Adding new phlog entry. - gopherhole - My website source code.
(DIR) Log
(DIR) Files
(DIR) Refs
---
(DIR) commit cb272a0e6ba1f69ba0a8cc4c438f77941d5d4d7a
(DIR) parent ef69411968fdc716dc4613647ff3417bb7dee237
(HTM) Author: Jay Scott <me@jay.scot>
Date: Sun, 29 Jan 2023 10:37:26 +0000
Adding new phlog entry.
Diffstat:
M index.gph | 11 +++--------
A phlog/012.txt | 62 +++++++++++++++++++++++++++++++
2 files changed, 65 insertions(+), 8 deletions(-)
---
(DIR) diff --git a/index.gph b/index.gph
@@ -10,6 +10,7 @@
PHLOG
+[0|2023-01-29 ... Automating my infra deployment and configuration|phlog/012.txt|server|port]
[0|2023-01-14 ... Reducing my footprint, using a mini-pc|phlog/011.txt|server|port]
[0|2022-09-28 ... Convert mbox to maildir using fdm|phlog/010.txt|server|port]
[0|2022-09-13 ... A true cheap dumbphone,impossible?|phlog/009.txt|server|port]
@@ -25,17 +26,11 @@ PHLOG
PROJECTS
-[1|GIT ... all my git repos|git/|server|port]
-[1|HPUK ... organised collection of 1990s-2000 UK hack/phreak scene files|files/hpuk|server|port]
+[1|GIT ... all my git repos|git/|server|port]
META
[0|EMAIL|meta/email.txt|server|port]
[0|GPG|meta/jay.scot.asc|server|port]
-
-
-OFFLINE
-
-PHLOG ... curl -O gopher://jay.scot/0/phlog/[001-011].txt
-FILES ... curl -O gopher://jay.scot/0/files/hpuk.tar.gz (651MB)
+[1|FILES|files/|server|port]
(DIR) diff --git a/phlog/012.txt b/phlog/012.txt
@@ -0,0 +1,62 @@
+[jay.scot]
+[012]
+
+
+--[ Automating my infra deployment and configuration
+
+
+Another item on the TODO list was completed yesterday, moving all my
+hand rolled infrastructure to Terraform and Ansible. I provisioned it
+all and moved the DNS over to the new setup last night. I forgot to
+update the DNS TTL and it was really high - DOH! Once the DNS has fully
+propagated, I can shut down the old servers.
+
+
+TERRAFORM
+---------
+
+I host all my server at Hetzner Cloud and luckily there is a provider
+for Terraform. I managed to knock up scripts that provisions the
+following for me in Hetzner:
+
+
+ add my public ssh key to account and attach to servers.
+ create full customizable firewall per server.
+ create X amount of servers, fully customizable.
+ create reverse dns names for each server.
+ bootstrap with cloud-init, creates and Ansible user with my key.
+
+
+I was going to use cloud-init to configure the servers at boot but, that
+would have been nightmare material. Overall, I am happy with the
+Terraform scripts and won't have the need to refactor or change them
+much.
+
+
+ANSIBLE
+-------
+
+I really can't be bother with Ansible these days if truth be told, have
+been using it for around 8 years now. So this part of the configuration
+was kinda rushed, I will need to revisit the code at some point. I never
+used molecule etc. and it will only work for Debian based systems.
+Anyway, this is what the Ansible playbooks do for me.
+
+
+ common tasks - users, add packages, lock down ssh.
+ geomyidae - build from source, setup with systemd.
+ stagit-gopher - build from source, script to run via cron.
+ git - setup hosting with daemon running.
+ efingerd - install and add custom configuration.
+
+
+I have thrown everything up on git if anyone wants the Terraform or
+Ansible scripts. You can get them via a git clone or view them over
+gopher with the following links.
+
+
+0. git clone git://jay.scot/infra.git
+1. gopher://jay.scot/1/git/infra/
+
+
+.EOF