Welcome to the Server Auto-Config Repository! This GitHub repository provides powerful tools and scripts for automating server setup and configuration. Whether you're a sysadmin/DevOps engineer looking to save time or a developer streamlining server provisioning, this repository simplifies the process, ensuring reliability and security. Join our community of contributors and experience the benefits of server automation today.
sample.video.mp4
We have 7 roles for the config Ubuntu servers.
- In this role, we create a new user for servers and give access to the user to run
sudocommand without a password.
- In this role, we have 3 steps.
Step 1: updating servers with apt-get update and apt-get upgrade commands and enabling automatic security updates.
Step 2: Removing unnecessary packages and services.
Step 3: Removing old software packages and cleaning the package cache.
- This role is to install dependencies on servers. Dependencies include Nginx, Docker, docker-compose-plugin, Certbot, etc.
- Gitlab-Runner Role is to install and register gitlab-runner on servers.
- SSH Role is to config SSH service. First of all, we add SSH public key to servers for secure ssh connection and we change the
sshd_configfile in/etc/ssh/location with our sshd_config file. and in the end, we change the SSH port.
Note
The
sshd_configfile has the best practices config for SSH but you can use yoursshd_configfile instead of oursshd_configfile.
- This role is to install and config fail2ban. fail2ban is a service for controlling SSH connections.
- The firewall Role is the last one and this role is to config the UFW firewall, we open HTTP, HTTPS, and SSH ports on UFW, and also we enable UFW on servers. in the end, we restart the servers.
You just have two Requirement. Install Ansible, You can use the below link to install Ansible on different os.
https://adamtheautomator.com/install-ansible/
- Clone the project
git clone https://github.com/adel-bz/Ansible-Server-Config.git
- Go to the project directory.
cd Ansible-Server-Config
- Change variables in the
all.ymlfile in/playbook/group_varsdirectory.
- Add remote servers to the
inventory.cnffile in/playbookdirectory.
Note
This project only works on Ubuntu OS (all versions) on a remote server.
Note
You have to use a config file for ssh to servers. You can use this link https://linuxize.com/post/using-the-ssh-config-file/
Or use another way to add servers to inventory.cnf file. You can see this link https://www.cherryservers.com/blog/how-to-set-up-ansible-inventory-file
Note
Change
config.ymlfile in/playbookdirectory. if you don't need a role inconfig.ymlfile, you must comment that role.
- Run the below command on your terminal in the
/playbookdirectory.
ansible-playbook -i inventory.cnf config.yml
- If a server needs a password for SSH connection, Run the below command to ask password:
ansible-playbook -i inventory.cnf config.yml -kK
If you will get an error like the below image it means your config is successful. You will get this error because you changed the SSH port and Ansible can't connect to the server with port 22.
Or we won't have any errors like the below image.
We welcome contributions from the community to improve the Server Auto Config. To contribute:
-
Fork the repository.
-
Create a new branch for your feature/fix:
git checkout -b feature-name
- Commit your changes and push them to your forked repository:
git commit -m "Add a descriptive commit message"
git push origin feature-name
- Create a pull request. Your changes will be reviewed, and once approved, they will be merged into the main branch.
Please ensure your code adheres to the project's coding standards.