Setup & configure everything. Everywhere. One command.

Setup and configure any machine or project with a single command; optional bootstrapping of the freckles package itself included. One binary, no requirements.

Use the same configuration to provision physical machines, virtual ones, container images, ...

# configuration, save as: hello-world.frecklet

- static-website-from-folder:
    hostname: "{{:: domain ::}}"     # vhost config
    path: /var/www/html
    webserver: apache
    use_https: true
    server_admin: [email protected]  # for let's Encrypt
- file-with-content:
    owner: www-data
    path: /var/www/html/index.html
    content: |
      <h1><i>{{:: domain ::}}</i> says "hello", World!</h1>
# login/ssh to the machine that should host the webserver, then run:
> frecklecute hello-world.frecklet --domain

# or, install the remote target machine from your local session:
> frecklecute --target [email protected] \
      hello-world.frecklet --domain

Infrastructure as code. On your own term(inal)s.

No dependencies on external services, languages, platforms or technologies.

All you need is the freckles binary, (authorized) access to your target, and a single, simple data structure describing your desired state. Use any language you want to create that data structure.

Re-usable & composable building blocks

Execute any of the pre-built included or community-created frecklets directly, or use them as building blocks for new ones.

You can also easily build up your own repository, to organize and possibly share often used personal, project- or company-related tasks.

> freckles list

frecklet                            description
--------------------------------    ----------------------------
admin-user-exists                   ensure an admin user with
                                    sudo permissions exists
ansible-module                      execute an arbitrary Ansible
ansible-role                        execute an arbitrary role
                                    from Ansible Galaxy
apache-installed                    ensures the Apache web
                                    server is installed
apache-vhost-file                   apache vhost configuration
apache-vhost-from-folder            configure an Apache vhost
                                    for static site
archive-extracted                   extracts an archive
arp-installed                       install the arp package
basic-hardening                     basic security set-up for a
                                    newly installed server
command-output-to-file              execute a command, write the
                                    output to file
config-value-in-file                adds a key/value pair to a
config-values-in-file               adds key/value pairs to a
debug-msg                           display a debug message
debug-secret-var                    displays the content of a
                                    secret variable
debug-var                           displays the content of an
                                    (internal) Ansible variable
debug-vars                          displays the content of an
                                    (internal) Ansible variable
devpi-create-backup                 backs-up a devpi service
devpi-import-from-backup            restores up a devpi service
devpi-installed                     ensures the devpi service is
                                    installed and running
devpi-nginx-vhost-config            creates a vhost for devpi on
devpi-service                       installs a complete devpi
                                    server, including nginx
                                    proxy & lets-encrypt certs
devpi-standalone                    installs a complete devpi
                                    server, including nginx
                                    proxy & lets-encrypt certs
docker-container-running            makes sure a specific docker
                                    image is running on this
docker-image-from-folder            n/a
docker-image-from-frecklets         build a Docker image from a
docker-service                      makes sure Docker is
execute-ad-hoc-script               create an executable file
                                    from a template, execute it,
                                    delete it
execute-command                     execute a one-off command
execute-shell                       execute a one-off shell
file-downloaded                     download a file
file-fetched                        fetches a file from a remote
                                    (target) host
file-is-present                     ensure a file exists
file-with-content                   ensure a file exists and has
                                    a certain content
folder-exists                       ensure a folder exists
folder-is-empty                     ensure a folder exists
folder-stowed                       stow (symlink) a folder
folders-intermingled                merge a target folder with
frecklecute                         execute a frecklet
git-installed                       ensures git is installed
git-repo-synced                     check out or pulls a git
go-lang-installed                   make sure Go is available
grafana-service                     installs the grafana service
group-exists                        ensure a group exists
hostname                            set the hosts hostname
init-service-configured             configure an init service
init-service-disabled               disable init-service
init-service-enabled                enable init-service
init-service-reloaded               reload init service
init-service-restarted              restart init-service
init-service-started                start init-service
init-service-stopped                stop init-service
initial-system-setup                basic security setup for a
                                    new server, incl. setup of
                                    admin user."
ipv4-address-assigned               make sure an IPv4 address is
                                    assigned to an interface
java-lang-installed                 install OpenJDK if not
                                    already available
letsencrypt-cert-exists             ensures a letsencrypt https
                                    certificate for a hostname
link-exists                         ensure a filesystem link
locales-generated                   ensure a set of locales is
                                    generated on a system
mariadb-database-exists             installs MariaDB (if
                                    necessary), and makes sure a
                                    specified database exists
mariadb-service                     ensures MariaDB service is
matomo-standalone                   install Matomo analytics
netdata-service                     makes sure netdata service
                                    is installed and running
nginx-installed                     ensures the nginx web server
                                    is installed and running
nginx-reverse-proxy-vhost-config    create Nginx server block
                                    configuration file for a
                                    reverse proxy
nginx-server-block-file             nginx server configuration
nginx-vhost-from-folder             create a Nginx server block
                                    configuration file for a
                                    static site
nmap-installed                      install the sshpass package
osx-command-line-tools-installed    install Mac OS X command-
                                    line tools
package-installed                   install a single packages
package-managers                    install one or several
                                    package managers
packages-installed                  install a list of packages
parent-folder-exists                ensure the parent folder of
                                    a path exists
passwordless-sudo-users             grant passwordless sudo
                                    permission to a user
path-archived                       archives a file or folder
path-attributes                     makes sure a file/folder has
                                    a certain owner/group
path-has-mode                       make sure a file/folder has
                                    a certain mode
path-is-absent                      ensure a file or folder is
path-is-owned-by                    make sure a file/folder has
                                    a certain owner/group
path-is-synced                      make sure a file or folder
                                    is synced between two
php-lang-installed                  make sure PHP is installed
pip-requirements-present            install dependencies so
                                    'pip' can be used by Ansible
pkg_mgr-asdf                        ensures 'asdf' is installed
pkg_mgr-asdf-plugin                 install a plugin for asdf
pkg_mgr-conda                       install the 'conda' package
pkg_mgr-homebrew                    ensure the 'homebrew'
                                    package manager is installed
pkg_mgr-nix                         ensure the 'nix' package
                                    manager is installed
postgresql-database-exists          installs PostgreSQL (if
                                    necessary), and makes sure a
                                    specified database exists
postgresql-service                  ensures PostgrSQL service is
prometheus-mysqld-exporter-service  installs the Prometheus
                                    mysqld exporter
prometheus-node-exporter-service    installs the Prometheus node
prometheus-service                  installs the Prometheus
                                    monitoring service
python-dev-project                  (Optionally) clone a Python
                                    project git repo, install
                                    the right version of Python
                                    using pyenv, create a
                                    virtualenv for the
python-gunicorn-service             setup a service executing an
                                    application from within a
python-lang-installed               install a Python runtime for
                                    a user
python-packages-in-virtualenv       installs Python packages
                                    into a Virtualenv
python-virtualenv                   create a Python virtualenv
                                    and install necessary
python-virtualenv-execute-shell     executes a command inside a
python-virtualenv-exists            create a Python virtualenv
shell-output-to-file                execute a shell command,
                                    write the output to file
ssh-key-exists                      ensures an ssh key exists
                                    for a user
ssh-key-is-absent                   ensures an ssh key is absent
                                    for a user
sshpass-installed                   install the sshpass package
static-website-from-folder          install and configure
                                    webserver for static site
stow-installed                      install the stow package
sysctl-value                        set a sysctl value
systemd-service-config              configuration file for
                                    environment variables to
                                    configure a systemd service
systemd-service-config-file         environment variables for a
                                    systemd unit
systemd-service-unit                create and configure a
                                    certain systemd service unit
systemd-service-unit-file           a systemd service unit
systemd-services-started            a list of init-service to
                                    start (if they exist) using
systemd-services-stopped            a list of init-service to
                                    stop (if they exist) using
ufw-incoming-allowed                ufw rule to allow incoming
ufw-installed                       install the ufw firewall
unzip-installed                     install the 'unzip' package
user-exists                         make sure a user exists
vagrant-installed                   ensures Vagrant is installed
virtualbox-installed                ensures Virtualbox is
webserver-service                   ensures a webserver is
                                    installed and running
wordpress-folder-prepared           prepares wordpress project
wordpress-standalone                sets up a single-site
                                    wordpress instance
wordpress-vhost-apache              create Apache wordpress
                                    virtual host config
wordpress-vhost-nginx               create Nginx wordpress
                                    virtual host config
zerotier-network-member             add and authorize a new
                                    member to an existing
                                    zerotier network
zile-config-file                    configuration for the 'zile'
                                    text editor