From 3cd1f7c4fc892d470e5ded33357bdc4828a8d477 Mon Sep 17 00:00:00 2001
From: Chewing_Bever <roosensjef@gmail.com>
Date: Sat, 30 Dec 2023 17:52:10 +0100
Subject: [PATCH] lander configuration

---
 group_vars/nas/vars.yml              |  2 +
 group_vars/nas/vault.yml             | 61 +++++++++++-----------
 nas.yml                              |  7 +++
 roles/lander/files/lander.Caddyfile  |  3 ++
 roles/lander/files/lander.service    | 15 ++++++
 roles/lander/handlers/main.yml       |  5 ++
 roles/lander/meta/main.yml           |  3 ++
 roles/lander/tasks/main.yml          | 78 ++++++++++++++++++++++++++++
 roles/lander/templates/lander.env.j2 |  2 +
 roles/woodpecker/tasks/main.yml      |  2 +
 10 files changed, 149 insertions(+), 29 deletions(-)
 create mode 100644 roles/lander/files/lander.Caddyfile
 create mode 100644 roles/lander/files/lander.service
 create mode 100644 roles/lander/handlers/main.yml
 create mode 100644 roles/lander/meta/main.yml
 create mode 100644 roles/lander/tasks/main.yml
 create mode 100644 roles/lander/templates/lander.env.j2

diff --git a/group_vars/nas/vars.yml b/group_vars/nas/vars.yml
index 29190e9..a31419e 100644
--- a/group_vars/nas/vars.yml
+++ b/group_vars/nas/vars.yml
@@ -4,3 +4,5 @@ s3_access_key_id: "{{ vault_s3_access_key_id }}"
 s3_secret_access_key: "{{ vault_s3_secret_access_key }}"
 rclone_photos_obf_pass: "{{ vault_rclone_photos_obf_pass }}"
 rclone_photos_obf_pass2: "{{ vault_rclone_photos_obf_pass2 }}"
+lander_commit_sha: 'e438bd045ca2ee64e3d9ab98f416027b5417c3f6'
+lander_api_key: "{{ vault_lander_api_key }}"
diff --git a/group_vars/nas/vault.yml b/group_vars/nas/vault.yml
index a06f383..012369d 100644
--- a/group_vars/nas/vault.yml
+++ b/group_vars/nas/vault.yml
@@ -1,30 +1,33 @@
 $ANSIBLE_VAULT;1.1;AES256
-37323336656133626339366437393062613937366232613334643034363635623832333136313063
-3738353666646636323431663339623234306439323138650a373063376634333161666366303831
-34373963366334636238623134613863303464663133653262333064613863643362633531653061
-3934363435316636390a626531333463396137303132313363636163306464386138653538353633
-32663836316665376233346364383461323065383461623762323933316635336661363032333637
-30323831316239386365323266376439623761316330663063326539306339666362646138653537
-33663964353632613232653130653164303963386233626233313037653737663436373934303832
-66336466363465613839306662623631646531303865366536383030616139356539623730633033
-66353666396162316132663364373137646637353333623738393464366234643264303030393465
-38643734636336336563646361336165363133323738646531633835646262663637363964336134
-31346432643336613534396436353064373938386233353435386631373434633766363135653962
-35393230363735336436633033303465616362653734356235343261313464316138316539386238
-65346531613566643365336538663538353961333632623465636265613764373637333035623133
-62313564356534393338346631386365643736336138346532643638333737653835303862383863
-37336534646364643366376339656636613762323632613836323936326234663261386339333836
-36326334306136663638323738396337653663326539623936646437393537653538313439356636
-34366133353165346534366339306564323861386237333262633535646166343463663435396233
-35306533326234633133653336346161343735633364303662303637303534376337383539353165
-34313434323433363936623531393464303762616632666661323834303137383535303961333462
-64363635653039396464366663343661353665643534636464373333643438646536323330626366
-35636336626532663732393064626139306261306530653433633365326438396535333665616234
-33323566653634623364323663623833313063326438343766376436386430323834663031643135
-31326561353761396364343232386530356631636637643838376562346330303334626162646532
-35666132363939356263313834653836313033346439323765633364636236366234666333323663
-61323633666661316437643732383231303138666536313665373833383334383263613065666365
-32373536376461303762396535353733373630313966343431616337633334346565386263376666
-37633536363336373465383432656465373535393837623962303066366631643730326562626266
-38333337353062343562303534656166366136646232346364343134363436633436656165616538
-3236
+65316664376330633730613661343336373835663166343536666632633931623431336664346130
+3030623238313032363964623836316166656165623736390a383233313938343662656634326364
+66333237396532303061646565396132376633386365633665656434363332656637303434646265
+3336666432633037650a373437326532343461666363323763343535386465356436313964306663
+38383732366666663962666462326463626264313965396664303534313863636263323164653162
+65653762356431636231643263303339346536313665346363336231613464396238313266326662
+66346433643134383661366265613739346239356639613032613339393739343738643864356136
+34353366666538346630356566653065363563383938633462333337363962666133386239333236
+38653133316364643536623831306263363063343237393232623930626239316661643862613363
+37336162353063353437363566356133363139646435316663303966363339623865656231393163
+38323062643666343730333032643735643738393063633336303834393733393065356135633236
+65323938306461326138303837626463646131303139386461653763383065316236396334353762
+63343766626362353865306436343937653964386236613062386466626132323264333136313636
+30336338313731613531316531306433393535396538643065626265363832316264376666356461
+36363866633832646234626336633032656566366231626431366232313536383561656534346231
+37373561376361623133383330333262386331336631383961333439656430623162346330323037
+32336366336264323139653861666563393935366663616239353364656264383134386662323439
+34376239373636663764616237613136663630343365333064396665316537366531333131393364
+37353835353332643538323436333331316435343664346164666463396639313736653961373465
+65366634653563396333636333333565633534396463646133666563303139663338343563363535
+33623033316136343837646265633633636662346161373836396264663761353536386463366139
+38343333356439393438653663316438636431373264623134356134633361306636666463396661
+34353166323963613634393032633262313034353166653530613164613036653537633165396337
+63363563356233316335363534326364633433646134303033343830663537313434313833316565
+65643464313230353138393537376137356561653739633934663539376636356339313836356332
+31363730653362613431616563326465353833343165633962663665346337306564333832336364
+32346532366233343566323339393064376461613033386261653064313333346461363733336636
+32386139363865626232353866633866643133313036363637323035613738383635343432396263
+38653430623137343934316231326630323234323237303162643231613961646538376332326630
+63306637303539376534313237323863376131623462626465373231363630616439346533353566
+61343833613466653063346634366133376561336632356465363831366230386330663231353932
+37343634306466663931
diff --git a/nas.yml b/nas.yml
index 7730b2b..60ef4dc 100644
--- a/nas.yml
+++ b/nas.yml
@@ -48,3 +48,10 @@
   roles:
     - woodpecker
   tags: woodpecker
+
+- name: Install Lander
+  hosts: nas
+  become: yes
+  roles:
+    - lander
+  tags: lander
diff --git a/roles/lander/files/lander.Caddyfile b/roles/lander/files/lander.Caddyfile
new file mode 100644
index 0000000..fd99453
--- /dev/null
+++ b/roles/lander/files/lander.Caddyfile
@@ -0,0 +1,3 @@
+s.roosens.me {
+    reverse_proxy localhost:18080
+}
diff --git a/roles/lander/files/lander.service b/roles/lander/files/lander.service
new file mode 100644
index 0000000..635d21d
--- /dev/null
+++ b/roles/lander/files/lander.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Lander
+After=network.target network-online.target
+Requires=network-online.target
+
+[Service]
+Type=exec
+User=lander
+Group=lander
+ExecStart=/usr/local/bin/lander
+Restart=always
+EnvironmentFile=/etc/lander/lander.env
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/lander/handlers/main.yml b/roles/lander/handlers/main.yml
new file mode 100644
index 0000000..ad53741
--- /dev/null
+++ b/roles/lander/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: lander-restart
+  ansible.builtin.service:
+    name: 'lander'
+    state: 'restarted'
diff --git a/roles/lander/meta/main.yml b/roles/lander/meta/main.yml
new file mode 100644
index 0000000..1dbd0f6
--- /dev/null
+++ b/roles/lander/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: caddy
diff --git a/roles/lander/tasks/main.yml b/roles/lander/tasks/main.yml
new file mode 100644
index 0000000..f4103fa
--- /dev/null
+++ b/roles/lander/tasks/main.yml
@@ -0,0 +1,78 @@
+---
+- name: Ensure newest binary is present
+  ansible.builtin.get_url:
+    url: "https://s3.rustybever.be/lander/commits/{{ lander_commit_sha }}/lander-linux-arm64"
+    dest: '/usr/local/bin/lander'
+    owner: 'root'
+    group: 'root'
+    mode: '0755'
+  notify: lander-restart
+
+- name: Ensure system group exists
+  ansible.builtin.group:
+    name: 'lander'
+    gid: 201
+    system: true
+    state: present
+
+- name: Ensure system user exists
+  ansible.builtin.user:
+    name: 'lander'
+    group: 'lander'
+    uid: 201
+    system: true
+    create_home: false
+
+- name: Ensure data directory is present
+  ansible.builtin.file:
+    path: '/mnt/data1/lander'
+    state: directory
+    mode: '0755'
+    owner: 'lander'
+    group: 'lander'
+
+- name: Ensure configuration directory is present
+  ansible.builtin.file:
+    path: '/etc/lander'
+    state: directory
+    mode: '0755'
+    owner: 'lander'
+    group: 'lander'
+
+- name: Ensure environment file is present
+  ansible.builtin.template:
+    src: 'lander.env.j2'
+    dest: '/etc/lander/lander.env'
+    owner: 'lander'
+    group: 'lander'
+    mode: '0644'
+  notify: lander-restart
+
+- name: Ensure service file is present
+  ansible.builtin.copy:
+    src: 'lander.service'
+    dest: '/lib/systemd/system/lander.service'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
+  register: res
+
+- name: systemd-reload
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+  when: 'res.changed'
+
+- name: Ensure lander service is enabled
+  ansible.builtin.service:
+    name: 'lander'
+    state: started
+    enabled: true
+
+- name: Ensure Caddyfile is present
+  copy:
+    src: 'lander.Caddyfile'
+    dest: '/etc/caddy/lander.Caddyfile'
+    owner: root
+    group: root
+    mode: '0644'
+  notify: caddy-reload
diff --git a/roles/lander/templates/lander.env.j2 b/roles/lander/templates/lander.env.j2
new file mode 100644
index 0000000..c74cab0
--- /dev/null
+++ b/roles/lander/templates/lander.env.j2
@@ -0,0 +1,2 @@
+LANDER_DATA_DIR=/mnt/data1/lander
+LANDER_API_KEY={{ lander_api_key }}
diff --git a/roles/woodpecker/tasks/main.yml b/roles/woodpecker/tasks/main.yml
index f6fda97..7d21c46 100644
--- a/roles/woodpecker/tasks/main.yml
+++ b/roles/woodpecker/tasks/main.yml
@@ -36,6 +36,8 @@
   user:
     name: 'woodpecker'
     group: 'woodpecker'
+    groups:
+      - docker
     uid: 200
     system: true
     create_home: false