Use Ansible to manage our server's configuration and software deployment. This has some pretty big benefits:
If the VM breaks for whatever reason, we can start a new one and have it up and running again with minimum work.
It frees us to move cloud providers if we wish. Launch a server on the new provider, get SSH access working, point the playbook at it and go 🏃 .
It provides a "paper trail," under source control, of all changes made to the server. Accounts, configuration files, software.
It serves as documentation for our runtime dependencies - what we need to install from aptitude, what directories we need where, how we configure stuff.
It limits the number of people who need shell access, which improves our security posture.
Remaining work
[x] Get sudoers file working
[ ] Frontend
[x] Build Angular application
[x] Configure nginx to serve dist/ directory
[ ] Configure frontend to connect to the backend
[ ] Backend
[x] Configure and start systemd service unit
[x] Configure nginx to proxy requests to node
[ ] Configure server to connect to the database
[ ] GitHub Action to run the playbook on pushes to master
Use Ansible to manage our server's configuration and software deployment. This has some pretty big benefits:
Remaining work
dist/
directory