| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Instead of performing this task on the generated =restore-backup.sh= file, do it
on provision.yaml.
The boolean logic is less confusing and the interpolation is less tricky.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Use strict 400 or 500 modes:
r: 4
w: 2
x: 1
4 means read-only, while 5 means readable and executable. None are writable:
immuatable infrastructure check.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Don't destroy everything on deploy. This would destroy the volume too.
|
| | |
|
|
|
The deployment is not quite working, and I'm unable to test right now:
DigitalOcean is returning 503 for my requests.
As of this commit, I can run =ansible-playbook provider.yml= more than once and
it will actually be idempotent.
Notes:
- SSH fingerprint are now taken from the public key file instead of manually
supplying it in the terraform template using the =digitalocean_ssh_key=
resource;
- use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets
created by Terraform;
- use the =filename.env.extension= to create the concrete files in CI;
- use the =user_data= to add the know SSH key pair to the newly created Droplet;
- add =rotate-ssh-keys.sh= utils;
|
