From 46d8fecdfa89dc1ee8f9ba924aaffb07f622aadd Mon Sep 17 00:00:00 2001 From: Phillip Skentelbery Date: Tue, 5 May 2026 14:04:51 -0600 Subject: [PATCH] decommission 9 services: codeserver, ghost, pinchflat, pinry, mmdl, palmr, kanboard, grocy, postiz Replace deploy tasks with teardown tasks that stop containers and remove stack directories. Remove Caddy routes and DNS records, with explicit Route53 deletion for the decommissioned subdomains. Co-Authored-By: Claude Opus 4.6 --- dns.yml | 49 +++++++++++++------ roles/docker/files/Caddyfile | 49 ------------------- roles/docker/tasks/communication/postiz.yml | 26 ++++------ roles/docker/tasks/development/codeserver.yml | 26 ++++------ roles/docker/tasks/media/ghost-1.yml | 26 ++++------ roles/docker/tasks/media/pinchflat.yml | 26 ++++------ roles/docker/tasks/media/pinry.yml | 26 ++++------ roles/docker/tasks/productivity/grocy.yml | 23 +++------ roles/docker/tasks/productivity/kanboard.yml | 23 +++------ roles/docker/tasks/productivity/mmdl.yml | 30 +++--------- roles/docker/tasks/productivity/palmr.yml | 26 ++++------ 11 files changed, 111 insertions(+), 219 deletions(-) diff --git a/dns.yml b/dns.yml index fa8a1b5..455bb31 100644 --- a/dns.yml +++ b/dns.yml @@ -9,8 +9,6 @@ domains: - name: thesatelliteoflove.com dns_records: - - name: "pin" - ip: "152.53.36.98" - name: "home" ip: "152.53.36.98" - name: "git" @@ -25,26 +23,16 @@ ip: "152.53.36.98" - name: "paper" ip: "152.53.36.98" - - name: "code" - ip: "152.53.36.98" - name: "snippets" ip: "152.53.36.98" - name: cal ip: "152.53.36.98" - - name: phlog - ip: "152.53.36.98" - name: loclog ip: "152.53.36.98" - name: watcher ip: "152.53.36.98" - name: models ip: "152.53.36.98" - - name: tasks - ip: "152.53.36.98" - - name: post - ip: "152.53.36.98" - - name: files - ip: "152.53.36.98" - name: bookmarks ip: "152.53.36.98" - name: gotify @@ -53,10 +41,6 @@ ip: "152.53.36.98" - name: pdg ip: "152.53.36.98" - - name: kanboard - ip: "152.53.36.98" - - name: grocy - ip: "152.53.36.98" - name: nerder.land dns_records: - name: "forms" @@ -64,7 +48,40 @@ - name: "repair" ip: "152.53.36.98" + # DNS records to remove for decommissioned services + removed_records: + - name: thesatelliteoflove.com + dns_records: + - name: "pin" + ip: "152.53.36.98" + - name: "code" + ip: "152.53.36.98" + - name: "phlog" + ip: "152.53.36.98" + - name: "tasks" + ip: "152.53.36.98" + - name: "post" + ip: "152.53.36.98" + - name: "files" + ip: "152.53.36.98" + - name: "kanboard" + ip: "152.53.36.98" + - name: "grocy" + ip: "152.53.36.98" + tasks: + - name: Remove A records for decommissioned services + amazon.aws.route53: + state: absent + zone: "{{ item.0.name }}" + record: "{{ item.1.name + '.' + item.0.name }}" + type: A + ttl: 300 + value: "{{ item.1.ip }}" + loop: "{{ query('subelements', removed_records, 'dns_records') }}" + loop_control: + loop_var: item + - name: Add A records for subdomains of each domain amazon.aws.route53: state: present diff --git a/roles/docker/files/Caddyfile b/roles/docker/files/Caddyfile index a69c7f7..0a2353e 100644 --- a/roles/docker/files/Caddyfile +++ b/roles/docker/files/Caddyfile @@ -6,10 +6,6 @@ paper.thesatelliteoflove.com { reverse_proxy paperlessngx-webserver-1:8000 } -pin.thesatelliteoflove.com { - reverse_proxy pinry-pinry-1:80 -} - cal.thesatelliteoflove.com { redir /.well-known/caldav /dav.php 302 redir /.well-known/carddav /dav.php 302 @@ -24,10 +20,6 @@ audio.thesatelliteoflove.com { reverse_proxy audiobookshelf-audiobookshelf-1:80 } -post.thesatelliteoflove.com { - reverse_proxy postiz:5000 -} - loclog.thesatelliteoflove.com { reverse_proxy dawarich_app:3000 } @@ -36,51 +28,10 @@ watcher.thesatelliteoflove.com { reverse_proxy changedetection:5000 } -tasks.thesatelliteoflove.com { - reverse_proxy mmdl:3000 -} - -kanboard.thesatelliteoflove.com { - reverse_proxy kanboard:80 -} - -grocy.thesatelliteoflove.com { - # API endpoints bypass forward auth for mobile apps - handle /api/* { - reverse_proxy grocy:80 - } - - # Web interface requires Authentik authentication - forward_auth authentik-server-1:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers { - X-authentik-username - X-authentik-groups - X-authentik-email - X-authentik-name - X-authentik-uid - } - } - reverse_proxy grocy:80 -} - -phlog.thesatelliteoflove.com { - reverse_proxy ghost-1-ghost-1:2368 -} - - -code.thesatelliteoflove.com { - reverse_proxy authentik-server-1:9000 -} - snippets.thesatelliteoflove.com { reverse_proxy bytestash:5000 } -files.thesatelliteoflove.com { - reverse_proxy palmr-palmr-1:5487 -} - git.thesatelliteoflove.com { reverse_proxy gitea:3000 } diff --git a/roles/docker/tasks/communication/postiz.yml b/roles/docker/tasks/communication/postiz.yml index d426455..9330b6f 100644 --- a/roles/docker/tasks/communication/postiz.yml +++ b/roles/docker/tasks/communication/postiz.yml @@ -1,19 +1,11 @@ -- name: make postiz directories - ansible.builtin.file: - path: "{{ item}}" - state: directory - loop: - - /opt/stacks/postiz - -- name: Template out the compose file - ansible.builtin.template: - src: postiz-compose.yml.j2 - dest: /opt/stacks/postiz/compose.yml - owner: root - mode: 644 - -- name: deploy postiz stack +--- +- name: Stop and remove postiz stack community.docker.docker_compose_v2: project_src: /opt/stacks/postiz - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove postiz directory + ansible.builtin.file: + path: /opt/stacks/postiz + state: absent diff --git a/roles/docker/tasks/development/codeserver.yml b/roles/docker/tasks/development/codeserver.yml index 693ab1d..73758d8 100644 --- a/roles/docker/tasks/development/codeserver.yml +++ b/roles/docker/tasks/development/codeserver.yml @@ -1,19 +1,11 @@ -- name: make codeserver directories - ansible.builtin.file: - path: "{{ item}}" - state: directory - loop: - - /opt/stacks/codeserver - -- name: Template out the compose file - ansible.builtin.template: - src: codeserver-compose.yml.j2 - dest: /opt/stacks/codeserver/compose.yml - owner: root - mode: 644 - -- name: deploy codeserver stack +--- +- name: Stop and remove codeserver stack community.docker.docker_compose_v2: project_src: /opt/stacks/codeserver - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove codeserver directory + ansible.builtin.file: + path: /opt/stacks/codeserver + state: absent diff --git a/roles/docker/tasks/media/ghost-1.yml b/roles/docker/tasks/media/ghost-1.yml index bd95b13..aad38ce 100644 --- a/roles/docker/tasks/media/ghost-1.yml +++ b/roles/docker/tasks/media/ghost-1.yml @@ -1,19 +1,11 @@ -- name: make ghost-1 directories - ansible.builtin.file: - path: "{{ item}}" - state: directory - loop: - - /opt/stacks/ghost-1 - -- name: Template out the compose file - ansible.builtin.template: - src: ghost-1-compose.yml.j2 - dest: /opt/stacks/ghost-1/compose.yml - owner: root - mode: 644 - -- name: deploy ghost-1 stack +--- +- name: Stop and remove ghost stack community.docker.docker_compose_v2: project_src: /opt/stacks/ghost-1 - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove ghost directory + ansible.builtin.file: + path: /opt/stacks/ghost-1 + state: absent diff --git a/roles/docker/tasks/media/pinchflat.yml b/roles/docker/tasks/media/pinchflat.yml index c1422c4..15c6dea 100644 --- a/roles/docker/tasks/media/pinchflat.yml +++ b/roles/docker/tasks/media/pinchflat.yml @@ -1,19 +1,11 @@ -- name: make pinchflat directories - ansible.builtin.file: - path: "{{ item}}" - state: directory - loop: - - /opt/stacks/pinchflat - -- name: Template out the compose file - ansible.builtin.template: - src: pinchflat-compose.yml.j2 - dest: /opt/stacks/pinchflat/compose.yml - owner: root - mode: 644 - -- name: deploy pinchflat stack +--- +- name: Stop and remove pinchflat stack community.docker.docker_compose_v2: project_src: /opt/stacks/pinchflat - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove pinchflat directory + ansible.builtin.file: + path: /opt/stacks/pinchflat + state: absent diff --git a/roles/docker/tasks/media/pinry.yml b/roles/docker/tasks/media/pinry.yml index 056ca39..cd01857 100644 --- a/roles/docker/tasks/media/pinry.yml +++ b/roles/docker/tasks/media/pinry.yml @@ -1,19 +1,11 @@ -- name: make pinry directories - ansible.builtin.file: - path: "{{ item}}" - state: directory - loop: - - /opt/stacks/pinry - -- name: Template out the compose file - ansible.builtin.template: - src: pinry-compose.yml.j2 - dest: /opt/stacks/pinry/compose.yml - owner: root - mode: 644 - -- name: deploy pinry stack +--- +- name: Stop and remove pinry stack community.docker.docker_compose_v2: project_src: /opt/stacks/pinry - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove pinry directory + ansible.builtin.file: + path: /opt/stacks/pinry + state: absent diff --git a/roles/docker/tasks/productivity/grocy.yml b/roles/docker/tasks/productivity/grocy.yml index 4a492f3..694eb7b 100644 --- a/roles/docker/tasks/productivity/grocy.yml +++ b/roles/docker/tasks/productivity/grocy.yml @@ -1,18 +1,11 @@ --- -- name: Create grocy directories - ansible.builtin.file: - path: "{{ item }}" - state: directory - loop: - - /opt/stacks/grocy - -- name: Template grocy compose file - ansible.builtin.template: - src: grocy-compose.yml.j2 - dest: /opt/stacks/grocy/compose.yml - -- name: Deploy grocy stack +- name: Stop and remove grocy stack community.docker.docker_compose_v2: project_src: /opt/stacks/grocy - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove grocy directory + ansible.builtin.file: + path: /opt/stacks/grocy + state: absent diff --git a/roles/docker/tasks/productivity/kanboard.yml b/roles/docker/tasks/productivity/kanboard.yml index 908126a..674fe54 100644 --- a/roles/docker/tasks/productivity/kanboard.yml +++ b/roles/docker/tasks/productivity/kanboard.yml @@ -1,18 +1,11 @@ --- -- name: Create kanboard directories - ansible.builtin.file: - path: "{{ item }}" - state: directory - loop: - - /opt/stacks/kanboard - -- name: Template kanboard compose file - ansible.builtin.template: - src: kanboard-compose.yml.j2 - dest: /opt/stacks/kanboard/compose.yml - -- name: Deploy kanboard stack +- name: Stop and remove kanboard stack community.docker.docker_compose_v2: project_src: /opt/stacks/kanboard - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove kanboard directory + ansible.builtin.file: + path: /opt/stacks/kanboard + state: absent diff --git a/roles/docker/tasks/productivity/mmdl.yml b/roles/docker/tasks/productivity/mmdl.yml index 9b922f1..dd87c76 100644 --- a/roles/docker/tasks/productivity/mmdl.yml +++ b/roles/docker/tasks/productivity/mmdl.yml @@ -1,25 +1,11 @@ --- -- name: Create mmdl directories - ansible.builtin.file: - path: "{{ item }}" - state: directory - loop: - - /opt/stacks/mmdl - - /opt/stacks/mmdl/data - - /opt/stacks/mmdl/mysql - -- name: Template mmdl environment file - ansible.builtin.template: - src: mmdl-env.j2 - dest: /opt/stacks/mmdl/.env.local - -- name: Template mmdl compose file - ansible.builtin.template: - src: mmdl-compose.yml.j2 - dest: /opt/stacks/mmdl/compose.yml - -- name: Deploy mmdl stack +- name: Stop and remove mmdl stack community.docker.docker_compose_v2: project_src: /opt/stacks/mmdl - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove mmdl directory + ansible.builtin.file: + path: /opt/stacks/mmdl + state: absent diff --git a/roles/docker/tasks/productivity/palmr.yml b/roles/docker/tasks/productivity/palmr.yml index e2b5c41..61e771f 100644 --- a/roles/docker/tasks/productivity/palmr.yml +++ b/roles/docker/tasks/productivity/palmr.yml @@ -1,19 +1,11 @@ -- name: make palmr directories - ansible.builtin.file: - path: "{{ item }}" - state: directory - loop: - - /opt/stacks/palmr - -- name: Template out the compose file - ansible.builtin.template: - src: palmr-compose.yml.j2 - dest: /opt/stacks/palmr/compose.yml - owner: root - mode: 644 - -- name: deploy palmr stack +--- +- name: Stop and remove palmr stack community.docker.docker_compose_v2: project_src: /opt/stacks/palmr - files: - - compose.yml \ No newline at end of file + state: absent + ignore_errors: true + +- name: Remove palmr directory + ansible.builtin.file: + path: /opt/stacks/palmr + state: absent