arcodange-org/factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e3e0decd98e5b65b8d61e61933128c226a79db48
factory/ansible/arcodange/factory
History
Gabriel Radureau e3e0decd98 docs(adr): extend network-architecture ADR with .lab SSL/TLS deep dive 
Replaces the placeholder "Success Metrics" section with a detailed
walkthrough of the internal PKI: Step CA provisioners, cert-manager +
StepClusterIssuer wiring, certificate issuance/renewal sequence diagram,
device-trust installation steps, and troubleshooting playbook for the
common stuck-CertificateRequest / Traefik TLS / device-trust failures.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 12:55:27 +02:00
..
docs
docs(adr): extend network-architecture ADR with .lab SSL/TLS deep dive
2026-05-06 12:55:27 +02:00
img
new role gitea_repo
2024-08-16 13:53:03 +02:00
inventory
chore(ansible): use project-local uv venv for ansible runtime deps
2026-05-06 12:35:28 +02:00
meta
init arcodange factory
2024-07-05 16:16:11 +02:00
playbooks
docs(longhorn): document 2026-04-13 power-cut recovery + add data-recovery tooling
2026-05-06 12:55:18 +02:00
plugins
init arcodange factory
2024-07-05 16:16:11 +02:00
roles
use self signed cert for internal domain arcodange.lab
2025-12-31 17:38:04 +01:00
galaxy.yml
add pi3 to inventory + fixes
2024-12-15 22:13:03 +01:00
README.md
Update README with detailed playbook execution sequence
2026-04-08 11:04:11 +02:00

README.md

Ansible Collection - arcodange.factory

Documentation for the collection.

MY_TOKEN= #<my token (see https://www.duckdns.org/domains)>
kubectl create secret generic traefik-duckdns-token --from-literal="DUCKDNS_TOKEN=$MY_TOKEN" -n kube-system

%%{init: { 'logLevel': 'debug', 'theme': 'dark' } }%%
timeline
    title Playbook Execution Sequence
    section 01_system
        rpi
            : set hostname
        dns
            : install pi-hole
        ssl
            : step-ca
            : fetch root certificate
            : build docker image with CA
        prepare_disks
            : list partitions
            : format disk
            : mount disk
        system_docker
            : install docker
            : configure docker storage
            : restart docker
        longhorn
            : deploy longhorn
        k3s
            : prepare inventory
            : install k3s collection
            : install socat
            : deploy k3s cluster
            : configure kubeconfig
            : configure traefik
            : configure cert-manager
    section 02_setup
        backup_nfs
            : create RWX volume
            : create recurring job
            : deploy NFS
            : mount NFS
        postgres
            : create database
            : create user
        gitea
            : deploy gitea
            : create admin user
            : create organization
    section 03_cicd
        cicd : CI/CD
        gitea_token
            : generate token
        deploy_docker_compose
            : deploy gitea action
        argocd
            : generate token
            : deploy argocd
    section 04_tools
        Hashicorp Vault
            : gitea_token
            : hashicorp_vault
        Crowdsec
            : crowdsec
    section 05_backup
        Gitea Backup
            : gitea
        K3s PVC Backup
            : k3s_pvc
        Postgres Backup
            : create backup script
            : create restore script
Reference in New Issue View Git Blame Copy Permalink