From e3502ae1e0b33a6e7bc91fd225311ed1dea7198b Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Sun, 20 Jun 2021 12:01:20 +0100 Subject: [PATCH] Provision dokku server --- ansible/group_vars/all/nebula.yml | 2 ++ ansible/host_vars/grimes.yml | 1 + ansible/hosts | 1 + ansible/main.yml | 6 ++++++ ansible/roles/nebula/files/certs/grimes.crt | 20 ++++++++++++++++++++ ansible/roles/nebula/files/certs/grimes.key | 11 +++++++++++ terraform/grimes_vps.tf | 18 ++++++++++++++++++ terraform/theorangeone.net.tf | 16 ++++++++++++++++ 8 files changed, 75 insertions(+) create mode 100644 ansible/host_vars/grimes.yml create mode 100644 ansible/roles/nebula/files/certs/grimes.crt create mode 100644 ansible/roles/nebula/files/certs/grimes.key create mode 100644 terraform/grimes_vps.tf diff --git a/ansible/group_vars/all/nebula.yml b/ansible/group_vars/all/nebula.yml index f7cea27..08bed71 100644 --- a/ansible/group_vars/all/nebula.yml +++ b/ansible/group_vars/all/nebula.yml @@ -3,6 +3,8 @@ nebula: clients: casey: ip: 10.23.2.1 + grimes: + ip: 10.23.2.3 walker: ip: 10.23.2.4 ingress: diff --git a/ansible/host_vars/grimes.yml b/ansible/host_vars/grimes.yml new file mode 100644 index 0000000..6e9b907 --- /dev/null +++ b/ansible/host_vars/grimes.yml @@ -0,0 +1 @@ +ssh_extra_allowed_users: dokku diff --git a/ansible/hosts b/ansible/hosts index 22830e2..507a995 100644 --- a/ansible/hosts +++ b/ansible/hosts @@ -1,5 +1,6 @@ casey walker +grimes pve diff --git a/ansible/main.yml b/ansible/main.yml index 6b046c6..009c52f 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -16,6 +16,7 @@ - ingress - qbittorrent - walker + - grimes roles: - role: geerlingguy.ntp become: true @@ -29,6 +30,7 @@ - forrest - walker - pve-gitlab-runner + - grimes roles: - role: geerlingguy.docker become: true @@ -101,3 +103,7 @@ - hosts: pve-gitlab-runner roles: - gitlab_runner + +- hosts: grimes + roles: + - nebula diff --git a/ansible/roles/nebula/files/certs/grimes.crt b/ansible/roles/nebula/files/certs/grimes.crt new file mode 100644 index 0000000..a5e1e5c --- /dev/null +++ b/ansible/roles/nebula/files/certs/grimes.crt @@ -0,0 +1,20 @@ +$ANSIBLE_VAULT;1.1;AES256 +61626636613635336231376431613661653133633662636237643136633439326535666262663739 +3764623865653936313661393265616434386432336165340a636430376232653032313030636531 +64303835653862663531353661336233303533626666383735316437336436346564306439366533 +3230353533633038340a616364656536613634346437646466386666643934616365396161313538 +33666232306336636562623937643064366335666538303738656233303436326261343035663762 +33336636316134383131623761346330363264333734623832376662363936363061613731366131 +34343762313964633661326633303034363466326532643665303965636366613865353233666237 +37313064643863306261346331366231306632313230663433653233626661323761376366346433 +32393637383937306562616238626338343936633732356633313636643765383231623066363839 +65386130313065663663373739376134386365343965353634663832636564393362336264393165 +65323162323066653163636465663038333132386561346364303133386138646439656633336338 +64343238353733386364383662363034346264363431343636303939373362663230663636613366 +62653861643438666630633263336638386433353066323336376565663864653766663030326462 +62393265323036663066363730636339313662633530396362396432346233383662666137383734 +37623132636231323539326130626639393432313930396662343934633666313466336665626466 +37663132363933666565346634623832363638353431306132393539633163643864313865656238 +37643939393866303933633831363635633463383135396432643065356435326361326536373130 +32613161323734636130353362666331316231353063653237336433303238656365646135316461 +396461396434313838373063643438613161 diff --git a/ansible/roles/nebula/files/certs/grimes.key b/ansible/roles/nebula/files/certs/grimes.key new file mode 100644 index 0000000..8eb52f5 --- /dev/null +++ b/ansible/roles/nebula/files/certs/grimes.key @@ -0,0 +1,11 @@ +$ANSIBLE_VAULT;1.1;AES256 +63383863316433356463343636613030353935363566663764623132306132343338666231326537 +3366366462663730383864333536373335336139326336350a653163353432396438313132306537 +66623438633864633866653234303462616238653665336138346264313736623631366261666530 +3364303135313435630a313436663862366531303036616361356639316331303737323630303235 +64373136313065623536356139393965383233633362333739303335396137653735303534653539 +37373961626634626336646231633265643837626336666436383936636332363165353162656364 +61663139333061643330363635363135353637633235313638346537636335663536326363376634 +31336662323238323238363937626639326665663763636236643863393334636338386634343730 +36623464313665623264613962306330323666313830373161663165326464393965326135623733 +3566326635613839336164633138653061383735323662653561 diff --git a/terraform/grimes_vps.tf b/terraform/grimes_vps.tf new file mode 100644 index 0000000..f9c3f44 --- /dev/null +++ b/terraform/grimes_vps.tf @@ -0,0 +1,18 @@ +module "grimes_firewall" { + source = "./vultr_firewall/" + + description = "grimes" + ports = [ + "80/tcp", + "443/tcp", + "7743/tcp" + ] +} + + +resource "vultr_instance" "grimes" { + plan = "vhf-1c-1gb" + region = "lhr" + hostname = "grimes" + firewall_group_id = module.grimes_firewall.firewall_group.id +} diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf index 84a779d..d37c27d 100644 --- a/terraform/theorangeone.net.tf +++ b/terraform/theorangeone.net.tf @@ -164,3 +164,19 @@ resource "cloudflare_record" "theorangeonenet_privatebin" { type = "A" ttl = 1 } + +resource "cloudflare_record" "theorangeonenet_dokku" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "d" + value = vultr_instance.grimes.main_ip + type = "A" + ttl = 1 +} + +resource "cloudflare_record" "theorangeonenet_dokku_wildcard" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "*.d" + value = vultr_instance.grimes.main_ip + type = "A" + ttl = 1 +}