From f067a1b6c2294a8d72d7fa93a376af55c661eae9 Mon Sep 17 00:00:00 2001
From: Sam Al-Sapti <sam@sapti.me>
Date: Tue, 3 Oct 2023 21:45:21 +0200
Subject: [PATCH] Convert websites to Compose stacks

---
 roles/docker/defaults/main.yml                |  1 +
 .../tasks/pre_deploy/data_coop_website.yml    | 11 +++++
 .../websites/2022.slides.data.coop.yml        | 19 --------
 .../services/websites/cryptoaarhus.dk.yml     | 13 -----
 .../services/websites/cryptohagen.dk.yml      | 13 -----
 .../tasks/services/websites/data.coop.yml     | 47 -------------------
 .../services/websites/ulovliglogning.dk.yml   | 13 -----
 .../services/websites/vhs.data.coop.yaml      | 19 --------
 .../compose-files/cryptoaarhus_website.yml.j2 | 17 +++++++
 .../compose-files/cryptohagen_website.yml.j2  | 17 +++++++
 .../compose-files/data_coop_website.yml.j2    | 27 +++++++++++
 .../compose-files/fedi_dk_website.yml.j2}     | 25 +++++-----
 .../compose-files/slides_2022_website.yml.j2  | 22 +++++++++
 .../ulovliglogning_website.yml.j2             | 17 +++++++
 .../compose-files/vhs_website.yml.j2          | 22 +++++++++
 15 files changed, 148 insertions(+), 135 deletions(-)
 create mode 100644 roles/docker/tasks/pre_deploy/data_coop_website.yml
 delete mode 100644 roles/docker/tasks/services/websites/2022.slides.data.coop.yml
 delete mode 100644 roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
 delete mode 100644 roles/docker/tasks/services/websites/cryptohagen.dk.yml
 delete mode 100644 roles/docker/tasks/services/websites/data.coop.yml
 delete mode 100644 roles/docker/tasks/services/websites/ulovliglogning.dk.yml
 delete mode 100644 roles/docker/tasks/services/websites/vhs.data.coop.yaml
 create mode 100644 roles/docker/templates/compose-files/cryptoaarhus_website.yml.j2
 create mode 100644 roles/docker/templates/compose-files/cryptohagen_website.yml.j2
 create mode 100644 roles/docker/templates/compose-files/data_coop_website.yml.j2
 rename roles/docker/{tasks/services/websites/fedi.dk.yaml => templates/compose-files/fedi_dk_website.yml.j2} (51%)
 create mode 100644 roles/docker/templates/compose-files/slides_2022_website.yml.j2
 create mode 100644 roles/docker/templates/compose-files/ulovliglogning_website.yml.j2
 create mode 100644 roles/docker/templates/compose-files/vhs_website.yml.j2

diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index 6858779..118d8dc 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -114,6 +114,7 @@ services:
   data_coop_website:
     domain: "{{ base_domain }}"
     www_domain: "www.{{ base_domain }}"
+    pre_deploy_tasks: true
     version: stable
     staging_domain: "staging.{{ base_domain }}"
     staging_version: staging
diff --git a/roles/docker/tasks/pre_deploy/data_coop_website.yml b/roles/docker/tasks/pre_deploy/data_coop_website.yml
new file mode 100644
index 0000000..6ae6cbf
--- /dev/null
+++ b/roles/docker/tasks/pre_deploy/data_coop_website.yml
@@ -0,0 +1,11 @@
+# vim: ft=yaml.ansible
+---
+- name: Upload vhost config for root domain
+  copy:
+    src: vhost/base_domain
+    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.domain }}"
+
+- name: Upload vhost config for WWW domain
+  copy:
+    src: vhost/www.base_domain
+    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.www_domain }}"
diff --git a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml b/roles/docker/tasks/services/websites/2022.slides.data.coop.yml
deleted file mode 100644
index 352b14a..0000000
--- a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: setup 2022.slides.data.coop website using unipi
-  docker_container:
-    name: 2022.slides.data.coop_website
-    image: docker.data.coop/unipi:{{ services.slides_2022_website.version }}
-    restart_policy: unless-stopped
-    purge_networks: yes
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST: "{{ services.slides_2022_website.domain }}"
-      LETSENCRYPT_HOST: "{{ services.slides_2022_website.domain }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    command: "--remote=https://git.data.coop/data.coop/slides.git#slides2022"
-    capabilities:
-      - NET_ADMIN
-    devices:
-      - "/dev/net/tun"
diff --git a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml b/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
deleted file mode 100644
index 648e882..0000000
--- a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: setup cryptoaarhus.dk website docker container
-  docker_container:
-    name: cryptoaarhus_website
-    restart_policy: unless-stopped
-    image: docker.data.coop/cryptoaarhus-website
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
-      LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
diff --git a/roles/docker/tasks/services/websites/cryptohagen.dk.yml b/roles/docker/tasks/services/websites/cryptohagen.dk.yml
deleted file mode 100644
index 655a06e..0000000
--- a/roles/docker/tasks/services/websites/cryptohagen.dk.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: setup cryptohagen.dk website docker container
-  docker_container:
-    name: cryptohagen_website
-    restart_policy: unless-stopped
-    image: docker.data.coop/cryptohagen-website
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
-      LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
diff --git a/roles/docker/tasks/services/websites/data.coop.yml b/roles/docker/tasks/services/websites/data.coop.yml
deleted file mode 100644
index 89eda56..0000000
--- a/roles/docker/tasks/services/websites/data.coop.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: Upload vhost config for root domain
-  copy:
-<<<<<<< HEAD
-    src: vhost/base_domain
-    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ base_domain }}"
-
-- name: Upload vhost config for WWW domain
-  copy:
-    src: vhost/www.base_domain
-    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/www.{{ base_domain }}"
-=======
-    src: files/configs/matrix/vhost-root
-    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.domain }}"
-
-- name: Upload vhost config for WWW domain
-  copy:
-    src: files/configs/vhost-www
-    dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.www_domain }}"
->>>>>>> main
-
-- name: setup data.coop website docker container
-  docker_container:
-    name: "{{ services.data_coop_website.domain }}_website"
-    image: docker.data.coop/data-coop-website:{{ services.data_coop_website.version }}
-    pull: true
-    restart_policy: unless-stopped
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
-      LETSENCRYPT_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-
-- name: setup staging data.coop website using hugo
-  docker_container:
-    name: "{{ services.data_coop_website.staging_domain }}_website"
-    image: docker.data.coop/data-coop-website:{{ services.data_coop_website.staging_version }}
-    pull: true
-    restart_policy: unless-stopped
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST: "{{ services.data_coop_website.staging_domain }}"
-      LETSENCRYPT_HOST: "{{ services.data_coop_website.staging_domain }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
diff --git a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml b/roles/docker/tasks/services/websites/ulovliglogning.dk.yml
deleted file mode 100644
index cc41789..0000000
--- a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: setup ulovliglogning.dk website docker container
-  docker_container:
-    name: ulovliglogning_website
-    restart_policy: unless-stopped
-    image: ulovliglogning/ulovliglogning.dk:latest
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
-      LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
diff --git a/roles/docker/tasks/services/websites/vhs.data.coop.yaml b/roles/docker/tasks/services/websites/vhs.data.coop.yaml
deleted file mode 100644
index f3b951a..0000000
--- a/roles/docker/tasks/services/websites/vhs.data.coop.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# vim: ft=yaml.ansible
----
-- name: setup vhs.data.coop website with unipi
-  docker_container:
-    name: vhs.data.coop_website
-    image: docker.data.coop/unipi:{{ services.vhs_website.version }}
-    restart_policy: unless-stopped
-    purge_networks: yes
-    networks:
-      - name: external_services
-    env:
-      VIRTUAL_HOST: "{{ services.vhs_website.domain }}"
-      LETSENCRYPT_HOST: "{{ services.vhs_website.domain }}"
-      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    command: "--remote=https://git.data.coop/vhs.data.coop/website.git#main"
-    capabilities:
-      - NET_ADMIN
-    devices:
-      - "/dev/net/tun"
diff --git a/roles/docker/templates/compose-files/cryptoaarhus_website.yml.j2 b/roles/docker/templates/compose-files/cryptoaarhus_website.yml.j2
new file mode 100644
index 0000000..2a7d40a
--- /dev/null
+++ b/roles/docker/templates/compose-files/cryptoaarhus_website.yml.j2
@@ -0,0 +1,17 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
+    image: docker.data.coop/cryptoaarhus-website
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains | join(',') }}"
+      LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains | join(',') }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/templates/compose-files/cryptohagen_website.yml.j2 b/roles/docker/templates/compose-files/cryptohagen_website.yml.j2
new file mode 100644
index 0000000..f8520f8
--- /dev/null
+++ b/roles/docker/templates/compose-files/cryptohagen_website.yml.j2
@@ -0,0 +1,17 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
+    image: docker.data.coop/cryptohagen-website
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST : "{{ services.cryptohagen_website.domains | join(',') }}"
+      LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains | join(',') }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/templates/compose-files/data_coop_website.yml.j2 b/roles/docker/templates/compose-files/data_coop_website.yml.j2
new file mode 100644
index 0000000..6910ca3
--- /dev/null
+++ b/roles/docker/templates/compose-files/data_coop_website.yml.j2
@@ -0,0 +1,27 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  prod:
+    image: docker.data.coop/data-coop-website:{{ services.data_coop_website.version }}
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
+      LETSENCRYPT_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+
+  staging:
+    image: docker.data.coop/data-coop-website:{{ services.data_coop_website.staging_version }}
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST: "{{ services.data_coop_website.staging_domain }}"
+      LETSENCRYPT_HOST: "{{ services.data_coop_website.staging_domain }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/tasks/services/websites/fedi.dk.yaml b/roles/docker/templates/compose-files/fedi_dk_website.yml.j2
similarity index 51%
rename from roles/docker/tasks/services/websites/fedi.dk.yaml
rename to roles/docker/templates/compose-files/fedi_dk_website.yml.j2
index f4b97b2..9439157 100644
--- a/roles/docker/tasks/services/websites/fedi.dk.yaml
+++ b/roles/docker/templates/compose-files/fedi_dk_website.yml.j2
@@ -1,19 +1,22 @@
-# vim: ft=yaml.ansible
----
-- name: setup fedi.dk website with unipi
-  docker_container:
-    name: fedi.dk_website
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
     image: docker.data.coop/unipi:{{ services.fedi_dk_website.version }}
-    restart_policy: unless-stopped
-    purge_networks: yes
+    restart: unless-stopped
     networks:
-      - name: external_services
-    env:
+      - external_services
+    environment:
       VIRTUAL_HOST: "{{ services.fedi_dk_website.domain }}"
       LETSENCRYPT_HOST: "{{ services.fedi_dk_website.domain }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    command: "--remote=https://git.data.coop/fedi.dk/website.git#main"
-    capabilities:
+    command: --remote=https://git.data.coop/fedi.dk/website.git#main
+    cap_add:
       - NET_ADMIN
     devices:
       - "/dev/net/tun"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/templates/compose-files/slides_2022_website.yml.j2 b/roles/docker/templates/compose-files/slides_2022_website.yml.j2
new file mode 100644
index 0000000..6a78119
--- /dev/null
+++ b/roles/docker/templates/compose-files/slides_2022_website.yml.j2
@@ -0,0 +1,22 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
+    image: docker.data.coop/unipi:{{ services.slides_2022_website.version }}
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST: "{{ services.slides_2022_website.domain }}"
+      LETSENCRYPT_HOST: "{{ services.slides_2022_website.domain }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+    command: --remote=https://git.data.coop/data.coop/slides.git#slides2022
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - "/dev/net/tun"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/templates/compose-files/ulovliglogning_website.yml.j2 b/roles/docker/templates/compose-files/ulovliglogning_website.yml.j2
new file mode 100644
index 0000000..8cea97c
--- /dev/null
+++ b/roles/docker/templates/compose-files/ulovliglogning_website.yml.j2
@@ -0,0 +1,17 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
+    image: ulovliglogning/ulovliglogning.dk:latest
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains | join(',') }}"
+      LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains | join(',') }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+
+networks:
+  external_services:
+    external: true
diff --git a/roles/docker/templates/compose-files/vhs_website.yml.j2 b/roles/docker/templates/compose-files/vhs_website.yml.j2
new file mode 100644
index 0000000..077dcfc
--- /dev/null
+++ b/roles/docker/templates/compose-files/vhs_website.yml.j2
@@ -0,0 +1,22 @@
+# vim: ft=yaml.docker-compose
+version: "3.8"
+
+services:
+  web:
+    image: docker.data.coop/unipi:{{ services.vhs_website.version }}
+    restart: unless-stopped
+    networks:
+      - external_services
+    environment:
+      VIRTUAL_HOST: "{{ services.vhs_website.domain }}"
+      LETSENCRYPT_HOST: "{{ services.vhs_website.domain }}"
+      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+    command: --remote=https://git.data.coop/vhs.data.coop/website.git#main
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - "/dev/net/tun"
+
+networks:
+  external_services:
+    external: true