Ansible playbook(s) to get my server just how I like it
| Task | Description | Notes |
|---|---|---|
| users | Sets up user accounts, groups, and permissions | |
| packages | Desired package/PPA/bin inclusion/exclusion | Eventually, non-standard PPA installs will get too big for this file (e.g. exa or asdf). Should think about subtasks/ dir |
| dotfiles | Clones and symlinks the dotfiles repo | Symlinks systemd service files, so this should always run before service install tasks |
| docker | Install Docker engine and supporting components | Responsible for shared Docker config such as prom-grafana bridge network |
| irssi | Install irssi | dotfiles task will handle symlinking ~/.irssi dir |
| prometheus | Install and configure Prometheus container and local node_exporter |
|
| grafana | Install and configure Grafana container | |
| certbot | Install certbot and install nginx certs for strongco.de and start.strongco.de |
Email and domains are hardcoded. Safely idempotent. certbot renew is handled by crontab from dotfiles |
| runner | Download Github actions-runner package | Runner requires time-sensitive token to configure - see task note |
Ansible will run with local connection as the Vagrant provisioner, so just
$ vagrant up
Override remote host IP with
$ ansible-playbook main.yml --extra-vars "var_host=<ip>"
DNS records are managed under iwantmyname.com with cloud firewall rules on DO