Moving from openresty to nginx+modsec for HTTP/2 Rapid Reset reasons
This commit is contained in:
23
README.md
23
README.md
@@ -1,6 +1,4 @@
|
||||
This project will discover and provide inventory intelligence to Sora, Shadowfeed, Geth, and Sharingan. It is named after the fictional Star Wars Imperial Intelligence organization that oversaw the various divisions of Intelligence and orchestrated their operations.
|
||||
|
||||
*Note*: This project is in progress -- former Makefiles from [ConfigPackages](/AniNIX/ConfigPackages) are being upgraded into Ansible playbooks here.
|
||||
This project is our Infrastructure-as-Code solution, detailing the deployment & some repeatable operational tasks of the AniNIX.
|
||||
|
||||
# How to use
|
||||
|
||||
@@ -14,7 +12,7 @@ Take a look at `examples/msn0.yml` as an example inventory -- make sure you popu
|
||||
|
||||
Once you have your vault and inventory, use [AniNIX/ShadowArch](/AniNIX/ShadowArch) with your hypervisor to provision the base image for your machines, or [Raspbian](https://www.raspberrypi.org/).
|
||||
|
||||
Then, use the SSHkey playbook to copy your key and the deploy playbook to set things up.
|
||||
Then, use the SSH key playbook to copy your key and the deploy playbook to set things up.
|
||||
```
|
||||
ansible-playbook -i your-inventory.yml playbooks/sshkey.yml
|
||||
ansible-playbook -i your-inventory.yml playbooks/deploy.yml
|
||||
@@ -26,7 +24,22 @@ We've also added two scripts in `./bin` to make your life easier:
|
||||
|
||||
Happy hacking!
|
||||
|
||||
# Etymology
|
||||
|
||||
The [Ubiqtorate](https://starwars.fandom.com/wiki/Ubiqtorate/Legends) was a far-reaching security orchestration entity within Palpatine's Empire. It was mean to collect and act on intelligence to improve the security posture of the regime. We use this project similarly -- Ubiqtorate is the Infrastructure-as-Code behind the throne, making changes and ensuring services stay in line.
|
||||
|
||||
# Relevant Files and Software
|
||||
|
||||
This project is mostly built on [Ansible](https://docs.ansible.com/). You will need to understand inventories, playbooks, and vaults at the minimum.
|
||||
|
||||
# Available Clients
|
||||
|
||||
None -- this project is used to describe actions for other services to take.
|
||||
|
||||
# Equivalents or Competition
|
||||
|
||||
Similar tools include Puppet, chef, salty, Ansible Tower, Terraform, etc. We have chosen to go the raw Ansible route, so that we don't have to maintain the build infrastructure separately and to make our responses more agile.
|
||||
|
||||
# Exceptions
|
||||
|
||||
Some services, such as AniNIX/Sharingan and AniNIX/Geth, store their configuration in internal datastructures and databases such that we cannot easily export our build for others to use. We will document what we have done for each of these as best we can in the README.md files for others to replicate. Backups of these services into AniNIX/Aether are therefore dumps of these databases and not available to share.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user