aboutsummaryrefslogblamecommitdiffstats
path: root/README
blob: 5bed9421a0c45c3aa6e9d1e320032b519f2cb8a0 (plain) (tree)
1
2
3
4
5
6
7
8
9
10


                        






                                                                             

















                                                                               


             
                  



                        
                                       




         
                                 



                               



                             

               

                               



                       

                         



                      

                        


                     



                    
 












                                                                               






                                                                               
rgoncalves.se ~~ ansible
========================

Peronal infrastructure, network mess and homelab. Every critical node such as
routers and hypervisor are/will be powered by BSD systems.

For now, the principal hypervisor is `bhyve` on FreeBSD, and the domain
controller is a mix of `pf`, `relayd` and `wireguard` on OpenBSD latest.


development guidelines
----------------------

- OpenBSD first! Playbooks, roles and tasks are aimed to be deployed on OpenBSD
  instance first. Because we also need a fallback system, AlpineLinux is the
  next system to be targeted.


technology stack
----------------

- domain controller : `httpd`, `relayd`, `pf` and `wireguard`. Checkout
  https://bsd.plumbing for the first two components. `acme-client` is also
  needed for providing https.
  Note: https is provided from the domain controller level. The traffic from
  the domain controller host and source host is http only, but secured via
  the wireguard tunnel.

naming scheme
-------------

- ws:  workstation
- dc:  domain controller
- st:  stack server
- sw:  switch
- rt:  router
- st[x][role][number]:  virtual machine


inventory
---------

- dc0 : OPENBSD domain-controller
	- wireguard (exit-node)
	- relayd
	- pf
	- znc

- rt0 : DDWRT router

- stack0 : FREEBSD hypervisor
	- bhyve
	- nfsd

- st0dev0 : OPENBSD development
	- git
	- cgit
	- __gitdaemon__
	- __jenkins__

- st0cld0 : OPENBSD cloud
	- nextcloud
	- miniflux
	- __grafana__
	- __logstash__

- st0gme0 : ALPINE games
	- minecraft
	- factorio
	- stationeers

- ST0SBX-0 : OPENBSD
- ST0SBX-1 : ALPINE
- ST0SBX-2 : 9FRONT

userland
--------

A subdirectory in `roles` for workstations setup. It targets development
machine where these playbooks are launched.
It currently supports bootstrapping for:

- archlinux
- openbsd
- voidlinux (referred as `void` by ansible)

It setups main user, development packages, power scripts, services, system wide
configuration files.
 
good to know
------------

In various roles, the term `httpd` is used. For this particular infrastructure,
it is NOT the apache web server, but instead the OpenBSD web server
implementation.
remember that computers suck.