This collection contains roles and playbooks for bootstrapping my homelab and workstation.
Refer to docs/roles.md for documentation.
gossinstalls and runs Goss server validationnfsmounts given NFS sharessecurityprovides basic hardening such as configuringsudo, SSH hardening, installing ufw and fail2bansslgenerates TLS certificates from root and intermediate CAsnginxconfigures and starts nginx as systemd servicecertbotprovisions Let's Encrypt certificates for given domainswebhookconfigures and starts webhook as systemd service
- ansible[lint]
- molecule[docker,vagrant]
- Docker
- Vagrant
- make
When testing locally, the collection can be quickly installed to the local collections path with
$ make galaxy-installTo debug and test roles, run:
$ make converge scen=security
$ make verify scen=securityWhen running roles with service, systemd is required. However,
there are
issues with
running systemd in Docker containers. As such, these roles require Vagrant and
molecule-vagrant. Affected roles:
security
Additionally, apt update is not working well in Debian 10 container due to
"oldstable".