Infrastructure, playbooks and configuration for self-hosted services I run.
I automate some maintenance tasks with Buildkite.
hosting-backup-plausible |
Backs up my Plausible Analytics instance | |
hosting-backup-vault |
Backs up my Hashicorp Vault instance | |
hosting-backup-write |
Backs up my Writefreely instance |
I have a number of Terraform projects that don't belong to any particular project repositories, so I keep them here.
backups |
Automating backups of my self-hosted services |
elastic-ci-stack |
Autoscaling Buildkite agents, plus secrets needed by my Buildkite pipelines |
nicholas-dot-cloud |
Infrastructure related to my personal website |
nicholas-dot-cloud-preview |
Generating previews of pull request changes to my personal website |
terraform-backend |
An AWS backend for all my other Terraform projects to use |
vault |
Backend and policy configuration for my self-hosted Hashicorp Vault instance |
Each project is deployed by its own Makefile
.
make -C infrastructure/terraform-backend
I self-host a number of personal projects and services, and predominantly manage these with Ansible.
boyd
- A Raspberry Pi 3 Model A+ sitting on my desk- A Buildkite agent dedicated to uploading pipeline files
- A Writefreely instance available to my Tailnet at https://write.nicholas.cloud/
gandra-dee
- A small DigitalOcean dropletgyro
- A Raspberry Pi 4 Model B also sitting on my desk
Once again each project has its own Makefile
, but there a little bit of general setup required for Ansible too.
make -C deploy
make -C deploy/boyd
make -C deploy/gandra-dee
make -C deploy/gyro
There's a couple of assumed tools and setup needed before a new host is good to go with Ansible.
- Install Tailscale and add to your Tailnet
- Install Certbot
- Installing Certbot will require Snap
- For now, use the Cloudflare plugin and install the necessary credentials in
~/cloudflare.ini
Automatic renewal can be set up for a domain with the following command.
sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/cloudflare.ini --domain <domain>