coulomb/railiance-infra
0
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
96099eeb10855cfae6dd76460dbc4202af23bb3e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

RailianceHosts

Tagline: Git-driven automation for secure, self-reliant servers.

RailianceHosts is an open-source control repo that provisions and manages servers on Hetzner Cloud entirely from Git. It combines Terraform for lifecycle management, cloud-init for first-boot configuration, and Ansible for convergence. All secrets live in-repo encrypted with SOPS and are unlocked with your single age master key (which you keep in your password manager). The minimal server registry in inventory/servers.yaml is the source of truth.

Quickstart

  1. Install: terraform >= 1.7, ansible >= 2.16, age, sops.
  2. Generate master key (age) and put the private key in your password manager. Save the public key to keys/age.pub.
  3. Create Hetzner Project + API token and store it (encrypted) in inventory/group_vars/secrets.sops.yaml under ops.hcloud_token.
  4. Edit inventory/servers.yaml to add your first host.
  5. Apply: 
    make apply

See inline comments across the repo for details. Remember to encrypt secrets with SOPS before committing.

🔑 Secrets Management

This project uses SOPS with age for secret encryption.
To set up your own key and configure SOPS, follow the guide here:

➡️ Managing Age Keys

Reference in New Issue View Git Blame Copy Permalink
Description
Git-driven automation for secure, self-reliant infrastructure.
Readme 4.1 MiB
Languages
Makefile 47%
Shell 35.9%
Python 10.3%
HCL 4.1%
Jinja 2.7%