Skip to content

nolte/ansible_playbook-baseline-online-server

17 Branches14 Tags

Repository files navigation

Base Service Configuration

Github Project Stars Travis CI build status Documentation Status Github Issue Tracking Github LatestRelease

This Repository will be handle the base configuration of Public Services, like Minecraft Server or Personal S3 Storage, a try dont get any Snowflake Server. Mostly hosted at hetzner.cloud, and created with Terraform.

Features

  • harder sshd
    • configure fail2ban
  • install restic
  • base logrotate configuration
  • install python3
  • configure system ntp for time handling
  • configure docker (optional)
  • Security Scans
    • execute open-scap-scan
    • root kit analyse with rkhunter
    • configure aide (planed)

Supported Distributions

Distribution Molecule tested Packer Vagrant Boxed Description
Fedora
RockyOS
Ubuntu 20.04
Alpine (planed)

Out of Scope

Usage

Prepare Python Env

virtualenv -p python3 ~/venvs/develop-ansible_role-vagrant
source ~/venvs/develop-ansible_role-vagrant/bin/activate
pip install -r requirements.txt
pre-commit install
ansible-galaxy install -r requirements.yml

Start SSH Agent

pass private/keyfiles/ssh/ansible_rollout/passphrase -c
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/ansible_id_ed25519

Playbooks

playbook ansible_group description
master-configure-system.yml master playbook for combine the base and docker playbook.
playbook-base-configureation.yml all Configure the base system.
playbook-docker-configureation.yml dockerbased Prepare the System for docker Usage 
export ANSIBLE_INVENTORY=$(pwd)/prod
export HCLOUD_TOKEN=$(pass .../token)

ansible-playbook master-configure-system.yml

Development

For Locally automatical testing we use a Combination of Molecule and Vagrant

virtualenv -p python3 ~/venvs/ansible-vagrant/
source ~/venvs/ansible-vagrant/bin/activate
pip install -r requirements.txt
pre-commit install

Testing

running the tests:

molecule test

Infrastructure Tests

pytest --connection=ansible --hosts=all test/*

Reusing and Sharing

For reusing and sharing you can create own vagrant box with the Packer /packer.

First Build the CentOS Base (WIP)

Releasing

Must be executed from the develop branch.

pre-commit uninstall \
    && bump2version --tag release --commit \
    && git checkout master && git merge develop && git checkout develop \
    && bump2version --no-tag patch --commit \
    && git push origin master --tags \
    && git push origin develop \
    && pre-commit install

Setup Local Env

asdf plugin-add packer https://github.com/Banno/asdf-hashicorp.git
asdf plugin-add terraform https://github.com/Banno/asdf-hashicorp.git
asdf plugin-add python
asdf plugin-test act https://github.com/grimoh/asdf-act --asdf-tool-version latest
python -m venv env
source env/bin/activate
pip install -r requirements.txt

About

Bootstrapping server, install a set of common tools and configurations.

nolte.github.io/ansible_playbook-baseline-online-server

Topics

ansible ansible-playbook bootstrapping

Resources

Readme
Activity

Stars

7 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 9

v1.0.5 Latest
Mar 31, 2022
+ 8 releases

Packages

No packages published

Contributors 5

Languages