# Ansible Catalogue of Ansible playbooks and helper scripts for server management ## Node configuration process ### Setup user configuration - Create provisioning user without password and sudo - Create tanguy user with password - Disable root login (passwd --lock root) ### SSH Setup - Install fail2ban - Disable SSH password login - Change SSH port ### Miscellaneous - Test if unattended-upgrade is installed - Disable if true - Disable IPv6 - Setup hostname ### Softwares - Install k3s with token - Install OMV for NAS node*(s) ## Update system - General package manager update # Additional configuration - Add label to output node on k3s to enable load balancer # Notes Running the configuration for a node without inventory ``` ansible-playbook init.yml -i -u creator --private-key --ask-become --extra-vars '{"hostname": "foo"}' ``` Running the configuration for a node with inventory - Add node to inventory - Add node to `virgin` group - Run following command ``` ansible-playbook init.yml -i inventory --limit virgin ```