# galene-cloud

Run galene in the cloud using OpenTofu and Ansible.

# Requirements

* Ansible (`ansible`)
* OpenTofu (`tofu`)
* Public Cloud project on [OVHcloud](https://www.ovhcloud.com)
* Domain zone on [OVHcloud](https://www.ovhcloud.com)

# OpenTofu

## Configuration

### OpenStack provider

> tofu/clouds.yaml

The `clouds.yaml` file will automatically configure the openstack provider to
use your Public Cloud project.

Go to the [OVHcloud Manager](https://www.ovh.com/manager/), then "Public Cloud"
section, then "Horizon", then "API access". In the drop down on the right,
select "OpenStack clouds.yaml File".

You still need to provide the password. Two options:

```
read -s OS_PASSWORD
export OS_PASSWORD
```

Or write the password in the clouds.yaml file.

### OVH provider

> tofu/ovh.conf

Follow the [First Steps with the OVHcloud
APIs](https://help.ovhcloud.com/csm/en-gb-api-getting-started-ovhcloud-api?id=kb_article_view&sysparm_article=KB0042784)
guide, section "Advanced usage: pair OVHcloud APIs with an application", to
generate the `ovh.conf` file.

### Variables

* **domain**: Name of the domain zone
* **hostname**: Name of the server (default: "galene")
* **openstack_image**: Name of the OpenStack image (default: "Debian 12")
* **openstack_flavor**: Name of the OpenStack flavor (default: "d2-2")

Variables can be provided using files ending with `.tfvars` extension. See [the
documentation](https://opentofu.org/docs/language/values/variables/#variable-definitions-tfvars-files)
for more information.

## Usage

Change directory to "tofu":

```
cd tofu
```

### Start

```
tofu plan
tofu apply
```

Then follow the instructions for Ansible.

### Stop

```
tofu destroy
```

# Ansible

## Installation

```
cd ansible
ansible-galaxy collection install -r requirements.yml
```

## Configuration

File `group_vars/galene.yml`:

```yaml
certbot_domain: &domain galene.tld
certbot_email: contact@galene.tld
galene_domain: *domain
galene_groups:
  group1:
    users:
      admin:
        password: CHANGEME
        permissions: op
      user1:
        password: CHANGEME
        permissions: present
      user2:
        password: CHANGEME
        permissions: present
```

## Usage

```
ansible-playbook site.yml
```

Do not forget to destroy the infrastructure when you are done with the video
conference.

# Aliases

```bash
alias galene-start='cd /path/to/galene-cloud/tofu && tofu apply && cd /path/to/galene-cloud/ansible && ansible-playbook site.yml'
alias galene-stop='cd /path/to/galene-cloud/tofu && tofu destroy'
```