From 54fd61c887f266f8e2e6b1419a86fc6681116069 Mon Sep 17 00:00:00 2001 From: EuAndreh Date: Wed, 5 Jun 2019 16:38:53 -0300 Subject: Use Ansible instead of Bash for provisioning The deployment is not quite working, and I'm unable to test right now: DigitalOcean is returning 503 for my requests. As of this commit, I can run =ansible-playbook provider.yml= more than once and it will actually be idempotent. Notes: - SSH fingerprint are now taken from the public key file instead of manually supplying it in the terraform template using the =digitalocean_ssh_key= resource; - use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets created by Terraform; - use the =filename.env.extension= to create the concrete files in CI; - use the =user_data= to add the know SSH key pair to the newly created Droplet; - add =rotate-ssh-keys.sh= utils; --- secrets/ssh/vps-box-client.pub | 1 + 1 file changed, 1 insertion(+) create mode 100644 secrets/ssh/vps-box-client.pub (limited to 'secrets/ssh/vps-box-client.pub') diff --git a/secrets/ssh/vps-box-client.pub b/secrets/ssh/vps-box-client.pub new file mode 100644 index 0000000..5e62df9 --- /dev/null +++ b/secrets/ssh/vps-box-client.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzWSn7tTK0KQ3OHZkeWP2lh7+ljn+E3GBTzGnIhU2Ou25g4T/2kHMC2huaX0uQIa68NxKGqJpPXvSwBqdpRAeMZkVtukJelR5qSdA1/1mRn6L9vG4IlQpw1exdXcQG4ADx71BU8uvrX6NLo+xwvoj+FOQzCzCQcxzR2GF6LfPG/qz3g3sc0s+Lt9yTKG7akDJH1lUa4EwWOVfvV+uOYqFIQr1LmlmRXj5zQEHnzbF2Rw/KLC9sWIzb5mL+TucJ10gdwWUAFOor8XiY1Kxt7I3s8ELYdBfKzqDPP+TQomG2K2VVjLQR3/0KowKrj+nzfe7ymOFrSOc4jj0a2ZmOE8ogpzEVYq6lw6qYk6PSnSEPMVC2JQLkhVVHdPMfiMW8EPLNdARK9oa8ER/Qm03kbkVBlz8eTWTwieHnCYwtqDC34SBcVwF0lAkWSE/UutztpS7//XAjXmtjBQbaMEWQslfA3EHYfj35O9EQJn/m9L91UMmpGxtGWV8Kuk3+Sg6iosoLSdVjr0SgaacPASmqGn4VfCOVdm2sLVjQGSYwznIddK2lhVP8gELhLrRnF4QDKQsZoO3So2JwVLmWpR9DgoGG1WxHy+rhcu9cHwe65rY68D44e2Z5K4GXLZpzX4zjMitDprnXiS/V9CAAqarh3hCEo9PSRubQd+ZihBVoZVo10Q== andreh@velhinho-nixos -- cgit v1.2.3