Simple terraform resources to deploy an asciinema-server on GandiCloud VPS, using either Terraform or OpenTofu and a GandiCloud VPS private network.
This repository is published as a resource to go along this Gandi news article
Please read the comments section before deploying this, as this repository was made as a demo for the GandiCloud private network feature and not intended for production.
cp terraform.tfvars.example terraform.tfvars
| Key | Example Value | Description |
|---|---|---|
| asciinema_server_domain_apex | "example.local" | Bare domain name (without subdomain part) to deploy the asciinema server on |
| asciinema_server_subdomain | "asciinema" | Subdomain of the domain to deploy on |
| manage_dns_record_using_livedns | true | Wether to modify the DNS zone of the above domain using the go-gandi terraform provider |
| admin_ssh_pubkey | "change-to-your-ssh-pubkey" | SSH public key to authorize on the servers deployed |
You can check the other available variables that can be set in variables.tf.
For the nix users, a flake.nix provides a shell with opentofu and the asciinema client; run nix develop.
Otherwise, you need to install either Terraform or OpenTofu (tested with opentofu v1.6.0-dev).
You also need to source your OpenStack credentials, which can be done following this documentation
Finally, you need to provide a Gandi Personal Access Token through the variable gandi_personal_access_token if manage_dns_record_using_livedns is true. It can be sourced using:
source ./personal_access_token.sh
Once you have your client ready, run:
tofu init
tofu apply
Then, watch your deployment happen! Once done, note that cloud-init will still take a few seconds to run in your servers, to install and start the required services.
You can ssh into your server and check /var/log/cloud-init-output.log to check if everything went well.
Finally, you can visit your asciinema server using your favorite web browser.
You can check instructions on the asciinema-server official repository to know how to configure your client to use your new server.
Basically:
ASCIINEMA_API_URL=https://your.asciinema.host asciinema rec
The goal of this repository is to demonstrate a use case of the GandiCloud VPS private networks. As such, it was not made for production as it is missing a bunch of important things, such as:
- HTTPS
- backups
- registrations are open by default (see the
SIGN_UP_DISABLEDvariable in.env.demo) - included SMTP server is not correctly authenticated (SPF, DKIM... The emails might go into your spam folder)
The asciinema server is deployed as described in the asciinema installation guide, relying on podman and podman-compose to run the provided containers.
Some other GandiCloud VPS features that you might be interested in:
- Security groups can be used to add firewalling to your servers, declared in your terraform configuration
- Attach an additional volume to your server to store its data (asciinema recordings for example in this deployment); this can help you separate this data from your system and manage it independently (detach it from your server and attach it to another, configure auto-snapshots, etc),
- Snapshots can help you rollback to a previous configuration of your servers or restore your data in case you accidentally delete the content. You can request manual snapshot through the OpenStack API (e.g. CLI), or configure auto-snapshots in your Gandi web admin interface.
To get more information on the private network feature on GandiCloud VPS, you can check:
- the Gandi documentation
- the terraform resources definition in main.tf.
In this deployment, one private IP is declared explicitely (for the database server, see local.db_server_private_ip) and one is chosen dynamically by OpenStack (which powers the GandiCloud VPS platform), for the asciinema server. In both cases, the server can get its IPs using DHCP as this service is provided by OpenStack.