src/_posts/2022-05-30-ansible-roles.md

@@ -0,0 +1,36 @@
+---
+layout: post
+title: Publishing our Ansible roles
+description:
+image: infra.jpeg
+category: ansible, automation, infrastructure
+date: 2022-05-30
+---
+
+We're delighted to finally announce that we're publishing our Ansible roles
+into the open under [`git.autonomic.zone/autonomic-cooperative/...`](https://git.autonomic.zone/explore/repos?q=ansible&topic=1) :partying_face:
+
+They've always been licensed as libre software but due to the way we managed
+our internal infrastructure configurations, they were embedded in a private
+repository.
+
+The roles are currently lacking documentation and written for very specific
+Autonomic needs but they might be handy as a learning resource or a base to
+fork from. We'd happily accept contributions to generalise them.
+
+In particular, we've been running
+[`autonomic.new-hetzner`](https://git.autonomic.zone/autonomic-cooperative/autonomic.new-hetzner)
+for years without issue. The role bootstraps a Hetzner VPS from scratch and
+provisions it with a hardened SSH configuration, firewalls, user accounts and
+some basic packages and a shiny MOTD.
+
+All roles are CI tested on every commit with [Molecule](https://molecule.readthedocs.io/en/latest/) so things don't break.
+
+[Expanding re-use with shared infrastructure](https://community.coops.tech/t/cotech-gathering-ansible-and-shared-infrastructure-session/1107)
+is someting we've always been working on at Autonomic. We have an ongoing
+critique of Ansible and the pros/cons of when it is a good choice to use. This
+ultimately lead us to start projects like [Co-op
+Cloud](https://coopcloud.tech/). However, we will think Ansible is pretty good
+at satisfying more complicated server provisioning needs.
+
+Happy Infra Hacking.