Nessuna descrizione

panda 9a73ef0946 added disable-iptables		1 anno fa
debug	2e7b7c48b4 fix singularity	4 anni fa
keys	4881a7d3ec second commit	4 anni fa
repo	3601beb92b added docker-host	1 anno fa
roles	3601beb92b added docker-host	1 anno fa
README.md	d1c990ee2f added debian 10,11 in the supported OSes	2 anni fa
common.yml	9a73ef0946 added disable-iptables	1 anno fa
docker.yml	ca85dc19c8 fixed local execution	2 anni fa
docker_host.yml	3601beb92b added docker-host	1 anno fa
hosts	0016da9fed first commit	4 anni fa
lldp.yml	e1221e9071 fixed local execution	2 anni fa
singularity.yml	c2e3eeb0ff fixed local execution	2 anni fa
telegraf.yml	24f0bf427f fixed local execution	2 anni fa
tincvpn.yml	f8ebbf73a5 fixed local execution	2 anni fa
to_add.txt	4881a7d3ec second commit	4 anni fa
tor.yml	b009d17cc5 fixed local execution	2 anni fa
transmission.yml	1f92da638a fixed local execution	2 anni fa
variables.yml	093a061415 updated docker-compose to fetch latest version without specifying which one	1 anno fa

Prerequisites
Setup
Run defaults
Run optionals
Versions
Git push

NOTA BENE

I've tested the playbooks mainly on Debian 9,10,11 and ubuntu (server) 18.04 LTS running as root, on Ubuntu (Desktop) 19.04 running ad user. I've started converting the roles to distinguish between OSes but it's incomplete.

Prerequisites

install ansible:

apt-get install -y ansible

add hosts lines to ansible:

echo "[thismachine]" >> /etc/ansible/hosts
echo "127.0.0.1" >> /etc/ansible/hosts

Setup

you have to change at least 2 variables:

users
hostname

which by default are set to "CHANGEME" anche the playbook is set to fail if these are set to CHANGEME

insert your user in:

variables.yml

in the list:

    users:
      goofy

and their ssh keys in the folder

keys

in form of filename:

goofy.key.pub

and format:

ssh-rsa [/CUT] user@host

insert your hostname in

variables.yml

in the variable:

hostname:

Run defaults

ansible-playbook common.yml

or if you are running as non-root:

sudo ansible-playbook common.yml

this playbok will:

check if the variables are set
change the hostname to the one that has been set in the variables
set the timezone to the one in the variables (default: Europe/Rome)
update repositories
install base packages
retrieve the main network interface (the one that is associated with the default gateway)
iptables:
- create the users defined in the variables with the keys
- create basic ipv4 rules
- create blocking ipv6 rules
- apply said rules in iptables-persistent
fix bashrc how I like it
harden ssh

Run optionals

docker.yml
- installs docker-ce and docker-compose (variable in variables.yml for latest of docker-compose)
lldp.yml
- installs and enables LLDP
telegraf.yml
tincvpn.yml
transmission.yml
singularity.yml
- installs go and builds and installs singularity
tor.yml
- installs tor base from tor repo

Versions

docker-compose:
- variable: compose_ver
- look here: https://github.com/docker/compose/releases/latest
go:
- variable: singularity_go_ver
- look here: https://golang.org/dl/ , the package is like go1.14.linux-amd64.tar.gz and you take the "1.14"
singularity:
- varaible: singularity_ver
- look here: https://github.com/sylabs/singularity/releases/latest

Git push

git add --all
git commit -m "added things to readme"
git push -u origin master

or:

git add --all && git commit -m "message" && git push -u origin master

TODO

fix the installation that is only for deb systems in common.yml
test on centos

README.md

Table of contents