marco
/
zivildienst
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

upd readme

This commit is contained in:
Schamil Wackenhut 2021-01-19 09:52:28 +01:00
parent c6b9c9de83
commit b245b83cee
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -197,12 +197,12 @@ $ make infra-apply MODULE=compute
```
Take note of the public IP from the load balancer (used to access your services) and the server (used to manage the NixOS system) in the Hetzner Cloud web UI or via their API:
```sh
$ curl -H "Authorization: Bearer $API_TOKEN" 'https://api.hetzner.cloud/v1/servers?label_selector=environment==production' | jq '.servers[].public_net'
$ curl -H "Authorization: Bearer $HCLOUD_TOKEN" 'https://api.hetzner.cloud/v1/servers?label_selector=environment==production' | jq '.servers[].public_net'
```
```sh
$ curl -H "Authorization: Bearer $API_TOKEN" 'https://api.hetzner.cloud/v1/load_balancers?label_selector=environment==production' | jq '.load_balancers[].public_net'
$ curl -H "Authorization: Bearer $HCLOUD_TOKEN" 'https://api.hetzner.cloud/v1/load_balancers?label_selector=environment==production' | jq '.load_balancers[].public_net'
```
You can now connect to the newly created server, using the default key pair stored on [Gitlab](https://gitlab.com/infektweb/glv5/hetzner-cloud-environment/-/settings/ci_cd) as user 'operator'.
You can now connect to the newly created server, using the default key pair stored on [Gitlab CI/CD](https://gitlab.com/infektweb/glv5/hetzner-cloud-environment/-/settings/ci_cd) as user `operator`.
```sh
$ ssh operator@168.119.230.44
```
@ -212,8 +212,8 @@ As a first step you should change the passwords of the `root` and `operator` use
```sh
$ sudo -i
$ passwd
$ passwd operator
# passwd
# passwd operator
```
#### Configuring Certbot
@ -258,8 +258,7 @@ GRANT ALL PRIVILEGES ON TABLE vault_kv_store TO vault;
```
Be sure to replace the password with the value which is set for `vault_db_password_production` in `secrets.json`.
```sh
$ sudo -i
$ su -l postgres
$ sudo su -l postgres
$ psql
[.. SQL commands ..]
$ exit
@ -313,8 +312,8 @@ Maybe there are better ways to do this using nix-shell.
If you prefer the passwords to be generated for you, use the argument `auto` instead of `interactive`.
##### Credentials for Kibana
If you would like to use Kibana (recommended), add the password you set for the 'kibana' user to `/mnt/data/kibana-elasticsearch-password` (mode 600) and rebuild NixOS with `systemctl start nixos-rebuild`.
Kibana can be accessed on port 8443 via any hostname behind the load balancer [https://guidelines.ch:8443/](https://guidelines.ch:9443/). (sign in with the 'elastic' user)
If you would like to use Kibana (recommended), add the password you set for the `kibana` user to `/mnt/data/kibana-elasticsearch-password` (mode 600) and rebuild NixOS with `systemctl start nixos-rebuild`.
Kibana can be accessed on port 8443 via any hostname behind the load balancer [https://guidelines.ch:8443/](https://guidelines.ch:9443/). (sign in with the `elastic` user)
#### Configuring Guidelines
```