ITLDC • ⚡️ Automating Your Server Farm

⚡️ Automating Your Server Farm – ITLDC Survival Guide

Sep 3, 2025YaroBlog, News

Yes, Ansible is the golden child. But sometimes you want to try other toys. Here are three tools that can throw SSH keys around, drop Docker on everything, and roll out WireGuard like a boss.

SaltStack – Ansible’s Caffeinated Cousin

Salt is fast, scalable, and works either with a central master or in “lonely wolf” mode (masterless). It’s built for big farms where servers multiply like rabbits.

Install Salt
On the control node:

sudo apt update

sudo apt install -y salt-master salt-ssh

On each server:

sudo apt install -y salt-minion

echo “master: YOUR_MASTER_IP” | sudo tee -a /etc/salt/minion

sudo systemctl restart salt-minion

Approve your new minions on the master like a true mafia boss:

sudo salt-key -A

Deploy something
Drop SSH key:

ssh_key_install:

  ssh_auth.present:

    – user: root

    – source: salt://keys/id_rsa.pub

Install Docker:

docker:

  pkg.installed:

    – name: docker.io

Install WireGuard:

wireguard:

  pkg.installed:

    – name: wireguard

Run it all at once:

salt ‘*’ state.apply

Docs: https://docs.saltproject.io

Puppet Bolt – Ansible Lite for Lazy Days

Bolt is agentless and feels like a trimmed-down Ansible for people who just want things done now, without babysitting agents.

Install Bolt

wget https://apt.puppet.com/puppet-tools-release-focal.deb

sudo dpkg -i puppet-tools-release-focal.deb

sudo apt update

sudo apt install puppet-bolt

Add servers
Make an inventory.yaml:

targets:

  – server1.itldc.net

  – server2.itldc.net

config:

  ssh:

    user: root

    private-key: ~/.ssh/id_rsa

Deploy something
Push SSH key:

bolt command run “echo ‘ssh-rsa AAA…’ >> ~/.ssh/authorized_keys” -t all

Install Docker:

bolt command run “apt update && apt install -y docker.io” -t all

Install WireGuard:

bolt command run “apt install -y wireguard” -t all

Docs: https://puppet.com/docs/bolt/latest

Rundeck – Click Ops but Sexy

Rundeck is what you use when you’re done with cowboy-SSH at 2AM and want buttons, schedules, and a pretty web UI. It’s automation in arcade mode.

Install Rundeck

wget https://packages.rundeck.com/pagerduty/rundeck/packages/debian/stretch/rundeck.deb

sudo apt install -y ./rundeck.deb

sudo systemctl enable rundeckd

sudo systemctl start rundeckd

Open http://your-server:4440 (default login: admin/admin).

Add servers
Either through the web UI or via YAML:

nodes:

  server1:

    hostname: 192.168.1.10

    username: root

    ssh-keypath: /root/.ssh/id_rsa

Deploy something
Jobs are just scripts with a fancy button:

Add SSH key:

echo ‘ssh-rsa AAA…’ >> /root/.ssh/authorized_keys

Install Docker:

apt update && apt install -y docker.io

Install WireGuard:

apt install -y wireguard

Docs: https://docs.rundeck.com/docs/

So, who’s who?

Salt – for big farms and speed freaks.
Bolt – for quick “just run this everywhere” mornings.
Rundeck – for teams, dashboards, and click-to-deploy magic.

👉 Pro tip: always test on one guinea pig server before you let loose on your whole fleet.
Breaking SSH across 50 nodes in one click is… let’s just say character-building.