Initial Commit

Rebuild and merge of:
- https://github.com/recoverysource/sober.page
- https://github.com/MTecknology/teckhost

Author: MTecknology

.ansible-lint

@@ -0,0 +1,2 @@
+skip_list:
+  - command-instead-of-module

.github/workflows/cicd.yml

@@ -0,0 +1,127 @@
+name: CI/CD
+##
+# This github workflow is used to run tests on all commits to the develop branch
+# to verify all basic processes function correctly.
+##
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+jobs:
+
+  lint:
+    name: Lint Checks
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      # Shellcheck
+      # Looks for +x files
+      - name: ShellCheck
+        uses: ludeeus/action-shellcheck@master
+        # with:
+        #   ignore_names: '10_linux'
+        env:
+          SHELLCHECK_OPTS: -e SC1091
+
+      # Ansible Lint
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint@main
+        with:
+          working_directory: "test"
+
+      # Python Lint
+      - name: Set Up Python environment
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+      - name: Flake8 Lint
+        uses: py-actions/flake8@v2
+        with:
+          ignore: 'E123,E126,E501,W503,F824'
+
+  container:
+    name: Ansible Tests
+    needs: [lint]
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        os: ['debian', 'ubuntu', 'rocky']
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Dependencies
+        run: |
+            sudo apt-get update
+            sudo apt-get install make podman
+
+      - name: Run Container Tests
+        id: validation_tests
+        run: make test-${{ matrix.os }}
+
+  web_index:
+    name: Web Index
+    needs: [lint]
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      #- name: Pull Submodules (themes)
+      #  run: git submodule update --init --recursive
+
+      - name: Install Hugo
+        uses: peaceiris/actions-hugo@v2
+        with:
+          hugo-version: latest
+
+      - name: Build Site
+        run: make web_index/site
+
+      - name: Publish Site
+        uses: peaceiris/actions-gh-pages@v3
+        if: ${{ github.ref == 'refs/heads/master' }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./web_index/site
+
+
+  ##
+  # Merge master into release after tests pass
+  # NOTE: From this point forward, a force push is non-trivial!
+  ##
+
+  deploy:
+    name: Server Release
+    needs: [lint, container, web_index]
+    if: github.ref == 'refs/heads/master'
+
+    permissions:
+      pull-requests: write
+      contents: write
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: '0'
+          ref: release
+
+      - name: Merge Changes
+        run: |
+            git config --local user.email "actions@github.com"
+            git config --local user.name "Github Actions"
+            git merge --no-ff "${{ github.sha }}" -m "[CICD-Pass] Merge ${{ github.sha }} into release"
+
+      # CICD: master->release
+      - name: Go Live!
+        run: |
+            git push origin release

.gitignore

@@ -0,0 +1,15 @@
+# Hugo
+.hugo_build.lock
+/web_index/resources
+/web_index/site
+
+# Ansible
+.vaultpass
+
+# Python
+*.py[cod]
+__pycache__
+.pytest_cache/
+
+# ./sync
+_workspace/

.gitmodules

@@ -0,0 +1,6 @@
+[submodule "web_index/themes/mainroad"]
+	path = web_index/themes/mainroad
+	url = https://github.com/vimux/mainroad.git
+[submodule "web_index/themes/aamod"]
+	path = web_index/themes/aamod
+	url = https://github.com/recoverysource/aamod.git

LICENSE.txt

@@ -0,0 +1,26 @@
+Copyright: 2025 Michael Lustfield (MTecknology)
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice, this
+   list of conditions and the following disclaimer in the documentation and/or
+   other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its contributors may
+   be used to endorse or promote products derived from this software without
+   specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.

Makefile

@@ -0,0 +1,66 @@
+#!/usr/bin/make -f
+##
+# Helper functions for Service management.
+##
+
+##
+# Services - web_index
+##
+
+web_index/site: web_index/themes/aamod/theme.toml web_index/themes/mainroad/theme.toml
+	cd web_index && hugo --minify -d site
+
+%/theme.toml:
+	git submodule update --init --recursive $*
+
+web_index-browse: web_index/site
+	cd web_index && sensible-browser site/index.html
+
+web_index-run:
+	cd web_index && hugo server --disableFastRender
+
+##
+# Testing
+##
+
+test: test-debian test-ubuntu test-rocky
+
+test-%: tpod_%
+	podman run --rm -it \
+		--hostname service01-test \
+		-v "$(PWD):/srv/ansible" \
+		tpod_$* /srv/ansible/test/docker/test.sh
+
+
+##
+# Container
+##
+
+# Create a container for testing
+tpod_%:
+	podman build -t $@ \
+		-f test/docker/create.$*
+
+# Log in to a container named "tpod_%"
+login-%: tpod_%
+	podman run --rm -it \
+		--hostname service01-test \
+		-v "$(PWD):/srv/ansible" \
+		tpod_$* /bin/bash
+
+
+##
+# Cleanup
+##
+
+# Purge podman and other testing artifacts
+clean: cleanpod-tpod_debian cleanpod-tpod_ubuntu cleanpod-tpod_rocky
+	podman system prune -f
+	# hugo
+	$(RM) -r web_index/.hugo_site web_index/resources web_index/site
+
+# Delete a container if it exists
+cleanpod-%:
+	@if [ -n "$(findstring $*,$(shell podman images))" ]; then \
+		podman rmi $*; \
+	fi

README.md

@@ -0,0 +1,91 @@
+Recovery Source: Services
+=========================
+
+This repository provides a "standardized" solution to test, deploy, and maintain
+various web "services" provided by [Recovery Source](https://handbook.recoverysource.net/).
+
+Basic Workflows
+---------------
+
+To Do ...
+
+Repository Structure
+--------------------
+
+The structure of this repository:
+
+- ``Makefile``: Convenient helper tasks
+- ``data/``: Primary source of data (all known 12-Step groups)
+- ``sync/``: Python3 module that collects and re-mangles data
+- ``web_index/``: Hugo-based website that hosts https://sober.page
+- ``ansible/``: Used for configuration management (deploy, maintain, etc.)
+- ``test/``: Data used for automated testing
+
+Web Index
+---------
+
+Sober Pages service as a directory services for 12-step focused websites and
+aims to provide support for basic maintenance tasks.
+
+See this website running at https://sober.page/.
+
+Source Data
+-----------
+
+Everything the Recovery Source project knows about 12-Step groups.
+
+### Data Format
+
+**Location:** ``data/domains/<group>.yaml``
+
+**Format [[YAML](https://handbook.recoverysource.net/essentials/yaml.html)]:**
+```
+<subdomain>:
+  title: website title
+  keywords: list, of, regions
+  target: <URL>
+  type: forward OR cname
+  feed: <type>^<URL>[^<options>]
+```
+
+**Required:** subdomain, title, target
+
+**Rules:**
+
+- ``data/domains/*.yaml`` MUST be [valid YAML](https://yaml-online-parser.appspot.com/)
+- [``title``, ``keywords``] may be mixed-case, all other fields must be lower-case
+- ``target`` should be the shortest functional URL (without
+[path/query/fragment](https://handbook.recoverysource.net/essentials/websites.html#url))
+- ``target`` should include www if upstream redirects to this address
+- ``feed`` may be a [YAML list](https://handbook.recoverysource.net/essentials/yaml.html)
+of feed locations (type+url)
+- ``subdomain`` is limited to one (1) per ``target``
+- ``subdomain`` format should follow ``[type][area]-[district]`` (e.g. aa0-5)
+- ``subdomain`` may append characters to resolve conflicts (e.g. aa1-4north)
+- ``subdomain`` should use the lowest represented district as canonical
+- ``subdomain`` can be used as a SP alias to redirect additional-represented districts
+- ``feed/type`` must be one of [``aamod``, ``tsml``]
+
+Sync
+----
+
+Data synchronization is done using the ``sync`` python module.
+
+**$ cd services && python3 -m sync -h**:
+```
+usage: python3 -m sync [-h] [actions] <options>
+
+Synchronize sober.page data with various destinations
+
+options:
+  -h, --help        show this help message and exit
+  -H <path>         Path to source data (hugo format)
+  -w <path>         Local workspace used for importing/caching data
+  -l <level>        Log level (DEBUG, INFO*, WARNING, ERROR)
+
+actions[*]:
+  -m <path>         Generate nginx map file at <path>
+  -z <zone>:<path>  Generate bind9 zone (db) at <path>
+
+[*] At least one script action must be specified.
+```

ansible/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+interpreter_python = /usr/bin/python3
+roles_path = roles
+vault_password_file = .vaultpass
+pipelining = True
+localhost_warning=False
+
+[inventory]
+inventory_unparsed_warning=False

ansible/group_vars/all/users.yml

@@ -0,0 +1,26 @@
+$ANSIBLE_VAULT;1.1;AES256
+63393666313830363662353230376637323363336230633237366330613438343761633233623236
+3364386139336661353064636135333231386331336430630a353764666537623935626638663831
+64666462626232393134363835663530643565366266386233636637313264636563366435333238
+3830623266663166630a643430383562666532636530356630386333313739346164306365323862
+62653362643763656531663039303939393038623765363832303831383937613161646531356135
+39346363313535376334303364326261343966663564623537663964633562653936663964353963
+37303666653263396334646635326363343763383461666564343239383137376130343439353935
+37623239613433326135376332313738336133316661316433313561633838373234303966663730
+33363539316235306130356338643165643330663663323233656133626639383235346533376437
+38343162363930656466346132346237616666373830393164326233323332303639373830663633
+39616639396438376433333636386130373938346465613239613865383130386236306262353565
+30323862386364396136336561666132363439323365353766356330626264303163316637613366
+62363837646535386166666237623364333433653733356461646130663562363662396537323636
+65613065326163666637393438613632623836646531316232666466316364303338663832626437
+65383331323762386535663763656432373135663562396463363062633766653765323061383036
+38333130376137323032393030613232333733313262616664366130653439643637633934613632
+36383239323036333230623038663435316533346464306163373865313266373065393964306339
+30383536323163316464383536326664636132373664353439656336333639303539326636356136
+31633737393430653831626565396332356435616232306339366136643331363539383332663636
+36616338386163316235343561623632356338623033623866656561666232393837313961313031
+36386332623161353132393333356565663030343130616436393434333337336131653266306430
+64613634613465366564623764333037333433663533653234383339656463383233643661613337
+63393364616264356531303531313365613863343131366538373537366662613866333437663134
+39383938653530316532653666653465383266343833356135636236333135636161376365646161
+3065

ansible/maintenance.yml

@@ -0,0 +1,11 @@
+---
+- name: Regular Maintenance
+  hosts: localhost
+  vars:
+    partial_install: "{{ (ansible_is_chroot) or ('container' in ansible_virtualization_tech_guest) }}"
+    is_server: "{{ not 'pc' in ansible_hostname }}"
+    is_desktop: "{{ 'pc' in ansible_hostname }}"
+    is_test: "{{ 'test' in ansible_hostname }}"
+  roles:
+    - common
+    - custom