mirror of
https://github.com/CPunch/openpunk-ansible.git
synced 2024-11-23 07:40:09 +00:00
Ansible project used for my production server for https://openpunk.com
.vscode | ||
group_vars | ||
roles | ||
secrets@e643deb62e | ||
.gitignore | ||
.gitmodules | ||
README.md | ||
requirements.yml | ||
run.yml |
OpenPunk's Ansible playbook
This is my failsafe (and also my helpful migration tool) for restoring the OpenPunk server. This handles setting everything back up, including:
- gitea
- backup and restoring are also supported
- blog
- cron job for grabbing the
HEAD
of https://github.com/CPunch/openpunk && building the hugo site
- cron job for grabbing the
- tor mirror
- nginx (for the above mentioned)
- certbot's Let's Encrypt
- my shell theme (zsh + powerlevel10k)
- deadswitch (& the ssh + git config to allow pushes)
This playbook assumes the target VPS is running the latest debian stable release.
Notes to my future self
Add this to your local machine's crontab:
ssh openpunk 'touch /root/.deadtrigger'
Some DNS records also need to be set:
- an A record with a
git.*
subdomain
A Gitea Act Runner is also setup if the giteaRunnerToken
variable is defined in your hosts file.
Usage
First, make sure to install the requirements:
ansible-galaxy install -r requirements.yml
Then, run the playbook:
ansible-playbook -i hosts --ask-vault-pass run.yml
NOTE: The 'secrets' directory has been omitted from this repo (so it's not going to run without the provided files)
Backup and restore
Backup Gitea using the 'backup' tag
ansible-playbook -i hosts run.yml --tags backup
then, restore from the backup using the 'restore' tag
ansible-playbook -i hosts run.yml --tags restore
Example hosts file
[hosts]
openpunk-vps ansible_host=104.238.138.76 ansible_user=root ansible_connection=ssh giteaRunnerToken=my-token-yayy