💡 Two categories of templates in this collection: 1) one to configure previously provisioned instances, 2) another to self-provisioning or manage provisioned instances (i.e. "one-line" deployment and full state management).
A collection of configuration templates (i.e. Ansible Playbooks) to customize your European Weather Cloud (EWC) tenancy. See full list of Items in the index below.
Want to learn how other users make the best out of these templates, or have ideas of your own? Head over to the official discussion platform and engage with the EWC community. Feedback is always welcomed!
Copyright © EUMETSAT 2025.
The provided code and instructions are licensed under the MIT license. They are intended to automate the setup of an environment that includes third-party software components. The usage and distribution terms of the resulting environment are subject to the individual licenses of those third-party libraries.
Users are responsible for reviewing and complying with the licenses of all third-party components included in the environment.
Contact EUMETSAT for details on the usage and distribution terms.
💡 Grouped by capability and ordered alphabetically.
| Name | Summary |
|---|---|
| eumetsat-data-tailor-flavour | Transforms an existing VM into a powerful satellite data customization hub, enabling users to efficiently subset, aggregate, reproject, and reformat data from METOP, MFG, MSG, MTG, and Sentinel-3 into GIS and image formats, offering faster processing and greater flexibility than web-based alternatives. |
| haproxy-flavour | Configures an existing VM as a high-performance load balancer, enhancing application speed, security, and scalability with easy management for TCP and HTTP workloads. |
| ipa-client-disenroll-flavour | Simplifies the secure removal of a running VM from a FreeIPA-managed fleet of instances, reducing administrative overhead and enhancing security by eliminating stale credentials and DNS records. |
| ipa-client-enroll-flavour | Seamlessly integrates a running VM into a FreeIPA-managed fleet of instances, enabling centralized user authentication, DNS resolution, and secure remote access for simplified and scalable identity management. |
| ipa-server-flavour | Turns an existing VM into a FreeIPA server, a central place for user authentication, authorization, and DNS-based resource discovery for secure and efficient identity management. |
| nginx-proxy-manager-flavour | Configures an existing VM as a user-friendly Nginx Proxy Manager server, simplifying virtual host management, SSL/HTTP/2 support, and security features like exploit blocking for efficient and secure proxy operations. |
| remote-desktop-flavour | Transforms an existing VM into a secure, graphical desktop environment using X2Go and MATE, enabling simple remote access and intuitive cloud-based development for tenant users. |
| ssh-bastion-flavour | Tightens the configuration of a running VM, to operate as a secure SSH proxy with Fail2ban, providing tenant admins and users a fortified entry point to safely access private EWC networks from the public internet. |
| Name | Summary |
|---|---|
| default-stack-provisioning | Automates the creation and state management of three VMs, plus their OS configuration. Each of them serves an specific role (IPA server, SSH bastion or remote desktop). Together, they enable secure access, centralized user management, and a fully graphical development environment within the EWC. |
| ipa-client-provisioning | Automates the creation or state update of a VM, plus its configuration as an IPA client, effectively enabling integration with a fleet of instances with centralized authentication, secure remote access, and DNS-based resource discovery in the EWC. |
| ipa-client-teardown | Simplifies the secure teardown of an IPA client VM in the EWC, disabling LDAP authentication, removing DNS records, and safely decommissioning the instance and its resources. |
| ipa-server-provisioning | Automates the creation or state update of VM, plus its configuration as FreeIPA server, streamlining centralized user management, authentication, authorization, and DNS resolution for secure and efficient resource management. |
| remote-desktop-provisioning | Automates the creation or state update of a remote desktop VM, a basic yet secure cloud-based development environment with graphical interface. Uses X2Go and MATE to enable easy remote access for tenant users. |
| ssh-bastion-provisioning | Automates the creation or state update of a secure SSH bastion VM in the EWC, configured with Fail2ban to provide a fortified entry point for safely accessing private EWC networks from the public internet. |
Checkout the troubleshooting documentation for information on common problems and how to troubleshoot them.
All notable changes (i.e. fixes, features and breaking changes) are documented in the CHANGELOG.md.
Thanks for taking the time to join our community and start contributing! Please make sure to:
- Familiarize yourself with our Code of Conduct before contributing.
- See CONTRIBUTING.md for instructions on how to request or submit changes.