move schlagergarten gloria stuff to graveyard

author: Christian Pointner <equinox@spreadspace.org> 2024-03-13 22:51:59 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2024-03-13 22:51:59 +0100
commit: 60f5f86941dc6700827278b5a2577dc5734895a7 (patch)
tree: edce61882d40b73eb799bc1fe49a674d788c7f7d /_graveyard_
parent: update wpa-supplicant config (diff)
5 files changed, 248 insertions, 0 deletions
diff --git a/_graveyard_/inventory/group_vars/schlagergarten-gloria/vars.yml b/_graveyard_/inventory/group_vars/schlagergarten-gloria/vars.yml
new file mode 100644
index 00000000..595b3f7a
--- /dev/null
+++ b/_graveyard_/inventory/group_vars/schlagergarten-gloria/vars.yml
@@ -0,0 +1,5 @@
+---
+zsh_banner: lendwirbel
+
+acme_account_email: equinox@spreadspace.org
+acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
diff --git a/_graveyard_/inventory/host_vars/sgg-icecast.yml b/_graveyard_/inventory/host_vars/sgg-icecast.yml
new file mode 100644
index 00000000..71353223
--- /dev/null
+++ b/_graveyard_/inventory/host_vars/sgg-icecast.yml
@@ -0,0 +1,86 @@
+---
+install:
+  vm:
+    memory: 2G
+    numcpus: 2
+    autostart: True
+  disks:
+    primary: /dev/sda
+    scsi:
+      sda:
+        type: zfs
+        name: root
+        size: 10g
+  interfaces:
+  - bridge: br-public
+    name: primary0
+
+network:
+  nameservers: "{{ vm_host.network.dns }}"
+  domain: "{{ host_domain }}"
+  systemd_link:
+    interfaces: "{{ install.interfaces }}"
+  primary: &_network_primary_
+    name: primary0
+    address: "{{ vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) }}"
+    gateway: "{{ vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ansible.utils.ipaddr('address') }}"
+    template: overlay
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ansible.utils.ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
+  interfaces:
+  - *_network_primary_
+
+external_ip: "{{ network.primary.overlay }}"
+
+
+spreadspace_apt_repo_components:
+  - main
+  - container
+
+nginx_server_names_hash_bucket_size: 64
+
+lvm_volumes:
+  system/www:
+    vg: "{{ host_name }}"
+    lv: www
+    size: 1G
+    fs: ext4
+    dest: /srv/www
+
+
+docker_pkg_provider: docker-com
+
+docker_storage:
+  type: lvm
+  vg: "{{ host_name }}"
+  lv: docker
+  size: 2G
+  fs: ext4
+
+kubelet_storage:
+  type: lvm
+  vg: "{{ host_name }}"
+  lv: kubelet
+  size: 2G
+  fs: ext4
+
+kubernetes_version: 1.28.5
+kubernetes_container_runtime: docker
+kubernetes_standalone_max_pods: 42
+kubernetes_standalone_cni_variant: with-portmap
+
+
+icecast_instances:
+  schlagergarten:
+    image_version: 2021-04-23.1
+    listeners:
+    - port: 8080
+      shoutcast_mountpoint: /live.mp3
+
+    source_password: "{{ vault_icecast_secrets['schlagergarten'].source_password }}"
+    admin:
+      username: admin
+      password: "{{ vault_icecast_secrets['schlagergarten'].admin_password }}"
+
+    hostname: "{{ external_ip }}"
+    location: Graz/Austria
+    contact: bussi@schlagergartengloria.at
diff --git a/_graveyard_/inventory/hosts.ini b/_graveyard_/inventory/hosts.ini
index fedd2dc0..a0381990 100644
--- a/_graveyard_/inventory/hosts.ini
+++ b/_graveyard_/inventory/hosts.ini
@@ -53,6 +53,14 @@ lw-live-02 host_name=cdn-02
 lw-live-03 host_name=cdn-03
 
 
+[schlagergarten-gloria:vars]
+host_domain=schlagergartengloria.at
+env_group=spreadspace
+
+[schlagergarten-gloria]
+sgg-icecast
+
+
 
 ###############################
 # environment: dan
@@ -84,6 +92,9 @@ vmhost-ch-gnocchi-guests
 ch-auth-legacy
 ch-omd
 
+[vmhost-sk-2019vm-guests]
+sgg-icecast
+
 
 [kvmhosts]
 ch-gnocchi
@@ -104,6 +115,8 @@ ele-dolmetsch-ctl
 
 [hetzner]
 lw-master
+sgg-icecast
+
 
 [hcloud:children]
 lendwirbel-live-dist
@@ -114,6 +127,7 @@ k8s-lwl
 
 [standalone-kubelet]
 lw-thetys
+sgg-icecast
 
 ### Kubernetes Cluster: lendwirbel-live
 [k8s-lwl-encoder]
diff --git a/_graveyard_/spreadspace/host_vars/sgg-icecast.yml b/_graveyard_/spreadspace/host_vars/sgg-icecast.yml
new file mode 100644
index 00000000..a2fbf9c2
--- /dev/null
+++ b/_graveyard_/spreadspace/host_vars/sgg-icecast.yml
@@ -0,0 +1,11 @@
+$ANSIBLE_VAULT;1.2;AES256;spreadspace
+39363834326634646135336332623265656639643265336365376261623735656232336431633866
+3338626436643936626538396436626435383733356662330a373538303865623430386430343034
+30613631333931373363323962373737656230303162633331333334323663336433306464646466
+3338333661393232620a303932653164376533653266656361633338323962643935343533303736
+37353863343437333362653736353031343737373836393866323762303866626231616665646535
+35396633653666633262386536623139383831313365643734633438306634353463626461363337
+32303636616337306563613937616339336334313235306563616436363438323235323863313632
+31393238346534346335333261343033623831616632343137613737663766373935623962353262
+63376333666466323866336166373636626335633561633166343535653539306138643164306632
+3833316531323761613465383437646336643763646266643032
diff --git a/_graveyard_/spreadspace/sgg-icecast.yml b/_graveyard_/spreadspace/sgg-icecast.yml
new file mode 100644
index 00000000..d9126e38
--- /dev/null
+++ b/_graveyard_/spreadspace/sgg-icecast.yml
@@ -0,0 +1,132 @@
+---
+- name: Basic Setup
+  hosts: sgg-icecast
+  roles:
+  - role: apt-repo/base
+  - role: core/base
+  - role: core/sshd/base
+  - role: core/zsh
+  - role: core/ntp
+  - role: apt-repo/spreadspace
+  - name: storage/lvm/base
+  - role: kubernetes/base
+  - role: kubernetes/standalone/base
+  - role: streaming/icecast
+  - role: x509/acmetool/base
+  - role: nginx/base
+  post_tasks:
+  - name: create base directory for static www content
+    file:
+      path: /srv/www/radio
+      state: directory
+
+  - name: configure default vhost radiogloria.at
+    vars:
+      nginx_vhost:
+        default: yes
+        name: radio
+        template: generic
+        tls:
+          certificate_provider: acmetool
+        hostnames:
+        - radiogloria.at
+        - www.radiogloria.at
+        locations:
+          '/':
+            root: /srv/www/radio
+            index: index.html
+    include_role:
+      name: nginx/vhost
+
+  - name: configure default vhost live.radiogloria.at
+    vars:
+      nginx_vhost:
+        name: radio-stream
+        template: generic
+        tls:
+          certificate_provider: acmetool
+        hostnames:
+        - live.radiogloria.at
+        locations:
+          '/':
+            proxy_pass: http://127.0.0.1:8080
+    include_role:
+      name: nginx/vhost
+
+
+  - name: create base directory for stats
+    file:
+      path: /srv/www/stats-schlagergarten
+      state: directory
+
+  - name: add user for stats
+    user:
+      name: stats
+      system: yes
+      home: /nonexistent
+      create_home: no
+
+  - name: create data directory for stats
+    file:
+      path: /srv/www/stats-schlagergarten/data
+      state: directory
+      group: stats
+      mode: 0775
+
+  - name: install stats collector script
+    copy:
+      content: |
+        #!/bin/bash
+        STATS_D=$(realpath "${BASH_SOURCE%/*}")
+        ts=$(date '+%Y-%m-%d_%H-%M-%S')
+        exec curl -s http://localhost:8080/status-json.xsl | gzip > "$STATS_D/data/$ts.json.gz"
+      dest: /srv/www/stats-schlagergarten/fetch.sh
+      mode: 0755
+
+  - name: install systemd unit for stats collector
+    copy:
+      content: |
+        [Unit]
+        Description=Schlagergarten Stream Stats Collector
+
+        [Service]
+        Type=oneshot
+        User=stats
+        ExecStart=/srv/www/stats-schlagergarten/fetch.sh
+        TimeoutStartSec=20s
+        TimeoutStartFailureMode=kill
+        NoNewPrivileges=yes
+        PrivateTmp=yes
+        PrivateDevices=yes
+        ProtectSystem=strict
+        ReadWritePaths=/srv/www/stats-schlagergarten/data
+        ProtectHome=yes
+        ProtectKernelTunables=yes
+        ProtectControlGroups=yes
+        RestrictRealtime=yes
+        RestrictAddressFamilies=AF_INET
+
+        [Install]
+        WantedBy=multi-user.target
+      dest: /etc/systemd/system/stats-schlagergarten.service
+
+  - name: install systemd timer for stats collector
+    copy:
+      content: |
+        [Unit]
+        Description=Schlagergarten Stream Stats Collector
+
+        [Timer]
+        OnCalendar=minutely
+        AccuracySec=0s
+
+        [Install]
+        WantedBy=timers.target
+      dest: /etc/systemd/system/stats-schlagergarten.timer
+
+  - name: make sure stats collector timer unit is enabled and started
+    systemd:
+      name: stats-schlagergarten.timer
+      daemon_reload: yes
+      enabled: yes
+      state: started
author	Christian Pointner <equinox@spreadspace.org>	2024-03-13 22:51:59 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2024-03-13 22:51:59 +0100
commit	60f5f86941dc6700827278b5a2577dc5734895a7 (patch)
tree	edce61882d40b73eb799bc1fe49a674d788c7f7d /_graveyard_
parent	update wpa-supplicant config (diff)