feat: Dual DNS

.taskfiles/Machine/Taskfile.yaml

@@ -5,6 +5,8 @@ vars:
   MACHINE_ROOT_DIR: "{{.ROOT_DIR}}/.taskfiles/Machine"
   FILES_DIR: "{{.MACHINE_ROOT_DIR}}/files"
   SCRIPTS_DIR: "{{.MACHINE_ROOT_DIR}}/scripts"
+  # renovate: depName=AdguardTeam/AdGuardHome datasource=github-releases
+  ADGUARD_VERSION: v0.107.57
 
 tasks:
   fetch-certificate:
@@ -64,18 +66,6 @@ tasks:
       - ssh [email protected] chmod u+rw,g-wx,o-wx /etc/chrony/conf.d/0-ntp-allow.conf
       - ssh [email protected] systemctl restart chrony
 
-  update-titan-certificate:
-    desc: Update Titan certificate
-    cmds:
-      - ssh [email protected] mkdir -p /var/lib/gatus
-      - scp "{{.FILES_DIR}}/certificates/certificate.crt" [email protected]:/var/lib/gatus/certificate.crt
-      - ssh [email protected] chown gatus:gatus /var/lib/gatus/certificate.crt
-      - ssh [email protected] chmod u+rw,g-wx,o-wx /var/lib/gatus/certificate.crt
-      - scp "{{.FILES_DIR}}/certificates/certificate.key" [email protected]:/var/lib/gatus/certificate.key
-      - ssh [email protected] chown gatus:gatus /var/lib/gatus/certificate.key
-      - ssh [email protected] chmod u+rw,g-wx,o-wx /var/lib/gatus/certificate.key
-      - ssh [email protected] systemctl restart gatus
-
   update-styx-certificate:
     desc: Update Styx certificate
     cmds:
@@ -103,13 +93,24 @@ tasks:
       - ssh root@{{.MACHINE}}.zinn.tech systemctl restart unifi-core
 
   install-artemis-adguard:
-    desc: Install AdGuardHome
+    desc: Install Artemis AdGuardHome
     vars:
       # renovate: depName=AdguardTeam/AdGuardHome datasource=github-releases
       ADGUARD_VERSION: v0.107.57
     cmds:
       - ssh [email protected] wget -q https://github.com/AdguardTeam/AdGuardHome/releases/download/{{.ADGUARD_VERSION}}/AdGuardHome_linux_arm64.tar.gz -O /opt/AdGuardHome_linux_arm64.tar.gz
       - ssh [email protected] 'cd /opt && tar xf AdGuardHome_linux_arm64.tar.gz'
+      - ssh [email protected] 'cd /opt/AdGuardHome && ./AdGuardHome -s install'
+
+  install-titan-adguard:
+    desc: Install Titan AdGuardHome
+    vars:
+      # renovate: depName=AdguardTeam/AdGuardHome datasource=github-releases
+      ADGUARD_VERSION: v0.107.57
+    cmds:
+      - ssh [email protected] wget -q https://github.com/AdguardTeam/AdGuardHome/releases/download/{{.ADGUARD_VERSION}}/AdGuardHome_linux_amd64.tar.gz -O /opt/AdGuardHome_linux_amd64.tar.gz
+      - ssh [email protected] 'cd /opt && tar xf AdGuardHome_linux_amd64.tar.gz'
+      - ssh [email protected] 'cd /opt/AdGuardHome && ./AdGuardHome -s install'
 
   install-artemis-docker:
     desc: Install docker
@@ -130,23 +131,47 @@ tasks:
       - ssh [email protected] chmod -x /etc/cron.d/cloudflare-ddns
 
   restart-artemis-adguard:
-    desc: Restart AdGuardHome
+    desc: Restart Artemis AdGuardHome
     cmds:
       - ssh [email protected] systemctl restart AdGuardHome
 
+  restart-titan-adguard:
+    desc: Restart Titan AdGuardHome
+    cmds:
+      - ssh [email protected] systemctl restart AdGuardHome
+
   update-artemis-configuration:
     desc: Update Artemis configuration
     cmds:
       - task: update-artemis-adguard-configuration
+        vars:
+          machine_ip: 10.0.0.8
       - task: update-artemis-gatus-configuration
 
   update-artemis-adguard-configuration:
     desc: Update Artemis AdGuardHome configuration
+    requires:
+      vars:
+        - machine_ip
     cmds:
-      - scp "{{.FILES_DIR}}/artemis/AdGuardHome.yaml" [email protected]:/opt/AdGuardHome/AdGuardHome.yaml
+      - cat "{{.FILES_DIR}}/adguard/AdGuardHome.yaml" | sed -e "s/MACHINE_IP/{{.machine_ip}}/" > /tmp/AdGuardHome.yaml
+      - scp /tmp/AdGuardHome.yaml [email protected]:/opt/AdGuardHome/AdGuardHome.yaml
+      - rm /tmp/AdGuardHome.yaml
       - ssh [email protected] chmod og-rwx /opt/AdGuardHome/AdGuardHome.yaml
       - ssh [email protected] systemctl restart AdGuardHome
 
+  update-titan-adguard-configuration:
+    desc: Update Titan AdGuardHome configuration
+    requires:
+      vars:
+        - machine_ip
+    cmds:
+      - cat "{{.FILES_DIR}}/adguard/AdGuardHome.yaml" | sed -e "s/MACHINE_IP/{{.machine_ip}}/" > /tmp/AdGuardHome.yaml
+      - scp /tmp/AdGuardHome.yaml [email protected]:/opt/AdGuardHome/AdGuardHome.yaml
+      - rm /tmp/AdGuardHome.yaml
+      - ssh [email protected] chmod og-rwx /opt/AdGuardHome/AdGuardHome.yaml
+      - ssh [email protected] systemctl restart AdGuardHome
+
   update-artemis-gatus-configuration:
     desc: Update Artemis AdGuardHome configuration
     cmds:

.taskfiles/Machine/files/artemis/AdGuardHome.yaml → .taskfiles/Machine/files/adguard/AdGuardHome.yaml

@@ -2,7 +2,7 @@ http:
   pprof:
     port: 6060
     enabled: false
-  address: 10.0.0.8:3000
+  address: MACHINE_IP:3000
   session_ttl: 720h
 users:
   - name: admin
@@ -14,7 +14,7 @@ language: ""
 theme: auto
 dns:
   bind_hosts:
-    - 0.0.0.0
+    - MACHINE_IP
   port: 53
   anonymize_client_ip: false
   ratelimit: 200

kubernetes/main/apps/networking/external-services/external-adguard.yaml → kubernetes/main/apps/networking/external-services/external-adguard-artemis.yaml

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: adguard
+  name: adguard-artemis
 spec:
   ports:
     - protocol: TCP
@@ -12,9 +12,9 @@ spec:
 apiVersion: discovery.k8s.io/v1
 kind: EndpointSlice
 metadata:
-  name: adguard
+  name: adguard-artemis
   labels:
-    kubernetes.io/service-name: adguard
+    kubernetes.io/service-name: adguard-artemis
 addressType: IPv4
 ports:
   - name: http
@@ -28,14 +28,14 @@ endpoints:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: &app adguard
+  name: &app adguard-artemis
   labels:
     app.kubernetes.io/name: *app
     app.kubernetes.io/instance: *app
 spec:
   ingressClassName: internal-nginx
   rules:
-    - host: adguard.zinn.ca
+    - host: adguard-artemis.zinn.ca
       http:
         paths:
           - path: /

kubernetes/main/apps/networking/external-services/external-adguard-titan.yaml

@@ -0,0 +1,47 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: adguard-titan
+spec:
+  ports:
+    - protocol: TCP
+      port: 3000
+      targetPort: 3000
+---
+apiVersion: discovery.k8s.io/v1
+kind: EndpointSlice
+metadata:
+  name: adguard-titan
+  labels:
+    kubernetes.io/service-name: adguard-titan
+addressType: IPv4
+ports:
+  - name: http
+    appProtocol: http
+    protocol: TCP
+    port: 3000
+endpoints:
+  - addresses:
+      - "10.0.0.7"
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: &app adguard-titan
+  labels:
+    app.kubernetes.io/name: *app
+    app.kubernetes.io/instance: *app
+spec:
+  ingressClassName: internal-nginx
+  rules:
+    - host: adguard-titan.zinn.ca
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: *app
+                port:
+                  number: 3000

kubernetes/main/apps/networking/external-services/kustomization.yaml

@@ -3,6 +3,7 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - external-adguard.yaml
+  - external-adguard-artemis.yaml
+  - external-adguard-titan.yaml
   - external-birds.yaml
   - external-minio.yaml