Configures vanilla RHEL system to be lightweight and bulletproof seedbox running rTorrent and ruTorrent. It aims to be secure (SELinux, SSL, Fail2Ban enabled) and creates very few logs (zero footprint).
- It is expected, that you have a brand new RHEL system and have Ansible access sorted out - including working
sudo
. You can use my role luckylittle/ansible-role-create-user for passwordless SSH access and sudo.
defaults/main.yml
:
set_timezone
- change the time zone of the serverset_google_dns
- iftrue
, it will add Google DNS to the primary interfaceepel_dl
- URL of the EPEL RPMxmlrpc_dl
- URL of the XMLRPClibtorrent_dl
- URL of the libtorrentrtorrent_dl
- URL of the rtorrentrtorrent_port
- what port should rtorrent listen onrt_memory_max_set
- how much memory should rTorrent use by default. It is using 75% of your total memory by default.ftp_port
- what port should vsftpd listen onpasv_port_range
- what port range should be used for FTP PASVsingle_user
- whentrue
only one FTP user will be used and it is the same username who runs this playbook. Whenfalse
, this file is usedrutorrent_dl
- URL of the ruTorrenthttps_port
- what port should rutorrent listen onhtpasswd
- HTTP basic password to log in to ruTorrent interfacefail2ban_ignore_ipv4
- what IPv4 address should be excluded from being banned by Fail2Banrequire_reboot
- does the machine require reboot after the playbook is finished
Note: Lot of the tasks rely on remote_user
/ ansible_user
variable (user who logs in to the remote machine via Ansible). For example, it creates directory structure under that user.
None
echo 'password1' > password
ansible-playbook -i inventory --vault-password-file=password site.yml
[seedbox]
123.124.125.126
---
- hosts: seedbox
remote_user: redhat
roles:
- ansible-role-zero-footprint-ruT-seedbox
On a brand new RHEL8.6, 1x vCPU, 4GB RAM playbook took 18m 32s to finish.
MIT
Lucian Maly <lmaly@redhat.com>