panda
166b28bc11
commented glances installation since it's not in debian 11 repos anymore and it's heavy and not really needed. |
||
---|---|---|
debug | ||
keys | ||
repo | ||
roles | ||
common.yml | ||
docker.yml | ||
hosts | ||
lldp.yml | ||
README.md | ||
singularity.yml | ||
telegraf.yml | ||
tincvpn.yml | ||
to_add.txt | ||
tor.yml | ||
transmission.yml | ||
variables.yml |
Table of contents
NOTA BENE
I've tested the playbooks mainly on Debian 9 and ubuntu (server) 18.04 LTS running as root, on Ubuntu (Desktop) 19.04 running ad user. I've started converting the roles to distinguish between OSes but it's incomplete.
Prerequisites
install ansible: apt-get install -y ansible
add hosts lines to ansible: echo "[thismachine]" >> /etc/ansible/hosts echo "127.0.0.1" >> /etc/ansible/hosts
Setup
you have to change at least 2 variables:
- users
- hostname
which by default are set to "CHANGEME" anche the playbook is set to fail if these are set to CHANGEME
insert your user in: variables.yml in the list: users: goofy and their ssh keys in the folder keys in form of filename: goofy.key.pub and format: ssh-rsa [/CUT] user@host
insert your hostname in variables.yml in the variable: hostname:
Run defaults
ansible-playbook common.yml
or if you are running as non-root:
sudo ansible-playbook common.yml
this playbok will:
- check if the variables are set
- change the hostname to the one that has been set in the variables
- set the timezone to the one in the variables (default: Europe/Rome)
- update repositories
- install base packages
- retrieve the main network interface (the one that is associated with the default gateway)
- iptables:
- create the users defined in the variables with the keys
- create basic ipv4 rules
- create blocking ipv6 rules
- apply said rules in iptables-persistent
- fix bashrc how I like it
- harden ssh
Run optionals
- docker.yml
- installs docker-ce and docker-compose (variable in variables.yml for latest of docker-compose)
- lldp.yml
- installs and enables LLDP
- telegraf.yml
- tincvpn.yml
- transmission.yml
- singularity.yml
- installs go and builds and installs singularity
- tor.yml
- installs tor base from tor repo
Versions
- docker-compose:
- variable: compose_ver
- look here: https://github.com/docker/compose/releases/latest
- go:
- variable: singularity_go_ver
- look here: https://golang.org/dl/ , the package is like go1.14.linux-amd64.tar.gz and you take the "1.14"
- singularity:
- varaible: singularity_ver
- look here: https://github.com/sylabs/singularity/releases/latest
Git push
git add --all
git commit -m "added things to readme"
git push -u origin master
or: git add --all && git commit -m "message" && git push -u origin master
TODO
- fix the installation that is only for deb systems in common.yml
- test on centos