Ansible post-Heroku

Owned by Eddie Rubeiz
Last updated: Oct 25, 2023
1 min read

Can we get rid of Ansible after moving the digital collections to Heroku? What’s standing in our way?

Things we have to keep

Things we eliminated

  • S3 bucket management (see issue #1023). We are using Terraform for this instead.

  • Building ArchivesSpace (details). No longer needed since we switched to a third-party host in 2021.

Encrypted information

We’ve used Ansible (specifically, the vault files) as a default place to store encrypted information (e.g. ssl certs, etc.). playbooks can then copy that info onto new servers.
We have moved sensitive information that is no longer required by any playbooks to a secure spot on a shared drive, so we aren’t relying on Ansible for that function anymore. Accordingly, we are moving that info out of Ansible as we move it.

Playbooks and roles

This diff gives a rough idea of the playbooks and roles we have eliminated since the switch.