From e37782b8562bee44b0a38b276b9a22fe2b539943 Mon Sep 17 00:00:00 2001
From: Lino Silva <lino.silva@farfetch.com>
Date: Tue, 4 Apr 2023 14:32:01 +0100
Subject: [PATCH] feat: Add folding

---
 inventory/my-cluster/group_vars/all.yml       | 28 ++++++++++++++++++-
 inventory/my-cluster/host_vars/folding        |  6 ++++
 inventory/my-cluster/hosts.ini                | 17 ++---------
 playbook-folding.yml                          | 22 +++++++++++++++
 roles/folding/enable-ssh/tasks/main.yml       |  8 ++++++
 roles/folding/install-app/tasks/main.yml      | 12 ++++++++
 roles/folding/provision/create/tasks/main.yml | 24 ++++++++++++++++
 roles/folding/provision/delete/tasks/main.yml | 26 +++++++++++++++++
 roles/folding/provision/start/tasks/main.yml  |  8 ++++++
 roles/folding/update/tasks/main.yml           |  6 ++++
 roles/frigate/provision/create/tasks/main.yml |  2 +-
 11 files changed, 142 insertions(+), 17 deletions(-)
 create mode 100644 inventory/my-cluster/host_vars/folding
 create mode 100644 playbook-folding.yml
 create mode 100644 roles/folding/enable-ssh/tasks/main.yml
 create mode 100644 roles/folding/install-app/tasks/main.yml
 create mode 100644 roles/folding/provision/create/tasks/main.yml
 create mode 100644 roles/folding/provision/delete/tasks/main.yml
 create mode 100644 roles/folding/provision/start/tasks/main.yml
 create mode 100644 roles/folding/update/tasks/main.yml

diff --git a/inventory/my-cluster/group_vars/all.yml b/inventory/my-cluster/group_vars/all.yml
index 3266e40..fe471d2 100644
--- a/inventory/my-cluster/group_vars/all.yml
+++ b/inventory/my-cluster/group_vars/all.yml
@@ -109,4 +109,30 @@ homeassistant_pwd: !vault |
           31353332646635353339373937393134376566643539363563613061393731623931643931336566
           3039626631643930650a393163643534353731316261376638643736623232366431396136313666
           37613864396630306335626532633832653633346465316332356236393239653063393630323461
-          3862316639643265373166373330333936303233383333653362
\ No newline at end of file
+          3862316639643265373166373330333936303233383333653362
+
+gameyfin_pwd: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64653937643761616366313263363039336262313832623035313635353638393633643330303733
+          3030373063343264633265616638373463383562626132650a643163333961353861626438356339
+          64326161373332396234656664343736356566356561306334306230343335323733306533343563
+          3639656666313434350a303432393831323338313331386262373130633930396365653836633965
+          35623030313533313462666464333339633832643261383839383432366462313262386236346434
+          39646434653137633062346234373965323036636663326437346238373764363261633736356532
+          346437633064623331653362303034653463
+
+igdb_client_id: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          36343238373066633635656365376331626231396666373039636330376132393861373739323061
+          3662366362633461383730633765323530316437626639630a613337333163393539653830366235
+          36636139666332393366366166343064623931326634633161666264333038643537386363663962
+          6430613364653562320a313934393633386262343933363835663639313630653631356563346435
+          61616130336366613066316134303866323838653938393630623763383762316432
+
+igdb_secret: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          65383235643965353066343661616633353163393137326661363862353131333362383336613465
+          3730323833613961326161643730363434643363346138610a313230656534626137373232653633
+          30303163646261666461366161336131326134633832643834623438363137323531393865613761
+          3137316331353531350a306636306233326637623030666634353066396663623663386235393238
+          63303939666561353032396135646666623564616562306637613430663933626530
\ No newline at end of file
diff --git a/inventory/my-cluster/host_vars/folding b/inventory/my-cluster/host_vars/folding
new file mode 100644
index 0000000..3b8d97b
--- /dev/null
+++ b/inventory/my-cluster/host_vars/folding
@@ -0,0 +1,6 @@
+---
+
+ansible_user: root
+ansible_host: 10.0.2.19
+ansible_ssh_pass: "{{ proxmox_api_password }}"
+vmid: 610
diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini
index 3d60b1a..3d95233 100644
--- a/inventory/my-cluster/hosts.ini
+++ b/inventory/my-cluster/hosts.ini
@@ -1,23 +1,10 @@
+[lxc]
 frigate
 swag
 cloudflare-ddns
 dahua-to-mqtt
 immich
-
-[master]
-mipha
-epona
-yuga
-
-[node]
-revali
-
-[k3s_cluster:children]
-master
-node
-
-[lxc:children]
-k3s_cluster
+folding
 
 [baremetal]
 mipha
diff --git a/playbook-folding.yml b/playbook-folding.yml
new file mode 100644
index 0000000..f4d9484
--- /dev/null
+++ b/playbook-folding.yml
@@ -0,0 +1,22 @@
+---
+# - hosts: localhost
+#   become: yes
+#   roles:
+#     - role: folding/provision/delete
+#     - role: folding/provision/create
+#     - role: folding/provision/start
+#       vars:
+#         vmid: 610
+
+- hosts: hyrule
+  become: yes
+  roles:
+    - role: folding/enable-ssh
+      vars:
+        vmid: 610
+
+- hosts: folding
+  become: yes
+  roles:
+    - role: folding/update
+    - role: folding/install-app
diff --git a/roles/folding/enable-ssh/tasks/main.yml b/roles/folding/enable-ssh/tasks/main.yml
new file mode 100644
index 0000000..b2740e1
--- /dev/null
+++ b/roles/folding/enable-ssh/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh)
+
+- name: Allow SSH into LXC
+  ansible.builtin.command: lxc-attach -n 610 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
+
+- name: Restart SSH Service
+  ansible.builtin.command: lxc-attach -n 610 service ssh restart
diff --git a/roles/folding/install-app/tasks/main.yml b/roles/folding/install-app/tasks/main.yml
new file mode 100644
index 0000000..81f5117
--- /dev/null
+++ b/roles/folding/install-app/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+- name: Download binary
+  ansible.builtin.shell:
+  args:
+    cmd: wget https://download.foldingathome.org/releases/public/release/fahclient/debian-stable-64bit/v7.6/fahclient_7.6.21_amd64.deb
+    chdir: /root/
+
+- name: Install folding
+  ansible.builtin.shell:
+  args:
+    cmd: dpkg -i --force-depends fahclient_7.6.21_amd64.deb
+    chdir: /root/
diff --git a/roles/folding/provision/create/tasks/main.yml b/roles/folding/provision/create/tasks/main.yml
new file mode 100644
index 0000000..d132459
--- /dev/null
+++ b/roles/folding/provision/create/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: Create container
+  community.general.proxmox:
+    vmid: 610
+    node: hyrule
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    password: "{{ lxc_password }}"
+    hostname: folding
+    ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
+    netif: "{'net0':'name=eth0,\
+      gw=10.0.0.1,\
+      ip=10.0.2.19/21,\
+      hwaddr=cc:c6:cf:de:17:79,\
+      bridge=vmbr0'}"
+    cores: 12
+    memory: 30720
+    unprivileged: no
+    swap: 0
+    searchdomain: "home"
+    onboot: 1
+    disk: ssd250:20
+    force: yes
diff --git a/roles/folding/provision/delete/tasks/main.yml b/roles/folding/provision/delete/tasks/main.yml
new file mode 100644
index 0000000..6f53ea3
--- /dev/null
+++ b/roles/folding/provision/delete/tasks/main.yml
@@ -0,0 +1,26 @@
+---
+- name: Stop container
+  community.general.proxmox:
+    vmid: "{{ vmid }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    state: stopped
+  ignore_errors: true
+  timeout: 90
+
+- name: Remove containers
+  community.general.proxmox:
+    vmid: "{{ vmid }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    state: absent
+  ignore_errors: true
+  timeout: 90
+
+- name: Remove .ssh/known_hosts lines
+  ansible.builtin.lineinfile:
+    path: /Users/lino.silva/.ssh/known_hosts
+    state: absent
+    regexp: "^10.0.2.19"
diff --git a/roles/folding/provision/start/tasks/main.yml b/roles/folding/provision/start/tasks/main.yml
new file mode 100644
index 0000000..de86b9b
--- /dev/null
+++ b/roles/folding/provision/start/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- name: Start deployments
+  community.general.proxmox:
+    vmid: "{{ vmid }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    state: started
diff --git a/roles/folding/update/tasks/main.yml b/roles/folding/update/tasks/main.yml
new file mode 100644
index 0000000..8227bf4
--- /dev/null
+++ b/roles/folding/update/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages to their latest version
+  become: true
+  ansible.builtin.apt:
+    update_cache: yes
+    upgrade: full
diff --git a/roles/frigate/provision/create/tasks/main.yml b/roles/frigate/provision/create/tasks/main.yml
index 755fc8f..2447bf3 100644
--- a/roles/frigate/provision/create/tasks/main.yml
+++ b/roles/frigate/provision/create/tasks/main.yml
@@ -20,7 +20,7 @@
     swap: 0
     searchdomain: "home"
     onboot: 1
-    mounts: '{"mp0":"/mnt/pve/hyrule-8tb-nfs/frigate/config,mp=/config","mp1":"/mnt/pve/hyrule-8tb-nfs/frigate/media,mp=/media/frigate","mp2":"/mnt/pve/hyrule-8tb-nfs/frigate/db,mp=/db"}'
+    mounts: '{"mp0":"local-lvm:1,mp=/config","mp1":"local-lvm:150,mp=/media/frigate","mp2":"local-lvm:1,mp=/db"}'
     features:
       - nesting=1
       - keyctl=1