Gitea – Ansible Installer Role

2026-02-272026-03-08 ~ Tom's IT Cafe ~ Leave a comment

Automation and configuration management are not just about comfort.
They provide security, auditability and operational freedom.

For this reason Tom’s IT Cafe provides an Ansible role that:

Downloads and installs the Gitea Linux binary
Sets up a system service (as a non-root user)
Sets up PostgreSQL (or SQLite for lightweight setups)
Optionally sets up a reverse proxy with Certbot or self-signed keys
Highly configurable through variables

The role focuses on a small, auditable code base with strong security.

Continue reading →

Ansible With SOPS – Secret Handling On Ghost Level

2025-10-012025-10-29 ~ Tom's IT Cafe ~ Leave a comment

SOPS: Secrets OPerationS – A silent tool for Ghost Operators. Silent Architects.

Ansible Vault safeguards your data.

The team grows.
The data is more complex.
Encrypted files are too much noise.

SOPS restores the signal.

Continue reading →

09 Ghost Operations – The Final Blades

2025-09-242025-09-24 ~ Tom's IT Cafe ~ Leave a comment

Sysadmins.
DevOps.
Developers.
Operators in different uniforms.

Continue reading →

08 Objective: Encrypt the Silence – Ansible Vault

2025-09-172025-09-17 ~ Tom's IT Cafe ~ Leave a comment

Ghosts know that secrets are critical.
You can’t let them sit or travel in plain text.
Ansible Vault is the blade of the Operator.

Continue reading →

07 Objective: Reusability and Doctrine – Roles

2025-09-15 ~ Tom's IT Cafe ~ Leave a comment

Write once.
Execute unlimited.
The Ghost Ops way.

Variables – loaded.
Templates – locked.
Tasks – trained.
Playbooks – executing.

Roles – fixed directory structures of Ansible code.

Continue reading →

05 Objective: Code as Message – Jinja2 Templates

2025-09-04 ~ Tom's IT Cafe ~ Leave a comment

Logic and data separated.
Variables are loaded.

Dynamic configuration files? Templates are your blades – fed by variables.

They support logic.
Loops.
Conditionals.

Ghosts don’t over-complicate.
Clarity keeps templates sharp.

Continue reading →

04 Objective: Fluid Intelligence – Variables

2025-09-01 ~ Tom's IT Cafe ~ Leave a comment

Hostnames.
Network addresses.
Ports.
Filenames.

They change.
They’re variables.

Continue reading →

03 Objective: Execution Vectors – Modules & Tasks

2025-08-29 ~ Tom's IT Cafe ~ Leave a comment

Modules – The Execution Units

Modules are small working horses.
Tactical code units. One module. One function. The UNIX way.
Clear Python code.
You don’t need Python – modules are abstracted to YAML.

Continue reading →

02 Objective: Whispers to Hosts – Inventories

2025-08-28 ~ Tom's IT Cafe ~ Leave a comment

You don’t command what you can’t see.
You don’t control what you can’t reach.

Inventories are your maps.
Your whispers travel through them.

Continue reading →

01 Objective: Forge The Blade – Deploy And Configure

2025-08-27 ~ Tom's IT Cafe ~ Leave a comment

Ansible brings surgical precision, or chaos and entropy.
The key is the installation and configuration.

Don’t go in war with a blunt sword.

Continue reading →

00 The Special Forces Of Operations – Ansible Tactical Briefing

2025-08-262025-08-26 ~ Tom's IT Cafe ~ Leave a comment

You whispered.
DeadSwitch delivers.
Ansible for the ghosts.
A training? No.
Tactical briefing.

Continue reading →

Protecting The Wire – Semaphore Behind SSL Proxy

2025-07-212026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Mission Brief

Plain text communication is loud. It’s bleeding data.
Prying eyes can see every bit in the wire.

You have to isolate the backend – the Semaphore UI and MySQL containers stay locked down. Unreachable for the external work.
Open a tiny hole on the stronghold to the world – the frontend is an NginX SSL proxy.

You use:

Podman pod for network and container isolation
The Semaphore and MySQL containers without exposing them to the world
An NginX proxy container with SSL

Continue reading →

Ghost Hands – Automating The Stronghold With Ansible And Podman

2025-07-092026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Mission Update

Now we automate.

The pod.
The proxy.
The secrets.

One playbook to conjure the setup, one command to repeat the ritual.

Continue reading →

Ansible Automation For Ghosts – Semaphore UI

2025-06-162026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Mission of the Ghost

Ansible is a sharp blade.

open source
command line
fast and efficient
Ghost approved

For operators craving API-driven command, Semaphore rises from Ansible’s silent core.

open source
fast, Go language based
UI
API

DeadSwitch maps it.

Continue reading →

Emacs Org Mode as the Ansible Control Tower

2025-06-022026-01-15 ~ Tom's IT Cafe ~ Leave a comment

The web is noise. The control tower is silent. No tabs, no clicks – only keys.
I don’t use Emacs for nostalgia. I use it because it bends to my will.
Ansible automates. Emacs orchestrates. Together, they form my Ops Terminal.

Continue reading →