feat: add dovecot backend servers

- add three backend dovecot servers
- add shared maildata cephfs subvolume

config/globals/profiles.yaml

@@ -159,6 +159,16 @@ shared_apps_jellyfin:
       properties:
         source: /shared/apps/jellyfin
         path: /shared/apps/jellyfin
+shared_apps_maildata:
+  description: "Mount /shared/apps/maildata directly into the container"
+  project: null
+  config: {}
+  devices:
+    - type: disk
+      name: maildata-shared
+      properties:
+        source: /shared/apps/maildata
+        path: /shared/apps/maildata
 
 # storage
 disk10:

config/instances/ausyd1nxvm2124/config.yaml

@@ -0,0 +1,8 @@
+description: Dovecot Backend
+cobbler_mgmt_classes:
+  - roles::infra::mail::backend
+profiles:
+  - disk20
+  - net_com1_eth0
+  - 2core4096
+  - shared_apps_maildata

config/instances/ausyd1nxvm2124/terragrunt.hcl

@@ -0,0 +1,54 @@
+locals {
+  node_name     = "prodnxsr0012"
+  config_common     = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
+  config_specific   = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
+  config            = merge(local.config_common, local.config_specific)
+  instance_name     = basename(get_terragrunt_dir())
+}
+
+inputs = merge(
+  {
+    name = local.instance_name
+  },
+  local.config
+)
+
+include "root" {
+  path   = find_in_parent_folders("root.hcl")
+}
+
+include "instances" {
+  path   = find_in_parent_folders("instances.hcl")
+  expose = true
+  merge_strategy = "deep"
+}
+
+dependencies {
+  paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
+}
+
+
+generate "incus" {
+  path      = "incus.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+    provider "incus" {
+      generate_client_certificates = false
+      accept_remote_certificate    = true
+      config_dir = "${get_env("INCUS_CONFIG_DIR")}"
+
+      remote {
+        name    = "${basename(get_terragrunt_dir())}"
+        scheme  = "https"
+        address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
+        port    = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
+        token   = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
+        default = true
+      }
+    }
+  EOF
+}
+terraform {
+  source = "${get_repo_root()}/modules/instance"
+}
+

config/instances/ausyd1nxvm2125/config.yaml

@@ -0,0 +1,8 @@
+description: Dovecot Backend
+cobbler_mgmt_classes:
+  - roles::infra::mail::backend
+profiles:
+  - disk20
+  - net_com1_eth0
+  - 2core4096
+  - shared_apps_maildata

config/instances/ausyd1nxvm2125/terragrunt.hcl

@@ -0,0 +1,54 @@
+locals {
+  node_name     = "prodnxsr0013"
+  config_common     = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
+  config_specific   = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
+  config            = merge(local.config_common, local.config_specific)
+  instance_name     = basename(get_terragrunt_dir())
+}
+
+inputs = merge(
+  {
+    name = local.instance_name
+  },
+  local.config
+)
+
+include "root" {
+  path   = find_in_parent_folders("root.hcl")
+}
+
+include "instances" {
+  path   = find_in_parent_folders("instances.hcl")
+  expose = true
+  merge_strategy = "deep"
+}
+
+dependencies {
+  paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
+}
+
+
+generate "incus" {
+  path      = "incus.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+    provider "incus" {
+      generate_client_certificates = false
+      accept_remote_certificate    = true
+      config_dir = "${get_env("INCUS_CONFIG_DIR")}"
+
+      remote {
+        name    = "${basename(get_terragrunt_dir())}"
+        scheme  = "https"
+        address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
+        port    = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
+        token   = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
+        default = true
+      }
+    }
+  EOF
+}
+terraform {
+  source = "${get_repo_root()}/modules/instance"
+}
+

config/instances/ausyd1nxvm2126/config.yaml

@@ -0,0 +1,8 @@
+description: Dovecot Backend
+cobbler_mgmt_classes:
+  - roles::infra::mail::backend
+profiles:
+  - disk20
+  - net_com1_eth0
+  - 2core4096
+  - shared_apps_maildata

config/instances/ausyd1nxvm2126/terragrunt.hcl

@@ -0,0 +1,54 @@
+locals {
+  node_name     = "prodnxsr0009"
+  config_common     = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
+  config_specific   = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
+  config            = merge(local.config_common, local.config_specific)
+  instance_name     = basename(get_terragrunt_dir())
+}
+
+inputs = merge(
+  {
+    name = local.instance_name
+  },
+  local.config
+)
+
+include "root" {
+  path   = find_in_parent_folders("root.hcl")
+}
+
+include "instances" {
+  path   = find_in_parent_folders("instances.hcl")
+  expose = true
+  merge_strategy = "deep"
+}
+
+dependencies {
+  paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
+}
+
+
+generate "incus" {
+  path      = "incus.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+    provider "incus" {
+      generate_client_certificates = false
+      accept_remote_certificate    = true
+      config_dir = "${get_env("INCUS_CONFIG_DIR")}"
+
+      remote {
+        name    = "${basename(get_terragrunt_dir())}"
+        scheme  = "https"
+        address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
+        port    = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
+        token   = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
+        default = true
+      }
+    }
+  EOF
+}
+terraform {
+  source = "${get_repo_root()}/modules/instance"
+}
+