Photo by [Samantha Gades](https://unsplash.com/@srosinger3997) on [Unsplash](https://unsplash.com/photos/BlIhVfXbi9s)

GitOps with upstream-watch

I’m a fan of automating my personal infrastructure as much as possible. Therefore, I wrote a little utility called upstream-watch, that is well integrated in my existing git-ops workflow. I wrote this tool to support my personal container based infrastructure, which is completely managed via a single git repository. What is GitOps? GitOps upholds the principle that Git is the one and only source of truth. GitOps requires the desired state of the system to be stored in version control such that anyone can view the entire audit trail of changes....

June 23, 2022 · 4 min · André Sterba

Automate Terraform with Atlantis and GitLab

Atlantis is an infrastructure as code (IaC) tool to automate Terraform interactions within your GitLab/GitHub MR/PR workflow. This post uses the setup explained in an older post, where we used GitLab as Terraform backend. Instead of running terraform init/apply/plan on your local dev machine, you can now run it automagically when opening a merge request. This works by interacting via comments with Atlantis. Setup 1. Preparations First generate a personal access token for the gitlab user with scope api....

May 26, 2021 · 3 min · André Sterba

Setup Wallabag

I am subscribed to a lot of blog feeds, but (sadly) I don’t have enough time to read all of them. This is especially the case for rather long (but often interesting) posts. Therefore it would be perfect to save these posts and read them in the near future. There are already existing solutions for this like Mozilla Pocket. But as always I want to host this service on my own server (I have to justify the server somehow)....

February 28, 2021 · 3 min · André Sterba

Blog deployment with GitLab CI

As stated earlier I use a combination of technologies to run this blog. This blog is created with hugo (a static site generator) and uses the papermod theme. Additional technologies that are used: GitLab as git remote GitLab CI to build container images (development and production) Docker to run the images (development on my home server and production on a machine on the public internet) Watchtower to check for new images every ~5 minutes Caddy to handle TLS certificates (only for production) A VM on Hetzner Cloud used as a host for multiple containers GitLab At first the development and production hosts need access to the container registry....

February 13, 2021 · 6 min · André Sterba

Gitlab as Terraform backend

I manage a few servers with some friends. We mostly rely on Terraform to update/change DNS records or create new VMs. Terraform use a state to store the last applied configuration of the managed infrastructure. The default location for this state is your local filesystem, but if you manage your infrastructure with multiple persons it must be shared. This can be problematic as it also contains secrets, like api tokens, so it should not be accessible for everyone....

January 23, 2021 · 2 min · André Sterba