32 lines
1 KiB
Markdown
32 lines
1 KiB
Markdown
# vps
|
|
This repository contains all the files I use to manage services hosted on [viyurz.fr](https://viyurz.fr).
|
|
|
|
|
|
## Requirements
|
|
Ansible:
|
|
```
|
|
sudo apt install -y ansible
|
|
```
|
|
|
|
Setup SSL certificates with Certbot beforehand:
|
|
```
|
|
sudo apt install -y certbot python3-certbot-dns-ovh
|
|
```
|
|
|
|
|
|
## Secrets
|
|
Copy the existing `secrets.yml.example` to `secrets.yml`, run `ansible-vault encrypt secrets.yml` to encrypt the file with a password, and finally edit the newly encrypted file with `ansible-vault edit secrets.yml`.
|
|
|
|
If you want to change the vault password run `ansible-vault rekey secrets.yml`.
|
|
|
|
|
|
## Backups
|
|
Run the `backup-services.yml` playbook once to setup the passphrase file.
|
|
|
|
After that, you can create a root cronjob to run this playbook without requiring interactivity:
|
|
|
|
```
|
|
0 4 * * * export ANSIBLE_ROLES_PATH=/home/viyurz/vps/roles/; /usr/bin/ansible-playbook /home/viyurz/vps/playbooks/backup-services.yml -e include_secrets=false -e selected_projects=''
|
|
```
|
|
|
|
Here we leave `selected_projects` empty to backup all projects.
|