srvkist

Ansible scripts for bootstrapping, securing and managing an ubuntu server.

Requirements
Usage
Development
License

Requirements

ansible
required ansible version: 2.4.0.0 or higher
Install passlib: pip install passlib

Usage

First Run

We're assuming, you have just set up a server with Ubuntu Server 16.04 minimum installation. There is openssh-server installed and you have root access using a ssh key.

Edit ./hosts to match your server ip and port.

Create vault_password_file containing the password for ansible vault:

echo -n "secret-password" > vault_password_file

Run first-run.yml to install minimum requirements and create the admin user for ansible:

ansible-playbook --user root first-run.yml

You are now ready to use playbook.yml - all at once or by tags.

Bootstrapping

ansible-playbook playbook.yml -t bootstrap

Set hostname
Update packages and set automatic unattended upgrades
Add public ssh keys for ansible admin user
Create SFTP group
Install fail2ban
Set iptables
Disallow ssh access for root and disable password auth
Delete root password
Set local and timezone
Install ntp
Install optional packages defined in group_vars

nginx

ansible-playbook playbook.yml -t nginx

Install nginx
Copy nginx and sites configurations
Ensure nginx cache and public html directory properties
Remove default nginx site configuration

Letsencrypt

ansible-playbook playbook.yml -t letsencrypt

Install certbot and letsencrypt from ppa:cerbot/certbot
Create cronjob for certbot auto-renewal of existing certificates

Docker

ansible-playbook playbook.yml -t docker

Install docker and docker-compose with required dependencies and apt sources

Create certificates using certbot

Create a certificate for one or more domains using certbot:

ansible-playbook cert.yml

Development

You can use vargrant to create a virtual server for testing and development.

vagrant up
ln -s .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory vagrant
ansible-playbook -i vagrant <PLAYBOOK>

Rebooting docker with deleted volumes

dc down -v && dc up -d

Cleanup of images

docker rm -f $(docker ps -a -q) &&\
docker rmi -f $(docker images -q) &&\
docker volume rm -f $(docker volume ls);
docker ps -a

docker-compose up -d

docker-compose up -d --build --force-recreate app
docker-compose up -d --force-recreate app

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
group_vars/all		group_vars/all
roles		roles
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
Vagrantfile		Vagrantfile
ansible.cfg		ansible.cfg
cert.yml		cert.yml
first-run.yml		first-run.yml
hosts		hosts
playbook.yml		playbook.yml
user.yml		user.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

srvkist

Requirements

Usage

First Run

Bootstrapping

nginx

Letsencrypt

Docker

Create certificates using certbot

Development

Rebooting docker with deleted volumes

Cleanup of images

License

About

Releases

Packages

Languages

License

acrolyt/srvkist

Folders and files

Latest commit

History

Repository files navigation

srvkist

Requirements

Usage

First Run

Bootstrapping

nginx

Letsencrypt

Docker

Create certificates using certbot

Development

Rebooting docker with deleted volumes

Cleanup of images

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages