podman-wordpress role created

modified:   ../.gitignore
	Added env files
modified:   ../ansible/playbooks/equilibrateit.com.yml
	Moved tasks to role
deleted:    ../docker-compose.yml
	Moved file to role
new file:   main.tf
	Tofu provider
new file:   variables.tf
	Tofu resource variables
deleted:    ../wordpress/apache/Dockerfile
	Changed file to template, moved to role

.gitignore

@@ -1 +1,4 @@
 archives/
+tofu/terraform*
+tofu/.terraform*
+tofu/.*

ansible/playbooks/equilibrateit.com.yml

@@ -1,5 +1,5 @@
 ---
-- hosts: equilibrateit.com
+- hosts: test-wordpress
   become: yes
   become_user: root
 
@@ -7,17 +7,4 @@
     - podman-host
     - repo-epel
     - certbot
-  tasks:
+    - podman-wordpress
-    - name: Root port forwards for web traffic.
-      firewalld:
-        rich_rule: rule family=ipv4 forward-port port=443 protocol=tcp to-port=4443
-        zone: public
-        permanent: true
-        immediate: true
-        state: enabled
-      firewalld:
-        rich_rule: rule family=ipv4 forward-port port=80 protocol=tcp to-port=8080
-        zone: public
-        permanent: true
-        immediate: true
-        state: enabled

docker-compose.yml

@@ -1,44 +0,0 @@
-version: '3.6'
-
-services:
-  wordpress:
-    build: ./wordpress/apache
-    volumes:
-        - ~/wordpress/data:/var/www/html
-    depends_on:
-        - db
-    ports:
-        - 8080:80 # change to 80:80 when the shop is ready to go live
-        - 4443:443 # change to 80:80 when the shop is ready to go live
-    restart: always
-    env_file: ".env"
-
-  db:
-     image: mysql:5.7
-     volumes:
-         - ~/wordpress/database:/var/lib/mysql
-     restart: always
-     env_file: ".env"
-
-  wordpress-cli:
-    depends_on:
-      - db
-      - wordpress
-    image: wordpress:cli
-    # vstm: This is required to run wordpress-cli with the same
-    # user-id as wordpress. This way there are no permission problems
-    # when running the cli
-    user: '33'
-    # vstm: The sleep 10 is required so that the command is run after
-    # mysql is initialized. Depending on your machine this might take
-    # longer or it can go faster.
-    command: >
-      /bin/sh -c '
-      sleep 10;
-      wp user list'
-
-    # vstm: add shared volume
-    volumes:
-          - ~/wordpress/data:/var/www/html
-    # WP CLI needs the environment variables used for the Wordpress image
-    env_file: ".env"

tofu/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_providers {
+    linode = {
+      source = "linode/linode"
+      version = "2.26.0"
+    }
+  }
+}
+
+provider linode {
+  # Configuration options
+  token = var.token
+}
+
+resource linode_instance "instance" {
+  label = var.label
+  image = var.image
+  region = var.region
+  type = var.type
+  authorized_keys = var.authorized_keys
+  root_pass = var.root_pass
+}

tofu/variables.tf

@@ -0,0 +1,44 @@
+## Required Variables
+##
+
+variable "token" {
+  description	= "The linode API Token"
+  type		= string
+}
+
+variable "label" {
+  description	= "The label for the linode."
+  type		= string
+}
+
+variable "root_pass" {
+  description	= "The root password of the linode."
+  type		= string
+}
+
+## Optional Variables
+##
+
+variable "image" {
+  description	= "The OS image for the linode."
+  type		= string
+  default	= "linode/almalinux9"
+}
+
+variable "region" {
+  description	= "The region where the linode will run."
+  type		= string
+  default	= "ca-central"
+}
+
+variable "type" {
+  description	= "The linode host type."
+  type		= string
+  default	= "g6-nanode-1"
+}
+
+variable "authorized_keys" {
+  description	= "The list of public keys to be authorized for ssh login."
+  type		= list
+  default	= ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeRI1w3uNny7KjK2UdlAnyoGdGgtOx4isSD52u5dr4QkkdLRMj42dLjgT0MK+QehlgaH2XzFPMDz+hZQ+66YeBSm+F4km/8F9XVyUzGl0scUA1p0pqeL3FiyM3Art4Bo71zuE3PvMjyI3pGMKQ3VDWVA0XdAjjSw4G+czJTxZLLBPGvzDT07WuWM4Evl6H21Gn7PB6CKNV0vuUZwGiCsjRbghml1L2kDtTXV1B6wQsniuhQigIVo6YXhMgge/2UCcmiyeEizdfaSstrQHEyxFMvlPUJyw4a3plAuPORDyZdAFF6OA7/wP5fVWoCu/CkbMIDjPifXGQOuhQU1qUVy7r m00t@miserver.lan"]
+}

wordpress/apache/Dockerfile

@@ -1,21 +0,0 @@
-FROM wordpress:6.6.1-php8.2-apache
-
-COPY fullchain.pem /etc/ssl/certs/
-COPY privkey.pem /etc/ssl/private/
-
-RUN set -eux; \
-        a2enmod ssl; \
-	{ \
-		echo '<VirtualHost _default_:443>'; \
-    
-    
-    
-    
-# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
-		echo 'ServerName equilibrateit.com:443'; \
-		echo 'SSLEngine on'; \
-		echo 'SSLCertificateKeyFile  /etc/ssl/private/privkey.pem'; \
-		echo 'SSLCertificateFile /etc/ssl/certs/fullchain.pem'; \
-		echo '</VirtualHost>'; \
-	} > /etc/apache2/sites-available/equilibrateit.com-ssl.conf; \
-	ln -s /etc/apache2/sites-available/equilibrateit.com-ssl.conf /etc/apache2/sites-enabled/equilibrateit.com-ssl.conf; \