This repository contains Ansible playbooks and roles for deploying and configuring the infrastructure components required for the Aletheia Fact platform on bare metal servers.
The Aletheia Fact platform requires several backend services to function properly:
- MongoDB: Document database for storing application data
- PostgreSQL: Relational database for identity management
- Ory Kratos: Identity and user management system
- Aletheia: The main application service
This repository provides Ansible playbooks to automate the deployment and configuration of these services on bare metal servers.
Before you begin, ensure you have the following:
- Ansible (version 2.9 or higher) installed on your control machine
- SSH access to your target servers
- Python 3 installed on both control and target machines
- Sudo privileges on the target servers
- Ansible 2.9+
- Python 3.6+
- SSH client
- Debian/Ubuntu-based Linux distribution (tested on Ubuntu 20.04 LTS)
- Python 3.6+
- Sudo access
- Minimum hardware requirements:
- 2 CPU cores
- 4GB RAM
- 20GB disk space
git clone https://github.com/yourusername/aletheia_fact-baremetal-infrastructure.git
cd aletheia_fact-baremetal-infrastructureCreate a hosts file based on the provided hosts.example:
cp hosts.example hostsEdit the hosts file to include your server information:
[servers]
server1 ansible_host=192.168.1.10 ansible_user=ubuntu
server2 ansible_host=192.168.1.11 ansible_user=ubuntuReview and modify the variables in the group_vars/all.yml file to match your environment requirements.
You can also create host-specific variable files in the host_vars/ directory if needed.
To deploy the entire infrastructure:
ansible-playbook -i hosts site.ymlTo deploy specific components only:
# Deploy MongoDB only
ansible-playbook -i hosts mongodb.yml
# Deploy PostgreSQL only
ansible-playbook -i hosts postgresql.yml
# Deploy Ory Kratos only
ansible-playbook -i hosts kratos.ymlThe common.yml playbook applies basic configuration to all servers, including:
- Setting locale to en_US.UTF-8
- Updating package cache
- Installing common dependencies
The MongoDB role installs and configures MongoDB server with the following features:
- Version: 7.0 (configurable)
- Authentication: Optional (disabled by default)
- Network binding: Configurable (defaults to 0.0.0.0)
The PostgreSQL role installs and configures PostgreSQL database server with:
- Secure default configuration
- Custom pg_hba.conf for access control
- Performance tuning based on server resources
The Kratos role installs and configures Ory Kratos identity server with:
- Identity schemas
- Email verification
- Password recovery
- CORS configuration (conditional based on variables)
- Systemd service for automatic startup
Each role contains templates in the templates/ directory that can be modified to customize the configuration of each service.
To add a new component:
- Create a new role directory under
roles/ - Add the necessary tasks, handlers, templates, and defaults
- Create a new playbook file (e.g.,
component_x.yml) - Add the playbook to
site.yml
-
SSH Connection Failures:
- Verify SSH key permissions
- Check firewall settings
- Ensure the
ansible_userhas sudo privileges
-
Package Installation Failures:
- Check internet connectivity on target servers
- Verify apt sources are correctly configured
-
Service Start Failures:
- Check service logs:
journalctl -u <service-name> - Verify configuration files for syntax errors
- Check service logs:
Contributions are welcome! Please feel free to submit a Pull Request.
GPLv3