Table of contents
=================

<!--ts-->
   * [Prerequisites](#prerequisites)
   * [Setup](#setup)
   * [Run defaults](#run-defaults)
   * [Run optionals](#run-optionals)
   * [Versions](#versions)
   * [Git push](#git-push)
<!--te-->

NOTA BENE
=================
I've tested the playbooks on:
- Debian 9
- Debian 10
- Debian 11 (everything)
- Debian 12
- Ubuntu 20.04
- Ubuntu 22.04 (common,docker_host)
- Centos 7 (almost everything)

I've started converting the roles to distinguish between OSes but it's incomplete.

I'ts being tested also on LXC containers and I've added a skip of sysctl tasks when in a container.
You can check the case by using: systemd-detect-virt
none: baremetal
kvm: vm (on Proxmox)
lxc: container (on Proxmox)


Prerequisites
=============

install ansible:
	apt-get install -y ansible

add hosts lines to ansible:
	echo "[thismachine]" >> /etc/ansible/hosts
	echo "127.0.0.1" >> /etc/ansible/hosts


Setup
=====

you have to change at least 2 variables:
- users
- hostname

which by default are set to "CHANGEME" anche the playbook is set to fail if these are set to CHANGEME

insert your user in:
	variables.yml
in the list:
	    users:
	      goofy
and their ssh keys in the folder
	keys
in form of filename:
	goofy.key.pub
and format:
	ssh-rsa [/CUT] user@host

insert your hostname in 
	variables.yml
in the variable:
	hostname:

Run defaults
============

	ansible-playbook common.yml

or if you are running as non-root:

	sudo ansible-playbook common.yml

this playbok will:
- check if the variables are set
- change the hostname to the one that has been set in the variables
- set the timezone to the one in the variables (default: Europe/Rome)
- update repositories
- install base packages
- retrieve the main network interface (the one that is associated with the default gateway)
- iptables:
  - create the users defined in the variables with the keys
  - create basic ipv4 rules
  - create blocking ipv6 rules
  - apply said rules in iptables-persistent
- fix bashrc how I like it
- harden ssh

Run optionals
=============
- docker.yml
  - installs docker-ce and docker-compose (variable in variables.yml for latest of docker-compose)
- lldp.yml
  - installs and enables LLDP
- telegraf.yml
- tincvpn.yml
- transmission.yml
- singularity.yml
  - installs go and builds and installs singularity
- tor.yml
  - installs tor base from tor repo

Versions
========
* docker-compose: 
  * variable: compose_ver
  * look here: https://github.com/docker/compose/releases/latest
* go:
  * variable: singularity_go_ver
  * look here: https://golang.org/dl/ , the package is like go1.14.linux-amd64.tar.gz and you take the "1.14"
* singularity:
  * varaible: singularity_ver
  * look here: https://github.com/sylabs/singularity/releases/latest

Git push
========
	git add --all
	git commit -m "added things to readme"
	git push -u origin master

or:
	git add --all && git commit -m "message" && git push -u origin master

TODO
========
- [ ] fix the installation that is only for deb systems in common.yml
- [ ] test on centos