Consolidation and simplification

· sysadmin journal ansible openbsd
This blog post is more than a year old. It is preserved here in the hope that it is useful to someone, but please be aware that links may be broken and that opinions expressed here may not reflect my current views. If this is a technical article, it may no longer reflect current best practice.

I’ve been doing a lot of consolidation and simplification in an effort to reduce the amount of brain I have to expend on various tasks and responsibilities. I think it’s working.

Last week I wrote about Ansible for Tor Metrics. I’ve also been working on Ansible for my own stuff. Some of the things I’ve been working on include:

  • consistent user account setup and synchronised SSH public keys
  • consistent privilege escalation (doas on OpenBSD, sudo on Debian)
  • all hosts are backed up via BackupPC
  • all hosts are monitored in Nagios

If you want to check out this stuff as it evolves, I’ve pushed it to (this link might break, I make no promises).

I’m wondering how I want to manage these Ansible roles going forward. Perhaps as git submodules or I could learn about Ansible Galaxy. Maybe I can do both. I’m a bit put off from Ansible Galaxy that the only option to sign up was to use GitHub and I’m trying to stop using these silos.

Speaking of stopping using things, I’ve killed my Netlify account. For a long time I used Netlify to host my blog but I’ve now moved it back onto a server I manage using my Ansible playbook.

When I signed up to Netlify, they offered a free account for open source people that included most, if not all, of the pro features. It seemed like they wanted to be a company that was giving back to the community that produces the stuff they are using. One day, without and notice or announcement, my account converted from an open source account to a simple “free” account. It felt sneaky and from then I wasn’t so happy with Netlify. I’m happy to have moved everything away now.

I learned a thing today: on OpenBSD, you can use arp(8) to send wake on LAN packets. Maybe that will come in handy for you. It used to be another command on its own but it looks like it was consolidated.

If you would like to contact me with comments, please send me an email.
If you would like to support my free software work, you can support me on Patreon or donate via PayPal.

This post was syndicated on: