mirror of
https://github.com/CPunch/openpunk-ansible.git
synced 2024-11-24 08:01:05 +00:00
Ansible project used for my production server for https://openpunk.com
.vscode | ||
group_vars | ||
roles | ||
secrets@e643deb62e | ||
.gitignore | ||
.gitmodules | ||
README.md | ||
run.yml |
OpenPunk's Ansible playbook
This is my failsafe (and also my helpful migration tool) for restoring the OpenPunk server. This handles setting everything back up, including:
- gitea
- sadly, no db migration is supported right now. maybe a future todo?
- blog
- cron job for grabbing the
HEAD
of https://github.com/CPunch/openpunk && building the hugo site
- cron job for grabbing the
- tor mirror
- nginx (for the above mentioned)
- certbot's Let's Encrypt
- my shell theme (zsh + powerlevel10k)
- deadswitch (& the ssh + git config to allow pushes)
This playbook assumes the target VPS is running the latest debian stable release.
Notes to my future self
Add this to your local machine's crontab:
ssh openpunk 'touch /root/.deadtrigger'
Some DNS records also need to be set:
- an A record with a
git.*
subdomain
Usage
ansible-playbook -i hosts --ask-vault-pass run.yml
NOTE: The 'secrets' directory has been omitted from this repo (so it's not going to run without the provided files)
Example hosts file
[hosts]
openpunk-vps ansible_host=104.238.138.76 ansible_user=root ansible_connection=ssh