Light

fdm1 / terraform-ansible Goto Github PK

View Code? Open in Web Editor NEW

0.0 3.0 0.0 47 KB

Personal infra management/playground using Terraform and Ansible, integration with AWS and DigitalOcean

HCL 41.85% Shell 35.45% Python 22.70%

terraform-ansible's Introduction

terraform-ansible

Personal infrastructure management/playground. Works cross-cloud provider for both AWS and DigitalOcean.

Terraform

Apply the things:

$ ./bin/apply
$ ./bin/apply -target=module.aws
$ ./bin/apply -target=module.do

If an instance is getting rebuilt, it will re-ansible itself during the apply using a local-exec provisioner.

Ansible

All of these commands will need to know the ansible vault password. They also need to go through the bin script, as the host IP for the isntances are determined using the terraform output.

Run the ansible playbook:

$ ./bin/ansible playbook ansible/remote-server.yml
$ ./bin/ansible playbook ansible/remote-server.yml --limit lightsail
$ ./bin/ansible playbook ansible/remote-server.yml --limit digitalocean

Run other ansible commands:

$ ./bin/ansible -m ping
$ bin/ansible -a "echo foo"
$ bin/ansible -a "echo foo" --limit lightsail
$ bin/ansible -a "echo foo" --limit digitalocean

Encrypting or editing an encrypted file:

$ ansible-vault create path/to/ansible/file/main.yml   # create a file from scratch
$ ansible-vault encrypt path/to/ansible/file/main.yml  # encrypt an unecrypted file
$ ansible-vault edit path/to/ansible/file/main.yml     # edit an encrypted file
$ ansible-vault view path/to/ansible/file/main.yml     # view an encrypted file
$ ansible-vault decrypt path/to/ansible/file/main.yml  # view an encrypted file

Secrets are stored using ansible vault, and are automatically decrypted in ./bin/init to a file that is ignored by git

Encrypting a string via the vault (not using as editing them is almost impossible):

$ ansible-vault encrypt_string --ask-vault-pass

# Enter the string, and hit ctrl+d twice.

SSH

SSH onto the lightsail instance:

$ ./bin/ssh <cloud_provider [do|digitalocean, aws|lightsail] (default=do)> <username (default=frankmassi)>

terraform-ansible's People

Contributors

Watchers

terraform-ansible's Issues

fix sudo

what's my password? at least on lightsail

bin/ssh hangs sometimes

but why???

Maybe rethink secrets

Ansible secrets work, but are weird, and I probably will forget how to use them.

That or ensure documentation still makes sense since it's been 10 months

add some packages

now that users is working, do the ansible package install

python3
ipython
what else?
does aws come automatically on aws instances?
same for gcp instances and gcloud?

Implement GCP

All the clouds (except Azure)

generalize

Make it so someone can clone this repo, set secrets, and then use it.

instances should die after X hours of being idle

If I leave an instance running, it should die after a certain amount of time...maybe make configurable?

Upgrade to tf12

because it's better

better cli

should just create the auto vars for instance counts for you
should only allow 0 or 1 (I don't need a fleet of lightsail instances)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.