Ansible
Continuing on the path towards all my stuff being managed by Ansible, I’ve figured out a method of managing the reverse DNS entries for subnets on the Hetzner Dedicated Server.
There’s a bunch of Ansible modules for handling Hetzner Cloud, but these servers are managed in Robot which the Cloud API doesn’t cover. Instead, you need to use the Robot Webservice.
Ansible does have a module for doing pretty arbitrary things with web APIs though, so using that I’ve got the following playbook figured out to keep the reverse DNS entries in sync:
I’ve been doing a lot of consolidation and simplification in an effort to reduce the amount of brain I have to expend on various tasks and responsibilities. I think it’s working.
Last week I wrote about Ansible for Tor Metrics. I’ve also been working on Ansible for my own stuff. Some of the things I’ve been working on include:
consistent user account setup and synchronised SSH public keys consistent privilege escalation (doas on OpenBSD, sudo on Debian) all hosts are backed up via BackupPC all hosts are monitored in Nagios If you want to check out this stuff as it evolves, I’ve pushed it to git.
I’m thinking to experiment with a loosely organised but perhaps more regular posting style. I’m going to post these under the tag “journal” because I think that will fit these quite well. We’ll see if I keep these up, or if this one ends up standing alone.
For many people right now is a time of uncertainty, anxiety, fear and loss. For me though today was pretty much a normal day.