ansible-dev

Ansible dev environment

Code of Conduct

CODE_OF_CONDUCT.md:

The Creative Commons team is committed to fostering a welcoming community. This project and all other Creative Commons open source projects are governed by our Code of Conduct. Please report unacceptable behavior to conduct@creativecommons.org per our reporting guidelines.

Contributing

See CONTRIBUTING.md.

Goals

The aim of the project is to establish a robust and localized development environment utilizing Ansible and Docker. This environment will mirror a professional work setting, incorporating a dedicated security server (Bastion), automation through Ansible, a web server, and a data storage server. This configuration will simplify and secure development processes and serve as a blueprint for future projects at CC.

Docker containers:

The docker-compose.yml file defines the following containers:

• bastion-dev - Bastion (SSH jump server)
• ansible-dev - Ansible
• web-dev - Web server (Apache2/WordPress)
• db-dev - Database server (MariaDB)

See Create Local Ansible Dev Environment Using Docker for more details.

Setup

• Create the .env file:

  cp .env.example .env

• Execute the generate_ssh_keys script:

  ./generate_ssh_keys.sh

• Build and start Docker:

  docker-compose up

• Wait for the build and initialization to complete

SSH (Work in Progress)

The SSH setup has been established and is currently in use for the Ansible container. Follow the steps below to generate and use the SSH keys for the sysadmin user:

• Execute the generate-ssh-keys.sh script to generate the keys used by the sysadmin user:

  ./generate-ssh-keys.sh

• Bring down the existing Docker containers and start them again:

  docker-compose down
  docker-compose up -d

• Ensure the Docker containers are running:

  docker ps

• Execute the following command to confirm that SSH is working fine:

  ssh -i ./sysadmin-ssh-keys/rsa_sysadmin -p 22001 sysadmin@localhost

SSH connection from bastion:

• ProxyJump allow you to use ssh bastion to connect to the bastion-dev host, and ssh ansible-dev or ssh web-dev, and SSH will automatically connect through the bastion jump host.

• currently, db-dev is not handled through bastion

• Execute the following command to add ssh agent

  ssh-add ./sysadmin-ssh-keys/rsa_sysadmin

• Execute the following command to confirm the bastion connection:

  ssh -J sysadmin@localhost:22222 sysadmin@web-dev

  ssh -J sysadmin@localhost:22222 sysadmin@ansible-dev

Related Links

• Ansible Documentation
• FrontPage - Debian Wiki
• Docker Docs
• creativecommons/sre-salt-prime: Site Reliability Engineering / DevOps SaltStack configuration files
• creativecommons/index-dev-env: Local development environment for CreativeCommons.org (reference for docker project)

License

• LICENSE (Expat/MIT License)