ansible/README.md

# Testing ansible
```
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
# All servers
ansible-playbook all/playbook.yaml # Initialize
# Privacy Frontends
ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass privfrontends/playbook.yaml
```
To add secrets: `ansible-vault edit secrets.enc`

## Adding new services
Adding new services is a bit janky, for I had to set it up with normal commands instead of the preferred community.docker collection (it doesn't support v2 which we use on most of our compose files)

Firstly, add the thing to `docker_services` array/var in `/privfrontends/playbook.yaml`. This list **MUST** be maintaind in alphabetical order for ease of maintanence.

Then, create the `/compose/SERVICE_NAME` directory and add the compose file to the same. You can use the `{{inventory_hostname}}` variables where required.

If the service needs a secret key, add it to the ansible-vault secrets.enc with `ansible-vault edit secrets.enc`. If you are a Project Segfault sysadmin you already have the password for it :P

Past this, Caddy needs to be configured.

The common GeoDNS configuration can be done following this format
```
SERVICE_NAME.{{inventory_hostname}}.projectsegfau.lt SERVICE_NAME.projectsegfau.lt {
        reverse_proxy :PORT
        import def
		import torloc SERVICE_NAME # Setup tor first following the wiki
}
```

Tor/I2P can be setup following the instructions in https://wiki.projectsegfau.lt/Internal:Setting_up_a_GeoDNS_service, with the only change that tor/i2p are now merged and they are in `/templates/01-extras.caddy`.

Past this, you can run the deployment as outlined in the beginning.

Please inform me (Arya) if any part of this documentation isn't clear, I suck at writing documentation.
init 2023-05-13 06:44:40 +05:30			`# Testing ansible`
			```
			`ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force`
docs update 2023-05-13 07:07:28 +05:30			`# All servers`
			`ansible-playbook all/playbook.yaml # Initialize`
			`# Privacy Frontends`
			`ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass privfrontends/playbook.yaml`
init 2023-05-13 06:44:40 +05:30			```
			To add secrets: `ansible-vault edit secrets.enc`
docs update 2023-05-13 07:07:28 +05:30
init 2023-05-13 06:44:40 +05:30			`## Adding new services`
			`Adding new services is a bit janky, for I had to set it up with normal commands instead of the preferred community.docker collection (it doesn't support v2 which we use on most of our compose files)`

docs update 2023-05-13 07:07:28 +05:30			Firstly, add the thing to `docker_services` array/var in `/privfrontends/playbook.yaml`. This list MUST be maintaind in alphabetical order for ease of maintanence.
init 2023-05-13 06:44:40 +05:30
			Then, create the `/compose/SERVICE_NAME` directory and add the compose file to the same. You can use the `{{inventory_hostname}}` variables where required.

			If the service needs a secret key, add it to the ansible-vault secrets.enc with `ansible-vault edit secrets.enc`. If you are a Project Segfault sysadmin you already have the password for it :P

			`Past this, Caddy needs to be configured.`

			`The common GeoDNS configuration can be done following this format`
			```
			`SERVICE_NAME.{{inventory_hostname}}.projectsegfau.lt SERVICE_NAME.projectsegfau.lt {`
			`reverse_proxy :PORT`
			`import def`
			`import torloc SERVICE_NAME # Setup tor first following the wiki`
			`}`
			```

			Tor/I2P can be setup following the instructions in https://wiki.projectsegfau.lt/Internal:Setting_up_a_GeoDNS_service, with the only change that tor/i2p are now merged and they are in `/templates/01-extras.caddy`.

			`Past this, you can run the deployment as outlined in the beginning.`

			`Please inform me (Arya) if any part of this documentation isn't clear, I suck at writing documentation.`