diff options
| author | EuAndreh <eu@euandre.org> | 2019-06-05 16:38:53 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2019-06-05 16:42:06 -0300 |
| commit | 54fd61c887f266f8e2e6b1419a86fc6681116069 (patch) | |
| tree | 74a9923d75be46dad6c967acd271cdb5d80fca45 /user-data.env.sh | |
| parent | Use =nix build= instead of =nix-build= (diff) | |
| download | server-54fd61c887f266f8e2e6b1419a86fc6681116069.tar.gz server-54fd61c887f266f8e2e6b1419a86fc6681116069.tar.xz | |
Use Ansible instead of Bash for provisioning
The deployment is not quite working, and I'm unable to test right now:
DigitalOcean is returning 503 for my requests.
As of this commit, I can run =ansible-playbook provider.yml= more than once and
it will actually be idempotent.
Notes:
- SSH fingerprint are now taken from the public key file instead of manually
supplying it in the terraform template using the =digitalocean_ssh_key=
resource;
- use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets
created by Terraform;
- use the =filename.env.extension= to create the concrete files in CI;
- use the =user_data= to add the know SSH key pair to the newly created Droplet;
- add =rotate-ssh-keys.sh= utils;
Diffstat (limited to 'user-data.env.sh')
| -rwxr-xr-x | user-data.env.sh | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/user-data.env.sh b/user-data.env.sh new file mode 100755 index 0000000..15d491c --- /dev/null +++ b/user-data.env.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +echo '$SSH_SERVER_PRIVATE_KEY' > /etc/ssh/vps-box-server +echo '$SSH_SERVER_PUBLIC_KEY' > /etc/ssh/vps-box-server.pub +echo 'HostKey /etc/ssh/vpx-box-server' >> /etc/ssh/sshd_config +systemctl restart sshd |