This is the outcome of a coworking session with Raphaël that focused on what it would take to move the fleet to a libvirt hypervisor. There is a possibility for that to happen if Easter-eggs has the means to provide that kind of resource.
There is one pending question: is it possible to reverse proxy ssh ports in the same way http ports are? I think to remember it is possible but I forgot how.
- modify enough/common/libvirt.py · master · main / infrastructure · GitLab so that is reads libvirt_uri instead of hardcoding qemu://system see SSHSetup - Libvirt Wiki
- modify the hostea playbooks so that it can manage more than one repository, i.e. playbooks/hostea/roles/hostea/defaults/main.yml · master · main / infrastructure · GitLab hostea_project becomes hostea_projects
- modify the hostea playbook to deploy an openvpn server on the fleet Enough instance
- modify the dashboard playbooks/hosteadashboard/roles/hosteadashboard/templates/local_settings.py.j2 · master · main / infrastructure · GitLab
- fleet: is the current repository
- fleetproxy: is a new repository (same deploy key)
- the dashboard pushes the reverse proxy configuration playbooks/website/proxy-test-playbook.yml · master · main / infrastructure · GitLab to proxypass instance.h.hostea.org to instance.lan.h.hostea.org
- modify the dashboard to support infrastructure_driver: libvirt and different flavors accordingly
- provision / rack hypervisor libvirt with a debian user + sudo permissions
- install a VPN client on lan.h.hostea.org that connects to h.hostea.org
- install the fleet ssh public key to allow access to libvirt SSHSetup - Libvirt Wiki
- deploy enough on the hypervisor under lan.h.hostea.org
- modify the current fleet repository to use lan.h.hostea.org instead of h.hostea.org to deploy new gitea instances