Skip to content
This repository was archived by the owner on Oct 7, 2025. It is now read-only.

Configuring ce‐provision

Jump to bottom
Greg Harvey edited this page Jan 9, 2025 · 23 revisions

You can configure ce-provision by providing a Git repository with Ansible settings, customised playbooks, default variables, extra plugins and so forth. By default ce-provision will take its initial config from our example repo which is also a good one to copy to get started.

While you can store your configuration anywhere, this is a quick start guide so we will assume you have followed our installation steps and you are going to use the GitLab instance installed on your controller to house your ce-provision-config. This is how you fork our example repository into your own config repository, so you can take control of your own ce-provision-config.

Create a blank repository on your GitLab instance

  1. Logged into your controller server via SSH or browser terminal, switch to the controller user: sudo su -l controller
  2. Fetch the GitLab root password from the temporary file where it was created: cat /tmp/passwordfile
  3. In a web browser go to your GitLab installation, for example https://gitlab.controller.acme.com, and login with these details:
    • root
    • the password from /tmp/passwordfile (any problems, you can find initial_root_password in the file at /etc/gitlab/gitlab.rb)
  4. Click Create a group -> Create group
    • we recommend you name it Core and leave it private
  5. On the next page click New project -> Create a blank project
    • we recommend you name it ce-provision-config, leave it private and do not create a README

At this point you should have a new repository at https://gitlab.controller.acme.com/core/ce-provision-config (obviously with your controller server URL, not our example one).

Configure the controller user's key in GitLab

  1. Back in your server, grab the public part of your controller user's SSH key pair: cat .ssh/id_ed25519.pub
  2. Copy the resulting line to your clipboard and go back to GitLab in your browser (tip: usually clicking three times selects the line)
  3. Click on the Admin button in the bottom left corner
  4. In the left-hand admin menu click on Deploy keys then the New deploy key button
  5. Create your key with these values and click Create:
    • Title: controller@controller.acme.com (changing hostname of course)
    • Key: paste the public key from the server in here
    • Expiration date: blank
  6. Go back to your repository, e.g. https://gitlab.controller.acme.com/core/ce-provision-config
  7. On the left-hand Project menu click Settings -> Repository
  8. Expand the Deploy keys section, click Publicly accessible deploy keys and click Enable against your new key
  9. Go to Enabled deploy keys in the same dialogue and click the little pencil icon to edit
  10. Tick Grant write permissions to this key and click Save changes

Set up and push your ce-provision-config repository

  1. Go back to your repository again in GitLab, click the blue Code button and copy the Clone with SSH value
  2. Back on your server, change to the directory where the example ce-provision-config was installed: cd ce-provision/config
  3. Execute the following commands to sort out your Git repository configuration:
# move the example repo out of the way
git remote rename origin example
# add a new remote for our new repo - use your URL from step 1!
git remote add origin git@gitlab.controller.acme.com:core/ce-provision-config.git
# push our changes - you will need to confirm the connection by typing 'yes'
git push origin 2.x

Returning to your repository in GitLab, e.g. https://gitlab.controller.acme.com/core/ce-provision-config, you will now see your own ce-provision-config repository, which you can now control and edit with the settings you need for ce-provision in your infra.

Configure your config to use itself

In your repository browse to hosts -> group_vars -> all and click on the file ce_provision.yml. It will look something like this:

ce_provision:
  own_repository: https://github.com/codeenigma/ce-provision.git
  own_repository_branch: 2.x
  # Once you have created your own config repo using this as a base, update this URL.
  config_repository: https://github.com/codeenigma/ce-provision-config-example.git
  config_repository_branch: 2.x
  username: controller
  local_dir: /home/controller/ce-provision
  groups:
    - bypass2fa

As the comment states, you need to update the config_repository variable with the value you copied to your clipboard in step 1 of the previous section, the Git URL to your repository. Click the blue Edit button thenEdit single file and you can change the file, for example:

ce_provision:
  own_repository: https://github.com/codeenigma/ce-provision.git
  own_repository_branch: 2.x
  config_repository: git@gitlab.controller.acme.com:core/ce-provision-config.git
  config_repository_branch: 2.x
  username: controller
  local_dir: /home/controller/ce-provision
  groups:
    - bypass2fa

Once you file looks like the above, click the Commit changes button under the editor and return to your server. You should already be in the right place, so just run this command to fetch your change: git pull origin 2.x

TODO - move this

Your options are pretty limitless, so we will focus on two main areas:

  • How to build your first remote server using ce-provision
  • How to configure ce-provision to manage your AWS account(s)

Configuring the controller to build itself

TODO

Building your first server

TODO

Configuring the controller to orchestrate AWS with Ansible

TODO

Home

Quick start

Advanced

Clone this wiki locally