Common Tasks¶
Container Management¶
Update Container Configuration¶
- Edit template:
templates/config/core/coreams01/{service}/config/{file}.j2
- Run:
make apply
- If needed:
docker restart {container}
Update Container Image¶
- Edit
terraform/{hostname}.tf
- change image tag indocker_image
resource - Run:
make apply
Network Configuration¶
Update BIRD¶
- Edit:
networks/{hostname}/bird/bird.conf
- Run:
make sync-bird
(requires sudo password) - Verify:
sudo birdc show status
Update WireGuard¶
- Edit:
networks/{hostname}/wireguard/{interface}.conf
- Run:
make sync-wireguard
(requires sudo password) - Verify:
sudo wg show
Secrets Management¶
Edit Secrets¶
Add secrets in YAML format, use in templates as {{ secrets.key_name }}
.
Rotate a Secret¶
- Run:
make edit-secrets
- Change the value
- Run:
make apply
- Restart affected containers
Template Management¶
Add Configuration File¶
- Create:
templates/config/{group}/{hostname}/{service}/config/file.j2
- Run:
make apply
Test Rendering¶
Available Variables¶
{{ inventory_hostname }}
- Host name{{ ansible_host }}
- Server FQDN{{ secrets.key }}
- From secrets.yml- Group/host vars from inventory.yml
Deployment¶
Full Deployment¶
Config Only¶
Preview Changes¶
Next Steps¶
- Network Configuration - BIRD and WireGuard setup
- Adding Services - Add new services
- Architecture - Technical details