From e35141a837d0be45901f791004e1f4d626b36c21 Mon Sep 17 00:00:00 2001
From: Dan Trickey <git@trickey.io>
Date: Sun, 1 Dec 2024 17:32:38 +0000
Subject: [PATCH 1/2] add ansible config for kmibox

---
 config.yml                            |  2 ++
 roles/docker_kmibot/files/config.toml | 19 +++++++++++++++++++
 roles/docker_kmibot/handlers/main.yml |  4 ++++
 roles/docker_kmibot/tasks/main.yml    | 13 +++++++++++++
 roles/docker_kmibot/vars/main.yml     | 22 ++++++++++++++++++++++
 5 files changed, 60 insertions(+)
 create mode 100644 roles/docker_kmibot/files/config.toml
 create mode 100644 roles/docker_kmibot/handlers/main.yml
 create mode 100644 roles/docker_kmibot/tasks/main.yml
 create mode 100644 roles/docker_kmibot/vars/main.yml

diff --git a/config.yml b/config.yml
index 7fdf400..264199a 100644
--- a/config.yml
+++ b/config.yml
@@ -53,3 +53,5 @@
       tags: docker
     - role: docker_traefik
       tags: docker-traefik
+    - role: docker_kmibot
+      tags: docker-kmibot
\ No newline at end of file
diff --git a/roles/docker_kmibot/files/config.toml b/roles/docker_kmibot/files/config.toml
new file mode 100644
index 0000000..6b1d6fc
--- /dev/null
+++ b/roles/docker_kmibot/files/config.toml
@@ -0,0 +1,19 @@
+timezone = "Europe/London"
+
+[discord]
+token = "{{ docker_kmibot_discord_token }}"
+guild_id = {{ docker_kmibot_discord_guild_id }}
+
+[ferry]
+channel_id = {{ docker_kmibot_discord_ferry_channel_id }}
+api_url = "https://ferry.containers-dev.sown.org.uk/api/"
+api_key = "{{ docker_kmibot_ferry_api_token }}"
+banned_word = "train"
+emoji_reacts = "🚂😠🚇"
+
+[pub]
+weekday = 3  # Thursday
+hour = 20
+minute = 0
+channel_id = {{ docker_kmibot_discord_pub_channel_id }}
+description = "Casual chat and food. All welcome."
diff --git a/roles/docker_kmibot/handlers/main.yml b/roles/docker_kmibot/handlers/main.yml
new file mode 100644
index 0000000..eef67c3
--- /dev/null
+++ b/roles/docker_kmibot/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Restart KMIBot  # noqa: no-changed-when
+  command:
+    chdir: /opt/kmibot
+    cmd: "{{ docker_update_command }}"
diff --git a/roles/docker_kmibot/tasks/main.yml b/roles/docker_kmibot/tasks/main.yml
new file mode 100644
index 0000000..acc8cbb
--- /dev/null
+++ b/roles/docker_kmibot/tasks/main.yml
@@ -0,0 +1,13 @@
+- name: checkout kmibot into /opt/kmibot
+  git:
+    repo: https://github.com/sown/kmibot.git
+    dest: /opt/kmibot
+    version: c288f25f8224452ecc2641a74bb79177597e53e3
+
+- name: Install extra config
+  template:
+    src: files/config.toml
+    dest: /opt/kmibot/config.toml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+  notify: Restart KMIBot
diff --git a/roles/docker_kmibot/vars/main.yml b/roles/docker_kmibot/vars/main.yml
new file mode 100644
index 0000000..0e60cfa
--- /dev/null
+++ b/roles/docker_kmibot/vars/main.yml
@@ -0,0 +1,22 @@
+
+docker_kmibot_discord_guild_id: 1041048471559491611
+docker_kmibot_discord_ferry_channel_id: 1041087057419841688
+docker_kmibot_discord_pub_channel_id: 1041051486945300510
+docker_kmibot_discord_token: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  39343433313166323439326363373730393138343635623739646439353038656261616133666565
+  6637623130383932633864653563353864643038363438620a386662393234353262353963633062
+  38616663343131653366653962356561346364653038303632363631366438663539613232333565
+  3738396561616635350a326163353962623561316134393537386132613961303239363262643665
+  37333638656262333730633038326461653662386231323436353139363739666163313465633361
+  38313031326538333730313733383039363435343433646638663063353432636539326231366466
+  35336530643034393438636261346433633963643837393534653734323964646463653562666537
+  33326534326532303465
+docker_kmibot_ferry_api_token: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  30346531346264623566303033323030313831316532643537336662303330316535383339316361
+  3862383866326639633935393730326663666261343632620a323165636438653238323236383339
+  38363335316434353937306563643235616330613436313933376633636335356165313831313037
+  3133373963373761630a393832653862633930343666396630383638333333366435313438653833
+  39363665303937623134313233316161656261613737313233306430363839303238653638613837
+  3766306434666335383537316337666236626266616635393734
\ No newline at end of file

From c9bce506a8c1e7c3b03db62399fb03f11b5be6ee Mon Sep 17 00:00:00 2001
From: Dan Trickey <git@trickey.io>
Date: Sun, 1 Dec 2024 18:34:26 +0000
Subject: [PATCH 2/2] Add ferry api docker role

---
 config.yml                                    |  4 +-
 group_vars/all/docker.yml                     |  2 +-
 .../files/docker-compose.override.yml         | 33 +++++++++++++++
 roles/docker_ferry/handlers/main.yml          |  4 ++
 roles/docker_ferry/tasks/main.yml             | 14 +++++++
 roles/docker_ferry/vars/main.yml              | 41 +++++++++++++++++++
 roles/docker_kmibot/tasks/main.yml            |  3 +-
 roles/docker_kmibot/vars/main.yml             |  3 +-
 8 files changed, 99 insertions(+), 5 deletions(-)
 create mode 100644 roles/docker_ferry/files/docker-compose.override.yml
 create mode 100644 roles/docker_ferry/handlers/main.yml
 create mode 100644 roles/docker_ferry/tasks/main.yml
 create mode 100644 roles/docker_ferry/vars/main.yml

diff --git a/config.yml b/config.yml
index 264199a..17a0197 100644
--- a/config.yml
+++ b/config.yml
@@ -53,5 +53,7 @@
       tags: docker
     - role: docker_traefik
       tags: docker-traefik
+    - role: docker_ferry
+      tags: docker-ferry
     - role: docker_kmibot
-      tags: docker-kmibot
\ No newline at end of file
+      tags: docker-kmibot
diff --git a/group_vars/all/docker.yml b/group_vars/all/docker.yml
index ca921fa..b95f611 100644
--- a/group_vars/all/docker.yml
+++ b/group_vars/all/docker.yml
@@ -9,4 +9,4 @@ docker_compose_directory_mask: "775"
 # Run this task manually, as version comparisons usually fail
 docker_compose_url: https://github.com/docker/compose-switch/releases/latest/download/docker-compose-linux-amd64
 
-docker_update_command: docker-compose pull && docker-compose down --remove-orphans && docker-compose rm && docker-compose up -d
+docker_update_command: docker-compose pull && docker-compose down && docker-compose rm && docker-compose up -d --build
diff --git a/roles/docker_ferry/files/docker-compose.override.yml b/roles/docker_ferry/files/docker-compose.override.yml
new file mode 100644
index 0000000..3f0c9bd
--- /dev/null
+++ b/roles/docker_ferry/files/docker-compose.override.yml
@@ -0,0 +1,33 @@
+services:
+  nginx:
+    restart: always
+    networks:
+      - traefik
+      - default
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.ferry.rule=Host(`ferry.containers-dev.sown.org.uk`)
+      - traefik.http.services.ferry.loadbalancer.server.port=80
+      - traefik.http.routers.ferry.tls.certresolver=le
+
+  web:
+    restart: always
+    environment:
+      - SQL_DATABASE=ferry
+      - SQL_USER=ferry
+      - SQL_PASSWORD=ferry
+      - SQL_HOST=db
+      - SQL_PORT=5432
+      - SECRET_KEY={{ docker_ferry_django_secret_key }}
+      - DISCORD_GUILD={{ docker_ferry_discord_guild_id }}
+      - DISCORD_TOKEN={{ docker_ferry_discord_api_token }}
+      - SSO_OIDC_CONFIGURATION_URL=https://sso.sown.org.uk/application/o/ferry/.well-known/openid-configuration
+      - SSO_OIDC_CLIENT_ID={{ docker_ferry_sso_oidc_client_id }}
+      - SSO_OIDC_CLIENT_SECRET={{ docker_ferry_sso_oidc_client_secret }}
+
+  db:
+    restart: always
+
+networks:
+  traefik:
+    external: true
diff --git a/roles/docker_ferry/handlers/main.yml b/roles/docker_ferry/handlers/main.yml
new file mode 100644
index 0000000..e8a576d
--- /dev/null
+++ b/roles/docker_ferry/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Restart ferry-service  # noqa: no-changed-when
+  command:
+    chdir: /opt/ferry-api
+    cmd: "{{ docker_update_command }}"
diff --git a/roles/docker_ferry/tasks/main.yml b/roles/docker_ferry/tasks/main.yml
new file mode 100644
index 0000000..455fae5
--- /dev/null
+++ b/roles/docker_ferry/tasks/main.yml
@@ -0,0 +1,14 @@
+- name: Checkout ferry-api into /opt/ferry
+  git:
+    repo: https://github.com/trickeydan/ferry-api.git
+    dest: /opt/ferry-api
+    version: 82d5e5e7963ee853827bb07a6dd299ba9d9c6798
+  notify: Restart ferry-service
+
+- name: Install compose file
+  template:
+    src: files/docker-compose.override.yml
+    dest: /opt/ferry-api/docker-compose.override.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+  notify: Restart ferry-service
diff --git a/roles/docker_ferry/vars/main.yml b/roles/docker_ferry/vars/main.yml
new file mode 100644
index 0000000..aa64198
--- /dev/null
+++ b/roles/docker_ferry/vars/main.yml
@@ -0,0 +1,41 @@
+docker_ferry_discord_guild_id: 1041048471559491611
+docker_ferry_discord_api_token: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  30613030383830313461396234336639616137313937333838383937616434663035663365393939
+  3231333338643836396137353135303264363434636666660a353937323264303137663933623132
+  31636266383838343230623335306133643836656434613936333231613431303435396438336538
+  3234376630323238340a383736633261363061383538366236663034363937353431623638613432
+  65653432353934396537663533626662353839613439333232303066623963346266626339613331
+  38663835326431646135636537623633663131613031666237653833663562623632646535633864
+  61633064343431373665343661376566373132666237303737316231323530373738663535616137
+  38306663646337623062
+docker_ferry_django_secret_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  64623234303231663864373266343963353139636166323566643333656236653734643866383436
+  6336626339643830366236663839376436653861626462650a653834373232336334616565366365
+  32336631326130383364383834363632643862343536343137383361363963313262616363353532
+  6531303832353032390a316538386439333437303963373461633332316334643137623939346262
+  62663462626435373334623030373764303835636632653332326639616462333161383362383934
+  65353039326237633466373762386130353839613436326336333466373262623937643464323439
+  356337383062653737346130376162386537
+docker_ferry_sso_oidc_client_id: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  65326561316661333361356366633936306639643732306261383532306432636137643738663138
+  3535336632313234343335666365343636383964386232660a653265366232653635393637313938
+  30623032346164333035623836643266336563383263656437323265376539626331323635373334
+  6161643734623061350a616535613133346566323539326465346665393230626465623932396437
+  31336561383366653133306335376331613633336436646337333335346631376432323264306261
+  3233663639373232373637663535326636386338616630626464
+docker_ferry_sso_oidc_client_secret: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  35316135623963656232653130646236363730303434646436623138366561363831313466303434
+  6132313263303739653531616561663133303636313537610a333938626361366331353031343939
+  63333563663338383463666431623535653330313839363462653032326136626639613736353133
+  3238336464326238640a653965393136303133613665353063313336316131383236653563303265
+  30386639383638663764363739333763333166663433643364363130653665623536386438303130
+  39343162366362623631646266333566393662346436376163373336386333363965356638623731
+  32656666663163383133653930626439636236323132356238383964323632376332313830316339
+  30623536303534336534326436663935393666613939366132613234376430643166653433373362
+  33663935323138306437613437666333626434653734616566386339366336616464383936303231
+  34373539633935303936336562313663323365376334396136646639633531653431623133383133
+  323037353935333230636363363939303761
diff --git a/roles/docker_kmibot/tasks/main.yml b/roles/docker_kmibot/tasks/main.yml
index acc8cbb..08212b2 100644
--- a/roles/docker_kmibot/tasks/main.yml
+++ b/roles/docker_kmibot/tasks/main.yml
@@ -1,8 +1,9 @@
-- name: checkout kmibot into /opt/kmibot
+- name: Checkout kmibot into /opt/kmibot
   git:
     repo: https://github.com/sown/kmibot.git
     dest: /opt/kmibot
     version: c288f25f8224452ecc2641a74bb79177597e53e3
+  notify: Restart KMIBot
 
 - name: Install extra config
   template:
diff --git a/roles/docker_kmibot/vars/main.yml b/roles/docker_kmibot/vars/main.yml
index 0e60cfa..6b8fde8 100644
--- a/roles/docker_kmibot/vars/main.yml
+++ b/roles/docker_kmibot/vars/main.yml
@@ -1,4 +1,3 @@
-
 docker_kmibot_discord_guild_id: 1041048471559491611
 docker_kmibot_discord_ferry_channel_id: 1041087057419841688
 docker_kmibot_discord_pub_channel_id: 1041051486945300510
@@ -19,4 +18,4 @@ docker_kmibot_ferry_api_token: !vault |
   38363335316434353937306563643235616330613436313933376633636335356165313831313037
   3133373963373761630a393832653862633930343666396630383638333333366435313438653833
   39363665303937623134313233316161656261613737313233306430363839303238653638613837
-  3766306434666335383537316337666236626266616635393734
\ No newline at end of file
+  3766306434666335383537316337666236626266616635393734