demo_ansible/README.md

49 lines
1.7 KiB
Markdown

# Ansible configuration for $HOST
This repository configures a server based on Ubuntu 20.04
If contains:
- Ansible files for deployment
- Vagrantfile for local testing
## Local VM for testing using Vagrant
You can spin up a local staging VM and provision it using [Vagrant](https://www.vagrantup.com/) and [VirtualBox](https://www.virtualbox.org/).
Test the playbook before tagging/deploying it. See the `/test` directory
| Command | Description |
| --- | --- |
| `vagrant up` | Spin up a staging VM and provision it. |
| `vagrant provision` | Provision (redo) a running VM with the Ansible playbook. |
| `vagrant destroy -f` | Destroy the VM completely |
By default, it uses two cores with 2GB RAM, which can be overwritten with the environment variables `VB_CPUS` and `VB_RAM`.
## Provisioning the target system with Ansible
You need the secret for the vault to decrypt the secrets. Editing the secrets can be done via `ansible-vault group_vars/all/vault.yml`.
To provision the actual server completely:
> ansible-playbook site.yml
Each role has an ansible-tag with the same name. You can run individual roles using the tags, e.g.:
> ansible-playbook site.yml --tags "traefik"
## Playbook Contents
This project should contain at least these roles:
- borg
- responsible for backups of vital persisted data of a hosts services
- bootstrap
- the united usership of the server and their representative ssh keys and permissions
- Some bootstrap stuff like logrotate, etc.
- docker
- responsible for provisioning a docker environment
- traefik
- responsible for providing traefik and its configuration
- unattended-upgrades
- watchtower
- configures a container which is responsible for autoamtically updating other containers
- wireguard