2020-01-08 23:11:34 +00:00
|
|
|
* setup from scratch:
|
2020-11-11 05:22:38 +00:00
|
|
|
** install dependencies
|
|
|
|
ansible-galaxy collection install -r requirements.yml
|
|
|
|
|
|
|
|
** run a play
|
2020-01-08 23:11:34 +00:00
|
|
|
~ansible-playbook -i hosts.yml all.yml --ask-vault-pass --ask-become-pass~
|
|
|
|
|
2020-10-11 00:00:28 +00:00
|
|
|
** preparing open_the_vault
|
2020-01-14 21:43:52 +00:00
|
|
|
|
2020-10-11 00:00:28 +00:00
|
|
|
* wg
|
|
|
|
|
2020-01-14 21:43:52 +00:00
|
|
|
** clients
|
|
|
|
you probably want to deploy clients individually most of the time. to do that, provide a tag, like:
|
|
|
|
~ansible-playbook -i hosts.yml client_matrix.yml --ask-vault-pass --ask-become-pass --tags matrix_client~
|
2020-10-11 00:00:28 +00:00
|
|
|
|
|
|
|
** adding a client
|
|
|
|
- generate a new public/private keypair
|
|
|
|
- ~umask 077~
|
|
|
|
- ~wg genkey | tee privatekey | wg pubkey > publickey~
|
|
|
|
- add the pubkey to the groupvars/main.yml
|
|
|
|
- add the privkey to the groupvars/vault.yml
|
|
|
|
- add a task referencing the new client
|
|
|
|
- add a template with the groupvars embedded.
|
2020-10-11 23:22:53 +00:00
|
|
|
|
|
|
|
* instructions on specific roles
|
|
|
|
** awfulAll
|
|
|
|
awfulAll is a single server that's a catch all for services that don't need a dedicated vm.
|
2020-11-14 04:54:11 +00:00
|
|
|
~ansible-playbook -i hosts.yml awfulAll.yml --tags awfulAll~
|
|
|
|
** mediaserver
|
|
|
|
~ansible-playbook awfulAll.yml --tags mediaserver~
|
2021-02-26 23:27:48 +00:00
|
|
|
** certs/letsencrypt/acme stuff
|
|
|
|
~ansible-playbook acme-all.yml -v~
|
|
|
|
- right now for bouncer, syno
|
|
|
|
|
|
|
|
|
2020-11-14 04:54:11 +00:00
|
|
|
|