opennomad/linderhof
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix storage_box SSH key installation and deploy ordering

Browse source 
- Always run install-ssh-key (drop unreliable sftp idempotency check
  that was bypassed by SSH agent forwarding)
- Use sshpass -e (env var) instead of -p to avoid shell quoting issues
  with special characters in passwords
- Add -o IdentitiesOnly=yes to prevent agent keys interfering
- Add reachable_externally: true to access_settings (was being reset
  to false on every run)
- Remove storage_box.yml from deploy.yml chain — Ansible loads
  group_vars at startup so storagebox.yml must exist before deploy.yml
- Document storage_box.yml as a prerequisite step in README, CLAUDE.md,
  and setup.sh next steps

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Matthias Johnson 2026-03-01 21:14:45 -07:00
parent db70b4ba06
commit 16da843131
5 changed files with 20 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -69,7 +69,8 @@ ansible-galaxy collection install -r requirements.yml
full deployment order for a fresh server:
```bash
ansible-playbook playbooks/deploy.yml # provision → dns → storage_box → bootstrap → site (all-in-one)
ansible-playbook playbooks/storage_box.yml # if using restic: create storage box and install SSH key (run before deploy.yml)
ansible-playbook playbooks/deploy.yml # provision → dns → bootstrap → site (all-in-one)
ansible-playbook playbooks/dkim_sync.yml # generate DKIM keys and publish to DNS (run once after mail is up)
```
@ -78,7 +79,7 @@ or step by step:
```bash
ansible-playbook playbooks/provision.yml # create server, writes IP to stack config
ansible-playbook playbooks/dns.yml # create DNS zones and records
ansible-playbook playbooks/storage_box.yml # create storage box and install SSH key (if using restic)
ansible-playbook playbooks/storage_box.yml # if using restic: create storage box and install SSH key
ansible-playbook playbooks/site.yml --tags bootstrap # users, SSH hardening, packages, Docker
ansible-playbook playbooks/site.yml # deploy all services
ansible-playbook playbooks/dkim_sync.yml # generate DKIM keys and publish to DNS