Project

General

Profile

Ansible Setup » History » Revision 31

Revision 30 (Brienne Kordis, 07/26/2023 03:57 PM) → Revision 31/32 (Jon Goldberg, 05/20/2024 05:42 PM)

{{last_updated_at}} by {{last_updated_by}} 

 # Ansible Setup 

 Ansible setup is now done through Ansible itself plus a short bootstrap script.    Please check earlier revisions of this page for manual setup. 

 ### Prerequisites 
 * You have sudo installed and you have sudo permissions. 
   * Run `sudo apt install` in your terminal to check 
 * You have a GPG key pair and SSH key pair on this computer. 
  * SSH Key: `ssh-keygen -t rsa` 
 * Your SSH public key for this computer must be added to your Gitea account.    Ideally it's also on other servers. 
   * In Gitea, go to **Settings > SSH / GPG Keys > Add Key** 
   * In your terminal, `cd .ssh` from your home directory 
   * Use either `nano` or `code` to open id_rsa.pub (if using nano, make sure to grab the full key!) 
   * Paste the key where prompted in Gitea 
 * Your GPG public key must be added to the pass database, and it must be signed by Jon. ([transferring a key instructions here](https://linuxhint.com/export-import-keys-with-gpg/)) 
 * Nextcloud should be installed. 
 NOTE: You can bootstrap without adding your server to crm.megaphonetech.com, but after bootstrap your server must be in the inventory. 

 ### Bootstrap stage 1 script 
 Run these commands: 
 [**NOTE**: There's a bug in Ubuntu 22.10 (and newer Debian) that prohibits downloading with ansible-galaxy. Comment out the step in localhost-bootstrap.yml and install manually in ~/.ansible/collections.) 

 ```shell 
 sudo apt install ansible git 
 git clone https://github.com/MegaphoneJon/ansible-main.git ansible --recursive 
 cd ansible 
 # Check out the "host_vars" repo, which has customizations for specific servers 
 git clone git@git.megaphonetech.com:megaphone/ansible_host_vars.git 
 # run the bootstrap stage 2. You'll be prompted for your 'BECOME password'; it's your user pw (for sudo). 
 ansible-playbook localhost-bootstrap.yml --inventory localhost, --ask-become-pass --extra-vars "ansible_user=ansible" 
 ansible-playbook provision.yml -limit [server_name] 
 ```