diff options
| author | EuAndreh <eu@euandre.org> | 2019-06-11 10:32:58 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2019-06-11 10:32:58 -0300 |
| commit | 4fa25a175495f75cc9340baa51e16a8903d6ec08 (patch) | |
| tree | 8a42707e6569ab4a865a2823f7596c49fb5f761e /TODOs.org | |
| parent | Run Terraform refresh when not destroying everything (diff) | |
| download | server-4fa25a175495f75cc9340baa51e16a8903d6ec08.tar.gz server-4fa25a175495f75cc9340baa51e16a8903d6ec08.tar.xz | |
Run shutdown with Ansible instead of Bash
Diffstat (limited to 'TODOs.org')
| -rw-r--r-- | TODOs.org | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -142,7 +142,10 @@ Also put all of the content of =secrets/*= into vps-state? Maybe rename it to vp Right now, secrets are scattered between the two repositories. By moving I can completely remove =git-crypt= from this repository. *** Cancelled: The =vps-state= repo isn't supposed to centralize all secrets, it's just a storage backend for Terraform files. -** NEXT Run backup on Terraform destroy action instead of manually in =provision.sh= +** DOING Run backup on Terraform destroy action instead of manually in =provision.sh= +Terraform's destroy provisioner isn't well suited for this: in case of failure [[https://www.terraform.io/docs/provisioners/#destroy-time-provisioners][it tries to run the provisioner more than once]]. I'd rather have it fail on the first error. + +Instead use Ansible to perform this instead of ad-hoc Bash commands. ** DONE Explicitly destroy Droplets before running Terraform apply CLOSED: [2019-06-05 Wed 19:48] ** DONE Store updated =.tfstate= even in case of deployment failure |