image: light show

My eventual goal is to create ansible scripts to automatically create, run, stop, and tear down cloud machines.

However, first, I had to standardise my existing OpenBSD configurations. That standardisation will be the basis for my intended cloud machines.

Unsurprisingly, my standardisation and management scripts reflect the way I set things up. Given I work in isolation, I can’t recommend copying anything: the chances are high that I’ve missed some good tricks, and, no doubt, done some rather silly things.

The scheduled scripts are:

  • daily.yml, which runs nightly, backs up machine configurations. I also run BackupPC under Centos to back the full machines up, but find independently collected and held copies of the configurations very useful.
  • monthly.yml, which runs monthly maintenance tasks (mostly cycling certain SSL certificates).

The as–and–when scripts:

  • common.yml, the script to run to maintain systems, doing the common stuff. I expect, at some point, I’ll produce a version of this script to run regularly.
  • facts.yml, which reports ansible facts.
  • passwd.yml, which updates account passwords.
  • patch.yml, which applies OpenBSD patches. I plan to add this to my daily script, once I’ve gained confidence that OpenBSD patches never break things (they’ve not done so yet, but life’s a bitch, etc.).
  • ping.yml, which checks that ansible can see a target machine.
  • reset.yml, which replaces and redistributes all certificates, including all SSL certs.