You can spin up a local staging VM and provision it using Vagrant and VirtualBox. Test the playbook before tagging/deploying it. See the /test directory

Command	Description
`vagrant up`	Spin up a staging VM and provision it.
`vagrant provision`	Provision (redo) a running VM with the Ansible playbook.
`vagrant destroy -f`	Destroy the VM completely

By default, it uses two cores with 2GB RAM, which can be overwritten with the environment variables VB_CPUS and VB_RAM.

Provisioning the target system with Ansible

You need the secret for the vault to decrypt the secrets. Editing the secrets can be done via ansible-vault group_vars/all/vault.yml.

To provision the actual server completely:

ansible-playbook site.yml

Each role has an ansible-tag with the same name. You can run individual roles using the tags, e.g.:

ansible-playbook site.yml --tags "traefik"

Playbook Contents

This project should contain at least these roles:

borg
- responsible for backups of vital persisted data of a hosts services
bootstrap
- the united usership of the server and their representative ssh keys and permissions
- Some bootstrap stuff like logrotate, etc.
docker
- responsible for provisioning a docker environment
traefik
- responsible for providing traefik and its configuration
unattended-upgrades
watchtower
- configures a container which is responsible for autoamtically updating other containers
wireguard