Migrate Takahe to k8s-prod, femto.pub domain

author: alex <alex@pdp7.net> 2024-03-23 10:50:46 +0100
committer: alex <alex@pdp7.net> 2024-03-23 10:51:02 +0100
commit: 650f4952402ab581721bb0f5ef072283609e9bbd (patch)
tree: 4f8d227eab52c5ca6dfd2ec19b13d53d5dea60cc
parent: a24562502d79a67ba03eccea25423be3b32ca391 (diff)
4 files changed, 38 insertions, 9 deletions
diff --git a/personal_infra/playbooks/roles/takahe/tasks/main.yaml b/personal_infra/playbooks/roles/takahe/tasks/main.yaml
index ce3767ea..091d00f0 100644
--- a/personal_infra/playbooks/roles/takahe/tasks/main.yaml
+++ b/personal_infra/playbooks/roles/takahe/tasks/main.yaml
@@ -1,4 +1,29 @@
 ---
+# extra setup:
+#
+# - create the postgres database
+# - s3 bucket?
+- name: create CNAMEs
+  local_action:
+    module: amazon.aws.route53
+    zone: "{{ takahe.dns_zone }}"
+    record: "{{ item }}"
+    type: CNAME
+    value: "{{ takahe.cnames.target }}"
+    wait: true
+    state: present
+  tags: dns
+  loop: "{{ takahe.cnames.domains }}"
+- name: create main domain
+  local_action:
+    module: amazon.aws.route53
+    zone: "{{ takahe.dns_zone }}"
+    record: "{{ takahe.main_domain.name }}"
+    type: "{{ takahe.main_domain.dns_record_type }}"
+    value: "{{ takahe.main_domain.target }}"
+    wait: true
+    state: present
+  tags: dns
 - k8s:
     context: "{{ context }}"
     state: present
@@ -30,11 +55,11 @@
         PGHOST: "{{ takahe.database_host }}"
         PGUSER: "{{ takahe.database_user }}"
         PGDATABASE: "{{ takahe.database }}"
-        TAKAHE_MAIN_DOMAIN: "{{ takahe.main_domain }}"
+        TAKAHE_MAIN_DOMAIN: "{{ takahe.main_domain.name }}"
         TAKAHE_EMAIL_FROM: "{{ takahe.email_from }}"
         TAKAHE_USE_PROXY_HEADERS: "true"
         TAKAHE_AUTO_ADMIN_EMAIL: "{{ takahe.admin_email }}"
-        TAKAHE_CSRF_HOSTS: "{{ ['https://' + takahe.main_domain] | to_json }}"
+        TAKAHE_CSRF_HOSTS: "{{ ['https://femto.pub', 'https://alex.femto.pub'] | to_json }}"
         TAKAHE_ERROR_EMAILS: "{{ [takahe.admin_email] | to_json }}"
   delegate_to: 127.0.0.1
 - k8s:
@@ -112,7 +137,7 @@
         namespace: "{{ takahe.namespace }}"
       spec:
         rules:
-          - host: "{{ takahe.main_domain }}"
+          - host: "{{ takahe.main_domain.name }}"
             http:
               paths:
                 - path: /
@@ -122,7 +147,7 @@
                       name: webserver
                       port:
                         name: web
-          - host: "*.example.com"
+          - host: "*.femto.pub"
             http:
               paths:
                 - path: /
diff --git a/personal_infra/playbooks/site.yaml b/personal_infra/playbooks/site.yaml
index 274af8ef..670a8c77 100644
--- a/personal_infra/playbooks/site.yaml
+++ b/personal_infra/playbooks/site.yaml
@@ -63,7 +63,7 @@
         definition: "{{ weight }}"
 
 - name: deploy takahe
-  hosts: k8s-test.h1.int.pdp7.net
+  hosts: k8s-prod.h1.int.pdp7.net
   tags:
     - k8s
     - takahe
diff --git a/personal_infra/puppet/site/h1.pdp7.net.pp b/personal_infra/puppet/site/h1.pdp7.net.pp
index 5198976d..f603bfe3 100644
--- a/personal_infra/puppet/site/h1.pdp7.net.pp
+++ b/personal_infra/puppet/site/h1.pdp7.net.pp
@@ -72,11 +72,15 @@ node 'h1.pdp7.net' {
     target => 'http://grafana.h1.int.pdp7.net:3000/',
   }
 
-  proxmox::proxy_host {'takahe.pdp7.net':
-    target => 'http://k8s-test.h1.int.pdp7.net/',
+  proxmox::proxy_host {'femto.pub':
+    target => 'http://k8s-prod.h1.int.pdp7.net/',
   }
 
-  proxmox::proxy_host {'takahe-media.pdp7.net':
+  proxmox::proxy_host {'alex.femto.pub':
+    target => 'http://k8s-prod.h1.int.pdp7.net/',
+  }
+
+  proxmox::proxy_host {'media.femto.pub':
     target => 'http://weed.h1.int.pdp7.net:8333/',
   }
 
diff --git a/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp b/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp
index 7256501e..a71d88dc 100644
--- a/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp
+++ b/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp
@@ -9,7 +9,7 @@ node 'pg.h1.int.pdp7.net' {
       host    weight          nagios          nagios.h1.int.pdp7.net    trust
       host    miniflux        miniflux        miniflux.h1.int.pdp7.net  trust
       host    nextcloud       nextcloud       nextcloud.h1.int.pdp7.net trust
-      host    takahe          k8s_test        k8s-test.h1.int.pdp7.net  trust
+      host    takahe          k8s_prod        k8s-prod.h1.int.pdp7.net  trust
       | EOT
     ,
   }
author	alex <alex@pdp7.net>	2024-03-23 10:50:46 +0100
committer	alex <alex@pdp7.net>	2024-03-23 10:51:02 +0100
commit	650f4952402ab581721bb0f5ef072283609e9bbd (patch)
tree	4f8d227eab52c5ca6dfd2ec19b13d53d5dea60cc
parent	a24562502d79a67ba03eccea25423be3b32ca391 (diff)