Robert Helewka
b17cdada7c
Move searxng, openwebui, mcp_switchboard, and hass services from oberon.incus to puck.incus, consolidating service host variables accordingly. Clean up oberon to only run alloy, docker, rabbitmq, and smtp4dev. Extract oauth2-proxy from a searxng-specific sidecar into a standalone reusable role with generic naming, supporting multiple proxy instances per host via parameterized systemd units and config directories. Refactor searxng role to use updated templates (settings.yml.j2, limiter.toml.j2) and integrate with the new generic oauth2-proxy role. Add Caddy reverse proxy configurations for puck-hosted services. Move searxng_oauth2_proxy_version to global vars for consistency.
Ouranos
Red Panda Approved™ Infrastructure as Code
Ouranos is an infrastructure-as-code project that provisions and manages the Ouranos Lab — a development sandbox at ouranos.helu.ca. All infrastructure is tracked in Git for fully reproducible deployments.
| Component | Purpose |
|---|---|
| Terraform | Provisions 10 specialised Incus containers (LXC) with networking, security policies, and resource dependencies |
| Ansible | Configures Docker, databases, observability stack, and application runtimes across all containers |
Containers are named after moons of Uranus and resolved via the .incus DNS domain.
Quick Start
ℹ️ The Ansible virtual environment is expected at ~/env/ouranos/bin/activate.
# Provision containers
cd terraform
terraform init && terraform apply
# Configure services
cd ../ansible
source ~/env/ouranos/bin/activate
ansible-playbook site.yml
Common Operations
# Start all containers
ansible-playbook sandbox_up.yml
# Stop all containers
ansible-playbook sandbox_down.yml
# Update all hosts
ansible-playbook apt_update.yml
# Deploy a specific service
ansible-playbook <service>/deploy.yml
Documentation
| Document | Description |
|---|---|
| docs/ouranos.md | Complete lab reference — hosts, services, routing, workflows |
| docs/terraform.md | Terraform practices and patterns |
| docs/ansible.md | Ansible project structure and conventions |
| docs/red_panda_standards.md | Red Panda Approval™ quality standards |
🐾 Red Panda Approval™
This project adheres to Red Panda Approval™ standards.