2026-03-09 19:53:22 +01:00
|
|
|
# First Railiance Host — Setup Guide
|
2025-09-13 01:32:19 +02:00
|
|
|
|
2026-03-09 19:53:22 +01:00
|
|
|
## Prerequisites
|
2025-09-13 01:32:19 +02:00
|
|
|
|
2026-03-09 19:53:22 +01:00
|
|
|
The target server must be a converged `railiance-hosts` node before running
|
|
|
|
|
anything from this repo. The OS baseline (SSH hardening, UFW, fail2ban, SOPS
|
|
|
|
|
agent) is owned by `railiance-hosts`.
|
2025-09-13 01:32:19 +02:00
|
|
|
|
2026-03-09 19:53:22 +01:00
|
|
|
**Step 0 — Converge the host OS (railiance-hosts)**
|
|
|
|
|
```bash
|
|
|
|
|
# In railiance-hosts/
|
|
|
|
|
make converge # apply OS baseline roles
|
|
|
|
|
make verify # confirm all Goss assertions pass
|
2025-09-13 01:32:19 +02:00
|
|
|
```
|
|
|
|
|
|
2026-03-09 19:53:22 +01:00
|
|
|
See `railiance-hosts/docs/adr/ADR-002-repo-boundary-hosts-vs-bootstrap.md`
|
|
|
|
|
for the boundary definition between the two repos.
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Kubernetes bootstrap (this repo)
|
2025-09-13 01:32:19 +02:00
|
|
|
|
2026-03-09 19:53:22 +01:00
|
|
|
### 1) Inventory
|
|
|
|
|
|
|
|
|
|
Add the host to `ansible/hosts.ini` (gitignored — recreate on each machine):
|
|
|
|
|
```ini
|
|
|
|
|
[hosteurope]
|
|
|
|
|
92.205.62.239 ansible_user=tegwick
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### 2) Install k3s
|
|
|
|
|
```bash
|
|
|
|
|
ansible-playbook -i ansible/hosts.ini ansible/bootstrap.yml
|
2025-09-13 01:32:19 +02:00
|
|
|
```
|
2026-03-09 19:53:22 +01:00
|
|
|
|
|
|
|
|
### 3) Smoke test
|
|
|
|
|
```bash
|
|
|
|
|
tests/smoke_kube.sh
|
2025-09-13 01:32:19 +02:00
|
|
|
```
|