The Programs of the Week of the Chinese New Year
This Week’s Program: Jan 23 - Jan 27
Hello everyone. I am going to do my best to keep this newsletter a POTUS free-zone. Like me, you probably are getting doses of this reality shoved down your throat through several different channels. I think it’s important to stay aware and resilient and fight, but we shouldn’t allow this regime to invade every crevice of our life. I am choosing to focus on my work with computers, and this newsletter will be a refuge where we can talk about computers in relative isolation from the chaos and “carnage” that is being inflicted. I feel like I have needed to write a disclaimer for each newsletter, apologizing for not doing my duty. My duty is to continue to produce work that is meaningful and that helps others. That’s what I’ll be focusing on.
Last week, I ran git init
on mechwarper
. That’s where
my focus has been this week. If you’re newer to this Tinyletter, you
can read about my interest in FreeBSD. I’m a
sysadmin newb, but now I’m back in DevOps-mode. So far I’ve found
Ansible to be pretty cool.
c0fd164d7d622ad5c7d4c549a0f9a712d5df64ac
The first step in administering a FreeBSD server (one bootstrapped by
Digital Ocean), is to install Python. Ansible needs Python to run, but
you can use Ansible’s raw
module to ensure Python is
on the machine.
This commit failed.
e2cddcb0437df385b1122bcf4f5f121b344e6c91
The previous commit failed because the first thing Ansible does when
running tasks in a Playbook is run a setup
step that
“gathers facts about remote hosts.” Ansible can’t gather facts when
Python is not installed. Luckily, we can disable this step. I also
need to become the root user in order to pkg install
.
- hosts: all
remote_user: freebsd
gather_facts: no
become: true
tasks:
- name: install python
raw: env ASSUME_ALWAYS_YES=YES pkg install python
With this, and running ansible-playbook -i hosts site.yml
, Python is
now in place on the FreeBSD server. Now we’re coding some
infrastructure!
189007cf950661308ee0b319438ffb5773eaca72
In another “play”, with Python installed and Ansible able to do what
Ansible does best, I install bash
and git
. Thankfully Ansible has
a pkgng module for FreeBSD. It’s important to use the
best Ansible module for the job. Since every task that Ansible runs
needs to be idempotent, using the right module means you can better
express when something has changed state or not.
66649be5eabc9c1c79d890c54474224c46338a71
One thing I frequently see in
FreeBSD tutorials is a line about bash
needing an update in etc/fstab
:
fdesc /dev/fd fdescfs rw 0 0
I have never really thought much
about this file
before, but now I was curious. When I install bash and run it, nothing
seems to be out of the ordinary. What does this line do and why do I
need it? The file-descriptor file system, or fdescfs
,
is necessary for
bash process substitution. fdescfs
provides
the /dev/fd
directory and per-process file descriptors. File
systems — who knew?
Ansible’s mount sets this up.
With bash installed I write some more tasks to create my user and install some of the other utilities I use, like Emacs.
11f56ea5dda6a3babddb158f6b5dc2cb9a1814ed
One thing that bothered me was that every time I ran the playbook, the
install python
step would show a change, even though nothing was
changed! This was because Ansible’s raw
module doesn’t have the
ability to show itself as being changed or not like other modules
do. My solution is to do a check with pkg info -e
so that I don’t
run the install
command if python already exists. I then register
the result of the module and only mark it as
changed_when
the stdout of the task is not empty.
I did a few different variations of this before settling here, and you can see my previous attempt in the diff.
d0ddadca91fc396ce2aa7e4aa9cad5b0aeb8b6d1
Finally, I update the system timezone to America/New_York
. Ansible
has a special timezone module, but the version of
Ansible that I installed with pip
doesn’t yet support it for BSD.
Then, I make sure that NTP is running so that my
system time stays correct. I could have used
the sysrc
command
to make sure this was configured properly, but by using
Ansible’s lineinfile module I could make sure that the
changed
state would be set correctly.
Slowly but surely, the setup of my FreeBSD server is being
codified. With Ansible I can always repeat and replay the things I’ve
done to make a server my own. I’m excited to continue iterating on
making a personal server environment that I feel productive in. I’ll
continue making updates to mechwarper
as I learn more.
Next week I’ll also begin ramping-up on Racket.
🐓 Mark