From 54fd61c887f266f8e2e6b1419a86fc6681116069 Mon Sep 17 00:00:00 2001 From: EuAndreh Date: Wed, 5 Jun 2019 16:38:53 -0300 Subject: Use Ansible instead of Bash for provisioning The deployment is not quite working, and I'm unable to test right now: DigitalOcean is returning 503 for my requests. As of this commit, I can run =ansible-playbook provider.yml= more than once and it will actually be idempotent. Notes: - SSH fingerprint are now taken from the public key file instead of manually supplying it in the terraform template using the =digitalocean_ssh_key= resource; - use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets created by Terraform; - use the =filename.env.extension= to create the concrete files in CI; - use the =user_data= to add the know SSH key pair to the newly created Droplet; - add =rotate-ssh-keys.sh= utils; --- cloud-config.env.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 cloud-config.env.yaml (limited to 'cloud-config.env.yaml') diff --git a/cloud-config.env.yaml b/cloud-config.env.yaml new file mode 100644 index 0000000..dc8664e --- /dev/null +++ b/cloud-config.env.yaml @@ -0,0 +1,7 @@ +#cloud-config + +ssh_deletekeys: true +ssh_keys: + ssh_rsa_private: | +${PRIVATE} + ssh_rsa_public: ${PUBLIC} -- cgit v1.2.3