Sysadmins.
DevOps.
Developers.
Operators in different uniforms.
09 Ghost Operations – The Final Blades
Tag: iac
08 Objective: Encrypt the Silence – Ansible Vault
Ghosts know that secrets are critical.
You can’t let them sit or travel in plain text.
Ansible Vault is the blade of the Operator.
07 Objective: Reusability and Doctrine – Roles
Write once.
Execute unlimited.
The Ghost Ops way.
Variables – loaded.
Templates – locked.
Tasks – trained.
Playbooks – executing.
Roles – fixed directory structures of Ansible code.
Continue reading “07 Objective: Reusability and Doctrine – Roles”05 Objective: Code as Message – Jinja2 Templates
Logic and data separated.
Variables are loaded.
Dynamic configuration files? Templates are your blades – fed by variables.
They support logic.
Loops.
Conditionals.
Ghosts don’t over-complicate.
Clarity keeps templates sharp.
04 Objective: Fluid Intelligence – Variables
Hostnames.
Network addresses.
Ports.
Filenames.
They change.
They’re variables.
03 Objective: Execution Vectors – Modules & Tasks
Modules – The Execution Units
Modules are small working horses.
Tactical code units. One module. One function. The UNIX way.
Clear Python code.
You don’t need Python – modules are abstracted to YAML.
02 Objective: Whispers to Hosts – Inventories
You don’t command what you can’t see.
You don’t control what you can’t reach.
Inventories are your maps.
Your whispers travel through them.
01 Objective: Forge The Blade – Deploy And Configure
Ansible brings surgical precision, or chaos and entropy.
The key is the installation and configuration.
Don’t go in war with a blunt sword.
Continue reading “01 Objective: Forge The Blade – Deploy And Configure”00 The Special Forces Of Operations – Ansible Tactical Briefing
You whispered.
DeadSwitch delivers.
Ansible for the ghosts.
A training? No.
Tactical briefing.
Protecting The Wire – Semaphore Behind SSL Proxy
Mission Brief
Plain text communication is loud. It’s bleeding data.
Prying eyes can see every bit in the wire.
You have to isolate the backend – the Semaphore UI and MySQL containers stay locked down. Unreachable for the external work.
Open a tiny hole on the stronghold to the world – the frontend is an NginX SSL proxy.
You use:
- Podman pod for network and container isolation
- The Semaphore and MySQL containers without exposing them to the world
- An NginX proxy container with SSL
Ghost Hands – Automating The Stronghold With Ansible And Podman
Mission Update
Now we automate.
The pod.
The proxy.
The secrets.
One playbook to conjure the setup, one command to repeat the ritual.
Continue reading “Ghost Hands – Automating The Stronghold With Ansible And Podman”Ansible Automation For Ghosts – Semaphore UI
Mission of the Ghost
Ansible is a sharp blade.
- open source
- command line
- fast and efficient
- Ghost approved
For operators craving API-driven command, Semaphore rises from Ansible’s silent core.
- open source
- fast, Go language based
- UI
- API
DeadSwitch maps it.
Continue reading “Ansible Automation For Ghosts – Semaphore UI”How to Install OpenTofu
Installing and setting up OpenTofu on Debian Bookworm can be accomplished with a few straightforward steps. OpenTofu is an open-source infrastructure-as-code tool that serves as a drop-in replacement for Terraform, making it a popular choice for managing cloud resources.
Continue reading “How to Install OpenTofu”
Tom's IT Cafe 