A series of Ansible scripts to manage my infrastructure.
Go to file
2024-06-06 23:36:49 -05:00
.templates Fix template 2020-10-17 00:27:46 -05:00
contrib Remove ara 2023-02-14 17:20:47 -06:00
handlers Make the FQCN warning happy again 2022-06-16 23:45:29 -05:00
inventories Decom firefly 2024-06-06 22:24:33 -05:00
oneoffs Move playbook to oneoffs 2024-03-29 16:12:42 -05:00
playbooks Oops I've had a server in prod running on empty this whole time 2024-06-06 23:36:49 -05:00
roles Remove vaultwarden, syncthing 2024-05-21 18:53:44 -05:00
.ansible-lint Fix linter 2023-10-29 15:08:34 -05:00
.gitignore Add some python stuff for env setup 2023-04-21 19:46:19 -05:00
.gitlab-ci.yml Lint in offline mode 2023-03-20 20:54:36 -05:00
.gitmodules Add checks for the R720's thermal monitors, also add those thermal monitors 2022-01-10 22:14:07 -06:00
ansible.cfg Use a well-known vault password file location 2022-07-23 18:04:15 -05:00
pull.yml Create dedicated ansible-pull playbook with basic maintenance tasks, use it 2021-09-22 07:43:28 -05:00
README.md Remove ara 2023-02-14 17:20:47 -06:00
requirements.txt Update reqs 2024-04-23 17:44:57 -05:00
requirements.yml Free up dep on snmpd 2024-04-23 17:49:14 -05:00
site.yml Revert a ton of the changes I just made because they were based on a false premise 2022-04-18 11:44:42 -05:00

Salt's Ansible Repository

Useful for management across all of 9iron, thefuck, and desu.

Initialization

  • Clone
  • ansible-galaxy install -r requirements.yml

For quick bootstrapping of tools and libraries used in this repo, see rehashedsalt/ansible-env. I use that exact image for CI/CD.

Deployment

Linux Machines

Each Linux machine will require the following to be fulfilled for Ansible to access it:

  • The server has a user named ansible which:

    • Accepts the public key located in contrib/desu.pub; and

    • Has passwordless sudo capabilities as root

  • The server is running Ubuntu 20.04 or greater

To automate these host-local steps, use the script file contrib/bootstrap.sh.

Windows Machines

lol don't

All Machines

Adding a new server will require these:

  • The server is accessible from the Ansible host;

  • The server has been added to NetBox OR in inventory-hard

  • DNS records for the machine are set; and

From there, running the playbook site.yml should get the machine up to snuff.

Zerotier

A lot of my home-network side of things is connected together via ZeroTier; initial deployment/repairs may require specifying an ansible_host for the inventory item in question to connect to it locally. Subsequent plays will require connectivity to my home ZeroTier network.

Cloud-managed devices require no such workarounds.