Production runs of Ansible take place on the host or jail to be configured, as the {{service_user}}
, with a command line such as ::
ansible-playbook local.yml --vault-password=~/.vault-password
This playbook automatically determines which host it's runnning on based on the hostname and configures it accordingly.
Supply host-specific variables in group_vars/$hostname
.
To bootstrap a newly-installed system, use ./bootstrap HOSTNAME
.
Default is to log in to the remote system using your current username.
To change the remote login, use ./bootstrap HOSTNAME USERNAME
.
Before running the script, ensure:
Secrets are stored in secrets.yml
in the top-level directory, which is encrypted with ansible-vault <http://docs.ansible.com/playbooks_vault.html>
__.
To run Ansible with these production secrets, you will need to supply a shared vault password.
All secrets are loaded into Ansible variables.
By convention, these variables should be named with the prefix secret_
.
You can edit the secrets with ansible-vault --vault-password=~/.vault-password edit secrets.yml
.
This repository contains a few files unrelated to Ansible:
buildbot.asc
- Buildbot Release Team Keyringscripts/
- some scripts not under configuration management yet