29 lines
1.4 KiB
Markdown
29 lines
1.4 KiB
Markdown
# RailianceHosts
|
|
|
|
**Tagline:** Git-driven automation for secure, self-reliant servers.
|
|
|
|
RailianceHosts is an open-source control repo that provisions and manages servers on Hetzner Cloud entirely from Git. It combines **Terraform** for lifecycle management, **cloud-init** for first-boot configuration, and **Ansible** for convergence. All secrets live in-repo encrypted with **SOPS** and are unlocked with your single **age** master key (which you keep in your password manager). The minimal server registry in `inventory/servers.yaml` is the source of truth.
|
|
|
|
## Quickstart
|
|
|
|
1. **Install**: terraform >= 1.7, ansible >= 2.16, age, sops.
|
|
2. **Generate master key (age)** and put the **private key** in your password manager. Save the **public key** to `keys/age.pub`.
|
|
3. **Create Hetzner Project** + API token and store it (encrypted) in `inventory/group_vars/secrets.sops.yaml` under `ops.hcloud_token`.
|
|
4. **Edit `inventory/servers.yaml`** to add your first host.
|
|
5. **Apply**:
|
|
```bash
|
|
make apply
|
|
```
|
|
|
|
See inline comments across the repo for details. Remember to **encrypt secrets** with SOPS before committing.
|
|
|
|
## 🔑 Secrets Management
|
|
|
|
This project uses [SOPS](https://github.com/getsops/sops) with [age](https://age-encryption.org) for secret encryption.
|
|
To set up your own key and configure SOPS, follow the guide here:
|
|
|
|
➡️ [Managing Age Keys](docs/age-keys.md)
|
|
|
|
|
|
|