Changeset - 778ff940ac19
Parent rev.
Child rev.
[Not reviewed]
0 1 0
Branko Majic (branko) - 9 years ago 2015-03-08 11:22:07
branko@majic.rs
MAR-7: Added some clarifications on where the commands should be run from. Added some general information about operating system user admin, and about manual steps that might need to be taken.
1 file changed with 25 insertions and 0 deletions:
docs/testsite.rst
25
0 comments (0 inline, 0 general)
docs/testsite.rst
Show inline comments
 
@@ -11,6 +11,10 @@ The test site covers everything, starting from generating the Debian preseed
 
files, through bootstrap process for new nodes, and onto deployment of all
 
remaining roles.
 

			




	
	
	
		
 
All example commands listed within this section should be ran from within the

			




	
	
	
		
 
``testsite`` directory in order to have proper environment available for

			




	
	
	
		
 
playbook runs.

			




	
	
	
		
 

			




	
	
	
		
 
A number of playbooks is provided out of the box:

			




	
	
	
		
 

			




	
	
	
		
 
bootstrap.yml (for bootstrapping a new node)

			




	
	
		
 
@@ -57,3 +61,24 @@ In order to deploy the test site, the following steps would normally be taken:

			




	
	
	
		
 

			




	
	
	
		
 
For details on how the playbooks and configuration have been implemented, feel

			




	
	
	
		
 
free to browse the test site files (in directory ``testsite``).

			




	
	
	
		
 

			




	
	
	
		
 
The playbooks and configurations for test site make a couple of assumptions

			




	
	
	
		
 
(mainly affecting the access to operating system, for other details see the

			




	
	
	
		
 
playbook and config files):

			




	
	
	
		
 

			




	
	
	
		
 
* Each server will be set-up with an operating system user ``admin``, capable of

			




	
	
	
		
 
  running the sudo commands.

			




	
	
	
		
 
* The password for operating system user ``admin`` is hard-coded to ``admin``.

			




	
	
	
		
 
* An SSH ``authorized_keys`` file is set-up for the operating system user

			




	
	
	
		
 
  ``admin``. The SSH key stored in it will be read from location

			




	
	
	
		
 
  ``~/.ssh/id_rsa`` (i.e. from home directory of user running the Ansible

			




	
	
	
		
 
  commands).

			




	
	
	
		
 

			




	
	
	
		
 
Additionally, some manual steps may be required to have a fully functioning

			




	
	
	
		
 
system:

			




	
	
	
		
 

			




	
	
	
		
 
* On ``ldap.example.com``, you should manually install the TLS private key and

			




	
	
	
		
 
  certificate ing locations ``/etc/ssl/private/ldap.example.com.pem``

			




	
	
	
		
 
  (*root:ldap, 640*) and ``/etc/ssl/certs/ldap.example.com.pem`` (*root:root,

			




	
	
	
		
 
  644*), respectively. After that, re-run the ``site.yml`` playbook in order to

			




	
	
	
		
 
  re-configure OpenLDAP server to use it.

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.