Summary

Clone URL:

git Use ID

Description:

This repo contains our anisble configurations files for our network

Trending files:

Download:

Download as zip With subrepos

Latest Changes

x	5c2696aa6249	19 months ago	feat: add explanation for each web task file
x	8c929b927c0d	19 months ago	feat: add nginx config copying
x	793f41cb4d28	19 months ago	feat: add generic cert issuing task list
x	97740b3e6e8e	19 months ago	feat: add ansible installation task file
x	07ee9a8ac447	19 months ago	style: reformat firmware web file
x	61be6a0fea2c	19 months ago	style: modify web services in hosts file
x	140270910fde	20 months ago	fix: firmware playbook follows ansiblelint
x	5c17d88f3e11	20 months ago	fix: initial_setup, proper passwordless sudo, incl users
x	95993c623d68	20 months ago	feat: initial_server, replace colorful PS1 w/ color+feat for root bashrc
x	5f63e04fc9da	20 months ago	feat: initial_server, remove global bashrc edit

README.md

fflux Ansible Configuration

This repo contains Ansible configs for the Freifunk Lëtzebuerg infra.

Files

hosts: contains all of the machines.
Careful: a wrongly defined machine can lead to major problems.
authorized_keys: fflux user pubkey

Directories

files: templates for various playbooks
initial_server_setup: initial server setup
gateway: Set up a fflux gateway
api: api.freifunk.lu
firmware: firmware.freifunk.lu

Guide

Initial Server Setup

First, add the machine to hosts at the top of the file:

machine-name-here ansible_host=10.20.30.40

Note that machine-name-here will be the machine's hostname.

Then, put the machine under the [initial] group:

[initial]
machine-name-here ansible_user=root

Finally, change the default private SSH key under [all:vars] if necessary:

ansible_ssh_private_key_file=/home/myuser/.ssh/id_ed25519

You can now run the playbook:

fflux@fflux:~/repos/Ansible-Configuration$ ansible-playbook -i hosts initial_server_setup/initial_setup.yml

Note that the placement of the repositories might impact the playbook's behaviour, particularly for more advanced setups, incl. web server.

Install Website (freifunk, www, api)

First, make sure the machine is still configured properly at the top of the hosts file. (see initial server setup)

Then, put the machine under the [website-web] group:

perso-test

Note that if you are not running this on the fflux management server as the fflux user, you might want to check the remote authorized_keys (that one of your keys is allowed) and append ansible_user=fflux to that line, similarly to the initial server setup.

Do not forget to set the DNS records properly, so that the machine is reachable via the domain names. (at the time of writing freifunk.lu, www.freifunk.lu and api.freifunk.lu, but you can simply check the playblook)

On top of that, make sure that the fflux user has a ssh keypair (for git) which is configured properly on projects.c3l.lu. That way, it can clone the website and api repositories.

Finally, run the playbook:

fflux@fflux:~/repos/Ansible-Configuration$ ansible-playbook -v -i hosts web/install_website.yml