This repo contains helpful Ansible scripts for maintaining the bnewbold's servers and infrastructure.

Be sure to keep things compatible with ansible 1.7.2 (the version in Debian jessie).

Check out NOW_WHAT.md for next steps after creating a server with these scripts.

Vault: export ANSIBLE_VAULT_PASSWORD_FILE=vault_pass.txt http://docs.ansible.com/ansible/playbooks_vault.html

Example playbook call: ansible-playbook -i hosts playbooks/init_adze.yml --vault-password-file=vault_pass.txt

Run a single role (helpful for dev): ansible-playbook -i hosts playbooks/init_adze.yml --vault-password-file=vault_pass.txt -t nginx

===== IRC Setup

How to set up the IRC password hash…

# znc --makepass
[ ** ] Type your new password.
[ ?? ] Enter Password: foo
[ ?? ] Confirm Password: foo
[ ** ] Kill ZNC process, if it's running.
[ ** ] Then replace password in the <User> section of your config with this:
<Pass password>
        Method = sha256
        Hash = 310c5f99825e80d5b1d663a0a993b8701255f16b2f6056f335ba6e3e720e57ed
        Salt = YdlPM5yjBmc/;JO6cfL5
</Pass>
[ ** ] After that start ZNC again, and you should be able to login with the new password.

Take the strings after Hash = and Salt = and insert them as the value for irc_password_hash and irc_password_salt respectively.

Alternatively, if you don’t already have znc installed, Python 3.3 or higher on Linux will generate the appropriate string for you (assuming your password is password):

python3 -c 'import crypt; print("irc_password_salt: {}\nirc_password_hash: {}".format(*crypt.crypt("password", salt=crypt.METHOD_SHA256).split("$")[2:]))'

On OS X and other platforms the passlib:https://pythonhosted.org/passlib/ package may be used to generate the required string:

python -c 'import passlib.hash; print("irc_password_salt: {}\nirc_password_hash: {}".format(*passlib.hash.sha256_crypt.encrypt("password", rounds=5000).split("$")[2:]))'