Lobste.rs Ansible Playbook
Ansible playbook for lobste.rs.
Lobsters is a technology-focused link aggregation site.
$ ansible-playbook -K prod.yml
When working on test:
$ ansible-playbook --inventory=inventories/test.ini -K prod.yml
backup - TODO: backup site. prod - deploy to production. restore - TODO: restore from backup.
The following host groups are available:
backup - backup, archive, and log server. console - serial console access. Used to start, stop, and debug a host. db - SQL server. dns - authoritative DNS. mx* - incoming email. search - search middleware (Elasticsearch). smtp* - outgoing email. www* - http over SSL.
groups marked with an asterisk (*) use public SSL certificates.
The following variables are available:
backup_server - database dump, log, static file, and email backup. console_server - serial console (for grub), installer (with live cd), reverse DNS, and SSH key management. db_server - SQL server. dns_server - authoritative DNS server. mx_server - incoming mail server. search_server - search middleware. smtp_server - outgoing mail server. www_server - http.
When a host group has more than one hostname, the _server variable contains the authoritative name for the hosted sevice.
This playbook tries not to distinguish between host variables and group variables.
The following tags can be used to limit tasks in a playbook:
pkg - install operating system packages (deb or rpm). user - create or revoke system administrator accounts and public SSH keys.
A role name can be used as a tag. When given, the tasks in that role will be run.
mariadb - SQL database. lobsters - web application. nginx - http proxy and SSL termination. sysadm - accounts and ssh shell acess for system administrators. postfix - MX and smtp server. puma - App server
To use this playbook, you'll need an account in the sysadm role along with an SSH key pair.
$ ssh-keygen <++> ~/.ssh/config Host lobsters.xen.prgmr.com IdentityAgent none IdentityFile ~/.ssh/id_rsa-lobste.rs IdentitiesOnly yes Host lobsters.console.xen.prgmr.com IdentityAgent none IdentityFile ~/.ssh/id_rsa-lobste.rs IdentitiesOnly yes User lobsters <-->