IMGBUILD: be explicit about Arch target
Switch to 3.18 branch of anemos initramfs
Add test target (requires makeimg >= 0.14)
This repository contains the full code (minus the secrets) used to deploy
mx.bitfehler.net
, the mail server for bitfehler.net.
All aspects of the systems are described in code in the form of a makeimg IMGBUILD. Anemos is used for deployment. Besides the obvious utility of this repository its main purpose is to serve as a demo for these projects.
Note that this server has a second disk containing the /home
folder, which is
not touched during deploy. Hence, some files referenced in the IMGBUILD might
not be part of it, as they simply remain in place across deploys (they are,
however, backed up separately).
The server is redeployed by running make deploy
. This assumes it is already
running the system as described in this repo.
In rough terms, this is what happens:
makeimg
is used to reveal all used secrets - these secrets are only
accessible on my laptop and need to be shipped somehow.IMGBUILD
file plus additional input files) and the secretsThe execution of Anemos will lead to the following events:
makeimg
, bootstrapping a system exactly as described
in the IMGBUILDThe system description includes low-level details like disk partitioning, file systems, and boot loader setup. These things can be changed because the deploy is performed by an initramfs.
In this case, the secrets are resolved on the workstation triggering the deploy and then transferred to the server with the IMGBUILD. In larger environments that feature network-based secrets management systems, this step could be performed on the host itself.
A deployment requires relatively little bandwidth for the client triggering it. Only the IMGBUILD definition has to transferred to the server. All the packages are then pulled from the server, which presumably has a decent connection.
It might be obvious, but still worth pointing out: this method of deployment provides ample opportunity to render a system unbootable. You should not attempt this on systems unless you have some means to restore an unbootable system, e.g. physical access, recovery systems, or vendor-supplied remote re-imaging.