Decommission dokku

I don't use it, still. I have a better plan for doing this in future anyway...
This commit is contained in:
Jake Howard 2024-07-07 15:56:29 +01:00
parent 2e438137d6
commit f717c1be78
Signed by: jake
GPG key ID: 57AFB45680EDD477
17 changed files with 1 additions and 162 deletions

View file

@ -7,8 +7,6 @@ collections_path = $PWD/galaxy_collections
inventory = ./hosts inventory = ./hosts
become_ask_pass = True become_ask_pass = True
interpreter_python = auto_silent interpreter_python = auto_silent
# HACK: Force Ansible to find dokku plugins
library = $PWD/galaxy_roles/dokku_bot.ansible_dokku/library
[ssh_connection] [ssh_connection]
pipelining = True pipelining = True

View file

@ -16,8 +16,6 @@ roles:
version: 1.0.2 version: 1.0.2
- src: ironicbadger.snapraid - src: ironicbadger.snapraid
version: 1.0.0 version: 1.0.0
- src: dokku_bot.ansible_dokku
version: v2024.4.11
- src: geerlingguy.certbot - src: geerlingguy.certbot
version: 5.1.0 version: 5.1.0
- src: artis3n.tailscale - src: artis3n.tailscale

View file

@ -11,8 +11,6 @@ pve_hosts:
ipv6: fde3:15e9:e883::103 ipv6: fde3:15e9:e883::103
jellyfin: jellyfin:
ip: 10.23.1.101 ip: 10.23.1.101
dokku:
ip: 10.23.1.102
docker: docker:
ip: 10.23.1.103 ip: 10.23.1.103
ipv6: fde3:15e9:e883::203 ipv6: fde3:15e9:e883::203
@ -29,5 +27,3 @@ pve_hosts:
ip: 10.23.1.110 ip: 10.23.1.110
gitea_runner: gitea_runner:
ip: 10.23.1.114 ip: 10.23.1.114
pve_dokku:
ip: 10.23.1.102

View file

@ -3,7 +3,6 @@ private_ip: "{{ pve_hosts.docker.ip }}"
traefik_provider_jellyfin: true traefik_provider_jellyfin: true
traefik_provider_homeassistant: true traefik_provider_homeassistant: true
traefik_provider_grafana: true traefik_provider_grafana: true
traefik_provider_dokku: true
traefik_provider_uptime_kuma: true traefik_provider_uptime_kuma: true
with_fail2ban: true with_fail2ban: true

View file

@ -1,5 +0,0 @@
ssh_extra_allowed_users: dokku
db_backups_dir: /mnt/tank/files/db-backups
private_ip: "{{ pve_hosts.pve_dokku.ip }}"

View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
38396636313062623661613537386337356130353839303930346333313062383935353932336230
6637666434356666346361663131343962663963333638630a376631313531633865396566643032
31323866386236356639306333393765616630363734326662366632656430323739306439366634
3364666662623764630a353532373433616365383862633935373332663933386561316262633662
37366233326439336535623339366565653732646434386639336533386261306238306630396638
30633433636365663538656338303066353830626137613038323462353137326234356533323335
39643832636466643864663737316239626161653833343633306435363636663264303165303334
36383661316566316630

View file

@ -13,4 +13,3 @@ qbittorrent
restic restic
renovate renovate
gitea-runner gitea-runner
pve-dokku

View file

@ -38,7 +38,6 @@
- walker - walker
- renovate - renovate
- gitea-runner - gitea-runner
- pve-dokku
roles: roles:
- role: geerlingguy.docker - role: geerlingguy.docker
become: true become: true
@ -53,7 +52,6 @@
- pve-docker - pve-docker
- forrest - forrest
- walker - walker
- pve-dokku
roles: roles:
- db_auto_backup - db_auto_backup
@ -146,8 +144,3 @@
- role: prometheus.prometheus.node_exporter - role: prometheus.prometheus.node_exporter
become: true become: true
- restic - restic
- hosts: pve-dokku
roles:
- nginx
- dokku

View file

@ -1,12 +0,0 @@
# Block requests which don't have an explicit handler
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
access_log off;
return 418;
}
# Load configuration files for the default server block (this directory is used by dokku).
include /etc/nginx/conf.d/*.conf;

View file

@ -1,5 +0,0 @@
- name: reload nginx
service:
name: nginx
state: reloaded
become: true

View file

@ -1,63 +0,0 @@
# HACK: Fake include some tasks from `ansible_dokku`, so its library plugins can be used below
- name: Run role without running any tasks
include_role:
name: dokku_bot.ansible_dokku
tasks_from: init.yml
apply:
when: false
- name: Install Dokku
package:
name: dokku
become: true
- name: List dokku plugins
command: dokku plugin:list
changed_when: false
register: installed_dokku_plugins
- name: Install Dokku plugins
command: dokku plugin:install {{ item.url }} --name {{ item.name }}
when: installed_dokku_plugins.stdout.find(item.name) == -1
loop: "{{ dokku_plugins }}"
loop_control:
label: "{{ item.name }}"
become: true
- name: Automatically update Dokku plugins
cron:
name: dokku plugin:update {{ item.name }}
minute: 0
hour: 12
user: root
job: /usr/bin/chronic /usr/bin/dokku plugin:update {{ item.name }}
cron_file: dokku-plugin-update-{{ item.name }}
loop: "{{ dokku_plugins }}"
loop_control:
label: "{{ item.name }}"
become: true
- name: Set up global domain
dokku_domains:
global: true
domains: d.theorangeone.net
become: true
- name: Install nginx config
template:
src: files/nginx.conf
dest: /etc/nginx/http.d/dokku.conf
mode: "644"
notify: reload nginx
become: true
# https://dokku.com/docs/advanced-usage/backup-recovery/
- name: Sync data to app-data
cron:
name: clean up docker containers
hour: "*/6"
minute: 0
user: root
job: rsync --archive --progress -h /var/lib/dokku/{config,data,services} /home/dokku --exclude '/home/dokku/**/cache/*' /mnt/tank/app-data/dokku/
cron_file: dokku-data-sync
become: true

View file

@ -1,9 +0,0 @@
dokku_plugins:
- name: postgres
url: https://github.com/dokku/dokku-postgres.git
- name: redis
url: https://github.com/dokku/dokku-redis.git
- name: redirect
url: https://github.com/dokku/dokku-redirect.git
- name: http-auth
url: https://github.com/dokku/dokku-http-auth.git

View file

@ -1,7 +1,6 @@
traefik_provider_jellyfin: false traefik_provider_jellyfin: false
traefik_provider_homeassistant: false traefik_provider_homeassistant: false
traefik_provider_grafana: false traefik_provider_grafana: false
traefik_provider_dokku: false
traefik_provider_uptime_kuma: false traefik_provider_uptime_kuma: false
with_fail2ban: false with_fail2ban: false

View file

@ -1,10 +0,0 @@
http:
routers:
router-dokku:
rule: HostRegexp(`{subdomain:[a-z]+}.d.theorangeone.net`)
service: service-dokku
services:
service-dokku:
loadBalancer:
servers:
- url: http://{{ pve_hosts.dokku.ip }}

View file

@ -25,10 +25,6 @@ entryPoints:
sans: "*.theorangeone.net" sans: "*.theorangeone.net"
- main: jakehoward.tech - main: jakehoward.tech
sans: "*.jakehoward.tech" sans: "*.jakehoward.tech"
{% if traefik_provider_dokku %}
- main: d.theorangeone.net
sans: "*.d.theorangeone.net"
{% endif %}
proxyProtocol: proxyProtocol:
trustedIPs: trustedIPs:
- "{{ pve_hosts.ingress.ip }}/32" - "{{ pve_hosts.ingress.ip }}/32"

View file

@ -91,17 +91,7 @@
when: traefik_provider_grafana when: traefik_provider_grafana
become: true become: true
- name: Install dokku provider - name: Install uptime-kuma provider
template:
src: files/file-provider-dokku.yml
dest: /opt/traefik/traefik/conf/dokku.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
notify: restart traefik
when: traefik_provider_dokku
become: true
- name: Install dokku provider
template: template:
src: files/file-provider-uptime-kuma.yml src: files/file-provider-uptime-kuma.yml
dest: /opt/traefik/traefik/conf/uptime-kuma.yml dest: /opt/traefik/traefik/conf/uptime-kuma.yml

View file

@ -173,22 +173,6 @@ resource "cloudflare_record" "theorangeonenet_privatebin" {
ttl = 1 ttl = 1
} }
resource "cloudflare_record" "theorangeonenet_dokku" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "d"
value = cloudflare_record.sys_domain_pve.hostname
type = "CNAME"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_dokku_wildcard" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "*.d"
value = cloudflare_record.theorangeonenet_dokku.hostname
type = "CNAME"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_google_site_verification" { resource "cloudflare_record" "theorangeonenet_google_site_verification" {
zone_id = cloudflare_zone.theorangeonenet.id zone_id = cloudflare_zone.theorangeonenet.id
name = "@" name = "@"