feat: remove nupes.social Mastodon (docker) instance

roles/docker/tasks/main.yml

@@ -1,30 +0,0 @@
----
-
-- name: Get docker repo key
-  ansible.builtin.apt_key:
-    url: https://download.docker.com/linux/debian/gpg
-    state: present
-
-- name: Install docker repo
-  ansible.builtin.apt_repository:
-    repo: "deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_facts['distribution_release'] }} stable"
-    state: present
-
-- name: Install docker, docker-compose and extra packages
-  ansible.builtin.package:
-    name: "{{ item }}"
-    state: present
-  loop:
-    - docker-ce
-    - docker-ce-cli
-    - containerd.io
-    - docker-compose
-    - fuse-overlayfs
-
-- name: Create docker directory
-  ansible.builtin.file:
-    path: /srv/docker
-    owner: root
-    group: root
-    state: directory
-    mode: 0755

roles/nginx/templates/vhosts/medias.nupes.social.conf.j2

@@ -1,55 +0,0 @@
-proxy_cache_path /tmp/nginx-cache-instance-media levels=1:2 keys_zone=s3_cache:10m max_size=10g inactive=48h use_temp_path=off;
-
-server {
-{% include './templates/header.conf.j2' %}
-	root /srv/docker/nupes.social/public/system;
-
-	set $s3_backend 'https://nupes-medias.s3.nl-ams.scw.cloud';
-
-	keepalive_timeout 30;
-
-	location = / {
-		index index.html;
-	}
-
-	location / {
-		try_files $uri @s3;
-	}
-
-	location @s3 {
-		limit_except GET {
-			deny all;
-		}
-
-		resolver 9.9.9.9;
-		proxy_set_header Host 'nupes-medias.s3.nl-ams.scw.cloud';
-		proxy_set_header Connection '';
-		proxy_set_header Authorization '';
-		proxy_hide_header Set-Cookie;
-		proxy_hide_header 'Access-Control-Allow-Origin';
-		proxy_hide_header 'Access-Control-Allow-Methods';
-		proxy_hide_header 'Access-Control-Allow-Headers';
-		proxy_hide_header x-amz-id-2;
-		proxy_hide_header x-amz-request-id;
-		proxy_hide_header x-amz-meta-server-side-encryption;
-		proxy_hide_header x-amz-server-side-encryption;
-		proxy_hide_header x-amz-bucket-region;
-		proxy_hide_header x-amzn-requestid;
-		proxy_ignore_headers Set-Cookie;
-		proxy_pass $s3_backend$uri;
-		proxy_intercept_errors off;
-
-		proxy_cache s3_cache;
-		proxy_cache_valid 200 304 48h;
-		proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
-		proxy_cache_lock on;
-		proxy_cache_revalidate on;
-
-		expires 1y;
-		add_header Cache-Control public;
-		add_header 'Access-Control-Allow-Origin' '*';
-		add_header X-Cache-Status $upstream_cache_status;
-		add_header X-Content-Type-Options nosniff;
-		add_header Content-Security-Policy "default-src 'none'; form-action 'none'";
-	}
-}

roles/nginx/templates/vhosts/nupes.social.conf.j2

@@ -1,61 +0,0 @@
-map $http_upgrade $connection_upgrade {
-	default upgrade;
-	''      close;
-}
-
-server {
-{% include './templates/header.conf.j2' %}
-	keepalive_timeout    70;
-	sendfile             on;
-	client_max_body_size 0;
-	large_client_header_buffers 4 32k;
-
-	# Referrer-Policy, même si Chrome ne comprendra pas
-	add_header Referrer-Policy "same-origin";
-
-	location / {
-		try_files $uri @proxy;
-	}
-
-	location @proxy {
-		proxy_pass http://localhost:3000;
-		
-		proxy_set_header Host $host;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Proto https;
-		
-		proxy_set_header Proxy "";
-		proxy_pass_header Server;
-		
-		proxy_buffering off;
-		proxy_redirect off;
-		
-		proxy_http_version 1.1;
-		proxy_set_header Upgrade $http_upgrade;
-		proxy_set_header Connection $connection_upgrade;
-		
-		tcp_nodelay on;
-	}
-
-	location /api/v1/streaming {
-		proxy_pass http://localhost:4000;
-		
-		proxy_set_header Host $host;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Proto https;
-		
-		proxy_set_header Proxy "";
-		
-		proxy_buffering off;
-		proxy_redirect off;
-		
-		proxy_http_version 1.1;
-		proxy_set_header Upgrade $http_upgrade;
-		proxy_set_header Connection $connection_upgrade;
-		
-		tcp_nodelay on;
-	}
-}
-

roles/system/tasks/main.yml

@@ -98,14 +98,6 @@
         state: present
         key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}"
 
-    - name: Put ssh key stef
-      ansible.posix.authorized_key:
-        user: root
-        state: present
-        key: "{{ lookup('file', 'ssh/stefofficiel.id_rsa.pub') }}"
-        path: "~/.ssh/instance_keys"
-      when: inventory_hostname in groups['fedinupesservers']
-
 - name: Put cron-apt configuration file
   ansible.builtin.copy:
     src: files/5-install

roles/webapps/tasks/main.yml

@@ -12,11 +12,6 @@
 - name: Oolatoocs for NintendojoFR
   ansible.builtin.include_tasks: oolatoocs.yml
   when: inventory_hostname in groups['mastodonservers']
-
-# Scootaloo
-- name: Tootctl (docker) for mastodon
-  ansible.builtin.include_tasks: tootctl_docker.yml
-  when: inventory_hostname in groups['dockerservers']
-- name: Tootctl (no docker) for mastodon
-  ansible.builtin.include_tasks: tootctl_nodocker.yml
+- name: Tootctl for mastodon
+  ansible.builtin.include_tasks: tootctl.yml
   when: inventory_hostname in groups['mastodonservers']

roles/webapps/tasks/tootctl_docker.yml

@@ -1,15 +0,0 @@
----
-
-- name: Cron for media tootctl
-  ansible.builtin.cron:
-    name: Mastodon tootctl
-    minute: "0"
-    hour: "2"
-    job: "docker-compose -f /srv/docker/{{ web_hostname[0] }}/docker-compose.yml run --rm web bin/tootctl media remove"
-
-- name: Cron for preview_cards tootctl
-  ansible.builtin.cron:
-    name: Mastodon tootctl preview
-    minute: "30"
-    hour: "2"
-    job: "docker-compose -f /srv/docker/{{ web_hostname[0] }}/docker-compose.yml run --rm web bin/tootctl preview_cards remove"