Bootstrap base OS for grimes

ansible/host_vars/grimes/main.yml

@@ -0,0 +1 @@
+private_ip: "{{ ansible_tailscale0.ipv4.address }}"

ansible/host_vars/grimes/vault.yml

@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+30313034396335613163366262353432653866313736326465373434393936313261616138663562
+3439643161383263383230323935383332626137386137350a336530643861383133613234306566
+65393462363264663336666235336236353363303037356263303866663236383635303036346430
+3336653635336632310a343763383864346562326164613164663161616532343632383964303533
+33393435653632363931613034653161383862346464353634626265346435333630626635373263
+31656666316664343938306430613032613065656432373830386239646161343465396239623333
+39326338613533623466356636306137366162653736623066623631386564353062326166626535
+63376433316165373634

ansible/hosts

@@ -1,5 +1,6 @@
 casey
 walker
+grimes
 
 pve
 tang

ansible/main.yml

@@ -21,6 +21,7 @@
     - ingress
     - walker
     - tang
+    - grimes
   roles:
     - role: geerlingguy.ntp
       vars:
@@ -33,6 +34,7 @@
     - walker
     - renovate
     - gitea-runner
+    - grimes
   roles:
     - geerlingguy.docker
     - docker_cleanup
@@ -41,6 +43,7 @@
     - pve-docker
     - forrest
     - walker
+    - grimes
   roles:
     - db_auto_backup
 
@@ -53,6 +56,7 @@
     - ingress
     - walker
     - casey
+    - grimes
   become: false  # Forcefully run as current user
   roles:
     - artis3n.tailscale
@@ -132,3 +136,7 @@
     - adguardhome
     - prometheus.prometheus.node_exporter
     - restic
+
+- hosts: grimes
+  roles:
+    - prometheus.prometheus.node_exporter

terraform/grimes_vps.tf

@@ -6,11 +6,11 @@ resource "hcloud_server" "grimes" {
   delete_protection  = true
   rebuild_protection = true
 
-  # firewall_ids = [
-  #   hcloud_firewall.base.id,
-  #   hcloud_firewall.tailscale.id,
-  #   hcloud_firewall.web.id,
-  # ]
+  firewall_ids = [
+    hcloud_firewall.base.id,
+    hcloud_firewall.tailscale.id,
+    hcloud_firewall.web.id,
+  ]
 }
 
 resource "hcloud_rdns" "grimes_reverse_ipv4" {