railiance-cluster/docs/first_host.md

40 lines
914 B
Markdown
Raw Normal View History

# First Railiance Host — Setup Guide
## Prerequisites
The target server must be a converged `railiance-hosts` node before running
anything from this repo. The OS baseline (SSH hardening, UFW, fail2ban, SOPS
agent) is owned by `railiance-hosts`.
**Step 0 — Converge the host OS (railiance-hosts)**
```bash
# In railiance-hosts/
make converge # apply OS baseline roles
make verify # confirm all Goss assertions pass
```
See `railiance-hosts/docs/adr/ADR-002-repo-boundary-hosts-vs-bootstrap.md`
for the boundary definition between the two repos.
---
## Kubernetes bootstrap (this repo)
### 1) Inventory
Add the host to `ansible/hosts.ini` (gitignored — recreate on each machine):
```ini
[hosteurope]
92.205.62.239 ansible_user=tegwick
```
### 2) Install k3s
```bash
ansible-playbook -i ansible/hosts.ini ansible/bootstrap.yml
```
### 3) Smoke test
```bash
tests/smoke_kube.sh
```