41 lines
1.0 KiB
Markdown
41 lines
1.0 KiB
Markdown
# Ansible
|
|
|
|
Catalogue of Ansible playbooks and helper scripts for server management
|
|
|
|
## TODO
|
|
Migrate OMV6 installation process to the OMV-Extras script and disable network configuration step
|
|
https://github.com/OpenMediaVault-Plugin-Developers/installScript#to-skip-network-setup
|
|
|
|
## Node configuration process
|
|
### Setup user configuration
|
|
- Create provisioning user without password and sudo
|
|
- Create tanguy user with password
|
|
- Disable root login (passwd --lock root)
|
|
|
|
### SSH Setup
|
|
- Install fail2ban
|
|
- Disable SSH password login
|
|
- Change SSH port
|
|
|
|
### Miscellaneous
|
|
- Test if unattended-upgrade is installed
|
|
- Disable if true
|
|
- Disable IPv6
|
|
- Setup hostname
|
|
|
|
### Softwares
|
|
- Install k3s with token
|
|
- Install OMV for NAS node*(s)
|
|
|
|
## Update system
|
|
- General package manager update
|
|
|
|
# Additional configuration
|
|
- Add label to output node on k3s to enable load balancer
|
|
|
|
# OMV configuration
|
|
## NFS configuration
|
|
- Create FS
|
|
- Enable NFS
|
|
- `subtree_check,insecure,no_root_squash,anonuid=1000,anongid=100` in NFS share extra options
|