Bonjour,
This is the outcome of a coworking session with Raphaël that focused on what it would take to move the fleet to a libvirt hypervisor. There is a possibility for that to happen if Easter-eggs has the means to provide that kind of resource.
Aside from the necessary configuration for that to happen in production, the task related to Enough is here and the task related to the Hostea dashboard is here.
There is one pending question: is it possible to reverse proxy ssh ports in the same way http ports are? I think to remember it is possible but I forgot how.
- modify enough/common/libvirt.py · master · main / infrastructure · GitLab so that is reads libvirt_uri instead of hardcoding qemu://system see SSHSetup - Libvirt Wiki
- modify the hostea playbooks so that it can manage more than one repository, i.e. playbooks/hostea/roles/hostea/defaults/main.yml · master · main / infrastructure · GitLab hostea_project becomes hostea_projects
- modify the hostea playbook to deploy an openvpn server on the fleet Enough instance
- modify the dashboard playbooks/hosteadashboard/roles/hosteadashboard/templates/local_settings.py.j2 · master · main / infrastructure · GitLab
- fleet: is the current repository
- fleetproxy: is a new repository (same deploy key)
- the dashboard pushes the reverse proxy configuration playbooks/website/proxy-test-playbook.yml · master · main / infrastructure · GitLab to proxypass instance.h.hostea.org to instance.lan.h.hostea.org
- modify the dashboard to support infrastructure_driver: libvirt and different flavors accordingly
- provision / rack hypervisor libvirt with a debian user + sudo permissions
- install a VPN client on lan.h.hostea.org that connects to h.hostea.org
- install the fleet ssh public key to allow access to libvirt SSHSetup - Libvirt Wiki
- deploy enough on the hypervisor under lan.h.hostea.org
- modify the current fleet repository to use lan.h.hostea.org instead of h.hostea.org to deploy new gitea instances