While I tend to prefer the workflow of capabilities of Terraform, it can only interact with systems that have an exposed API. So if you need to autmate the configuration and maintenance of an instance at the OS level, you need a tool like Ansible. You can, of course, manually write scriptsto do all the same thing, and I have, but Ansible is a much more elegant solution, and can be executed from a bash script or using a structured yaml configuration.

Because my HashiStack exists on several Raspberry Pi’s, I use Ansible to upgrade packages, deploy changes to static service configuration files, and run commands across some or all of the devices in one go.