36 lines
1.7 KiB
Markdown
36 lines
1.7 KiB
Markdown
# Testing ansible
|
|
```
|
|
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
|
|
# All servers
|
|
ansible-playbook all/playbook.yaml # Initialize
|
|
# Privacy Frontends
|
|
ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass privfrontends/playbook.yaml
|
|
```
|
|
To add secrets: `ansible-vault edit secrets.enc`
|
|
|
|
## Adding new services
|
|
Adding new services is a bit janky, for I had to set it up with normal commands instead of the preferred community.docker collection (it doesn't support v2 which we use on most of our compose files)
|
|
|
|
Firstly, add the thing to `docker_services` array/var in `/privfrontends/playbook.yaml`. This list **MUST** be maintaind in alphabetical order for ease of maintanence.
|
|
|
|
Then, create the `/compose/SERVICE_NAME` directory and add the compose file to the same. You can use the `{{inventory_hostname}}` variables where required.
|
|
|
|
If the service needs a secret key, add it to the ansible-vault secrets.enc with `ansible-vault edit secrets.enc`. If you are a Project Segfault sysadmin you already have the password for it :P
|
|
|
|
Past this, Caddy needs to be configured.
|
|
|
|
The common GeoDNS configuration can be done following this format
|
|
```
|
|
SERVICE_NAME.{{inventory_hostname}}.projectsegfau.lt SERVICE_NAME.projectsegfau.lt {
|
|
reverse_proxy :PORT
|
|
import def
|
|
import torloc SERVICE_NAME # Setup tor first following the wiki
|
|
}
|
|
```
|
|
|
|
Tor/I2P can be setup following the instructions in https://wiki.projectsegfau.lt/Internal:Setting_up_a_GeoDNS_service, with the only change that tor/i2p are now merged and they are in `/templates/01-extras.caddy`.
|
|
|
|
Past this, you can run the deployment as outlined in the beginning.
|
|
|
|
Please inform me (Arya) if any part of this documentation isn't clear, I suck at writing documentation.
|