Ansible_PUBLIC/README.md

119 lines
2.7 KiB
Markdown

Table of contents
=================
<!--ts-->
* [Prerequisites](#prerequisites)
* [Setup](#setup)
* [Run defaults](#run-defaults)
* [Run optionals](#run-optionals)
* [Versions](#versions)
* [Git push](#git-push)
<!--te-->
NOTA BENE
=================
I've tested the playbooks mainly on Debian 9,10,11 and ubuntu (server) 18.04 LTS running as root,
on Ubuntu (Desktop) 19.04 running ad user.
I've started converting the roles to distinguish between OSes but it's incomplete.
Prerequisites
=============
install ansible:
apt-get install -y ansible
add hosts lines to ansible:
echo "[thismachine]" >> /etc/ansible/hosts
echo "127.0.0.1" >> /etc/ansible/hosts
Setup
=====
you have to change at least 2 variables:
- users
- hostname
which by default are set to "CHANGEME" anche the playbook is set to fail if these are set to CHANGEME
insert your user in:
variables.yml
in the list:
users:
goofy
and their ssh keys in the folder
keys
in form of filename:
goofy.key.pub
and format:
ssh-rsa [/CUT] user@host
insert your hostname in
variables.yml
in the variable:
hostname:
Run defaults
============
ansible-playbook common.yml
or if you are running as non-root:
sudo ansible-playbook common.yml
this playbok will:
- check if the variables are set
- change the hostname to the one that has been set in the variables
- set the timezone to the one in the variables (default: Europe/Rome)
- update repositories
- install base packages
- retrieve the main network interface (the one that is associated with the default gateway)
- iptables:
- create the users defined in the variables with the keys
- create basic ipv4 rules
- create blocking ipv6 rules
- apply said rules in iptables-persistent
- fix bashrc how I like it
- harden ssh
Run optionals
=============
- docker.yml
- installs docker-ce and docker-compose (variable in variables.yml for latest of docker-compose)
- lldp.yml
- installs and enables LLDP
- telegraf.yml
- tincvpn.yml
- transmission.yml
- singularity.yml
- installs go and builds and installs singularity
- tor.yml
- installs tor base from tor repo
Versions
========
* docker-compose:
* variable: compose_ver
* look here: https://github.com/docker/compose/releases/latest
* go:
* variable: singularity_go_ver
* look here: https://golang.org/dl/ , the package is like go1.14.linux-amd64.tar.gz and you take the "1.14"
* singularity:
* varaible: singularity_ver
* look here: https://github.com/sylabs/singularity/releases/latest
Git push
========
git add --all
git commit -m "added things to readme"
git push -u origin master
or:
git add --all && git commit -m "message" && git push -u origin master
TODO
========
- [ ] fix the installation that is only for deb systems in common.yml
- [ ] test on centos