Move netmaker to deprecated

This also sets up tls-termination for mosquitto

_deprecated/netmaker/meta/main.yml

@@ -0,0 +1,3 @@
+---
+  dependencies: []
+    #- role: docker

_deprecated/netmaker_server/files/opt/netmaker_server/mosquitto/config/mosquitto.conf

@@ -1,11 +1,11 @@
 per_listener_settings false
 
 listener 8883
+protocol websockets
 allow_anonymous false
-certfile /certs/node.crt
-keyfile /certs/node.key
 
 listener 1883
+protocol websockets
 allow_anonymous false
 
 plugin /usr/lib/mosquitto_dynamic_security.so

_deprecated/netmaker_server/tasks/netmaker.yml

@@ -30,7 +30,7 @@
     headers:
       Authorization: 'Bearer {{ netmaker_creds.master_key }}'
       Content-Type: application/json
-  when: "inventory_hostname == groups['netmaker'][0]"
+  when: "inventory_hostname == groups['netmaker_server'][0]"
   register: default_mesh
   until: "default_mesh is not failed"
   retries: 2
@@ -50,7 +50,7 @@
     headers:
       Authorization: 'Bearer {{ netmaker_creds.master_key }}'
       Content-Type: application/json
-  when: "inventory_hostname == groups['netmaker'][0]"
+  when: "inventory_hostname == groups['netmaker_server'][0]"
   register: default_mesh_key
   until: "default_mesh_key is not failed"
   retries: 2

_deprecated/netmaker_server/templates/docker-compose.yml.template

@@ -33,15 +33,15 @@ services:
 
     -auth         /config.json
 
-{% if inventory_hostname != groups['netmaker'][0] %}
+{% if inventory_hostname != groups['netmaker_server'][0] %}
     -join-as  netmaker
-    -join     https://{{  netmaker_rqlite.http_host }}.{{ groups['netmaker'][0] }}:{{ netmaker_nginx.advertise_port }}
+    -join     https://{{  netmaker_rqlite.http_host }}.{{ groups['netmaker_server'][0] }}:{{ netmaker_nginx.advertise_port }}
 {% endif %}
     "
     # FIXME: /\ \/ Change http -> https
 
   netmaker: # The Primary Server for running Netmaker
-    image: gravitl/netmaker:v0.16.1
+    image: gravitl/netmaker:v0.17.1
     depends_on:
       - rqlite
     cap_add: 
@@ -104,7 +104,7 @@ services:
       - "51821-51830:51821-51830/udp" # wireguard ports
 
   netmaker-ui:  # The Netmaker UI Component
-    image: gravitl/netmaker-ui:v0.16.1
+    image: gravitl/netmaker-ui:v0.17.1
     depends_on:
       - netmaker
     links:
@@ -120,7 +120,6 @@ services:
       - ./mosquitto/config:/mosquitto/config
       - ./mosquitto/data:/mosquitto/data
       - ./mosquitto/logs:/mosquitto/log
-      - "./certs:/certs:ro"
     depends_on:
       - netmaker
     command: ["/mosquitto/config/wait.sh"]

_deprecated/netmaker_server/templates/nginx/passthrough.conf.template

@@ -6,7 +6,7 @@ stream{
         {{ netmaker_ui.host }}.{{ netmaker_base_domain }}   127.0.0.1:8443;
         {{ netmaker_api.host }}.{{ netmaker_base_domain }}  127.0.0.1:8443;
 
-        {{ netmaker_broker.tls_host }}.{{ netmaker_base_domain }}   mosquitto:8883; # todo: tls-terminate?
+        {{ netmaker_broker.tls_host }}.{{ netmaker_base_domain }}   127.0.0.1:8443;
 
         {{ netmaker_rqlite.http_host }}.{{ ansible_facts.nodename }}    127.0.0.1:8443;
         {{ netmaker_rqlite.cluster_host }}.{{ ansible_facts.nodename }}   rqlite:4002;

_deprecated/netmaker_server/templates/nginx/proxy.conf.template

@@ -3,7 +3,9 @@ map $host    $proxy_name {
     
     {{ netmaker_ui.host }}.{{ netmaker_base_domain }}               netmaker-ui:80;
     {{ netmaker_api.host }}.{{ netmaker_base_domain }}              netmaker:8081;
-    
+
+    {{ netmaker_broker.tls_host }}.{{ netmaker_base_domain }}       mosquitto:8883;
+
     {{ netmaker_rqlite.http_host }}.{{ ansible_facts.nodename }}    rqlite:4001;
 
     default         444;

netmaker/meta/main.yml

@@ -1,3 +0,0 @@
----
-  dependencies:
-    - role: docker