InternetSociety/ose-documentation

Idea - Create automation scripts / playbooks / recipes to configure self-hosted webservers

Opened this issue · 1 comments

Recently in a conversation I had, a person suggested we should explore how some of the new system administration automation tools (i.e. part of what is now called "DevOps") could help sysadmins rapidly configure their webservers with the configuration settings we promote in the OSE documentation.

This would useful for someone running their own (self-hosted) web server - or for the sysadmin team at a web hosting provider who want to configure a large number of Apache or NGINX web servers.

If we had an Ansible playbook (or a Chef recipe/cookbook or a Puppet manifest) that someone could use to run across their different web servers that just configured all the appropriate settings… then someone could run that across their Apache or NGINX instances and … boom… they would all be configured appropriately. (This would only work for HTTP/2 and TLS and its associated options like HSTS. IPv6 and DNSSEC would take more configuration in other forms.)

To do this... we would need people who know about Ansible/Chef/Puppet ;-)

I'll also note that we (Internet Society community) would not necessarily need to develop these ourselves. It could be something that we partner with "someone" to develop.