A tool that enables infrastructure as code for provision of the servers.

Platform Deploy


Infrastructure and Servers

Please see the /inventories/{ENVIRONMENT}/hosts file for IP details of the designated servers. Set these to the server that you created via Terraform or to an on-premises server.


SSH Access

To authenticate yourself on the remote servers your ssh key will need to be added to the sudoers var in the /inventories/{ENVIRONMENT}/group_vars/all.yml.

To have docker access you need to add your ssh key to the docker_users var in the /inventories/{ENVIRONMENT}/group_vars/all.yml file.

An authorised user will need to run the provision_servers.yml playbook to add the SSH key of the person who will run the Ansible scripts to the servers.


Before running the ansible script add the server to your known_hosts file else ansible will throw an error, for each server run:

ssh-keyscan -H <host> >> ~/.ssh/known_hosts

To run a playbook you can use:

ansible-playbook \
  --ask-vault-pass \
  --become \
  --inventory=inventories/<INVENTORY> \
  --user=ubuntu \

Alternatively, to run all provisioning playbooks with the development inventory (most common for setting up a dev server), use:

ansible-playbook \
  --ask-vault-pass \
  --become \
  --inventory=inventories/development \
  --user=ubuntu \


The vault password required for running the playbooks can be found in the database.kdbx KeePass file.

To encrypt a new secret with the Ansible vault run:

echo -n '<YOUR SECRET>' | ansible-vault encrypt_string

The New password is the original Ansible Vault password.


Copies of all the passwords used here are kept in the encrypted database.kdbx file.

Please ask your admin for the decryption password of the database.kdbx file.

Last updated