@stuartgibson what are you doing with it? I’ve been meaning to investigate it for configuring new Macs

@mo I’ve got it that is will go off and create a new Linode server, create default users, disable roof login, disable password auth for SSH, install Apt updates, activate UFW, install Docker, pull, build and run the container, add the new server to the DB server firewall and pg_hba, create a DNS entry on AWS Route 53 to our Nginx proxy server, add the Nginx conf for the subdomain and run Certbot to install ssl certs and redirect port 80 to 443.

@stuartgibson wow. That’s impressive. Just need to hook it up to Siri shortcuts now 😉

@mo yeah, it’s very neat. Going to make more “useful” playbooks to manage update rollouts across all client apps simultaneously, add/remove developer access to servers in bulk, stuff like that.

@stuartgibson What led you to Ansible rather than one of the other options? I’m currently looking into that sort of stuff and am rather overwhelmed 😮

@marramgrass I looked it that, Terraform, Chef, Puppet and Ansible was the only one that did a good job describing how it worked 😂

I do like the very simple, declarative style too.

@stuartgibson @marramgrass I have a project that I started with Terraform. I was going to use Ansible to provision after I brought machines up with Terraform. Now I'm thinking I'll just do the whole thing with Ansible.

@stuartgibson @marramgrass I always preferred Ansible because it doesn't require a server unlike most of the alternatives.

@d3z @stuartgibson It’s something I now have a need to get my head round, but every time I’ve looked into it casually in the past I’ve found the initial hump very difficult to get over.

Ansible appeals to me for the same reason - requirements on the target host being so minimal.

@marramgrass @d3z I just started really basic, got one stage working then built it up until it worked. I put the whole thing in a Docker container too. Only tricky part was getting SSH agent forwarding into Docker on the Mac.

Happy to help with my swathe of one weeks knowledge 😜

@marramgrass one nice thing is you can always fall back to just issuing shell commands if there isn’t a module. Ansible Galaxy is also really handy, you can install something and then use it as a reference or tweak to suit your needs.

@stuartgibson Did you start with using Ansible to provision hosts, or did you start with modifying an existing host and then go back to that later? My sequential brain want to wok through it right from that start, but I fear I'll get myself bogged down too quickly.

@marramgrass bit of both. Provisioning app server from scratch, but making updates on the proxy and database servers.

@marramgrass I’ve probably created and torn down about 150 servers this week 😅

@stuartgibson I found this yesterday: leanpub.com/ansible-for-devops Looks pretty comprehensive, and up to date. I learn well from books, and I have high hopes. /cc @mo

@marramgrass Update on my adventures. I not have an Ansible playbook that will completely move an existing app from Heroku onto a new VPS, migrate the data, point the domain to the new server and create new LetsEncrypt certs.

I'm really loving it.

@stuartgibson That's pretty great.

I'm currently messing with AWS with it.

· · Web · 0 · 0 · 0
Sign in to participate in the conversation
NI Tech

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!