From 0106837a3c9589af7975ec5fe1920da87e80734b Mon Sep 17 00:00:00 2001
From: Tobias Manske <mail@tobiasmanske.de>
Date: Sat, 2 Mar 2024 22:32:19 +0100
Subject: [PATCH] Rename backup to filehost

---
 ansible/host_vars/backup.unruhig.eu/main.yml  |  7 --
 .../host_vars/backup.unruhig.eu/vault.yaml    |  7 --
 .../host_vars/filehost.unruhig.eu/main.yml    |  7 ++
 .../host_vars/filehost.unruhig.eu/vault.yaml  | 17 +++++
 .../thonkpad.ka.chaoswg.org/vault.yaml        | 76 ++++++++++---------
 ansible/inventory.yaml                        |  6 +-
 ansible/known_hosts                           |  2 +
 ansible/playbook.yaml                         |  4 +-
 ansible/plays/backup.yaml                     | 61 ---------------
 ansible/plays/common.yaml                     |  6 +-
 ansible/secrets.yml                           |  2 +-
 tf-stage-1/dns-unruhig-eu.tf                  |  5 +-
 12 files changed, 79 insertions(+), 121 deletions(-)
 delete mode 100644 ansible/host_vars/backup.unruhig.eu/main.yml
 delete mode 100644 ansible/host_vars/backup.unruhig.eu/vault.yaml
 create mode 100644 ansible/host_vars/filehost.unruhig.eu/main.yml
 create mode 100644 ansible/host_vars/filehost.unruhig.eu/vault.yaml
 delete mode 100644 ansible/plays/backup.yaml

diff --git a/ansible/host_vars/backup.unruhig.eu/main.yml b/ansible/host_vars/backup.unruhig.eu/main.yml
deleted file mode 100644
index 539304f..0000000
--- a/ansible/host_vars/backup.unruhig.eu/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-known_hosts:
-  - backup.unruhig.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXlm4q3UBK2ChZCujrc9nv45tnntj6E+80UOOzZ6EEFWeUkJ0R+o4z4bnLsWBfFxfwgMDUvFCUCuS7R7xo2pE6vlRhPeD6eTitqNmRMfgmMZLJCdWD5eechg2FNSIht+wB61KEwMBuARXX45nmvIknWiRBK0qAGMLgy46hAx60hf/2uzSuyF6cxQdRqH7TNKZ/06aC7fCo9MCvHbiWvOSKbRx+jYSw8L27DW8WbPTqTGhywidij3nQEjwCFof/IN/hdp7NLpF/8qAoxW9iLWHh7ghESSwHxDF+QC1NjyA1g9QvyX+4p/hzR71wvQ2OVT/R9qx45jJiEi4dVQtsPGbcMzY9gQNbzyzl898cvnp2OuS50kGxuJZaJLMOj2UClbpW+lTrrkKvBZKkAF85v+C6Xcx/waY01eH0PaDBpoo40Y+vS9nWLmnKcvz5iDC6DVL8gUyDxuQj6/qMQuVsr5GL7GnvqIF/jjz6rNqES5Lr88c18ZyWeaupAHNnSgxaGV8=
-  - backup.unruhig.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNxa8vbJ70oM2PlEKegPu3/SUO7oXz2lM6PvR74Ad+RYjjAQZr/j3WMpeDn15ugexlYmYoHgxgeT0xA6E/ZAM/0=
-  - backup.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k
-ssh:
-  authorized_keys:
-    - ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNpGyOWzNNTW7e8PBZCRZ8q4JygBKKtOMWng09b3mnNo9GPvb+V7RhnMf0rnGbwp9q89QFjYbZ8ZKqCoBpgtlT4= backup.unruhig.eu_22
diff --git a/ansible/host_vars/backup.unruhig.eu/vault.yaml b/ansible/host_vars/backup.unruhig.eu/vault.yaml
deleted file mode 100644
index 8381ded..0000000
--- a/ansible/host_vars/backup.unruhig.eu/vault.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-64323432633839313739346636383934366264653165373433316239366235613336646462333031
-3633326564323431653131653436386563613562633432390a383161343463343366336266303038
-36316230323264646532386238363331663364353365643861323536643961613561626265313762
-3864373034646433300a623535623532353965333030383065346562393139313437313438623361
-63336531373365383463303437343833646531366363353630626134373932303063653530323433
-6639623264316133356463333236623032356138636361383966
diff --git a/ansible/host_vars/filehost.unruhig.eu/main.yml b/ansible/host_vars/filehost.unruhig.eu/main.yml
new file mode 100644
index 0000000..438dbe4
--- /dev/null
+++ b/ansible/host_vars/filehost.unruhig.eu/main.yml
@@ -0,0 +1,7 @@
+known_hosts:
+  - filehost.unruhig.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXlm4q3UBK2ChZCujrc9nv45tnntj6E+80UOOzZ6EEFWeUkJ0R+o4z4bnLsWBfFxfwgMDUvFCUCuS7R7xo2pE6vlRhPeD6eTitqNmRMfgmMZLJCdWD5eechg2FNSIht+wB61KEwMBuARXX45nmvIknWiRBK0qAGMLgy46hAx60hf/2uzSuyF6cxQdRqH7TNKZ/06aC7fCo9MCvHbiWvOSKbRx+jYSw8L27DW8WbPTqTGhywidij3nQEjwCFof/IN/hdp7NLpF/8qAoxW9iLWHh7ghESSwHxDF+QC1NjyA1g9QvyX+4p/hzR71wvQ2OVT/R9qx45jJiEi4dVQtsPGbcMzY9gQNbzyzl898cvnp2OuS50kGxuJZaJLMOj2UClbpW+lTrrkKvBZKkAF85v+C6Xcx/waY01eH0PaDBpoo40Y+vS9nWLmnKcvz5iDC6DVL8gUyDxuQj6/qMQuVsr5GL7GnvqIF/jjz6rNqES5Lr88c18ZyWeaupAHNnSgxaGV8=
+  - filehost.unruhig.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNxa8vbJ70oM2PlEKegPu3/SUO7oXz2lM6PvR74Ad+RYjjAQZr/j3WMpeDn15ugexlYmYoHgxgeT0xA6E/ZAM/0=
+  - filehost.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k
+ssh:
+  authorized_keys:
+    - ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNpGyOWzNNTW7e8PBZCRZ8q4JygBKKtOMWng09b3mnNo9GPvb+V7RhnMf0rnGbwp9q89QFjYbZ8ZKqCoBpgtlT4= backup.unruhig.eu_22
diff --git a/ansible/host_vars/filehost.unruhig.eu/vault.yaml b/ansible/host_vars/filehost.unruhig.eu/vault.yaml
new file mode 100644
index 0000000..2bf1ea6
--- /dev/null
+++ b/ansible/host_vars/filehost.unruhig.eu/vault.yaml
@@ -0,0 +1,17 @@
+$ANSIBLE_VAULT;1.1;AES256
+36336235613033366466623936373035353462656137303937626535653237646633663035363435
+3935323464336235353134623634343539383930653066370a623435326437643362386638623735
+64393933303561303833326364613736643632376464383632613964313265356565636237653432
+6338326433623539310a393261376134626164316230386533333766336130326236333562636665
+65663865653663623838656237376262626139643733356461383539383164653338613636383935
+39366133623933366631643938643832373264613031393430623132386166643836616362613333
+39326666356434343263383934613238663635613234323264363930396136356461386365666538
+38376564386339623462646138646461633732313866306365303463356330316535383137666230
+31313132663030626562313437623735376338333061306438343761396637613535373633386536
+37303535386566303564343938333037356363383561656462393239323736643331646536626633
+34663534653165663930663939363936323630643065306462353261616535666338353962643930
+30353439653331613165333137626636363064366164626136643234353030336139336535333132
+36373934343431363665643631373336396433383732326539663336366234613364363663323238
+34333530366634613933363530373935383831653864633462336465366136613730643932303935
+35363935343233383733623233316332653061666262633435346532326365326462366366333966
+33366364343330313238
diff --git a/ansible/host_vars/thonkpad.ka.chaoswg.org/vault.yaml b/ansible/host_vars/thonkpad.ka.chaoswg.org/vault.yaml
index 6e88921..e7ae743 100644
--- a/ansible/host_vars/thonkpad.ka.chaoswg.org/vault.yaml
+++ b/ansible/host_vars/thonkpad.ka.chaoswg.org/vault.yaml
@@ -1,36 +1,42 @@
 $ANSIBLE_VAULT;1.2;AES256;secrets
-61376266333439343062396134316539386363343430323265383434353132646537336230643134
-3730643332383438393536366465396435343939383263330a386434626263333934396339373132
-31376363396361363562396561336232643961323636656632373734383130623364383639623663
-3234313564346335640a323433313365393834313938613938383532373135353930303438333665
-61386532666130336334343064313432383434323864643463616332323366316332393964363161
-37663365636137643461386362313038383236636261303936366231386566333736306562653366
-37336238396635613839643634343865383164366435653764303962343337393365616464323337
-66303530323233373635303065393032393365383232333632383065316561306265303334306663
-36646635663732323561623438366239656338613863643638386135343639343037346636663037
-34343632366637336235316663613338656537656437343431373535386534656330643237353365
-63373037313336663632356465613631656263353163313234373534623930346533346661303631
-32373831343434373834386435356439343432343963313362643365633739613337353338383933
-33653835343636343937353238396466396266323935643162623235316635333365333931333334
-66323063336463616437383664353266386438653030363161663034333434666331303862393430
-35616233343333383137656363626564316566323530343236316632383537363666636561353039
-64653131323936666137326665376261383361326431626166346238313737353931396536626564
-63376637316431633634396263333537323062643362336162396637636661363731383437343935
-63646665326164633339656236636433323864626534393862633161653638366330646137666230
-64353230366166636531316132303735653836303531656661366133386362393637316562653737
-31623936346336353763613432353461396262373238326230393862363638623237376165656230
-37386634663133353536623232623437636238333634363264303533316561373764356639393566
-66306462663563386237646465336562343430613934396434313831343263343635663363383462
-62306130333464653538623166373636373663383532656135623763616365376565316135616131
-37386239643565343561333535656130366133353139666538383661363237333131323635643932
-65653338396532346464356137353634323265376432326433323164623838356436666532613664
-37363635313738386362393135333235633139316532383463353537383439383366353163326663
-35616438326663663237333262656133323236613036366535336161663164613663656236396335
-61366333613335386535623935313364393363636432633861316239623166313261386632623936
-34383733313466353431623035386430343966616535383637333564643338376630323365376365
-66633139656163386166656130356662343162373834643864626335353864333062333631353461
-66376333663635373835333830343336383936383330666139363161393166356534613366643766
-35366238633334656335386538333930376437646261343565393764393064393437396363366464
-61343531626366356238376635363964663666333839306166363863313639303165303630396164
-30306166333062333031663365366331383430313931363933393439346235386239333665373838
-613161643062353436326338376463663533
+30343065306563343765353231366539356463646634363230643639616338663138376666343962
+6164333837646563356334613035383365636337393362350a343334643838303562363932336263
+33363432393565623631356331343063333332663937343639343739666130646262623364353237
+6366346434366236370a393063356266333430326362643932303130633635363732623361323736
+63386266333362653530333262383064366462313938646362386338643661343165363839636536
+62613561363637346538323062643664303932666566393537616539353730306164623535313636
+32656230663861363635633839643731326363393838636263313665313466313833363638346566
+33386566346564363963363166326564613366393531366135633430616634323261386263376565
+63663962653039623434643136393564336631613433613433636632623938306365376639326338
+38393465393764666636373430323736303235363238393038353632646365373536313566333238
+32616631666263353132333439653334643737336633663164356337363732366534366537343532
+30383531303663656263353461343166616139306634396432653032313366356265326664666339
+39393432343734336565303034636435623336646639373438363363613538643435653230326630
+32393362376164646335613166643632323861313834386630613932666166303438346461646564
+37646362316662373231666332666530353537376239633664316561363332313565633361393464
+65623635623166613430396638613061613737303739343266643663626134303361633561376135
+32336339356462353864646664633632306338353230663532303963636238636266383137393063
+37663064666539653362376662356265626630636230393230306565313264663961653135363238
+39623436646138656565383662653037623835333631323836343262353830323764663266396634
+62636536653833653932613661373438356138643334363034656339626365613761333764333732
+34303538313134666238663732393933613537383661636463336538393035626438323039353661
+36663939303366386136643335356131643032313934363361373563313965383734613632373631
+38333961613838313863333436356263363432326366353266623266616561323666383931343362
+32616265643133653532383732393739343366366532343461636338333463336466363331303931
+30373833363037643637343662313737383565363164323235306335303938363937626466643066
+62336261373865383234626463333535383662306330306663353438343061383761393165306231
+33303434303734623564616331646166376432343035393231306136343762653038656434653436
+66626639616139666133373063626237616133626334326530636162333930336539613336316330
+62653964353633376164646664376234336535633765616634663266636464393464653435393538
+34363865363338616336363561306461363532363131366534663366353463383134666239393230
+65653864643562333962323832363732616434343736376561643361666138343330653337313266
+31363339356536313832383162643035663538656463373133346265353437323634346539383933
+64613539333566333262656566643935323138393266656361316131623566663164333138656437
+34363830356431666531343938643934373562643232653239373837363336633030666631656361
+36393765333463643365663938636134666664653763663264613032386135356266636236623035
+64326239343730326639363133653666643534326362303339373733643164623634613633613138
+61313130613434336463363739623430626638323939306462316235663963313233633833313734
+66333461613766343130393539613332353131643730623466623365643237653865363262333734
+64623164663366326538386331343162336433393466386133323537623536636461613732323734
+39613639306562326366336634376263633062386163333964396532326666643539613739313365
+31343132313837646235313764396130653764623838396635626462626531303732
diff --git a/ansible/inventory.yaml b/ansible/inventory.yaml
index ebea3dd..5555b37 100644
--- a/ansible/inventory.yaml
+++ b/ansible/inventory.yaml
@@ -20,7 +20,7 @@ all:
       network_interface: ens3
       network_ipv6_addr: "2a03:4000:9:176::1"
       wg_addr: 10.1.0.4
-    backup.unruhig.eu:
+    filehost.unruhig.eu:
       ansible_user: core
       network_interface: ens3
       network_ipv6_addr: "2a03:4000:56:e17::1"
@@ -42,7 +42,7 @@ all:
         host.nc.chaoswg.org: null
         thonkpad.ka.chaoswg.org: null
         infra.unruhig.eu: null
-        backup.unruhig.eu: null
+        filehost.unruhig.eu: null
         mon1.hel1.chaoswg.org: null
     backup:
       hosts:
@@ -58,4 +58,4 @@ all:
         host.nc.chaoswg.org: null
         mon1.hel1.chaoswg.org: null
         infra.unruhig.eu: null
-        backup.unruhig.eu: null
+        filehost.unruhig.eu: null
diff --git a/ansible/known_hosts b/ansible/known_hosts
index 9f430a3..a7a352c 100644
--- a/ansible/known_hosts
+++ b/ansible/known_hosts
@@ -12,3 +12,5 @@ mon1.hel1.chaoswg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCl6bzWEhtuyKLLOUjRv0
 thonkpad.ka.chaoswg.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDq68XLq1mlFsHDfa1mlpNJZ83wCR3ZO5C/fkNe+kVwG9apKmGdCaAWZs9n1MKe08maSLf5Dx01B+m79+l9KrKQ=
 thonkpad.ka.chaoswg.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOY8bK8R5aUnXr/8vxZ6NSznTNGcTu4iQJJo5GYVXflR
 thonkpad.ka.chaoswg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8b0SqPTmmJYJEcGYMjeeyEZlEjjQTIj+XKZ3Sonbb6xT32SedabIJ8k+xw+yeRjDOhBnx1wl7KrfBhZqZ18qGbB3214d7QmgylWpC5KkQV89ow0c24JI2zSLfC3kMYbGvSSwch+ql8rLUBXGRczzMYuh9kWrXhkK9vF7821/pxBSsO4XD/9fZwEa/VfpakuFJUU0bmFGgi/OmlHf80U08B0LHlg/IYdM+3JemwWbx1swx7ylXwDUWGjyK5mxYR2SEBbwnHuCoanj8SW9xwPLfUOT9t5+IADtFya7J3o0cDAk+6ZjJOZcdtmY6WO1hR/K82aFnecAV4mjr8+fx/GpnbGCt8Jpv88bdhG7LWxzKESrZDbQDiZ2z4itkkq5fbOGeXeUrFuff8Vva/VtsUoLPToS6bctgVqZ2slbI+6J6YJXPE4LzUa57NRj2qyXSbr+q5q9URfrkOmFDwaBq5jLiFcDEDOS7UpAjoN5A1rAkxN7v+uP3gwYainkbx2+7DrM=
+192.168.0.73 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOY8bK8R5aUnXr/8vxZ6NSznTNGcTu4iQJJo5GYVXflR
+filehost.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k
diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml
index 23fa08a..84f738a 100644
--- a/ansible/playbook.yaml
+++ b/ansible/playbook.yaml
@@ -23,8 +23,8 @@
   ansible.builtin.import_playbook: plays/thonkpad.yaml
 - name: infra.unruhig.eu
   ansible.builtin.import_playbook: plays/infra.yaml
-- name: backup.unruhig.eu
-  ansible.builtin.import_playbook: plays/backup.yaml
+- name: filehost.unruhig.eu
+  ansible.builtin.import_playbook: plays/filehost.yaml
 
 - name: grp_prometheus
   ansible.builtin.import_playbook: plays/grp_prometheus.yaml
diff --git a/ansible/plays/backup.yaml b/ansible/plays/backup.yaml
deleted file mode 100644
index 4000230..0000000
--- a/ansible/plays/backup.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-- name: Setup Infra Meta Host
-  hosts: backup.unruhig.eu
-  gather_facts: false
-  tasks:
-    - name: Create user [backup]
-      become: true
-      ansible.builtin.user:
-        name: backup
-        comment: Used for receiving borg backups
-        shell: /bin/bash
-        create_home: true
-        state: present
-        generate_ssh_key: true
-        ssh_key_type: "ed25519"
-        ssh_key_file: ".ssh/storagebox"
-    - name: Create mount directory
-      become: true
-      become_user: backup
-      ansible.builtin.file:
-        path: "/home/backup/storagebox"
-        state: directory
-    - name: Create systemd user config directory
-      become: true
-      become_user: backup
-      ansible.builtin.file:
-        path: "/home/backup/.config/systemd/user"
-        state: directory
-    - name: Create mount unit
-      become: true
-      become_user: root
-      ansible.builtin.template:
-        src: mount-storagebox.mount.j2
-        owner: root
-        group: root
-        mode: "0600" # Credentials
-        dest: /etc/systemd/system/var-home-backup-storagebox.mount
-    - name: Create automount unit
-      become: true
-      become_user: root
-      ansible.builtin.template:
-        src: mount-storagebox.automount.j2
-        dest: /etc/systemd/system/var-home-backup-storagebox.automount
-        owner: root
-        group: root
-        mode: "0644"
-    - name: Start storagebox Mount Service
-      become: true
-      become_user: root
-      ansible.builtin.systemd:
-        name: var-home-backup-storagebox.mount
-        state: started
-        enabled: true
-        daemon_reload: true
-    - name: enable storagebox automount Mount Unit
-      become: true
-      become_user: root
-      ansible.builtin.systemd:
-        name: var-home-backup-storagebox.automount
-        enabled: true
-
-# vim: ft=yaml.ansible
diff --git a/ansible/plays/common.yaml b/ansible/plays/common.yaml
index 3c6b47b..cb905f2 100644
--- a/ansible/plays/common.yaml
+++ b/ansible/plays/common.yaml
@@ -117,7 +117,7 @@
     - name: Register SSH Key with backup server
       become: true
       become_user: root
-      delegate_to: backup.unruhig.eu
+      delegate_to: filehost.unruhig.eu
       ansible.builtin.lineinfile:
         path: /etc/ssh/authorized_keys/backup
         state: present
@@ -126,9 +126,9 @@
     - name: Add Known Hosts entries
       ansible.builtin.known_hosts:
         path: "/root/.ssh/known_hosts"
-        name: "backup.unruhig.eu"
+        name: "filehost.unruhig.eu"
         key: "{{ item }}"
-      loop: "{{ hostvars['backup.unruhig.eu']['known_hosts'] }}"
+      loop: "{{ hostvars['filehost.unruhig.eu']['known_hosts'] }}"
 - name: Restore from Backup
   hosts: backup
   become: true
diff --git a/ansible/secrets.yml b/ansible/secrets.yml
index f4855e3..0f79dcd 100644
--- a/ansible/secrets.yml
+++ b/ansible/secrets.yml
@@ -5,5 +5,5 @@ SSH_KEY_thonkpad_ka_chaoswg_org: !var:file machine/thonkpad.ka.chaoswg.org/ssh_k
 SSH_KEY_host_nc_chaoswg_org: !var:file machine/host.nc.chaoswg.org/ssh_key
 SSH_KEY_mon1_hel1_chaoswg_org: !var:file machine/mon1.hel1.chaoswg.org/ssh_key
 SSH_KEY_infra_unruhig_eu: !var:file machine/infra.unruhig.eu/ssh_key
-SSH_KEY_backup_unruhig_eu: !var:file machine/backup.unruhig.eu/ssh_key
+SSH_KEY_filehost_unruhig_eu: !var:file machine/filehost.unruhig.eu/ssh_key
 GOTOSOCIAL_OIDC_CLIENT_SECRET: !var keycloak/gotosocial/secret
diff --git a/tf-stage-1/dns-unruhig-eu.tf b/tf-stage-1/dns-unruhig-eu.tf
index 311775d..284c876 100644
--- a/tf-stage-1/dns-unruhig-eu.tf
+++ b/tf-stage-1/dns-unruhig-eu.tf
@@ -7,8 +7,9 @@ module "dns-unruhig-eu" {
   records = [
     { type = "A", name = "infra", value = "37.221.198.143" },
     { type = "AAAA", name = "infra", value = "2a03:4000:9:176::1" },
-    { type = "A", name = "backup", value = "202.61.225.46" },
-    { type = "AAAA", name = "backup", value = "2a03:4000:56:e17::1" },
+    { type = "A", name = "filehost", value = "202.61.225.46" },
+    { type = "AAAA", name = "filehost", value = "2a03:4000:56:e17::1" },
+    { type = "CNAME", name = "backup", value = "filehost.unruhig.eu" },
     { type = "CNAME", name = "@", value = "web.tobiasmanske.de" },
     { type = "CNAME", name = "www", value = "unruhig.eu" },
     { type = "CNAME", name = "s3", value = "web.tobiasmanske.de" },