Skip to content

Latest commit

 

History

History
54 lines (35 loc) · 1.89 KB

README.md

File metadata and controls

54 lines (35 loc) · 1.89 KB

ansible-atriso-config

Ansible driven configuration automation for:

Initial inspiration for the macOS setup from Superlumic but went with a more purer Ansible driven setup similar to geerlingguy/mac-dev-playbook.

Inspiration

Preparation

  • Install Ansible
  • clone this repo
  • run ansible-galaxy install -r requirements.yml --force

Usage

For the MacBook Pro laptops, use one of the following commands:

  • run ansible-playbook playbooks/mac-personal/main.yml -K
  • run ansible-playbook playbooks/mac-work/main.yml -K

For the PiKVM, use the following command:

  • run ansible-playbook playbooks/pikvm/main.yml --extra-vars @secrets.yml

The secrets.yml file contains a DNSimple API token created on the DNSimple portal.

The ssh keys can be found in 1Password.

Needs automation

The following parts need conversion into Ansible roles & tasks, but are documented here in the meantime.

PiKVM

After the Ansible setup, the PiKVM has the Certbot DNSimple plugin installed, together with the config file containing a DNSimple API token. The following commands are a one time setup required to get the certificate generated and renewed automatically:

$ rw
$ kvmd-certbot certonly --dns-dnsimple --dns-dnsimple-credentials /var/lib/kvmd/pst/data/certbot/runroot/certbot-dnsimple.conf -d kvm.home.atriso.be --email [email protected] -n --agree-tos
$ kvmd-certbot install_nginx kvm.home.atriso.be
$ kvmd-certbot install_vnc kvm.home.atriso.be
$ systemctl enable --now kvmd-certbot.timer
$ ro