From 8f18ff8c8591c0b316422ebaf2d83271672f233f Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Wed, 11 Sep 2024 20:35:31 -0700
Subject: [PATCH 1/7] Creating the html-deployer user for web deployment stuff
 over ssh

---
 ansible/playbooks/setup-git-web-deployer.yml | 14 ++++++++++++++
 infra/containers/docker-compose.yaml         |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 ansible/playbooks/setup-git-web-deployer.yml

diff --git a/ansible/playbooks/setup-git-web-deployer.yml b/ansible/playbooks/setup-git-web-deployer.yml
new file mode 100644
index 0000000..0ca5020
--- /dev/null
+++ b/ansible/playbooks/setup-git-web-deployer.yml
@@ -0,0 +1,14 @@
+---
+- hosts: webhost
+  vars:
+    username: html-deployer
+  remote_user: webadmin
+  tasks:
+    - name: Create user for git actions to deploy html
+      become: true
+      user:
+        name: "{{ username }}"
+        comment: Used for deploying html from Gitea Actions
+        group: nginx
+        generate_ssh_key: true
+        ssh_key_comment: Generated by Ansible for Gitea Actions
diff --git a/infra/containers/docker-compose.yaml b/infra/containers/docker-compose.yaml
index 7650580..6cbaaf7 100644
--- a/infra/containers/docker-compose.yaml
+++ b/infra/containers/docker-compose.yaml
@@ -5,7 +5,7 @@ networks:
 
 services:
   gitea:
-    image: gitea/gitea:latest
+    image: gitea/gitea:latest-rootless
     container_name: gitea
     environment:
       - USER_UID=1000

From 16c0e5ee98d487a38f8242245957530b8ec7c470 Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Wed, 11 Sep 2024 21:21:25 -0700
Subject: [PATCH 2/7] html-deployer setup with keys

---
 ansible/playbooks/setup-git-web-deployer.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ansible/playbooks/setup-git-web-deployer.yml b/ansible/playbooks/setup-git-web-deployer.yml
index 0ca5020..6ecc874 100644
--- a/ansible/playbooks/setup-git-web-deployer.yml
+++ b/ansible/playbooks/setup-git-web-deployer.yml
@@ -10,5 +10,9 @@
         name: "{{ username }}"
         comment: Used for deploying html from Gitea Actions
         group: nginx
-        generate_ssh_key: true
-        ssh_key_comment: Generated by Ansible for Gitea Actions
+    - name: Set the authorized keys
+      become: true
+      authorized_key:
+        user: "{{ username }}"
+        state: present
+        key: "{{ lookup('file', '~/.ssh/vultr/html-deployer.pem.pub') }}"

From 3779d538109411233009162c0d73bf2020bd6a17 Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Sun, 29 Sep 2024 18:05:27 -0700
Subject: [PATCH 3/7] Playbook cleanup for html-deployer setup

---
 ansible/playbooks/pull-s3-buckets.yml        | 14 --------------
 ansible/playbooks/setup-git-web-deployer.yml | 13 ++++++++++---
 2 files changed, 10 insertions(+), 17 deletions(-)
 delete mode 100644 ansible/playbooks/pull-s3-buckets.yml

diff --git a/ansible/playbooks/pull-s3-buckets.yml b/ansible/playbooks/pull-s3-buckets.yml
deleted file mode 100644
index 61a7016..0000000
--- a/ansible/playbooks/pull-s3-buckets.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- hosts: webhost
-  remote_user: root
-  tasks:
-    - name: Copy pull script
-      copy:
-        src: ../scripts/pull-down-s3.sh
-        dest: /opt/nginx/pull-down-s3.sh
-    - name: Pull down all sites from S3
-      shell: bash /opt/nginx/pull-down-s3.sh {{ item }}
-      loop:
-        - shockrah.xyz
-        - resume.shockrah.xyz
-        - temper.tv
diff --git a/ansible/playbooks/setup-git-web-deployer.yml b/ansible/playbooks/setup-git-web-deployer.yml
index 6ecc874..f7e0296 100644
--- a/ansible/playbooks/setup-git-web-deployer.yml
+++ b/ansible/playbooks/setup-git-web-deployer.yml
@@ -1,18 +1,25 @@
 ---
-- hosts: webhost
+- name: Setup all attributes of the html-deployer user for static website CI
+  hosts: webhost
   vars:
     username: html-deployer
   remote_user: webadmin
   tasks:
     - name: Create user for git actions to deploy html
       become: true
-      user:
+      ansible.builtin.user:
         name: "{{ username }}"
         comment: Used for deploying html from Gitea Actions
         group: nginx
     - name: Set the authorized keys
       become: true
-      authorized_key:
+      ansible.posix.authorized_key:
         user: "{{ username }}"
         state: present
         key: "{{ lookup('file', '~/.ssh/vultr/html-deployer.pem.pub') }}"
+    - name: Ensure /opt/nginx website folders are owned by html-deployer
+      ansible.builtin.file:
+        path: "/opt/nginx/{{ item }}"
+        recurse: true
+        owner: "{{ username }}"
+        group: "nginx"

From fba534b9dfa1c19fd0f740a0b97836235a42de2e Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Sun, 29 Sep 2024 21:46:35 -0700
Subject: [PATCH 4/7] Checking with ansible ling

---
 .gitea/workflows/ansible-lint.yaml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 .gitea/workflows/ansible-lint.yaml

diff --git a/.gitea/workflows/ansible-lint.yaml b/.gitea/workflows/ansible-lint.yaml
new file mode 100644
index 0000000..102f508
--- /dev/null
+++ b/.gitea/workflows/ansible-lint.yaml
@@ -0,0 +1,16 @@
+name: Ansible Linting
+on:
+  - push
+
+jobs:
+  lint-everything:
+    runs-on: ubuntu-latest
+    container:
+      image: shockrah/ansible
+    steps:
+      - run: git init
+      - run: git remote add origin ${{ gitea.repositoryUrl }}
+      - name: git pull
+      - run: ansible-lint
+        working-directory: ansible/
+

From f141a426894bfedfb8a4da34d9a468c050d3c989 Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Sun, 29 Sep 2024 21:49:06 -0700
Subject: [PATCH 5/7] idk bro

---
 .gitea/workflows/ansible-lint.yaml |  7 +++----
 .gitea/workflows/demo.yaml         | 21 ---------------------
 .gitea/workflows/sec-lint-s3.yaml  |  2 +-
 3 files changed, 4 insertions(+), 26 deletions(-)
 delete mode 100644 .gitea/workflows/demo.yaml

diff --git a/.gitea/workflows/ansible-lint.yaml b/.gitea/workflows/ansible-lint.yaml
index 102f508..7d3eaa9 100644
--- a/.gitea/workflows/ansible-lint.yaml
+++ b/.gitea/workflows/ansible-lint.yaml
@@ -3,14 +3,13 @@ on:
   - push
 
 jobs:
-  lint-everything:
+  ansible-lint:
     runs-on: ubuntu-latest
     container:
       image: shockrah/ansible
     steps:
-      - run: git init
-      - run: git remote add origin ${{ gitea.repositoryUrl }}
-      - name: git pull
+      - name: Checkout repo content
+        actions/checkout@v4
       - run: ansible-lint
         working-directory: ansible/
 
diff --git a/.gitea/workflows/demo.yaml b/.gitea/workflows/demo.yaml
deleted file mode 100644
index e741fb6..0000000
--- a/.gitea/workflows/demo.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-name: Actions demo
-run-name: ${{ gitea.actor }} is testing the actions
-on:
-  - push
-
-jobs:
-  simple-echo:
-    runs-on: gitea-main
-    steps:
-      - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
-      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
-      - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
-      - name: Check out repository code
-        uses: actions/checkout@v4
-      - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
-      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
-      - name: List files in the repository
-        run: |
-          ls ${{ gitea.workspace }}
-      - run: echo "🍏 This job's status is ${{ job.status }}."
-
diff --git a/.gitea/workflows/sec-lint-s3.yaml b/.gitea/workflows/sec-lint-s3.yaml
index 2a87bc2..6add42f 100644
--- a/.gitea/workflows/sec-lint-s3.yaml
+++ b/.gitea/workflows/sec-lint-s3.yaml
@@ -16,4 +16,4 @@ jobs:
         uses: bridgecrewio/checkov-action@master
         with:
           directory: infra/s3/
-          framework: terraform
\ No newline at end of file
+          framework: terraform

From e759802ce68052f9850ea04cd9a15461553f927d Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Sun, 29 Sep 2024 21:49:49 -0700
Subject: [PATCH 6/7] Fixing syntax error

---
 .gitea/workflows/ansible-lint.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitea/workflows/ansible-lint.yaml b/.gitea/workflows/ansible-lint.yaml
index 7d3eaa9..e216b1e 100644
--- a/.gitea/workflows/ansible-lint.yaml
+++ b/.gitea/workflows/ansible-lint.yaml
@@ -9,7 +9,7 @@ jobs:
       image: shockrah/ansible
     steps:
       - name: Checkout repo content
-        actions/checkout@v4
+        uses: actions/checkout@v4
       - run: ansible-lint
         working-directory: ansible/
 

From d483f5ed7281106c78cbb70884a0d385ab3356ae Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Tue, 5 Nov 2024 16:08:09 -0800
Subject: [PATCH 7/7] Updating system packages playbook

---
 ansible/ansible.cfg          |  3 +++
 ansible/playbooks/update.yml | 20 ++++++++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 ansible/ansible.cfg
 create mode 100644 ansible/playbooks/update.yml

diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 0000000..1435620
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+stdout_callback = yaml
+
diff --git a/ansible/playbooks/update.yml b/ansible/playbooks/update.yml
new file mode 100644
index 0000000..508bd38
--- /dev/null
+++ b/ansible/playbooks/update.yml
@@ -0,0 +1,20 @@
+# Purpose: General update to the system to keep packages up to date
+---
+- hosts: webhost
+  remote_user: webadmin
+  tasks:
+    - name: Informational Dump of what is upgradeable
+      ansible.builtin.command: apt list --upgradable
+      register: pkg
+    - name: Show list of packages to upgrade
+      ansible.builtin.debug:
+        msg: "{{ pkg.stdout_lines }}"
+    - name: Update the packages at the system level to the latest versions
+      become: true
+      ansible.builtin.apt:
+        name: "*"
+        state: latest
+
+
+
+