Browse Source

update readme

sys-systemd-and-upstart
Vladimir Smagin 1 year ago
parent
commit
cd1750c4fb
Signed by: Vladimir Smagin <21h@blindage.org> GPG Key ID: 29AE91B1A37721C3
1 changed files with 29 additions and 0 deletions
  1. 29
    0
      keys-ansible/readme.md

+ 29
- 0
keys-ansible/readme.md View File

@@ -4,6 +4,35 @@ Dicts in parent group merges with dicts in child groups. Warning! Playbook will

**Security issue!** You need to generate your own super key! Run ```ssh-keygen -f super``` and replace keys in ```super/``` directory.

Infrastructure:

```
--[ hetzner ]--\
|- hetzner-balancers
\- hetzner-nodes
```

All servers will be available to the administrator and assistant, servers must have own internal key for files copying. Configuring parent ```hetzner```group:

```
access_list:
admin: { keypath: "../keys/admin.pub", username: "root" }
techguy: { keypath: "../keys/techguy.pub", username: "root" }
interserver: { keypath: "../keys/interserver.pub", username: "root" }

secret_list:
interserver: { keypath: "../keys/interserver.pem", username: "root" }
```

You want to make additional access to all nodes for developer guy. Configuring child ```hetzner-nodes``` group:

```
access_list:
developer: { keypath: "../keys/developer.pub", username: "dev" }
```

No need to make additional config for ```hetzner-balancers``` because access list will be inherited, only admins accessible.

---
Copyright by Vladimir Smagin, 2018
http://blindage.org

Loading…
Cancel
Save