๐Ÿš€ Deployment Guideยถ

This section explains how to deploy and manage the Cyber Master Infrastructure Solution (CyMaIS) using Ansible. CyMaIS uses a collection of Ansible tasks, which are controlled via different โ€œmodesโ€ โ€” such as updates, backups, resets, and cleanup operations.

โœ… Prerequisitesยถ

Before deploying, ensure the following are in place:

  • ๐Ÿงญ Inventory File: A valid Ansible inventory file that defines your target systems (servers, personal computers, etc.). Adjust example paths to your environment.

  • ๐Ÿ“ฆ CyMaIS Installed: Install via Kevinโ€™s Package-Manager.

  • ๐Ÿ” (Optional) Vault Password File: If you donโ€™t want to enter your vault password interactively, create a password file.

๐Ÿ“˜ Show CyMaIS Helpยถ

To get a full overview of available options and usage instructions, run:

cymais --help

๐Ÿ’ก Example Deploy Commandยถ

To deploy CyMaIS on a personal computer (e.g., a laptop), you can run:

cymais playbook \
  --limit hp-spectre-x360 \
  --host-type personal-computer \
  --update \
  --password-file ~/Repositories/git.veen.world/kevinveenbirkenbach/computer-inventory/.pass/general.txt \
  ~/Repositories/git.veen.world/kevinveenbirkenbach/computer-inventory/pcs.yml

๐Ÿง  What does this command do?ยถ

Parameter

Description

playbook

Executes the playbook subcommand of CyMaIS.

--limit hp-spectre-x360

Limits execution to a specific host (hp-spectre-x360).

--host-type personal-computer

Defines the host type. Default is server; here it is set to personal-computer.

--update

Enables update mode to apply software or configuration updates.

--password-file

Specifies the vault password file path for decrypting sensitive values.

pcs.yml

The path to the inventory file containing host definitions.

๐Ÿ” Using a Vault Password Fileยถ

To avoid typing your vault password interactively, you can provide a file:

--password-file /path/to/your/vault_pass.txt

โš ๏ธ Security Tip: Ensure the password file is properly protected (e.g., chmod 600 vault_pass.txt).

๐Ÿ” Full Command-Line Referenceยถ

Hereโ€™s a breakdown of all available parameters from cymais playbook --help:

Argument

Description

inventory (positional)

Path to the Ansible inventory file.

--limit <HOST>

Run the playbook only on the specified host.

--host-type {server, personal-computer}

Define the target system type (default is server).

--reset

Enables reset mode (restores or resets specific configurations).

--test

Enables test mode (dry-run style). No actual changes are applied.

--update

Enables update mode to upgrade packages or configs.

--backup

Triggers backup routines for data or configurations.

--cleanup

Cleans up temporary files, old data, etc.

--debug

Enables debug logging in the playbook.

--password-file <PATH>

Uses a vault password file instead of interactive prompt.

-v, -vv, -vvv

Increases output verbosity. More vs = more detail.

๐Ÿ”ง Combine Multiple Modesยถ

You can mix and match modes like this:

cymais playbook --update --backup --cleanup pcs.yml

This will update the system, create a backup, and clean up unnecessary files in one run.

๐Ÿ“ Footnoteยถ

๐Ÿ“„ This documentation page was generated with the help of AI.
๐Ÿค– View the original conversation (ChatGPT)