decommission 9 services: codeserver, ghost, pinchflat, pinry, mmdl, palmr, kanboard, grocy, postiz

Replace deploy tasks with teardown tasks that stop containers and remove
stack directories. Remove Caddy routes and DNS records, with explicit
Route53 deletion for the decommissioned subdomains.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

dns.yml

@@ -9,8 +9,6 @@
     domains:
       - name: thesatelliteoflove.com
         dns_records:
-          - name: "pin"
-            ip: "152.53.36.98"
           - name: "home"
             ip: "152.53.36.98"
           - name: "git"
@@ -25,26 +23,16 @@
             ip: "152.53.36.98"
           - name: "paper"
             ip: "152.53.36.98"
-          - name: "code"
-            ip: "152.53.36.98"
           - name: "snippets"
             ip: "152.53.36.98"
           - name: cal
             ip: "152.53.36.98"
-          - name: phlog
-            ip: "152.53.36.98"
           - name: loclog
             ip: "152.53.36.98"
           - name: watcher
             ip: "152.53.36.98"
           - name: models
             ip: "152.53.36.98"
-          - name: tasks
-            ip: "152.53.36.98"
-          - name: post
-            ip: "152.53.36.98"
-          - name: files
-            ip: "152.53.36.98"
           - name: bookmarks
             ip: "152.53.36.98"
           - name: gotify
@@ -53,10 +41,6 @@
             ip: "152.53.36.98"
           - name: pdg
             ip: "152.53.36.98"
-          - name: kanboard
-            ip: "152.53.36.98"
-          - name: grocy
-            ip: "152.53.36.98"
       - name: nerder.land
         dns_records:
           - name: "forms"
@@ -64,7 +48,40 @@
           - name: "repair"
             ip: "152.53.36.98"
 
+    # DNS records to remove for decommissioned services
+    removed_records:
+      - name: thesatelliteoflove.com
+        dns_records:
+          - name: "pin"
+            ip: "152.53.36.98"
+          - name: "code"
+            ip: "152.53.36.98"
+          - name: "phlog"
+            ip: "152.53.36.98"
+          - name: "tasks"
+            ip: "152.53.36.98"
+          - name: "post"
+            ip: "152.53.36.98"
+          - name: "files"
+            ip: "152.53.36.98"
+          - name: "kanboard"
+            ip: "152.53.36.98"
+          - name: "grocy"
+            ip: "152.53.36.98"
+
   tasks:
+    - name: Remove A records for decommissioned services
+      amazon.aws.route53:
+        state: absent
+        zone: "{{ item.0.name }}"
+        record: "{{ item.1.name + '.' + item.0.name }}"
+        type: A
+        ttl: 300
+        value: "{{ item.1.ip }}"
+      loop: "{{ query('subelements', removed_records, 'dns_records') }}"
+      loop_control:
+        loop_var: item
+
     - name: Add A records for subdomains of each domain
       amazon.aws.route53:
         state: present

roles/docker/files/Caddyfile

@@ -6,10 +6,6 @@ paper.thesatelliteoflove.com {
     reverse_proxy paperlessngx-webserver-1:8000
 }
 
-pin.thesatelliteoflove.com {
-    reverse_proxy pinry-pinry-1:80
-}
-
 cal.thesatelliteoflove.com {
     redir /.well-known/caldav /dav.php 302
     redir /.well-known/carddav /dav.php 302
@@ -24,10 +20,6 @@ audio.thesatelliteoflove.com {
     reverse_proxy audiobookshelf-audiobookshelf-1:80
 }
 
-post.thesatelliteoflove.com {
-    reverse_proxy postiz:5000
-}
-
 loclog.thesatelliteoflove.com {
     reverse_proxy dawarich_app:3000
 }
@@ -36,51 +28,10 @@ watcher.thesatelliteoflove.com {
     reverse_proxy changedetection:5000
 }
 
-tasks.thesatelliteoflove.com {
-    reverse_proxy mmdl:3000
-}
-
-kanboard.thesatelliteoflove.com {
-    reverse_proxy kanboard:80
-}
-
-grocy.thesatelliteoflove.com {
-    # API endpoints bypass forward auth for mobile apps
-    handle /api/* {
-        reverse_proxy grocy:80
-    }
-    
-    # Web interface requires Authentik authentication
-    forward_auth authentik-server-1:9000 {
-        uri /outpost.goauthentik.io/auth/caddy
-        copy_headers {
-            X-authentik-username
-            X-authentik-groups  
-            X-authentik-email
-            X-authentik-name
-            X-authentik-uid
-        }
-    }
-    reverse_proxy grocy:80
-}
-
-phlog.thesatelliteoflove.com {
-    reverse_proxy ghost-1-ghost-1:2368
-}
-
-
-code.thesatelliteoflove.com {
-    reverse_proxy authentik-server-1:9000
-}
-
 snippets.thesatelliteoflove.com {
     reverse_proxy bytestash:5000
 }
 
-files.thesatelliteoflove.com {
-    reverse_proxy palmr-palmr-1:5487
-}
-
 git.thesatelliteoflove.com {
     reverse_proxy gitea:3000
 }

roles/docker/tasks/communication/postiz.yml

@@ -1,19 +1,11 @@
-- name: make postiz directories
+---
-  ansible.builtin.file:
+- name: Stop and remove postiz stack
-    path: "{{ item}}"
-    state: directory
-  loop:
-    - /opt/stacks/postiz
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: postiz-compose.yml.j2
-    dest: /opt/stacks/postiz/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy postiz stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/postiz
-    files:
+    state: absent
-    - compose.yml
+  ignore_errors: true
+
+- name: Remove postiz directory
+  ansible.builtin.file:
+    path: /opt/stacks/postiz
+    state: absent

roles/docker/tasks/development/codeserver.yml

@@ -1,19 +1,11 @@
-- name: make codeserver directories
+---
-  ansible.builtin.file:
+- name: Stop and remove codeserver stack
-    path: "{{ item}}"
-    state: directory
-  loop:
-    - /opt/stacks/codeserver
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: codeserver-compose.yml.j2
-    dest: /opt/stacks/codeserver/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy codeserver stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/codeserver
-    files:
+    state: absent
-    - compose.yml
+  ignore_errors: true
+
+- name: Remove codeserver directory
+  ansible.builtin.file:
+    path: /opt/stacks/codeserver
+    state: absent

roles/docker/tasks/media/ghost-1.yml

@@ -1,19 +1,11 @@
-- name: make ghost-1 directories
+---
-  ansible.builtin.file:
+- name: Stop and remove ghost stack
-    path: "{{ item}}"
-    state: directory
-  loop:
-    - /opt/stacks/ghost-1
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: ghost-1-compose.yml.j2
-    dest: /opt/stacks/ghost-1/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy ghost-1 stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/ghost-1
-    files:
+    state: absent
-    - compose.yml
+  ignore_errors: true
+
+- name: Remove ghost directory
+  ansible.builtin.file:
+    path: /opt/stacks/ghost-1
+    state: absent

roles/docker/tasks/media/pinchflat.yml

@@ -1,19 +1,11 @@
-- name: make pinchflat directories
+---
-  ansible.builtin.file:
+- name: Stop and remove pinchflat stack
-    path: "{{ item}}"
-    state: directory
-  loop:
-    - /opt/stacks/pinchflat
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: pinchflat-compose.yml.j2
-    dest: /opt/stacks/pinchflat/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy pinchflat stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/pinchflat
-    files:
+    state: absent
-    - compose.yml
+  ignore_errors: true
+
+- name: Remove pinchflat directory
+  ansible.builtin.file:
+    path: /opt/stacks/pinchflat
+    state: absent

roles/docker/tasks/media/pinry.yml

@@ -1,19 +1,11 @@
-- name: make pinry directories
+---
-  ansible.builtin.file:
+- name: Stop and remove pinry stack
-    path: "{{ item}}"
-    state: directory
-  loop:
-    - /opt/stacks/pinry
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: pinry-compose.yml.j2
-    dest: /opt/stacks/pinry/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy pinry stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/pinry
-    files:
+    state: absent
-    - compose.yml
+  ignore_errors: true
+
+- name: Remove pinry directory
+  ansible.builtin.file:
+    path: /opt/stacks/pinry
+    state: absent

roles/docker/tasks/productivity/grocy.yml

@@ -1,18 +1,11 @@
 ---
-- name: Create grocy directories
+- name: Stop and remove grocy stack
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: directory
-  loop:
-    - /opt/stacks/grocy
-
-- name: Template grocy compose file
-  ansible.builtin.template:
-    src: grocy-compose.yml.j2
-    dest: /opt/stacks/grocy/compose.yml
-
-- name: Deploy grocy stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/grocy
-    files:
+    state: absent
-      - compose.yml
+  ignore_errors: true
+
+- name: Remove grocy directory
+  ansible.builtin.file:
+    path: /opt/stacks/grocy
+    state: absent

roles/docker/tasks/productivity/kanboard.yml

@@ -1,18 +1,11 @@
 ---
-- name: Create kanboard directories
+- name: Stop and remove kanboard stack
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: directory
-  loop:
-    - /opt/stacks/kanboard
-
-- name: Template kanboard compose file
-  ansible.builtin.template:
-    src: kanboard-compose.yml.j2
-    dest: /opt/stacks/kanboard/compose.yml
-
-- name: Deploy kanboard stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/kanboard
-    files:
+    state: absent
-      - compose.yml
+  ignore_errors: true
+
+- name: Remove kanboard directory
+  ansible.builtin.file:
+    path: /opt/stacks/kanboard
+    state: absent

roles/docker/tasks/productivity/mmdl.yml

@@ -1,25 +1,11 @@
 ---
-- name: Create mmdl directories
+- name: Stop and remove mmdl stack
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: directory
-  loop:
-    - /opt/stacks/mmdl
-    - /opt/stacks/mmdl/data
-    - /opt/stacks/mmdl/mysql
-
-- name: Template mmdl environment file
-  ansible.builtin.template:
-    src: mmdl-env.j2
-    dest: /opt/stacks/mmdl/.env.local
-
-- name: Template mmdl compose file
-  ansible.builtin.template:
-    src: mmdl-compose.yml.j2
-    dest: /opt/stacks/mmdl/compose.yml
-
-- name: Deploy mmdl stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/mmdl
-    files:
+    state: absent
-      - compose.yml
+  ignore_errors: true
+
+- name: Remove mmdl directory
+  ansible.builtin.file:
+    path: /opt/stacks/mmdl
+    state: absent

roles/docker/tasks/productivity/palmr.yml

@@ -1,19 +1,11 @@
-- name: make palmr directories
+---
-  ansible.builtin.file:
+- name: Stop and remove palmr stack
-    path: "{{ item }}"
-    state: directory
-  loop:
-    - /opt/stacks/palmr
-
-- name: Template out the compose file
-  ansible.builtin.template:
-    src: palmr-compose.yml.j2
-    dest: /opt/stacks/palmr/compose.yml
-    owner: root
-    mode: 644
-
-- name: deploy palmr stack
   community.docker.docker_compose_v2:
     project_src: /opt/stacks/palmr
-    files:
+    state: absent
-      - compose.yml
+  ignore_errors: true
+
+- name: Remove palmr directory
+  ansible.builtin.file:
+    path: /opt/stacks/palmr
+    state: absent