· sysadmin journal ansible openbsd

Consolidation and simplification

I’ve been doing a lot of consolidation and simplification in an effort to reduce the amount of brain I have to expend on various tasks and responsibilities. I think it’s working.

Last week I wrote about Ansible for Tor Metrics. I’ve also been working on Ansible for my own stuff. Some of the things I’ve been working on include:

  • consistent user account setup and synchronised SSH public keys
  • consistent privilege escalation (doas on OpenBSD, sudo on Debian)
  • all hosts are backed up via BackupPC
  • all hosts are monitored in Nagios

If you want to check out this stuff as it evolves, I’ve pushed it to git.sr.ht (this link might break, I make no promises).

I’m wondering how I want to manage these Ansible roles going forward. Perhaps as git submodules or I could learn about Ansible Galaxy. Maybe I can do both. I’m a bit put off from Ansible Galaxy that the only option to sign up was to use GitHub and I’m trying to stop using these silos.

Speaking of stopping using things, I’ve killed my Netlify account. For a long time I used Netlify to host my blog but I’ve now moved it back onto a server I manage using my Ansible playbook.

When I signed up to Netlify, they offered a free account for open source people that included most, if not all, of the pro features. It seemed like they wanted to be a company that was giving back to the community that produces the stuff they are using. One day, without and notice or announcement, my account converted from an open source account to a simple “free” account. It felt sneaky and from then I wasn’t so happy with Netlify. I’m happy to have moved everything away now.


I learned a thing today: on OpenBSD, you can use arp(8) to send wake on LAN packets. Maybe that will come in handy for you. It used to be another command on its own but it looks like it was consolidated.


If you would like to contact me with comments, please send me an email.
If you would like to support my free software work, you can support me on Patreon or donate via PayPal.


This post was syndicated on:

Articles from my friends' blogs

Yubikey GnuPG + SSH Agent with Fish

So I’ve had a lot of GPG issues over the last few months, and part of that has been me not bothering particularly to ensure I’ve got a consistent setup across my machines. Part of the issue is that I’m using a yubikey, and keep having to look at external r…

via Blogs on Foxk.it April 20, 2020

2AM

Fourty-five days ago, my livelihood vanished almost overnight. Let's talk about that.

via Alfie, online - blog April 16, 2020

Ansible x OpenBSD Web Deployment

I’ve recently switched most of my home and away infrastructure from Linux to various flavours of BSD. This blog post documents an attempt at deploying multiple static websites in the fastest way possible, on OpenBSD, with Ansible. It covers automating multi…

via Analog April 10, 2020

Generated by openring

Share Me