Skip to content

rgianassi/infrastructure

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits

.github/workflows

.github/workflows

 
 

bootstrap

bootstrap

 
 

docker

docker

 
 

files

files

 
 

pillar

pillar

 
 

salt

salt

 
 

script

script

 
 

.cz.yaml

.cz.yaml

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

VERSION

VERSION

 
 

Repository files navigation

Infrastructure

Infrastructure project.

VM preparation

Create a new VM and prepare all partitions with GParted ISO. You can use the sfdisk dump file to recreate Linux partitions faster. When partitions are ready, start the Regolith Linux installation. Do a standard installation, but remember to create and format the EFI partition firstly and separately from other partitions. When OS is ready run the virtualization script to prepare execution for a particular environment. For example, for Hyper-V VMs you can use the Hyper-V Ubuntu post installation script. Hyper-V script needs to be run 2 times (you can restart the VM with init 6 at end of first script execution) and HvSocket must be enabled on the VM on an administrative PowerShell with Set-VM -VMName name_of_the_VM -EnhancedSessionTransportType HvSocket command. Remember to set enhanced session mode in Hyper-V, too. To make xrdp work with Hyper V and Regolith Linux create a .xsession file in the home folder containing regolith-session. At this point, you are ready to run the Bootstrap Salt installation script: remember to use the -M flag on the Salt master to install Salt master components. Register all minions (including the Salt master itself) with the Salt master. On Salt master, create a SSH key and upload it to GitHub. Clone the infrastructure repository and run the bootstrap script. The VM is ready to go.

Check pillar data

To check pillar data use the following commands:

sudo salt '*' saltutil.refresh_pillar
sudo salt '*' pillar.items

Secrets encryption

When saving sensitive data to control version, use one of the following commands:

echo -n "supersecret" | gpg --armor --batch --trust-model always --encrypt -r 598EC3F324A85B2DFD81F3F488747A7697B4D30A
mkpasswd -m sha-512 | gpg --armor --batch --trust-model always --encrypt -r 598EC3F324A85B2DFD81F3F488747A7697B4D30A
gpg --armor --batch --trust-model always --encrypt -r 598EC3F324A85B2DFD81F3F488747A7697B4D30A < pass.txt

To use that, you need the public key 598EC3F324A85B2DFD81F3F488747A7697B4D30A. To import it in your system under your account:

gpg --import files/exported_gpg_salt.key

Commit code

This project uses Python version of Commitizen to create conventional commits. To create a commit that follows Conventional commits run:

cz commit

To check if commits are in the right format run:

cz check --rev-range HEAD

To bump the version and update the CHANGELOG run:

cz bump --changelog

The tool automagically observes Semantic Versioning and keep a changelog.

About

My SaltStack based infrastructure project.

Topics

python shell saltstack infrastructure-as-code

Resources

Readme

License

Unlicense license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages