Bootstrap and secure your server in 5 minutes flat.
Switch branches/tags
Nothing to show
Pull request Compare This branch is even with phred:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
config
README.md
bootstrap.yml
fred.pub
hosts.ini

README.md

5minbootstrap

Bootstrap and secure your server in 5 minutes flat. A riff on this excellent post:

http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers

There's a blog post that I wrote to go along with this. Check it out!

http://practicalops.com/my-first-5-minutes-on-a-server.html

TL;DR

Step 1: Set the root password

Run:

yourmachine$ ssh root@server

Enter the initial root password from your hosting provider, then run:

root@server# passwd

Step 2: Fetch the bootstrap recipe

https://github.com/phred/5minbootstrap/

yourmachine ~$ git clone https://github.com/phred/5minbootstrap.git
yourmachine ~$ cd 5minbootstrap

Step 3: Edit hosts.ini

Ansible needs to know about the servers you want to manage. There is no fancy central database, just a text file with a list of servers. Oh, it's called an "inventory file."

Edit the hosts.ini that came with the repository. Replace 127.0.0.1 with your IP address, and :2222 with your SSH port.

[newservers]
127.0.0.1:2222

Step 4: Update the SSH public key.

yourmachine ~/5minbootstrap$ cp ~/.ssh/id_dsa.pub ./fred.pub

For simplicity I provided my public key in the repo. Unless you want to grant me login access to your server, you probably want to change that. :-)

Step 5: Run the playbook

This is the needed invocation for Vagrant:

yourmachine ~/5minbootstrap$ ansible-playbook -i hosts.ini bootstrap.yml --ask-pass --sudo

If you are logging into a fresh Linode, or another sytem where you only have the root user, you need to run this command:

yourmachine ~/5minbootstrap$ ansible-playbook -i hosts.ini bootstrap.yml --user root --ask-pass

Step 6: Go get a cup of coffee because you're DONE.

I prefer hand-ground French pressed coffee myself. Tea is also fine.