This repo is obsolete. A maintained version of this code lives at https://github.com/maximum-ethics/linode-caddy
Ansible role that will (eventually) automatically set up a web server for Sunrise Movement, currently using a virtual server on Linode.
First, ask Nelson for an account on the Sunrise Linode, so that you can create an API token. Then:
Make an inventory file at '/etc/ansible/hosts' (or /usr/local/etc/ansible/hosts if you use homebrew on Mac to install Ansible) with the following contents:
[sunrise]
attenborough
[local]
localhost
[local:vars]
pass_attenborough=[get the pass over Signal (for now)]
ssh_pub_key=[PASTE YOUR OWN PUBLIC KEY]
sunrise_linode_token=[PASTE YOUR OWN LINODE API TOKEN]ansible-playbook linode_create.yml --ask-become-pass
ssh attenborough
Change your password when prompted, and then you will be automatically logged out.
ansible-playbook sunrise.yml
This includes setting up the Caddy v2 web server, serving some hand-coded hub websites.
WAIT! If you are changing the IP address for an existing domain name, consider the TTL! Linode's default TTL is 24 hours. Many of our Godaddy subdomains currently have the TTL set to 1 hour.
If you power up your new Caddy webserver before DNS resolves correctly, it won't be able to get certificates from Let's Encrypt, and won't serve your websites. Worse, you may annoy Let's Encrypt by exceeding their rate limits (requesting certs you can't get) and then you'll have to wait even longer! (In the future we'll set up a dev environment so that you can test this playbook without requesting certs from Let's Encrypt.)
Make sure the domain resolves to the correct IP address before setting up Caddy.
To set up the server but avoid setting up Caddy, try:
ansible-playbook sunrise.yml --skip-tags "caddy_v2,new_handcoded"