Config

Configuration of various hosts in my life using ansible

In Use Modules

Interesting reading for next steps:

https://yetiops.net/posts/proxmox-terraform-cloudinit-saltstack-prometheus/

Grab bag of important things

copy the devnet password to ~/.erisyon_ansible_pass
use --ask-become-pass when conditioning computers
always keep the hosts encrypted

Examples

# decrypt hosts
poetry run ansible-vault decrypt hosts_enc.yml --output hosts.yaml --vault-password-file ~/.erisyon_ansible_pass

# if you change hosts in the decrypted version, remember to re-encrypt and commit the change
poetry run ansible-vault encrypt hosts.yaml --output hosts_enc.yml --vault-password-file ~/.erisyon_ansible_pass

# run playbook for all development computers
poetry run ansible-playbook development.yml --check --ask-become-pass

# install galaxy things
poetry run ansible-galaxy install -r requirements.yaml

Tags

tag name	notes
`projects/ssh/password`	disables password auth over ssh
`projects/common`	installs common tools related to projects
`users/ossareh`	creates the ossareh user

Tag Naming

Format: <role name>/<arbtirary>.

Keep the role name the same as the role so that it's feasible to trace where a tag is defined, don't worry about duplicating tag notions if something has to span multiple roles; i.e. users/vega_user projects/vega_user is just fine if vega_user means something common across both projects.

Remember: no dogma! if it turns out this feels icky come up with something better :)

Debugging

Use the -v flag to ansible-playbook to see what's happening when things don't work

ossareh/config