nabarun
18df60a291
Part of [Service Provider setup](https://www.notion.so/Service-provider-setup-a09e2207e1f34f3a847f7ce9713b7ac5) - Added ansible playbooks for: - Adding a new user with passwordless sudo - Configuring DNS records - Setting up the system with required packages and gpg key - Deploying k8s - Setting up container registry - Setting up laconicd and laconic-console - Setting up and starting webapp-deployer-api and webapp-deployer-ui - TODOs: - Mount gpg keys in webapp-deployer-api container Co-authored-by: Adw8 <adwaitgharpure@gmail.com> Reviewed-on: #10 |
||
---|---|---|
.. | ||
templates | ||
vars | ||
.gitignore | ||
deploy-backend.yml | ||
deploy-frontend.yml | ||
README.md | ||
run-laconic-console.yml | ||
run-laconicd.yml | ||
service-provider-setup.yml | ||
setup-container-registry.yml | ||
setup-dns.yml | ||
setup-k8s.yml | ||
setup-system.yml | ||
setup-user.yml |
service-provider-setup
Setup Ansible
To get started, follow the installation guide to setup ansible on your machine
Prerequisites
-
Set up a DigitalOcean Droplet with passwordless SSH access
-
Buy a domain and configure nameservers pointing to DigitalOcean
-
Generate a DigitalOcean access token, used for API authentication and managing cloud resources
Setup a new User
-
Create a new
hosts.ini
file:cp ../hosts.example.ini hosts.ini
-
Edit the
hosts.ini
file to run the playbook on a remote machine:[root_host] <host_name> ansible_host=<target_ip> ansible_user=<ssh_user> ansible_ssh_common_args='-o ForwardAgent=yes'
- Replace
<host_name>
with the desiredhostname
of the remote machine - Replace
<target_ip>
with the IP address or hostname of the target machine - Replace
<ssh_user>
withroot
- Replace
-
Verify that you are able to connect to the host using the following command:
ansible all -m ping -i hosts.ini # Expected output: # <host_name> | SUCCESS => { # "ansible_facts": { # "discovered_interpreter_python": "/usr/bin/python3.10" # }, # "changed": false, # "ping": "pong" # }
-
Setup
user-vars.yml
using the example filecp vars/user-vars.example.yml vars/user-vars.yml
-
Edit the
user-vars.yml
file:# name of the user you want to setup on the target host username: "" # password of the user you want to setup on the target host password: "" # path to the ssh key on your machine, eg: "/home/dev/.ssh/id_rsa.pub" path_to_ssh_key: ""
-
Execute the
setup-user.yml
Ansible playbook to create a user with passwordless sudo permissions:cd ../ LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
Become a Service Provider
Setup
-
Copy the vars files:
cd vars cp dns-vars.example.yml dns-vars.yml cp gpg-vars.example.yml gpg-vars.yml cp k8s-vars.example.yml k8s-vars.yml cp container-vars.example.yml container-vars.yml cp webapp-vars.example.yml webapp-vars.yml cd -
-
Update the following values in the respective variable files:
# vars/dns-vars.yml full_domain: "" # eg: laconic.com subdomain_prefix: "" # eg: lcn-cad service_provider_ip: "" # eg: 23.111.78.179 do_api_token: "" # Digital Ocean access token that you generated, eg: dop_v1... # vars/gpg-vars.yml gpg_user_name: "" # Full name of the user for the GPG key gpg_user_email: "" # Email address associated with the GPG key gpg_passphrase: "" # Passphrase for securing the GPG key # vars/k8s-vars.yml target_host: "deployment_host" org_id: "" # eg: lcn location_id: "" # eg: cad base_domain: "" # eg: laconic support_email: "" # eg: support@laconic.com # vars/container-vars.yml container_registry_username: "" # username to login to the container registry container_registry_password: "" # password to login to the container registry # vars/webapp-vars.yml authority_name: "" # eg: my-org-name cpu_reservation: "" # Minimum number of cpu cores to be used, eg: 2 memory_reservation: "" # Minimum amount of memory in GB to be used, eg: 4G deployer_gpg_passphrase: "" # passphrase for creating GPG key used by webapp-deployer, eg: SECRET
-
Update the
hosts.ini
file:[root_host] <host_name> ansible_host=<target_ip> ansible_user=root ansible_ssh_common_args='-o ForwardAgent=yes' [deployment_host] <host_name> ansible_host=<target_ip> ansible_user=<new_username> ansible_ssh_common_args='-o ForwardAgent=yes'
- Replace
<host_name>
with the desiredhostname
of the remote machine - Replace
<target_ip>
with the IP address or hostname of the target machine - Under
deployment_host
, Replace<ansible_user>
with the name of the user you have created
- Replace
-
Verify that you are able to connect to the host using the following command:
ansible all -m ping -i hosts.ini # Expected output: # <host_name> | SUCCESS => { # "ansible_facts": { # "discovered_interpreter_python": "/usr/bin/python3.10" # }, # "changed": false, # "ping": "pong" # }
-
Run the
service-provider-setup.yml
ansible-playbook to:- Create DNS records
- Deploy k8s
- Setup laconicd and laconic console
- Setup container registry
- Deploy the webapp-deployer API and webapp-deployer UI
LANG=en_US.utf8 ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER