findelabs

OpenBSD Ansible Deploy on GitHub

· 3min · Dan F.
Table of Contents

This is an announcement for a new repo I made on GitHub. Since I am constantly testing new deployments on vultr, I realized that it would make my life easier if I put all of my current projects into one public repo, to ease scripted deployments on Vultr.

This new repo will hopefully be the location of future projects, which may make their way into other public repos of mine. Be warned, it will probably be changing often, and may be broken at times.

Here is an edit of the current readme out on the repo:

OpenBSD Ansible Deploy

This repo is used for testing quick deployment on Vultr. This is for development testing only, and will be changing often. There are two ways to use this playbook. Either install OpenBSD and install manually, or use Startup Scripts on Vultr. Methods are explained below.

Manual Installation

This playbook is designed to be run on a fresh OpenBSD installation. While this is not required, the playbook may unintentionally overwrite files.

  1. Install OpenBSD
  2. Download and run playbook to setup basic system `ftp -o - https://raw.githubusercontent.com/findelabs/openbsd-ansible-deploy/master/bootstraps/bootstrap_basic.sh | sh
  3. Set admin password passwd admin

Scripted Startup Installation

Create a startup script on vultr:

#!/bin/sh

# Use whatever password you'd like here, this is simply an example
admin_pass=password11

# Download and install OpenBSD with basic playbook
ftp -o - https://raw.githubusercontent.com/findelabs/openbsd-ansible-deploy/master/bootstraps/bootstrap_basic.sh | sh

# Set admin password
usermod -p $(encrypt $admin_pass) admin

# Add public key to admin
echo "ssh-rsa AAAA...D9H7xnv admin@server" >> /home/admin/.ssh/authorized_keys

Current bootstrap scripts

Here are the current bootstrap scripts available

  • bootstrap_basic.sh
    • This deploys a very basic image
  • bootstrap_wireguard.sh
    • This deploys an image configured as a wireguard server
  • bootstrap_wireguard_with_vnc.sh
    • This deploys an image with wireguard, but includes a vnc server.

Vultr API deployments

I've started using vultr's API to deploy VM's quicker, as I try to test every change done in the playbooks on an actual VM deployment.

I will go into this with detail in a later post, but to create a new Vultr VM, I use a line like below:

curl -H 'API-Key: <your personal access token>' "https://api.vultr.com/v1/server/create" --data 'label=<servername>' --data 'DCID=<Specify DC ID>' --data 'VPSPLANID=<Specify Plan ID>' --data 'OSID=<Specify OS ID>' --data 'SCRIPTID=<Use a startup script>' --data 'SSHKEYID=<Use an SSH key>'

Putting it all together:

curl -H 'API-Key: <my access token>' "https://api.vultr.com/v1/server/create" --data 'label=Basic_Server' --data 'DCID=2' --data 'VPSPLANID=202'--data 'OSID=324' --data 'SCRIPTID=<my script id>' --data 'SSHKEYID=<my key id>'

This makes my life easier, as now I don't have to log in to vultr to deploy testing servers.

Has been tested on OpenBSD 6.4