diff --git a/README.md b/README.md index 463b5ba..1174891 100644 --- a/README.md +++ b/README.md @@ -11,23 +11,24 @@ The routing convention is `service.server.jfraeys.com`. Examples: -- `grafana.jfraeys.com` -> services host -- `git.jfraeys.com` -> services host +- `git.jfraeys.com` -> services host (Forgejo) +- `auth.jfraeys.com` -> services host (Authelia) +- `app.jfraeys.com` -> services host (App) Traefik runs on both servers and routes only the services running on that server. ## Quickstart -This repo is intended to be driven by `setup.sh`: +This repo is intended to be driven by `setup`: ```bash -./setup.sh +./setup ``` For options: ```bash -./setup.sh --help +./setup --help ``` What it does: @@ -39,13 +40,13 @@ What it does: If you want Terraform only: ```bash -./setup.sh --no-ansible +./setup --no-ansible ``` If you want Ansible only (requires an existing `inventory/hosts.yml`): ```bash -./setup.sh --ansible-only +./setup --ansible-only ``` ## Prereqs (local) @@ -155,7 +156,7 @@ Run playbooks with either: Notes: - `secrets/vault.yml` is intentionally gitignored -- `inventory/hosts.yml` and `inventory/host_vars/web.yml` are generated by `setup.sh` and intentionally gitignored +- `inventory/hosts.yml` and `inventory/host_vars/web.yml` are generated by `setup` and intentionally gitignored ## Playbooks @@ -190,6 +191,8 @@ Create a dedicated access key for demos and scope permissions as tightly as poss Grafana is provisioned with Prometheus and Loki datasources via the Grafana provisioning mechanism (no manual UI setup required). +**Note**: Grafana is deployed but DNS records are commented out. Access via `grafana.jfraeys.com` by uncommenting the records in `terraform/main.tf`, or access directly via the services host IP. + ## Host vars Set `inventory/host_vars/web.yml`: @@ -277,7 +280,7 @@ ansible-playbook playbooks/web.yml --ask-vault-pass ## Terraform -`./setup.sh` will export `TF_VAR_*` from `secrets/vault.yml` (prompting for vault password if needed) and then run Terraform with a saved plan. +`./setup` will export `TF_VAR_*` from `secrets/vault.yml` (prompting for vault password if needed) and then run Terraform with a saved plan. ## Notes