Couple of Questions about bedrock-ansible

trellis
1

A couple of these may be rudimentary, but I’m trying to wrap my mind around it all and a couple of points are flying right over my head.

  1. I see that there is now a repo value in the /ansible/group_vars directory. I get that for deployment to my servers, I would want to reference the github repo where I have pushed my customized copy of bedrock, correct? Do I need to change this for the development version since it’s just running locally?

  2. I’m not quite following how the ssh keys thing works. When I provision my DO droplet, I do add a key. How does b-a know which key this is and to use it to connect to my droplet as root and run the deploy playbook? I also don’t quite get how the github-ssh keys thing works. I have several keys in my SSH keys section in my Github profile. I feel like I’m missing something.

2
  1. It’s not needed in development at all. It could be removed by default but just left it there because it doesn’t hurt either.
  2. bedrock-ansible knows nothing about your root SSH key. Ansible just does a normal SSH connection. So if you can manually SSH into your server via a key, then Ansible can too. DO adds your key to the root user and b-a uses the root user by default so it just works.

github-ssh-keys simply takes your public keys from GitHub and adds them to the usernames you specify on the server (web by default). This is the same thing DO does for the root user, we just do it by pulling the keys from GitHub.