#ansible
27 posts25 participants6 posts today
The base is open.
The DeadSwitch Vault Minimal Pack is live — 6 hardened Ansible roles to build your fortress.
https://github.com/DeadSwitch404/vault-minimal
Pro grows in silence.
GitHubGitHub - DeadSwitch404/vault-minimal: This repo contains open-source Ansible roles for system hardening, curated and maintained by DeadSwitch. These are the public-facing versions of the hardened Vault Pack.This repo contains open-source Ansible roles for system hardening, curated and maintained by DeadSwitch. These are the public-facing versions of the hardened Vault Pack. - DeadSwitch404/vault-minimal
DeadSwitch Vault Minimal Pack Goes Open Source 
#Ansible ansible-core 2.18.5 is packaged for @opensuse #Tumbleweed and is being tested. Unless issues appear it will be sent to Tumbleweed later and will be available in one of the next snapshots in a zypper dup near you. Have a lot of fun!
(Same goes for the ansible package without "-core", it is packaged in 11.5.0 and being tested)
....aaaaaand #OpenBao (the fork of #Hashicorp #Vault) is on its way to @opensuse #Tumbleweed in the latest version 2.2.1. Since 2.2.0 the webui is included in OpenBao, so this can be a full replacement for Vault!
Looking forward to doing more testing with it!
In case you want to try it out, here is a #vagrant #libvirt setup using #Ansible to prepare an OpenBao server VM and a client using a secret.
https://codeberg.org/johanneskastl/openbao_vagrant_libvirt_ansible
Codeberg.orgopenbao_vagrant_libvirt_ansibleVagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database)
Как мы помогли Piklema Predictive создать надежную и масштабируемую IT-инфраструктуру
Piklema Predictive — российская компания, разрабатывающая решения для оптимизации горного производства через анализ данных диспетчеризации, цифровые советчики, MES-систем и планирования. За 4 года сотрудничества AvantIT выполнил три миграции их инфраструктуры между облаками (Azure → AWS → GCP → Azure), внедрил Kubernetes и настроил мониторинг, что позволило клиентам Piklema снизить затраты на производство на 15–20%. Проблема: Piklema столкнулась с двумя критичными ограничениями. Во-первых, их инфраструктура на Docker Compose не обеспечивала отказоустойчивость, требуемую промышленными заказчиками. Во-вторых, зависимость от грантов вынуждала ежегодно менять облачного провайдера, что приводило к ручным миграциям длительностью до 2 месяцев. Отсутствие мониторинга усугубляло риски: о нехватке ресурсов (например, места на диске) узнавали только после сбоев. Цель проекта: Создать гибкую, отказоустойчивую инфраструктуру, которую относительно просто переносить между облаками при завершении гранта. Она должна...
ХабрКак мы помогли Piklema Predictive создать надежную и масштабируемую IT-инфраструктуруPiklema Predictive — российская компания, разрабатывающая решения для оптимизации горного производства через анализ данных диспетчеризации, цифровые советчики, MES-систем и планирования. За 4 года...
On one of the terminals I use (Blink on iOS) I can't discern yellow on white, which is why I configure this in #Ansible
export ANSIBLE_COLOR_CHANGED="dark gray"
It looks a bit unusual because it's not yellow, but it helps me.
The switch is live.
Just dropped the base machine deployment playbooks - clean Debian & RHEL configs, zero fluff, ready right after install.
Open source. No sudo? No problem.
https://github.com/DeadSwitch404/base-machine-config
#Ansible #Linux #DeadSwitchOps
"The first silence is always setup." 
GitHubGitHub - DeadSwitch404/base-machine-config: 🚀 DeadSwitch Base Machine Deployment Minimalist Ansible playbooks to deploy clean, hardened Debian and RHEL systems right after installation — no sudo? No problem. The Cyber Ghost strikes first. Fear the silence. Fear the switch.🚀 DeadSwitch Base Machine Deployment Minimalist Ansible playbooks to deploy clean, hardened Debian and RHEL systems right after installation — no sudo? No problem. The Cyber Ghost strikes first. ...
Hi all. I'm hating to be writing this post, but here we are.
A little while ago, I was laid off from my SRE job at a government contractor.
If anyone is looking for an SRE with:
- #Linux experience (a lot)
- #BSD experience (some)
- Plan 9 and Haiku experience (a little)
- Experience with a large #Ansible codebase
- Experience managing thousands of servers
- Experience with bare metal and VM management
and who isn't afraid of code - I'm your person!
I try to live my life by moving slow and fixing things - I'd be especially interested in roles around labor organization, #climate action or with a socially conscious #coop if anyone from those communities is looking.
Boosts welcome!
Better together?!
I recently worte a small post on how you can reuse your existing #ansible playbooks to provision infra faster and more reliable by creating golden images with #packer.
You can check it out here if you are interested: https://henrikgerdes.me/blog/2025-04-ansible-packer/
henrikgerdes.meLevel up your Ansible Code - Creating Golden ImagesAnsible is a good start to automate recurring tasks, but it is slow. In combination with other IaC tools you can make your infrastructure truly reproducible and…
**Automatize Tarefas com Ansible!** 
Simplifique a automação e foque no que importa. Gerencie configurações e orquestre serviços de forma rápida e segura. Saiba mais: https://linuxsolutions.com.br/automacao-de-tarefas-com-ansible/?utm_source=dlvr.it&utm_medium=mastodon #Ansible #Automação #Produtividade
So I've spent a number of hours on using #ansible to build VMs automatically, which works quite well.
Well, except I can't get the cloud-init stuff to work to set up a user and the VMs have no network config, so I can't ssh into them. Le sigh.
Moozer projects and such · TDD and ansible - getting startedWrite an awesome description for your new site here. You can edit this line in _config.yml. It will appear in your document head meta (for Google search results) and in your feed.xml site description.
Hunting down easter eggs & putting them all in a single basket? Hopefully you're not doing the same with your VMs - the new ProxLB v1.1.1 is out, now!
#ProxLB is a loadbalancer for #Proxmox clusters that balances guests across your nodes based on cpu, memory or (local) disk size. It also comes with additional features like:
* Affinity / anti-affinity rules
* Maintenance mode
* Node evacuation (based on best resource usage)
* Best node evaluation for CI/CD (e.g. #Ansible or #Terraform)
Continued thread
OK, I managed to improve lots of things in those setups and make the setup more reliable (even in case it takes really really long for everything to be up).
https://codeberg.org/johanneskastl/gitlab_on_k3s_vagrant_libvirt_ansible
Now with four branches, one for Gitlab installed via helm chart and one using the Gitlab Operator.
And each of them with and without a Gitlab Runner being installed into the cluster.
Codeberg.orggitlab_on_k3s_vagrant_libvirt_ansibleVagrant-libvirt setup that creates a VM with k3s and installs GitLab in the cluster
The #Ansible role for #BigBlueButton is now able to install and configure BBB 3.0.x with embedded #coturn, even on cloud VMs behind a NAT router or firewall.
https://github.com/ebbba-org/ansible-role-bigbluebutton/tree/bbb/3.0
GitHubGitHub - ebbba-org/ansible-role-bigbluebutton at bbb/3.0Ansible role for a bigbluebutton installation (following the documentation on https://docs.bigbluebutton.org/administration/install and https://github.com/bigbluebutton/bigbluebutton) - GitHub - eb...
Ghostwritten Infrastructure: From Org Mode to Hardened YAML #Emacs #OrgMode #Ansible #Yaml #IaC
#LiterateDevOps #OrgBabel #TangleThatYaml #DeadSwitchWay
#DevOpsTools #LinuxAutomation #CyberGhostOps
#TechWriting #TomITCafe #SilentOps
Tom's IT Cafe · 🧬 Ghostwritten Infrastructure: From Org Mode to Hardened YAMLEver written an Ansible role in silence?Not just code – structured ritual.Where logic meets discipline.Where every variable is defined, documented, and deployed – within the same file. …
