Bootstrap Digital Ocean droplets using Ansible to:
- Configure SSH key
- Launch a droplet
- Configure DNS domain
- Destroy droplet
Inspired by hostmaster/ansible-digitalocean-bootstrap.
-
Install ansible:
-
Ubuntu:
sudo apt-get install python-pip sudo pip install ansible dopy
-
OSX homebrew:
brew install python-pip pip install ansible dopy
-
-
Make sure your python path is configured correctly. For example:
export PYTHONPATH=/usr/local/lib/python2.7/site-packages
-
Copy vars.yml.dist to vars.yml and change the variables to your need.
- List of all regions: https://api.digitalocean.com/v1/regions/?client_id=[client_id]&api_key=[api_key]
- List of all images: https://api.digitalocean.com/v1/images/?client_id=[client_id]&api_key=[api_key]
Create a new API key on the API access page.
Only API v1 is supported currently by Ansible.
Add the client_id and api_key to vars.yml
.
Launch and provision a new server on Digital Ocean.
ansible-playbook -i hosts launch.yml
What this Playbook do for you?
- configure swap file
- install ufw, fail2ban
- configure ufw allow ports for SSH
- make sshd more secure:
- PermitRootLogin=no
- PasswordAuthentication=no
- AllowGroups=sudo
- config sudoers
Destroys a server on Digital Ocean.
ansible-playbook -i hosts destroy.yml