athens-school/Ansible
4
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
51 Commits 3 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Ansible

Catalogue of Ansible playbooks and helper scripts for server management atmen: slave, servant

Configuration options

SSH Ports

The ssh port can be configured in 2 steps:

  1. Change the ansible_ssh_port variable in inventory/group_vars/all.yml
  2. Change the sshd_port variable in inventory/vars/unprovisioned.yaml

Node configuration process

Provisioning

  • Add atmen user for provisioning
  • Configure SSH key for atmen user
  • Add maintainer user
  • Configure SSH key for maintainer user
  • Disable root login (passwd --lock root)
  • Disable SSH login for creator user
  • Disable SSH password login
  • Change SSH port

SSH Setup

  • Install fail2ban

Miscellaneous

  • Disable unattended-upgrade is installed
  • Disable IPv6
  • Setup hostname
  • Install open-iscsi, nfs-common, nfs-utils

OMV configuration

  • Install OMV through OMV-extras
  • (lab) Add Vagrant user to SSH group
  • Add atmen user to sudoers
  • Install openmediavault-zfs, openmediavault-s3, openmediavault-filebrowser

OMV manual configuration

NFS configuration

  • Create FS
  • Enable NFS
  • subtree_check,insecure,no_root_squash,anonuid=1000,anongid=100 in NFS share extra options
Description
Catalogue of Ansible playbooks and helper scripts for server management
Readme 115 KiB