Ansible project used for my production server for https://openpunk.com
Go to file
2022-10-04 13:13:46 -05:00
.github/workflows Deploy ansible playbook automagically 2022-10-04 12:21:22 -05:00
group_vars Inital commit 2022-05-30 10:46:36 -05:00
secrets@585d0fd7dd updated to latest secrets 2022-10-04 13:09:36 -05:00
static fix: wrong paths in imdead.sh (oops) 2022-10-04 13:13:46 -05:00
tasks better file permissions 2022-10-04 11:29:40 -05:00
templates privacy: set Referrer-Policy: no-referrer 2022-09-02 23:45:41 -05:00
.gitignore Added secrets submodule 2022-05-31 13:20:17 -05:00
.gitmodules Added secrets submodule 2022-05-31 13:20:17 -05:00
README.md updated readme 2022-10-04 12:51:54 -05:00
run.yml minor refactoring 2022-08-02 13:49:02 -05:00

OpenPunk's Ansible playbook

Workflow

This is my failsafe (and also my helpful migration tool) for restoring the OpenPunk server. This handles setting everything back up, including:

  • gitea
  • blog
  • tor mirror
  • nginx (for the above mentioned)
  • my shell theme (zsh + powerlevel10k)
  • deadswitch (& the ssh + git config to allow pushes)

This playbook assumes the target VPS is running the latest debian stable release.

Automatic deployment

On new release tags the playbook is automatically ran on the production openpunk vps. For more info checkout the .github/workflows/deploy.yaml workflow

Notes to my future self

The deadswitch has the deadtrigger setup every run, so you have a 14-day timer to add a one-liner to your crontab to keep that deadtrigger set.

Usage

ansible-playbook -i hosts --ask-vault-pass run.yml

NOTE: The 'secrets' directory has been omitted from this repo (so it's not going to run without the provided files)

Example hosts file

[hosts]
openpunk-vps ansible_host=104.238.138.76 ansible_user=root ansible_connection=ssh