Skip to main content

· 8 min read
VoidQuark

Podman Play to deploy any app

In this blog post, we will explore how to use Podman play Ansible Role and deploy a popular application in root-less containers from a Kubernetes Pod YAML definition. The application pod runs as a systemd service in your own user namespace.

Using Ansible roles has several benefits. One of them is that you can easily reproduce the same deployment with inventory variables. This means that you can manage your application without having to run manual commands. With Ansible, you have complete control over your application.

· 10 min read
VoidQuark

Parsing SUDO Logs with Grafana Loki

Are you interested in monitoring who executes SUDO commands on your system? This guide provides insights into tracking both accepted and rejected SUDO events, along with alerting rules to notify you of any rejected SUDO events.

· 7 min read
VoidQuark

PrivateBin Deployment with Rootless Podman Using Ansible Role

The PrivateBin Ansible Role deploys the PrivateBin service in a rootless container using Podman. This container operates within the user namespace and is managed by a systemd unit, ensuring a secure and efficient deployment.

This role is designed with simplicity in mind, featuring minimal variables to reduce complexity. It caters to both beginners who are comfortable with default configurations and advanced users looking to customize PrivateBin.

· 4 min read
VoidQuark

Rootless Promtail with Ansible Enhancing Security and Efficiency

The Ansible Promtail Role allows you to effortlessly deploy and manage Promtail, agent which ships contents of local logs to private Loki. Role is tailored for systems from the Red Hat family. Before diving into the details, I highly recommend reading the role's README.md file for a comprehensive understanding.

· 8 min read
VoidQuark

Simplify Node Exporter Deployment with Ansible

In this blog post, we will explore how to leverage Ansible and the node_exporter role to streamline the deployment of Node Exporter—a popular Prometheus exporter for monitoring Linux systems. By using this role, you can easily configure and deploy Node Exporter across multiple servers in your infrastructure.

· 7 min read
VoidQuark

Ansible Linux OS patching

Everyone knows that patching packages are not fun. I decided to create an Ansible role that can patch Enterprise Linux ( RHEL ) and other Red Hat derivatives (e.g. CentOS, Rocky, Alma, Fedora ). This role support 3 modes for patching.

  1. Patch all OS packages to the latest version
  2. Apply all security patches
  3. Apply all bugfix patches

Sometimes restart is necessary. In that case, yum-utils (dnf-utils) provide an excellent utility “needs-restarting”. This utility can inform us if a restart is required. If we mix all this we realize that automated patching is not that hard.