Ongoing effort to automate my server setup using ansible
https://ccw.icu
- CSS 100%
|
|
||
|---|---|---|
| group_vars/all | ||
| roles | ||
| templates | ||
| .gitignore | ||
| ansible.cfg | ||
| LICENSE | ||
| README.org | ||
| run.yml | ||
ccw.icu infrastructure
Ansible Playbook I use to provision my Alpine Linux server
Requirements
ansible(ansible-coreis not enough, as I'm usingcommunitypackages)sshpy3-passlib(on Alpine Linux, because thecryptmodule will be deprecated from python 3.13 onward)
Because the system role will disable password-ssh-login,
you should copy your ssh key to your new machine
ssh-copy-id root@<hostname/ip>Running
As you might have noticed, from the .gitignore,
this repo does not contain the secret.yml nor the hosts.yml,
that is because they are meant to stay secret and you have to write your own.
For more information on the hosts.yml file,
see the How to build your inventory ansible wiki.
To setup the secret store, run the following command:
(and add the password: variable in there)
ansible-vault create group_vars/all/secret.yamlAfter creating the password store, you can run the playbook
ansible-playbook run.yml -K --ask-vault-passTo edit the password store at a later date, run the following command:
ansible-vault edit group_vars/all/secret.yml