Ansible project used for my production server for https://openpunk.com
Go to file
CPunch ab5b7c1d29 nginx: add http redirect to https 2024-03-10 13:52:04 -05:00
.vscode blog: maintain two separate builds of the site; one for tor, one for https 2023-01-16 17:17:07 -06:00
group_vars run: fix deprecated `vars` dictionary, moved giteaPort to group_vars 2024-02-24 15:51:25 -06:00
roles nginx: add http redirect to https 2024-03-10 13:52:04 -05:00
secrets@e643deb62e minor README changes 2023-01-14 17:36:51 -06:00
.gitignore gitea: can now backup the database remotely 2023-02-01 23:30:14 -06:00
.gitmodules Added secrets submodule 2022-05-31 13:20:17 -05:00
README.md REFACTOR: lots of changes, using ansible-galaxy roles for certbot, nginx & gitea 2024-02-21 15:56:43 -06:00
requirements.yml REFACTOR: lots of changes, using ansible-galaxy roles for certbot, nginx & gitea 2024-02-21 15:56:43 -06:00
run.yml run: fix deprecated `vars` dictionary, moved giteaPort to group_vars 2024-02-24 15:51:25 -06:00

README.md

OpenPunk's Ansible playbook

This is my failsafe (and also my helpful migration tool) for restoring the OpenPunk server. This handles setting everything back up, including:

  • gitea
    • backup and restoring are also supported
  • blog
  • tor mirror
  • nginx (for the above mentioned)
    • certbot's Let's Encrypt
  • my shell theme (zsh + powerlevel10k)
  • deadswitch (& the ssh + git config to allow pushes)

This playbook assumes the target VPS is running the latest debian stable release.

Notes to my future self

Add this to your local machine's crontab:

ssh openpunk 'touch /root/.deadtrigger'

Some DNS records also need to be set:

  • an A record with a git.* subdomain

Usage

First, make sure to install the requirements:

ansible-galaxy install -r requirements.yml

Then, run the playbook:

ansible-playbook -i hosts --ask-vault-pass run.yml

NOTE: The 'secrets' directory has been omitted from this repo (so it's not going to run without the provided files)

Backup and restore

Backup Gitea using the 'backup' tag

ansible-playbook -i hosts run.yml --tags backup

then, restore from the backup using the 'restore' tag

ansible-playbook -i hosts run.yml --tags restore

Example hosts file

[hosts]
openpunk-vps ansible_host=104.238.138.76 ansible_user=root ansible_connection=ssh