Simple Ansible plays to configure a Ubuntu Server (14.04).
I find myself having to do the same setup each time I start a new server. Simple things like adding my public key to the authorized key file and configuring UFW to allow some ports.
Here are somethings that are automated now:
-
Creates and sets up a new user (
newuser.yml
)- Creates new user
- Configures passwordless ssh access
- Adds user to sudoers
- Disable root ssh access
- Disable ssh access via passwords
-
Installs various things (
main.yml
)- Apt (
tasks/apt.yml
)- Updates and upgrades apt-cache and installed packages
- Installs Fail2ban
- Installs unattended-upgrades
- UFW (
tasks/ufw.yml
)- Reject all incoming connections by default
- Allow all outgoing connections by default
- Allow 22, 80, 443
- Nodejs (
tasks/nodejs.yml
) - Docker (
tasks/docker.yml
) - Git
- pip (Python)
- Apt (
-
Add node ip to hosts file.
echo NODE_ID > hosts
-
Create new user on the droplet
ansible-playbook -i hosts newuser.yml -u root
-
Enter prompt for username and public key file.
-
Update hosts file to reflect new user
// hosts NODE_ID ansible_ssh_private_key_file=PATH_TO_PRIVATE_KEY ansible_ssh_user=USERNAME // Alternatively, update your ~/.ssh/config file.
-
Run the main play.
// Edit to exclude/include relevant tasks. ansible-playbook -i hosts main.yml
- Add more tasks to install various things/dependencies