ansible/README.md
2023-05-13 09:37:28 +08:00

36 lines
1.7 KiB
Markdown

# Testing ansible
```
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
# All servers
ansible-playbook all/playbook.yaml # Initialize
# Privacy Frontends
ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass privfrontends/playbook.yaml
```
To add secrets: `ansible-vault edit secrets.enc`
## Adding new services
Adding new services is a bit janky, for I had to set it up with normal commands instead of the preferred community.docker collection (it doesn't support v2 which we use on most of our compose files)
Firstly, add the thing to `docker_services` array/var in `/privfrontends/playbook.yaml`. This list **MUST** be maintaind in alphabetical order for ease of maintanence.
Then, create the `/compose/SERVICE_NAME` directory and add the compose file to the same. You can use the `{{inventory_hostname}}` variables where required.
If the service needs a secret key, add it to the ansible-vault secrets.enc with `ansible-vault edit secrets.enc`. If you are a Project Segfault sysadmin you already have the password for it :P
Past this, Caddy needs to be configured.
The common GeoDNS configuration can be done following this format
```
SERVICE_NAME.{{inventory_hostname}}.projectsegfau.lt SERVICE_NAME.projectsegfau.lt {
reverse_proxy :PORT
import def
import torloc SERVICE_NAME # Setup tor first following the wiki
}
```
Tor/I2P can be setup following the instructions in https://wiki.projectsegfau.lt/Internal:Setting_up_a_GeoDNS_service, with the only change that tor/i2p are now merged and they are in `/templates/01-extras.caddy`.
Past this, you can run the deployment as outlined in the beginning.
Please inform me (Arya) if any part of this documentation isn't clear, I suck at writing documentation.