{"id":14965371,"url":"https://github.com/kiemlicz/ambassador","last_synced_at":"2025-10-04T21:30:03.577Z","repository":{"id":118637731,"uuid":"86745009","full_name":"kiemlicz/ambassador","owner":"kiemlicz","description":"Quick deployment of auto-deploy tools","archived":false,"fork":false,"pushed_at":"2024-12-30T19:09:24.000Z","size":6499,"stargazers_count":15,"open_issues_count":2,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-16T08:24:29.377Z","etag":null,"topics":["automation","configuration-management","foreman","salt","saltstack"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kiemlicz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-30T20:19:30.000Z","updated_at":"2024-12-30T19:09:28.000Z","dependencies_parsed_at":null,"dependency_job_id":"0c876c4a-7711-4cf5-8119-3755e27f06fe","html_url":"https://github.com/kiemlicz/ambassador","commit_stats":{"total_commits":1360,"total_committers":3,"mean_commits":453.3333333333333,"dds":0.008088235294117618,"last_synced_commit":"2349d53194ca783a24237701d3839e28890753e1"},"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiemlicz%2Fambassador","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiemlicz%2Fambassador/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiemlicz%2Fambassador/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiemlicz%2Fambassador/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kiemlicz","download_url":"https://codeload.github.com/kiemlicz/ambassador/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":236476272,"owners_count":19154816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","configuration-management","foreman","salt","saltstack"],"created_at":"2024-09-24T13:34:39.277Z","updated_at":"2025-10-04T21:29:58.543Z","avatar_url":"https://github.com/kiemlicz.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ambassador\n[![Build status](https://travis-ci.org/kiemlicz/ambassador.svg?branch=master)](https://travis-ci.org/kiemlicz/ambassador)\n\nAutomated netboot\u0026provisioning server, [Foreman](https://www.theforeman.org/) and [Salt](https://www.theforeman.org/) based.\n\n## Rationale\nAny setup takes time, practically it is never one-time action.  \nMaintaining multi-node environments is cumbersome (configuration synchronization, duplicated installation process).\nSometimes it would also be useful to keep your favourite os hacks/tips/tricks in structured manner (like in some configuration management solution)\nMoreover updates sometimes break, anything breaks at some point - then it _may be_ better to wipe everything/some part out\nand start over. Unfortunately as some setup work had already been done such solution may be too radical.  \n\nSetup any environment: dev, prod, work, home using Salt and PXE booting (the Foreman's).\n\nWill aim to be both Linux\u0026Windows friendly.\n\n# Setup\nAs the best way of documenting things is writing automation scripts, this automation server's installation process is also automated.  \nThe \"installation\" process ends up with LXC container containing foreman\u0026salt fully setup and configured.  \nSimply follow:  \n1. `git clone https://github.com/kiemlicz/ambassador.git`\n2. Optionally provide `ambassador-installer.override.conf` to override any Salt masterless settings, e.g. add your own pillar:\n```\next_pillar:\n  - git:\n    - branch git@bitbucket.org:someone/pillar_repo.git:\n      - root: pillar\n      - env: base\n```  \n3. `sudo apt install lxc bridge-utils debootstrap python3-lxc`\n4. `sudo SHELL=/bin/bash python3 installer/install.py --to lxc --name ambassador --ifc [ifc] [--kdbx the.db.kdbx] [--kdbx-pass thepassword] [--kdbx-key the.key] [--secrets https://secrets.server.com/path]`\n\nSince foreman still doesn't support 'dockerized' deployment (cannot specify plugins for Foreman Docker images, no official foreman-proxy image).  \nThe provided `docker-compose.yml` can be used only to setup external DB or any other services. Use `docker-compose.override.yml` for any overrides:\n```\nversion: '3'\n\nservices:\n  db:\n    environment:\n      - POSTGRES_PASSWORD=realforemanpassword\n    volumes:\n      - db:/var/lib/postgresql/data\n\nvolumes:\n  db:\n    driver: local\n    driver_opts:\n      type: none\n      o: bind\n      device: /tmp/foreman\n```\n\n# Documentation\nForeman\u0026Salt workflow is best depicted using this (Foreman's) diagram:\n![](https://theforeman.org/static/images/diagrams/foreman_workflow_final.jpg)\n\nFor State Tree and custom extensions documentation, find the [State's Tree README.md](salt/README.md)\n\n# Known problems\nProvisioning of OSes involves many technologies and tools, it is very likely that something may not always works \"as expected\"\n1. Many BIOS/UEFI TFTP clients are of very low quality and fail on option negotiation. Thus it may be needed to disable negotiation for \n some options like _blksize_. Example for _tftp-hpa_ server: _/etc/default/tftpd-hpa_ append:  \n `TFTP_OPTIONS=\"--secure --refuse blksize\"`\n\n# Links\u0026References\n#### Tech stack manuals\n* https://theforeman.org/manuals/\n* https://docs.saltstack.com/en/latest/\n\n#### Syslinux loaders\n* https://www.kernel.org/pub/linux/utils/boot/syslinux/Testing/6.04/ (latest stable totally doesn't work for UEFI)\n\n#### Debian netboot images\n* https://www.debian.org/distrib/netinst#netboot\n\n#### Debian preseeding\n* https://wiki.debian.org/DebianInstaller/Preseed\n* https://www.debian.org/releases/stable/amd64/ch05s03.html.en\n\n#### General\n1. https://wiki.debian.org/PXEBootInstall\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkiemlicz%2Fambassador","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkiemlicz%2Fambassador","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkiemlicz%2Fambassador/lists"}