[HN Gopher] Foreman 3.0
___________________________________________________________________
Foreman 3.0
Author : el_duderino
Score : 47 points
Date : 2021-09-17 19:09 UTC (3 hours ago)
(HTM) web link (theforeman.org)
(TXT) w3m dump (theforeman.org)
| codetrotter wrote:
| First time hearing about this. After reading a bit on their
| homepage I next read the quickstart guide at
| https://theforeman.org/manuals/3.0/quickstart_guide.html.
|
| The quickstart guide lists the following operating systems as
| supported as of Foreman 3.0:
|
| - CentOS 7 x86_64
|
| - CentOS 8 x86_64
|
| - CentOS 8 Stream x86_64
|
| - Debian 10 (Buster), amd64
|
| - Red Hat Enterprise Linux 7, x86_64
|
| - Red Hat Enterprise Linux 8, x86_64
|
| - Ubuntu 18.04 (Bionic), amd64
|
| - Ubuntu 20.04 (Focal), amd64
|
| I became curious about whether anyone has used Foreman for
| managing FreeBSD hosts.
|
| I found a couple of resources relating to it. A little out of
| date but they probably provide a nice starting point still:
|
| https://projects.theforeman.org/projects/foreman/wiki/FreeBS...
|
| https://projects.theforeman.org/issues/2572
|
| https://forums.freebsd.org/threads/puppet-and-foreman-on-top...
|
| https://forums.freebsd.org/threads/pxe-and-unattended-freebs...
|
| Personally though I think Foreman goes beyond what I need for
| myself.
|
| Mainly what I am currently looking for is a way to better manage
| the services that I run on my FreeBSD server.
|
| The services in question are self-hosted mail and some websites
| and HTTP APIs.
|
| Up until now I've been running my self-hosted mail and websites
| and HTTP APIs all without making use of jails, but it's a bit of
| a messy setup and so my plan is to eventually isolate each of
| them in separate jails.
|
| The setup I am envisioning to replace the one that I currently
| have, is one where I will continue to use Caddy v2 reverse HTTP
| proxy like now but with some changes. Instead of having the
| websites and HTTP APIs that I host all live under /var/www/, I'm
| going to have each of them live in a separate jail, and make the
| UNIX domain socket for each site or HTTP API available to the
| main Caddy server. I already use UNIX domain sockets today for
| several of them, and from what I can tell it should be possible
| to share a UNIX domain socket either from a jail to the host, or
| from a jail to another.
|
| Another improvement I am looking to make is that instead of
| manually SSHing into my server and doing git pull followed by
| cargo build --release and restarting the service, I'm going to
| set up GitHub webhooks to trigger automatic rebuilds and service
| restarts when I push to master for each repository of each of the
| websites and HTTP APIs.
| https://docs.github.com/en/developers/webhooks-and-events/we...
|
| I am also looking to improve my mail setup by blacklisting some
| common keywords in spam that I get, and to set up some basic
| sender validation to reject or blackhole some of the other spam
| that I am getting.
|
| Currently I am running Postfix on my FreeBSD server, and not
| using SpamAssasin. I've had this setup for years and it's less
| than ideal but it's at the point where it's been hard to justify
| the time I'd have to spend setting up a better configuration. In
| other words, it's a janky setup but it works exactly enough that
| it hasn't really forced me to rework the setup almost at all in
| all of the many years since I originally did the setup. But one
| day I will.
|
| I ssh into the server and read mail using mutt. I also have
| notmuch installed but only use it a little bit now and then and
| still relying primarily on mutt. I'm not really happy about mutt
| either. It's neat in its own way but it's also a bit of a drag to
| use and even though I enjoy using the command line I don't feel
| like mutt is really a good fit for how I would like to use mail.
|
| Ideally I think I'd want something similar to how some of the
| features of GMail work, but mainly in terms of tagging and
| filtering. As for a web based interface, I don't want that part
| really.
|
| Is anyone else here running their own self-hosted e-mail? What's
| your setup like?
| paozac wrote:
| I thought it was a new version of
| https://github.com/ddollar/foreman
| louwrentius wrote:
| I am wondering why I would use foreman as it's quite simple to
| provision bare metal with Ansible + PXE + TFTP + HTTP.
| Riverheart wrote:
| If that's all you need. Bare-metal provisioning is a feature
| not the attraction. Foreman provides first class support for
| Puppet, with hostgroups, config groups, and smart class
| parameters so you can easily organize and manage your nodes
| from a friendly interface.
| AnnoyedComment wrote:
| Looks interesting. Also, you have a typo on your home page :
|
| The word "became" should probably be "become."
|
| I'll check out the software! Audits No more wondering why did
| your load balancer suddenly became a database. Check how, who and
| when in our audits system.
| buildbot wrote:
| Wow foreman is still around! I remember looking into it at my
| very first job to see if it would fit the bill for laying down
| operating systems on bare metal.
| drenvuk wrote:
| Why haven't I heard about this before? This seems like cockpit
| but more.
| the-dude wrote:
| Great OSS website which does not convey what the product actually
| is or does.
| dave84 wrote:
| I thought the homepage was pretty good at explaining what it
| does: https://theforeman.org/
| the-dude wrote:
| You are right. I am very sorry.
___________________________________________________________________
(page generated 2021-09-17 23:02 UTC)