This project defines my personal infrastucture as a set of terraform manifests and ansible playbooks, as detailed in the following blogpost.
The main idea is to centralize all configuration, whether they apply to instances or cloud services, and make it easy to add new services, secure and monitor them properly.
The first step is to create API keys for every single terraform provider being used, and add them to local config files:
- aws
- scaleway
- ovh
- datadog (the Datadog provider does not yet support parsing the
~/.dogrcconfiguration file, meaning I had to hack something together)
The terraform resources are organized by cloud provider (OVH, AWS, Scaleway, etc). To initialize each environment, run
$ make terraform-initTo plan or apply all terraform resources from all workspaces, run
$ make terraform-plan
$ make terraform-applyTo plan the terraforming of the resources of a given cloud provider (in that example, Scaleway), run
$ make terraform-scaleway-planTo apply these changes, run
$ make terraform-scaleway-applyBefore being able to configure the instances with the playbooks, we need to define their SSH configuration in ~/.ssh/config, along with a common configuration
Host *
User br
ForwardX11 no
IdentityFile ~/.ssh/id_rsa
ControlPersist 30m
ControlMaster auto
ControlPath ~/.ssh/cm/control:%h:%p:%r
Host pi
HostName home.balthazar-rouberol.com
Host gallifrey
HostName balthazar-rouberol.com
and list the hosts in /etc/ansible/hosts:
$ cat /etc/ansible/hosts
gallifrey
piTo bootstrap a given instance (gallifrey in that example), run its bootstrap playbook (the first time only):
$ make playbook-gallifrey-bootstrapOnce bootstraped, the instance can be configured via its regular playbook, run by
$ make playbook-gallifreyTo run the playbook for a given set of tags, you can add tags=<comma-separated-tags> to the make command:
% make playbook-gallifrey tags=monitoring