[jay.scot]
[012]


--[ Automating my infra deployment and configuration


Another item on the TODO list was completed yesterday, moving all my
hand rolled infrastructure to Terraform and Ansible. I provisioned it
all and moved the DNS over to the new setup last night. I forgot to
update the DNS TTL and it was really high - DOH! Once the DNS has fully
propagated, I can shut down the old servers.


TERRAFORM
---------

I host all my server at Hetzner Cloud and luckily there is a provider
for Terraform. I managed to knock up scripts that provisions the
following for me in Hetzner:


  add my public ssh key to account and attach to servers.
  create full customizable firewall per server.
  create X amount of servers, fully customizable.
  create reverse dns names for each server.
  bootstrap with cloud-init, creates and Ansible user with my key.


I was going to use cloud-init to configure the servers at boot but, that
would have been nightmare material. Overall, I am happy with the
Terraform scripts and won't have the need to refactor or change them
much.


ANSIBLE
-------

I really can't be bothered with Ansible these days if truth be told,
I have been using it for around 8 years now. So this part of the
configuration was kinda rushed, I will need to revisit the code at some
point. I never used standard tooling such as molecule etc. and it will
only work for Debian based systems. Anyway, this is what the Ansible
playbooks do for me.


  common tasks  - users, add packages, lock down ssh.
  geomyidae     - build from source, setup with systemd.
  stagit-gopher - build from source, script to run via cron.
  git           - setup hosting with daemon running.
  efingerd      - install and add custom configuration.


I have thrown everything up on git if anyone wants the Terraform or
Ansible scripts. You can get them via a git clone or view them over
gopher with the following links.


0. git clone git://jay.scot/infra.git
1. gopher://jay.scot/1/git/infra/


.EOF