[jay.scot]
[012]
--[ Automating my infra deployment and configuration
Another item on the TODO list was completed yesterday, moving all my
hand rolled infrastructure to Terraform and Ansible. I provisioned it
all and moved the DNS over to the new setup last night. I forgot to
update the DNS TTL and it was really high - DOH! Once the DNS has fully
propagated, I can shut down the old servers.
TERRAFORM
---------
I host all my server at Hetzner Cloud and luckily there is a provider
for Terraform. I managed to knock up scripts that provisions the
following for me in Hetzner:
add my public ssh key to account and attach to servers.
create full customizable firewall per server.
create X amount of servers, fully customizable.
create reverse dns names for each server.
bootstrap with cloud-init, creates and Ansible user with my key.
I was going to use cloud-init to configure the servers at boot but, that
would have been nightmare material. Overall, I am happy with the
Terraform scripts and won't have the need to refactor or change them
much.
ANSIBLE
-------
I really can't be bothered with Ansible these days if truth be told,
I have been using it for around 8 years now. So this part of the
configuration was kinda rushed, I will need to revisit the code at some
point. I never used standard tooling such as molecule etc. and it will
only work for Debian based systems. Anyway, this is what the Ansible
playbooks do for me.
common tasks - users, add packages, lock down ssh.
geomyidae - build from source, setup with systemd.
stagit-gopher - build from source, script to run via cron.
git - setup hosting with daemon running.
efingerd - install and add custom configuration.
I have thrown everything up on git if anyone wants the Terraform or
Ansible scripts. You can get them via a git clone or view them over
gopher with the following links.
0. git clone git://jay.scot/infra.git
1.
gopher://jay.scot/1/git/infra/
EOF
