🎙️In this episode of Running in Production, @drybjed goes over managing 40+ physical servers and 200+ VMs at a medical University using #Ansible
Maciej talks about being a sysadmin for 10+ years, why he picked @debian, writing 150+ Ansible roles & more!
https://t.co/HCDRPe0cD0
@andreasnrb@twigpress Looks like this is an issue due to recent changes in 'acme-tiny' and support for ACME v2 protocol, I think. The 'debops.pki' role will need to be updated, but this might take some time. You could switch to older 'acme-tiny' version for now: https://t.co/MtxSCOA1gw
@jankatins Sure, I'm using it to configure my laptops and workstations as well. You might want to enable Postfix for local mail, you can enable dotfiles support, it should all be possible. You can use 'debops.resources' role to create custom files and folders as needed.
@Crypt0Party Sorry for late reply, didn't get any notifications. The debops.gitlab_runner docs are here: https://t.co/2L4d8wyom4, look at Getting started section. I guess some more examples could be useful... Anyhow, configuration is done through Ansible inventory.
@dmw_83 That depends on what you want to cache. For APT packages, DebOps can setup an apt-cacher-ng service on a host/VM, for the rest, currently there's no support for a proxy like Squid, sorry. It's planned though.
@socketwench The previous tweet originates in the DebOps Software Source Policy (https://t.co/D9ciduqT0h), in which Debian Archive is preferred, so that software shouldn't suddenly disappear, and is well tested and integrated with the operating system.
@socketwench In the future I want to update 'debops.gitlab' so that it installs the Debian-packaged version by default, but lets you install the "upstream" version from source. Most of DebOps roles work in this fashion, where Debian version is preferred by default.
@socketwench The 'debops.gitlab' role was created more to have a test case for Ruby, nginx, Redis, MariaDB and PostgreSQL in DebOps, so that I could test that roles for them worked OK in a production environment. I'm not fond of Omnibus. Did you look at GitLab in Debian? Older, but packaged.
@socketwench Here's the GitLab playbook: https://t.co/2EQXXeUw4Q You can see that it uses other roles besides 'debops.gitlab' to configure the webserver, firewall, etc. If you want, you could swap them for different roles that offer the same things. That's how database support was done, BTW.
@socketwench I agree that some of the DebOps roles are unreadable, but that's what you get when you want to write a set of general-purpose roles. But they are definitely modular, each one takes care of one service, and they work together to set everything up, via role dependencies.
@socketwench This pattern is due to a design choice, where DebOps roles and playbooks are "read-only" and all modifications are done through Ansible inventory. Use of Ansible inventory groups lets you target the playbooks to whatever hosts you want, no need to modify the playbooks themselves.