Update README

README.md

@@ -15,10 +15,12 @@ website with high availability.
 - [License](#license)
 
 ## Features
-- High availability setup for WordPress using [Hetzner Cloud](https://www.hetzner.com/de/cloud)
 - Automated deployment of cloud infrastructure via [terraform](https://www.terraform.io/)
 - Automated provisioning of the servers with [ansible](https://www.ansible.com/)
-- Test environment with [vagrant](https://www.vagrantup.com/)
+- A Hetzner TCP Loadbalancer forwards to the loadbalancer server
+- The loadbalancer server terminates TLS, automatically renews the Let's encrypt certificates and loadbalances requests between application servers using [Caddy](https://caddyserver.com/)
+- The replication of wordpress files between machines is done with [GlusterFS](https://www.gluster.org/)
+- The MySQL database is running on the loadbalancer for now, since this is the only server allowed to fail
 
 ## Requirements
 
@@ -26,29 +28,35 @@ Before you begin, ensure you have the following:
 
 - A Hetzner Cloud account and API token
 - A recent installation of [ansible](https://www.ansible.com/)
+- Installed the latest version of the ansible community collection `ansible-galaxy collection install community.general`
 - A recent installation of [terraform](https://developer.hashicorp.com/terraform/downloads)
 
-If you would like to test the ansible provisioning locally, ensure you have the following:
-- A recent installation of [vagrant](https://developer.hashicorp.com/vagrant/downloads)
-- A recent installation of [virtualbox](https://www.virtualbox.org/wiki/Downloads)
-
 ## Deployment
-To deploy the cloud infrastructure with terraform, switch into the terraform folder
+The whole deployment is done from one ansible playbook. The playbook deploys the cloud
+infrastructure with terraform and provisions the different servers. In the end the public
+IPs are removed with terraform.
+
+Change into the ansible folder
 ```bash
-cd terraform
+cd ansible
 ```
 Export the hcloud token as environment variable
 ```bash
 export HCLOUD_TOKEN="<your-hcloud-token>"
 ```
-Initialize terraform
+Write the terraform vault password to a file, to not always having to type the password
 ```bash
-terraform init
+echo "<ansible-vault-pass>" > vault_pass
 ```
-And apply the changes using the production variables
+Deploy the infrastructure. This can take several minutes on the first run.
 ```bash
-terraform apply -var-file="prod.tfvars"
+ansible-playbook playbook.yaml --vault-password-file vault_pass
 ```
+To verify that everything is setup you can use the [hcloud CLI](https://github.com/hetznercloud/cli).
+```bash
+hcloud server list
+```
+You should see three running webservers and one loadbalancer.
 
 ## Testing
 To test the provisioning with ansible, vagrant is used.
@@ -71,18 +79,11 @@ To connect to a specific machine run
 vagrant ssh web1
 ```
 
-## Open Tasks
-- [ ] Replication of the file system between machines: [GlusterFS](https://www.gluster.org/)
-- [ ] Replication of the database between machine: Using [mysql replication](https://mariadb.com/kb/en/setting-up-replication/)
-- [ ] Provision hcloud server with the [cloud init ansible module](https://cloudinit.readthedocs.io/en/latest/reference/modules.html#ansible)
-- [ ] Setup Hetzner Managed certificate for the loadbalancer and set type to https
-- [ ] Assign the correct static external IP to the loadbalancer
-- [ ] Add required SSH keys
-- [ ] Document terraform modules with [terraform-docs](https://terraform-docs.io/)
 
-Shortcomings which should be addressed in future versions
+## Future work
 - Use an external secret provider
-- Store the terraform state remote
+- Store the terraform state remotely
+- Monitoring and alerting
 
 
 ## License