/itcouldbe9.com

Ansible playbook for building out my web server

Primary LanguageShell

itcoulbe9.com

Ansible playbook for configuring whatever server will be managing itcoulbe9.com.

Setup

  1. Install Ansible: pip install --user git+https://github.com/ansible/ansible.git@v2.12.0
  2. Add vault password to .vault-pass
  3. Install sshpass: sudo port install sshpass

Server Prep

Some things need to be done on the server manually before it is ready to accept Ansible automation.

  1. Update /etc/ssh/sshd_config to enable "PasswordAuthentication yes"
  2. ln -s /etc/sv/sshd /var/service
  3. Make sure non-root user is added: useradd -m jsumners && passwd jsumners
  4. xbps-install -y python3
  5. Add baseline /etc/rc.local: 
    ip addr add 45.63.16.142/8 brd 45.255.255.255 scope global dev eth0
ip addr add 2001:19f0:5:23de:5400:ff:fe1e:54e2/64 scope global dev eth0
ip link set up dev eth0
ip route add default via 45.63.16.1 dev eth0
  6. sv stop dhcpcd && rm /var/service/dhcpcd && /etc/rc.local
  7. Update /etc/resolv.conf: 
    nameserver 108.61.10.10
nameserver 8.8.8.8

Finally, run ansible-playbook -l production main.yml.