init

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
commit: bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree: 9d10c3ec94ae11a7cd28131bbcf5d553245006ec /docs/INFRA_PLAYBOOK.md
download: mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz
mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/INFRA_PLAYBOOK.md b/docs/INFRA_PLAYBOOK.md
new file mode 100644
index 0000000..043d4dc
--- /dev/null
+++ b/docs/INFRA_PLAYBOOK.md
@@ -0,0 +1,9 @@
+Registering a new internal machine <hostname>:
+
+1. Register <hostname>.pub.infra.hatecomputers.club A record -> public ipv4
+2. Register <hostname>.int.infra.hatecomputers.club A record -> internal ipv4 in 10.155.0.0/16 subnet
+3. Put it on the internal VPN. i.e. add <hostname>.pub... in the wireguard-mesh after allowing ssh to root and everything
+4. Run the wireguard-mesh playbook
+5. Update the inventory record in wireguard-mesh to <hostname>.int...
+6. Now run the deploy-common playbook to allow ssh only internally, debugging as necessary if needed ; it should just work :))
+7. Add your new roles!
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
commit	bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree	9d10c3ec94ae11a7cd28131bbcf5d553245006ec /docs/INFRA_PLAYBOOK.md
download	mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip