Orchestration_Playbooks.md

graph LR
    CLI_Orchestrator_algo_["CLI Orchestrator (`algo`)"]
    Orchestration_Playbooks["Orchestration Playbooks"]
    Configuration_Inventory["Configuration & Inventory"]
    Cloud_Provider_Roles["Cloud Provider Roles"]
    Core_System_Role["Core System Role"]
    Network_Configuration_Roles["Network Configuration Roles"]
    VPN_Protocol_Roles["VPN Protocol Roles"]
    User_Management_Role["User Management Role"]
    CLI_Orchestrator_algo_ -- "Triggers" --> Orchestration_Playbooks
    Orchestration_Playbooks -- "Executes" --> Cloud_Provider_Roles
    Orchestration_Playbooks -- "Executes" --> Core_System_Role
    Orchestration_Playbooks -- "Executes" --> Network_Configuration_Roles
    Orchestration_Playbooks -- "Executes" --> VPN_Protocol_Roles
    Orchestration_Playbooks -- "Executes" --> User_Management_Role
    Configuration_Inventory -- "Provides Data To" --> Orchestration_Playbooks
    Configuration_Inventory -- "Provides Data To" --> Cloud_Provider_Roles
    Configuration_Inventory -- "Provides Data To" --> Core_System_Role
    Configuration_Inventory -- "Provides Data To" --> Network_Configuration_Roles
    Configuration_Inventory -- "Provides Data To" --> VPN_Protocol_Roles
    Configuration_Inventory -- "Provides Data To" --> User_Management_Role
    click Orchestration_Playbooks href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/algo/Orchestration_Playbooks.md" "Details"

Loading

Details

One paragraph explaining the functionality which is represented by this graph. What the main flow is and what is its purpose.

CLI Orchestrator (algo)

The primary user interface and entry point for all operations. It translates user commands into executable Ansible playbook runs, passing along necessary parameters.

Related Classes/Methods:

• algo

Orchestration Playbooks [Expand]

Acts as the master controller, defining the sequence of operations. cloud.yml handles the end-to-end creation of a VPN server, while deploy_client.yml is used for managing user configurations on an existing server.

Related Classes/Methods:

• cloud.yml
• deploy_client.yml

Configuration & Inventory

Stores all environment-specific data, including cloud provider API keys, desired server region, user lists, and feature flags. This separation of data from logic is a core architectural pattern.

Related Classes/Methods:

• config.cfg
• inventory

Cloud Provider Roles

Abstracts the provider-specific logic for provisioning infrastructure. Each role in this group knows how to create, tag, and configure a virtual server for a specific cloud (e.g., digitalocean, aws).

Related Classes/Methods:

• roles/digitalocean
• roles/aws
• roles/azure
• roles/gce

Core System Role

Establishes the baseline state of a newly provisioned server. This includes tasks like updating package caches, installing essential utilities (e.g., unattended-upgrades), and basic system hardening.

Related Classes/Methods:

• roles/common

Network Configuration Roles

Manages the server's network access and name resolution. It configures the ufw firewall to allow only necessary traffic (e.g., SSH, VPN ports) and can set up DNS-related services.

Related Classes/Methods:

• roles/firewall
• roles/dns

VPN Protocol Roles

Implements the detailed steps required to install and configure the chosen VPN protocols. This includes setting up strongSwan for IPsec and deploying the WireGuard kernel module and utilities.

Related Classes/Methods:

• roles/ipsec
• roles/wireguard

User Management Role

Handles the lifecycle of VPN users. It adds new users, revokes access for existing users, and generates the necessary client configuration files (e.g., .mobileconfig, .conf).

Related Classes/Methods:

• roles/users

FAQ