This repo provides the ansible playbook and role needed to install gateone. To use this with your ansible, you should link role into the roles directory. By default, the roles directory is /etc/ansible/roles
. You'll also need to define a few variables. Currently, this playbook and role assumes Ubuntu. With a little effort, other distros could be supported.
git clone gateone-server-ansible
repo (e.g. into/opt/gateone-server-ansible
)- Assuming roles is in /etc/ansible/roles,
ln -s /opt/gateone-server-ansbile/ /etc/ansible/roles/
- Define the host(s) into /etc/ansible/hosts (or wherever your hosts file is configured for). The playbook assumes the server(s) are defined in the host group called "gateone-servers".
- Define the following variables, generally in the hosts file or group_vars:
GATEONE_REPO
: location of the gateone repoGATEONE_CONFIG_REPO
: location of the config repoSSH_HOST_SRC
: directory containing ssl certsSSH_HOST_KEY
: ssl key file nameSSH_HOST_CERT
: ssl cert file nameUFW_DO_CONFIGURE
: boolean whether to configure ufw or notUFW_INCOMING_ALLOW
: array of dictionary items containing ip and ports to allow incoming (each array element has an ip and port to allow incoming).ufw
is executed only ifUFW_DO_CONFIGURE
is true
UFW_OUTGOING_ALLOW
: array of dictionary items containing ip and ports to allow outgoing, similar toUFW_INCOMING_ALLOW
.ufw
is executed only ifUFW_DO_CONFIGURE
is true.
- the gateone server should start after the playbook is executed, assuming the configuration is correct
-
Simple inventory files are located in the
inventory_samples
directory -
The
GATEONE_CONFIG_REPO
assumes the following files exist:- 10server.conf
- 20authentication.conf
- 30api_keys.conf
- 50terminal.conf
- ssh_config_global