tegwick
783c8cebbd
Per ADR-002 (railiance-hosts/docs/adr/ADR-002-repo-boundary-hosts-vs-bootstrap.md): - ansible/harden.yml: replaced with tombstone pointing to railiance-hosts - ansible/bootstrap.yml: remove `import_playbook: harden.yml`; add pre-condition comment; OS hardening is no longer this repo's concern - docs/first_host.md: rewritten to reflect 3-step flow: converge railiance-hosts → railiance-bootstrap k3s install → smoke test - workplans/RAIL-BS-WP-0002-k3s-baseline.md: new workplan for k3s + Helm + Kubernetes platform baseline; linked to repo goal 70ab2379 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
914 B
914 B
First Railiance Host — Setup Guide
Prerequisites
The target server must be a converged railiance-hosts node before running
anything from this repo. The OS baseline (SSH hardening, UFW, fail2ban, SOPS
agent) is owned by railiance-hosts.
Step 0 — Converge the host OS (railiance-hosts)
# In railiance-hosts/
make converge # apply OS baseline roles
make verify # confirm all Goss assertions pass
See railiance-hosts/docs/adr/ADR-002-repo-boundary-hosts-vs-bootstrap.md
for the boundary definition between the two repos.
Kubernetes bootstrap (this repo)
1) Inventory
Add the host to ansible/hosts.ini (gitignored — recreate on each machine):
[hosteurope]
92.205.62.239 ansible_user=tegwick
2) Install k3s
ansible-playbook -i ansible/hosts.ini ansible/bootstrap.yml
3) Smoke test
tests/smoke_kube.sh