alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity
130 Commits 2 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Alan Orth bb55506464
roles/nginx: Use Linode DNS servers for OCSP resolvers 
I didn't realize Linode had DNS resolvers, but they are much closer
than anything else (obviously).

Here is OpenDNS:

    # mtr --report 208.67.222.222
    Start: Sun Mar 22 15:31:50 2015
    HOST: mjanja                    Loss%   Snt   Last   Avg  Best  Wrst StDev
      1.|-- router1-lon.linode.com     0.0%    10    0.5   0.9   0.5   3.4   0.7
      2.|-- 212.111.33.233             0.0%    10    1.4   1.4   1.2   1.9   0.0
      3.|-- 217.20.44.194              0.0%    10    0.7   0.8   0.7   1.2   0.0
      4.|-- lonap.rtr1.lon.opendns.co  0.0%    10    1.2   1.1   0.9   1.4   0.0
      5.|-- resolver1.opendns.com      0.0%    10    1.0   0.9   0.8   1.0   0.0

And here is Linode's:

    # mtr --report 109.74.192.20
    Start: Sun Mar 22 15:32:30 2015
    HOST: mjanja                    Loss%   Snt   Last   Avg  Best  Wrst StDev
      1.|-- router2-lon.linode.com     0.0%    10    0.5   0.6   0.5   0.8   0.0
      2.|-- resolver1.london.linode.c  0.0%    10    0.4   0.4   0.3   0.8   0.0

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-03-22 19:06:33 +03:00
group_vars
Update tls cipher suite with latest string from Mozilla TLS guide
2014-10-25 12:36:19 +03:00
host_vars
host_vars/web05: Re-organize variables for wordpress_version logic
2015-02-19 18:42:47 +03:00
roles
roles/nginx: Use Linode DNS servers for OCSP resolvers
2015-03-22 19:06:33 +03:00
vars
vars/Ubuntu.yml: Add variables for provisioning user
2015-03-16 13:47:54 +03:00
.gitignore
Add top-level .gitignore
2014-08-25 15:15:55 +03:00
README.md
roles/nginx: Adjust Cache-Control headers
2014-11-07 00:29:53 +03:00
site.yml
Add site yml file
2014-08-25 13:21:00 +03:00
web.yml
Remove references to provisioning.yml
2015-02-26 16:53:48 +03:00

README.md

Ansible Playbook

Ansible playbook for base and initial configuration of web server hosting my personal websites. After successful execution of this playbook, however, there is still some manual work to import databases, copy site content, etc.

Assumptions

Before you can run this, a few things are assumed:

  • You have a clean, minimal Ubuntu 14.04 host up and running
  • You have a user account with password-less SSH access to the machine
  • You have sudo privileges on the remote host
  • You have created a hosts file with something like:
[web]
web01

Use

Once you've satisfied the the above assumptions, you can execute:

ansible-playbook web.yml -i hosts -K

Testing in a VM (KVM)

A simple way to test locally in a virtual machine using libvirt + KVM:

sudo virt-install -n web01 -r 1024 --vcpus 2 -l http://ubuntu.mirror.ac.ke/ubuntu/dists/trusty/main/installer-amd64/ --os-type=linux --os-variant=ubuntusaucy --disk /home/aorth/software/vms/web01.qcow2,device=disk,bus=virtio,format=qcow2,size=40 --vnc --cpuset=1,2 -x "auto=true priority=critical url=http://blah.com/~aorth/preseed/public/ubuntu-14.04.cfg"

This boots from a network Ubuntu mirror, then uses a preseed to automate the OS installation.

Testing in Vagrant

Not as simple as on GNU/Linux with KVM, but still easy:

vagrant init ubuntu/trusty64

Then uncomment the following line in your Vagrantfile:

# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
config.vm.network "public_network"

And finally, bring the machine up:

vagrant up
Description
Ansible playbook for base and initial configuration of web server hosting my personal websites.
ansible
Readme 4.3 MiB
Languages
Jinja 97.2%
Shell 1.7%
Perl 1.1%