Skip to content

michaeltoohig/personal-devops

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Personal DevOps

This repo contains my Ansible and OpenTofu scripts for deploying my personal projects. This is heavily influenced by a project by tboronczyk which can can be found here.

Getting Started

Before you begin, ensure both OpenTofu and Ansible are installed locally.

First, generate SSH keypairs for the root and user accounts.

ssh-keygen -N "" -C [email protected] -f keys/example-root
ssh-keygen -N "" -C [email protected] -f keys/example-user

Alternatively, use existing SSH keys from ~/.ssh or elsewhere. Just need to update the .tfvars file to point to these key files.

Second, prepare the environment variables for OpenTofu. Each environment is a separate directory in the opentofu/environments directory.

cd opentofu/environments
mkdir ./${ENVIRONMENT_NAME}
cp terraform.tfvars.example ./${ENVIRONMENT_NAME}/terraform.tfvars

Third, from within an environments directory, run OpenTofu to provision the infrastructure.

cd opentofu/environments/${ENVIRONMENT_NAME}
tofu init
tofu plan
tofu apply
tofu destroy

Adding a New Project

Provisioning a New Project

It is likely the global service found in opentofu/environments/${ENVIRONMENT_NAME} will likely cover my needs for my small projects. It is likely that a new project will need a domain or subdomain provisioned so when that is the case create a new proj_ service and module

mkdir opentofu/environments/${ENVIRONMENT_NAME}/proj_${PROJECT_NAME}
mkdir opentofu/modules/proj_${PROJECT_NAME}

In the project's service you can import the global vps_public_ip from Terraform remote state for DNS or other infrastructure that requires it.

data "terraform_remote_state" "global" {
  backend = "local"
  config = {
    path = "../global/terraform.tfstate"
  }
}

Be sure to include the appropriate environment_name in the project's locals.

locals {
  environment_name = "development"
}

Then run the project's module which should provision everything required by the project.

Configuring a New Project

Once the appropriate infrastructure is provisioned the configuration can be built. First, we need a project playbook and role.

mkdir ansible/playbooks/proj_${PROJECT_NAME}.yml
mkdir ansible/roles/proj_${PROJECT_NAME}

Once common roles are run in the playbook the project role can run in the playbook. This should mean any given project can be deployed in any order of the other projects. Later, I may want to change this and create setup roles or playbooks for particular types of projects that share the same basic configuration setup for Nginx, Docker, etc.

The project's variables can be stored in the appropriate environment directory.

nano ansible/environments/${ENVIRONMENT_NAME}/vars/proj_{PROJECT_NAME}_vars.yml
ansible-vault create --vault-password-file vault_password -i environments/${ENVIRONMENT_NAME}/vars/proj_${PROJECT_NAME}_vault.yml

About

DevOps for my personal projects.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published