656365393066
-65373135353137346134363061663938653036316330663230616534663936646262663461333432
-35663833343131636135363136386532373237363939623733306638646535633533316132633931
-39386636343638636133383264333433363666643464643839303031643630353362383639373332
-38336335323937646431303336336466633266333136313765633030636430336462373733303164
-32643534643839316631336361663765313862663162646139313665356264643465306333653634
-36363336653134663863333536316237376163656161396464643866376136626533643930613039
-63646130356530363730336631356562313561346139356633376530633831323036363866383964
-33616236626561343135356339663032373536623262336262343539393965643431393037326639
-61623632343830653436306339306431643831353732313265626238643333633035356665623439
-37666132313761653239666536656538343762333339636136653538623539373865643662333431
-37306138356639626639616339376438356638623138623939333161393365316239306135306364
-30333538333833323764653336636433663862663239663336313235333238303932626134626532
-3434343261396162623339363538336539393039346562636366
diff --git a/terraform/jakehoward.tech.tf b/terraform/jakehoward.tech.tf
index 842bfdd..3c911b0 100644
--- a/terraform/jakehoward.tech.tf
+++ b/terraform/jakehoward.tech.tf
@@ -156,14 +156,6 @@ resource "cloudflare_record" "jakehowardtech_tandoor" {
   ttl     = 1
 }
 
-resource "cloudflare_record" "jakehowardtech_auth" {
-  zone_id = cloudflare_zone.jakehowardtech.id
-  name    = "auth"
-  value   = linode_instance.casey.ip_address
-  type    = "A"
-  ttl     = 1
-}
-
 resource "cloudflare_record" "jakehowardtech_mailgun_spf" {
   zone_id = cloudflare_zone.jakehowardtech.id
   name    = "mg"