tlc - infra as code

<aside> 🐢 automation is an important factor in terms of security b/c it makes sure you have the same security across devices, can audit diff machines settings

</aside>

—> proxmox - fully free open-source ec2-like hosting

—> autistici.org

Virtual Box - a Hypervisor like the aws console, shows machines locally

GUI interface, can create vms step by step

Vagrant talks to Virtual Box, can talk to multiple hypervisors (e.g. aws) with same vagrantfiles

Vagrantfile - config stuff (just ruby)

"ubuntu/bionic64" like github —> vendor/package, downloaded from the internet if the OS doesn't exist locally

vagrant.configure(") do |config|
    config.vm.box = "ubuntu/bionic64"
    config.vm.network "private_network", type:"dhcp" # different OSs handle dhcp differently, but Vagrant knows about this
    config.vm.provision "shell", path: "provision/common.sh" # commonly provision

    config.vm.define "web" do |c| # Computer 1 called 'web'
        c.vm.box = "debian/buster64" # specify a different vendor/package
    end

    config.vm.define "app" do |c| # Computer 2 called 'app'
        c,vm.provision "shell", path: "provision/app.sh" # specific provision
    end
end

automatic sshing thru vagrant ssh, don't need to use VirtualBox's VM editor
- vagrant ssh web - ssh into the vm called 'web'
- Default login - username: vagrant password: vagrant
vagrant createvm starts the vms
vagrant destroy kills them

<aside> 🐌 - nginx is a popular webserver! production level hosting

make a shell script 'posix compliant'

</aside>

#!/bin/bash

# export DEBIAN_FRONTEND=noninteractive #^ so it won't prompt input
apt-get update
apt-get —-yes install nginx 
#^ with the flag because it won't be interactive and apt-get asks "do you want to install Y/n"

How do you do the same things on VMs you create? Write playbooks!
- You can write and execute .sh files to install common things on your VMs or start up a specific server —> quick and dirty way to get stuff up and running
- You can use Ansible files as well
each VM is isolated because of the way virtualbox handles networking with NATs, so they may have the same IP because they're not on the same network!

Ansible - create computerized runbooks!

Ansible sets up plays that connect to your machines over ssh so that you can run those commands remotely.
- uses yaml (like JSON without the curly braces)
- Good for configuring infrastructure after it's been set up
- has many modules

---
- name: Install Webserver.
  hosts: all # or web or 1.2.3.4 or something more specific
  become: true # to say we are running this as root, kinda like sudo

  tasks:
    - name: Install Nginx.
      package: # module
        name: nginx
        state: present

vagrant.configure(") do |config|
    config.vm.box = "ubuntu/bionic64"
    config.vm.network "private_network", type:"dhcp"

    config.vm.define "web" do |c|
        c,vm.provision "ansible_local" do |a|
	    a.playbook = "provision/web.yaml"
        end
    end
end