Change nginx role to staticweb

Vagrantfile

@@ -16,9 +16,13 @@ SSH_FORWARD  = settings['SSH_FORWARD']  || false
 
 # Default to shell environment variable: PLAYBOOK (priority #1)
 PLAYBOOK=ENV["PLAYBOOK"]
-if !PLAYBOOK || PLAYBOOK.empty?
+if !PLAYBOOK
   # PLAYBOOK setting in .vagrant.yml (priority #2)
-  PLAYBOOK = settings['PLAYBOOK'] || 'default'
+  PLAYBOOK = settings['PLAYBOOK'] || false
+  if !PLAYBOOK || PLAYBOOK.empty?
+    puts "[VAGRANTFILE ERROR]: Set PLAYBOOK setting in .vagrant.yml"
+    abort
+  end
 end
 
 Vagrant.configure("2") do |config|

dev/default.yml

@@ -1,4 +0,0 @@
-- name: Install 'default' aka nothing
-  hosts: all
-  become: true
-  tasks: []

dev/dockerbox.yml

@@ -1,4 +1,4 @@
-- name: Install Dockerbox Server
+- name: Install Docker Box Server
   hosts: all
   become: true
   vars_files:

dev/host_vars/bitwarden.yml

@@ -9,14 +9,14 @@ docker_users:
 # traefik
 traefik_version: latest
 traefik_dashboard: true
-traefik_domain: traefik.local.krislamo.org
+traefik_domain: traefik.vm.krislamo.org
 traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
 #traefik_acme_email: realemail@example.com # Let's Encrypt settings
 #traefik_production: true
 
 # bitwarden
 # Get Installation ID & Key at https://bitwarden.com/host/
-bitwarden_domain: vault.local.krislamo.org
+bitwarden_domain: vault.vm.krislamo.org
 bitwarden_dbpass: password
 bitwarden_install_id: 4ea840a3-532e-4cb6-a472-abd900728b23
 bitwarden_install_key: 1yB3Z2gRI0KnnH90C6p

dev/host_vars/dockerbox.yml

@@ -9,36 +9,40 @@ docker_users:
 # traefik
 traefik_version: latest
 traefik_dashboard: true
-traefik_domain: traefik.local.krislamo.org
+traefik_domain: traefik.vm.krislamo.org
 traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
-traefik_web_entry: 0.0.0.0:80
-traefik_websecure_entry: 0.0.0.0:443
 #traefik_acme_email: realemail@example.com # Let's Encrypt settings
 #traefik_production: true
-#traefik_http_only: true # if behind reverse-proxy
+traefik_http_only: true # if behind reverse-proxy
 
 # nextcloud
 nextcloud_version: stable
 nextcloud_admin: admin
 nextcloud_pass: password
-nextcloud_domain: cloud.local.krislamo.org
+nextcloud_domain: cloud.vm.krislamo.org
 
 nextcloud_dbversion: latest
 nextcloud_dbpass: password
 
+# gitea
+gitea_domain: git.vm.krislamo.org
+gitea_version: 1
+gitea_dbversion: latest
+gitea_dbpass: password
+
 # jenkins
 jenkins_version: lts
-jenkins_domain: jenkins.local.krislamo.org
+jenkins_domain: jenkins.vm.krislamo.org
 
 # prometheus (includes grafana)
 prom_version: latest
-prom_domain: prom.local.krislamo.org
+prom_domain: prom.vm.krislamo.org
 grafana_version: latest
-grafana_domain: grafana.local.krislamo.org
+grafana_domain: grafana.vm.krislamo.org
 prom_targets: "['10.0.2.15:9100']"
 
 # nginx
-nginx_domain: nginx.local.krislamo.org
+nginx_domain: nginx.vm.krislamo.org
 nginx_name: staticsite
 nginx_repo_url: https://git.krislamo.org/kris/example-website/
 nginx_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin

dev/host_vars/mediaserver.yml

@@ -1,4 +1,4 @@
-base_domain: local.krislamo.org
+base_domain: vm.krislamo.org
 
 # base
 allow_reboot: false

dev/host_vars/nextcloud.yml

@@ -5,14 +5,14 @@ docker_users:
 # traefik
 traefik_version: latest
 traefik_dashboard: true
-traefik_domain: traefik.local.krislamo.org
+traefik_domain: traefik.vm.krislamo.org
 traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
 
 # container settings
 nextcloud_version: stable
 nextcloud_admin: admin
 nextcloud_pass: password
-nextcloud_domain: cloud.local.krislamo.org
+nextcloud_domain: cloud.vm.krislamo.org
 
 # database settings
 nextcloud_dbversion: latest

dev/host_vars/proxy.yml

@@ -1,4 +1,4 @@
-base_domain: local.krislamo.org
+base_domain: vm.krislamo.org
 
 # base
 allow_reboot: false

dev/host_vars/staticweb.yml

@@ -9,13 +9,13 @@ docker_users:
 # traefik
 traefik_version: latest
 traefik_dashboard: true
-traefik_domain: traefik.local.krislamo.org
+traefik_domain: traefik.vm.krislamo.org
 traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
 #traefik_acme_email: realemail@example.com # Let's Encrypt settings
 #traefik_production: true
 
-# nginx
+# staticweb
-nginx_domain: nginx.local.krislamo.org
+nginx_domain: nginx.vm.krislamo.org
 nginx_name: staticsite
 nginx_repo_url: https://git.krislamo.org/kris/example-website/
 nginx_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin

dev/host_vars/wordpress.yml

@@ -9,14 +9,14 @@ docker_users:
 # traefik
 traefik_version: latest
 traefik_dashboard: true
-traefik_domain: traefik.local.krislamo.org
+traefik_domain: traefik.vm.krislamo.org
 traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
 #traefik_acme_email: realemail@example.com # Let's Encrypt settings
 #traefik_production: true
 
 # container settings
 wordpress_version: latest
-wordpress_domain: wordpress.local.krislamo.org
+wordpress_domain: wordpress.vm.krislamo.org
 wordpress_multisite: true
 
 # database settings

dev/staticweb.yml

@@ -1,10 +1,10 @@
-- name: Install nginx server (docker)
+- name: Install a static web container
   hosts: all
   become: true
   vars_files:
-    - host_vars/nginx.yml
+    - host_vars/staticweb.yml
   roles:
     - base
     - docker
     - traefik
-    - nginx
+    - staticweb

dockerbox.yml

@@ -0,0 +1,25 @@
+# Copyright (C) 2020  Kris Lamoureux
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+- name: Install Docker Box Server
+  hosts: dockerhosts
+  become: true
+  roles:
+    - base
+    - docker
+    - traefik
+    - nextcloud
+    - jenkins
+    - prometheus
+    - nginx

forward-ssh.sh

@@ -1,74 +0,0 @@
-#!/bin/bash
-
-# Finds the SSH private key under ./.vagrant and connects to
-# the Vagrant box, port forwarding localhost ports: 8443, 80, 443
-
-# Clean environment
-unset PRIVATE_KEY
-unset HOST_IP
-unset MATCH_PATTERN
-unset PKILL_ANSWER
-
-# Function to create the SSH tunnel
-function ssh_connect {
-  printf "[INFO]: Starting new vagrant SSH tunnel on PID "
-  sudo ssh -fNT -i "$PRIVATE_KEY" \
-    -L 8443:localhost:8443 \
-    -L 80:localhost:80 \
-    -L 443:localhost:443 \
-    -o UserKnownHostsFile=/dev/null \
-    -o StrictHostKeyChecking=no \
-      vagrant@"$HOST_IP" 2>/dev/null
-  sleep 2
-  pgrep -f "$MATCH_PATTERN"
-}
-
-# Check for valid PRIVATE_KEY location
-PRIVATE_KEY="$(find .vagrant -name "private_key" 2>/dev/null)"
-if ! ssh-keygen -l -f "$PRIVATE_KEY" &>/dev/null; then
-  echo "[ERROR]: The SSH key '$PRIVATE_KEY' is not valid. Is your virtual machine running?"
-  exit 1
-fi
-echo "[CHECK]: Valid key at $PRIVATE_KEY"
-
-# Grab first IP or use whatever HOST_IP_FIELD is set to and check that the guest is up
-HOST_IP="$(vagrant ssh -c "hostname -I | cut -d' ' -f${HOST_IP_FIELD:-1}" 2>/dev/null)"
-HOST_IP="${HOST_IP::-1}" # trim
-if ! ping -c 1 "$HOST_IP" &>/dev/null; then
-  echo "[ERROR]: Cannot ping the host IP '$HOST_IP'"
-  exit 1
-fi
-echo "[CHECK]: Host at $HOST_IP is up"
-
-# Pattern for matching processes running
-MATCH_PATTERN="ssh -fNT -i ${PRIVATE_KEY}.*vagrant@"
-
-# Check amount of processes that match the pattern
-if [ "$(pgrep -afc "$MATCH_PATTERN")" -eq 0 ]; then
-  ssh_connect
-else
-  # Processes found, so prompt to kill remaining ones then start tunnel
-  printf "\n[WARNING]: Found processes running:\n"
-  pgrep -fa "$MATCH_PATTERN"
-  printf '\n'
-  read -rp "Would you like to kill these processes? [y/N] " PKILL_ANSWER
-  echo
-  case "$PKILL_ANSWER" in
-    [yY])
-      echo "[WARNING]: Killing old vagrant SSH tunnel(s): "
-      pgrep -f "$MATCH_PATTERN" | tee >(xargs sudo kill -15)
-      echo
-      if [ "$(pgrep -afc "$MATCH_PATTERN")" -eq 0 ]; then
-        ssh_connect
-      else
-        echo "[ERROR]: Unable to kill processes:"
-        pgrep -f "$MATCH_PATTERN"
-        exit 1
-      fi
-      ;;
-    *)
-      echo "[INFO]: Declined to kill existing processes"
-      exit 0
-      ;;
-  esac
-fi

playbooks/dockerbox.yml

@@ -1,11 +0,0 @@
-- name: Install Dockerbox Server
-  hosts: "{{ PLAYBOOK_HOST | default('none') }}"
-  become: true
-  roles:
-    - base
-    - docker
-    - traefik
-    - nextcloud
-    - jenkins
-    - prometheus
-    - nginx

update-hosts.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+COMMENT="Project Moxie"
+DOMAIN="vm.krislamo.org"
+HOST[0]="traefik.${DOMAIN}"
+HOST[1]="cloud.${DOMAIN}"
+HOST[2]="git.${DOMAIN}"
+HOST[3]="jenkins.${DOMAIN}"
+HOST[4]="prom.${DOMAIN}"
+HOST[5]="grafana.${DOMAIN}"
+HOST[6]="nginx.${DOMAIN}"
+HOST[7]="vault.${DOMAIN}"
+HOST[8]="wordpress.${DOMAIN}"
+HOST[9]="site1.wordpress.${DOMAIN}"
+HOST[10]="site2.wordpress.${DOMAIN}"
+HOST[11]="unifi.${DOMAIN}"
+HOST[12]="jellyfin.${DOMAIN}"
+
+# Get Vagrantbox guest IP
+VAGRANT_OUTPUT=$(vagrant ssh -c "hostname -I | cut -d' ' -f2" 2>/dev/null)
+
+# Remove ^M from the end
+[ ${#VAGRANT_OUTPUT} -gt 1 ] && IP=${VAGRANT_OUTPUT::-1}
+
+echo "Purging project addresses from /etc/hosts"
+sudo sed -i "s/# $COMMENT//g" /etc/hosts
+for address in "${HOST[@]}"; do
+  sudo sed -i "/$address/d" /etc/hosts
+done
+
+# Remove trailing newline
+sudo sed -i '${/^$/d}' /etc/hosts
+
+if [ -n "$IP" ]; then
+  echo -e "Adding new addresses...\n"
+  echo -e "# $COMMENT" | sudo tee -a /etc/hosts
+  for address in "${HOST[@]}"; do
+    echo -e "$IP\t$address" | sudo tee -a /etc/hosts
+  done
+else
+  echo "Cannot find address. Is the Vagrant box running?"
+fi