Ansible project used for my production server for https://openpunk.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
CPunch af53eb4637
roles/gitea: support giteaUninstall variable
2 weeks ago
.vscode blog: maintain two separate builds of the site; one for tor, one for https 2 weeks ago
group_vars blog: maintain two separate builds of the site; one for tor, one for https 2 weeks ago
roles roles/gitea: support giteaUninstall variable 2 weeks ago
secrets@e643deb62e minor README changes 3 weeks ago
.gitignore Added secrets submodule 8 months ago
.gitmodules Added secrets submodule 8 months ago
README.md roles/deadswitch: role is now idempotent 2 weeks ago
run.yml roles/gitea: support giteaUninstall variable 2 weeks ago

README.md

OpenPunk's Ansible playbook

This is my failsafe (and also my helpful migration tool) for restoring the OpenPunk server. This handles setting everything back up, including:

  • gitea
    • sadly, no db migration is supported right now. maybe a future todo?
  • blog
  • tor mirror
  • nginx (for the above mentioned)
    • certbot's Let's Encrypt
  • my shell theme (zsh + powerlevel10k)
  • deadswitch (& the ssh + git config to allow pushes)

This playbook assumes the target VPS is running the latest debian stable release.

Notes to my future self

Add this to your local machine's crontab:

ssh openpunk 'touch /root/.deadtrigger'

Some DNS records also need to be set:

  • an A record with a git.* subdomain

Usage

ansible-playbook -i hosts --ask-vault-pass run.yml

NOTE: The 'secrets' directory has been omitted from this repo (so it's not going to run without the provided files)

Example hosts file

[hosts]
openpunk-vps ansible_host=104.238.138.76 ansible_user=root ansible_connection=ssh