cbhost-ansible

Ansible playbooks for a multi-purpose personal server.

This node hosts the following containers behind a NGINX reverse proxy:

• 3x WordPress (w/NGINX, Redis, & MariaDB)
• FilterLists
  • 1x Create React App (w/NGINX)
  • 1x ASP.NET Core API (w/MariaDB)
  • 1x .NET Core console app
  • 1x Discourse
• 1x Bitwarden

Managed Node Setup

Use a single DigitalOcean Ubuntu LTS droplet as a host. The $10/mo instance is required to satisfy Bitwarden's SQL Server dependency requiring 2GB ram. Include a public SSH key stored with DigitalOcean when creating the droplet. Enable droplet backups.

Control Node Setup

As primarily a .NET developer, I use a Windows development environment.

Windows is not supported for the control node. Ansible Docs

So, to get up and running, I am using WSL.

Enable and Install WSL

Follow the official docs for getting WSL up and running. Use the latest Ubuntu LTS image.

SSH Keys

Copy over .pem and .pub SSH keys (of the same name) into WSL ~/.ssh directory.

Use keychain to automatically launch ssh-agent and ssh-add the key every time a WSL terminal instance is opened.

• sudo apt-get install keychain

• Add to ~/.bashrc: eval $(keychain --eval id_rsa)

via StackOverflow

git clone

Clone this cbhost-ansible repo into a directory inside of the WSL instance.

Authenticate with GitHub

With 2FA enabled on GitHub, create a personal access token (PAT) and configure credential.helper to store it via git in WSL. The first git push requires providing a username and PAT. The credentials are then stored for future pushes.

VS Code WSL Remote

Install the Remote - WSL extension inside of Visual Studio Code on the Windows host to edit the git repo.

Inventory

Add the IP of the managed node droplet to /etc/ansible/hosts inside WSL.

Common Ansible Commands for Running/Debugging

• ansible all -m ping -u root
• ansible all -m ping
• ansible-playbook 00-cbhost.yml