Ever written an Ansible role in silence?
Not just code – structured ritual.
Where logic meets discipline.
Where every variable is defined, documented, and deployed – within the same file.
That’s the power of Org Mode.
This is the DeadSwitch way.
🔍 Inside the Org
* vault-minimal :hardened:test-ready:
:PROPERTIES:
:EXPORT_FILE_NAME: vault-minimal.yml
:END:
** TODO Install base packages
#+BEGIN_SRC yaml :tangle tasks/main.yml
- name: Install essential packages
apt:
name:
- curl
- gnupg
- ca-certificates
state: present
update_cache: true
#+END_SRC
** TODO Set hardened sysctl values
#+BEGIN_SRC yaml :tangle tasks/sysctl.yml
- name: Set kernel hardening parameters
sysctl:
name: "{{ item.key }}"
value: "{{ item.value }}"
state: present
loop:
- { key: "kernel.randomize_va_space", value: "2" }
- { key: "net.ipv4.conf.all.rp_filter", value: "1" }
#+END_SRC
🧠 What’s Happening Here?
- Tasks are tracked as Org TODOs with tags like
:hardened:or:test-ready: - YAML is written as embedded source blocks using
#+BEGIN_SRC yaml :tangletells Emacs where to export that block as a.ymlfile- One
.orgfile builds your whole role, file by file
⚙️ Then Just Tangle It
M-x org-babel-tangle
And now you have a hardened Ansible role, surgically deployed from your control file.
No clutter. No noise. Just disciplined output.
🧘 The DeadSwitch Flow
- 📁
roles/vault-minimal/vault-minimal.org← Source of truth - 📁
tasks/main.yml,handlers/main.yml, etc. ← Tangled outputs - 🧠 Each role is an org file
- 🗂️ All roles tracked in one Master Control Org File
“Write like a ghost. Deploy like a machine. Fear the noise.”
— DeadSwitch
Tom's IT Cafe 