server? server!

flake.nix

@@ -25,7 +25,6 @@
             pythonPkgs = python.withPackages (ps: with ps; [
               virtualenv
               pip
-              ansible-core
             ]);
           in
           pkgs.mkShell {
@@ -34,6 +33,8 @@
               pythonPkgs
               ansible
               ansible-lint
+              certbot
+              dig
             ];
           };
       });

html.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>uwu</title>
+</head>
+<body>
+    meow :3
+</body>
+</html>

new/README.md

@@ -0,0 +1,8 @@
+# exciting new stuff!!
+
+https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
+
+## server??
+
+Each VPS has an nginx running _on the host_, not inside docker. It's the entrypoint to the stuff.
+Everything else runs in a docker container via docker compose.

new/docker-compose-2.yml

@@ -0,0 +1,33 @@
+version: '3.3'
+services:
+  nginx:
+    container_name: nginx
+    restart: always
+    image: nginx:latest
+    ports:
+      - "80:80"
+    volumes:
+      - "${NGINX_CONF_PATH}:/etc/nginx/nginx.conf:ro"
+      - "/etc/letsencrypt:/etc/nginx/certs:ro"
+    networks:
+      - internal
+  registry:
+    container_name: registry-c
+    restart: always
+    image: registry:2
+    volumes:
+      - "${REGISTRY_CONF_DIR}/config.yml:/etc/docker/registry/config.yml"
+      - "/var/lib/docker/registry:/var/lib/registry"
+      - "/etc/letsencrypt:/etc/letsencrypt"
+    environment:
+      - REGISTRY_HTTP_TLS_CERTIFICATE=/etc/letsencrypt/live/nilstrieb.dev/fullchain.pem
+      - REGISTRY_HTTP_TLS_KEY=/etc/letsencrypt/live/nilstrieb.dev/privkey.pem
+      - REGISTRY_AUTH=htpasswd
+      - REGISTRY_AUTH_HTPASSWD_REALM=Realm
+      - REGISTRY_AUTH_HTPASSWD_PATH=/htpasswd
+      - "/etc/htpasswd:/htpasswd"
+    networks:
+      - internal
+
+networks:
+  internal:

new/inventory.yml

@@ -0,0 +1,6 @@
+vps:
+  hosts:
+    # vps1:
+    #   ansible_host: vps1.nilstrieb.dev
+    vps2:
+      ansible_host: vps2.nilstrieb.dev

new/playbooks/basic-setup.yml

@@ -0,0 +1,36 @@
+---
+- name: Basic Server setup
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Test ping
+      ansible.builtin.ping:
+    - name: Install docker
+      ansible.builtin.apt:
+        name: docker.io
+        state: present
+    - name: Install nginx
+      ansible.builtin.apt:
+        name: nginx
+        state: present
+    - name: Ensure nginx is started
+      ansible.builtin.service:
+        name: nginx
+        state: started
+    - name: Create hello world file
+      ansible.builtin.copy:
+        dest: /var/www/html/index.html
+        content: |
+          <!DOCTYPE html>
+          <html lang="en">
+          <head>
+              <meta charset="UTF-8">
+              <meta http-equiv="X-UA-Compatible" content="IE=edge">
+              <meta name="viewport" content="width=device-width, initial-scale=1.0">
+              <title>uwu</title>
+          </head>
+          <body>
+              meow :3
+          </body>
+          </html>
+        mode: u=rw,g=r,o=r

new/playbooks/server2.yml

@@ -1,2 +0,0 @@
----
-- name: uwu

new/run.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+ansible-playbook -i inventory.yml playbooks/basic-setup.yml -u root