Skip to content
A sample playbook that illustrates how to create and provision a DigitalOcean droplet with Ansible
Branch: master
Clone or download
DavidZisky and jasonheecs Update requirements.yml (#10)
It seems that tersmitten changed the owner of the repo (or his username in github) to Oefenweb. Currently requirement install fails because ansible can't find tersmitten.swapfile. It works properly after change I propose.
Latest commit 0c296a5 Jul 17, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
group_vars/all
roles/connection/tasks Add role to test for ssh connection (#7) Jul 4, 2018
tasks Add task to install Docker (#4) Jun 25, 2018
test/integration Update tests (#5) Jun 29, 2018
.gitignore Add role to test for ssh connection (#7) Jul 4, 2018
.kitchen.travis.yml
.kitchen.yml Added test kitchen Jun 18, 2018
.travis.yml Update tests (#5) Jun 29, 2018
Gemfile Added lemp setup task (#3) Jun 25, 2018
Gemfile.lock Added lemp setup task (#3) Jun 25, 2018
LICENSE Add documentation (#6) Jul 2, 2018
README.md Update README (#9) Jul 8, 2018
ansible.cfg Initial Commit Jun 13, 2018
hosts Added lemp setup task (#3) Jun 25, 2018
main.yml
requirements.yml Update requirements.yml (#10) Jul 17, 2018
ubuntu_provision.rb Added test kitchen Jun 18, 2018

README.md

Sample Ansible Playbook to provision a DigitalOcean droplet

Build Status

This is a sample playbook that illustrates how to create and provision a DigitalOcean droplet with Ansible; you can spin up and provision a droplet using the command line via this playbook.

Playbook Demo Image

This playbook does the following:

  • Spins up a DigitalOcean droplet
  • Adds the droplet's IP address to the ansible inventory file
  • Setup the swap file
  • Installs and setup fail2ban
  • Setup Uncomplicated firewall
  • Setup the timezone
  • Adds a new user account with sudo access
  • Adds a public ssh key for the new user account
  • Disables password authentication to the droplet
  • Deny root login to the droplet
  • Installs the UnattendedUpgrades package for automatic security updates
  • (Optional) Installs the LEMP stack
  • (Optional) Installs Docker

Prerequisites

Ansible >= 2.4.0.0

Usage

  1. Clone this repo:
git clone https://github.com/jasonheecs/ansible-digitalocean-sample-playbooks.git
cd ansible-digitalocean-sample-playbooks
  1. Rename the group_vars/all/secret.yml.example file to group_vars/all/secret.yml and change the secret variables to your appropriate values.

  2. Modify the values in group_vars/all/main.yml with your desired values.

  3. Run the following:

ansible-galaxy install -r requirements.yml
ansible-playbook -i hosts main.yml

Testing

Testing is done via Kitchen CI and Kitchen Ansible. Testing of the droplet setup is done via Kitchen Vagrant:

gem install bundler
bundle install
bundle exec kitchen test

Testing of the LEMP stack and Docker installation / setup is done via Kitchen Docker:

gem install bundler
bundle install
KITCHEN_YAML=".kitchen.travis.yml" bundle exec kitchen test

Refer to the travis.yml file and Travis build logs for details on the test build process and expected outputs.

License

MIT

You can’t perform that action at this time.