Alan Orth
2961578a54
This comes from the AbuseIPDB with a confidence level of 95%. I use the following command to download and sort the IPs: $ curl -G https://api.abuseipdb.com/api/v2/blacklist -d \ confidenceMinimum=95 -H "Key: $ABUSEIPDB_API_KEY" \ -H "Accept: text/plain" | sort | sed -e '/:/w /tmp/ipv6.txt' \ -e '/:/d' > /tmp/ipv4.txt I manually add the XML formatting to each file and run them through tidy: $ tidy -xml -utf8 -m -iq -w 0 roles/common/files/abusers-ipv4.xml $ tidy -xml -utf8 -m -iq -w 0 roles/common/files/abusers-ipv6.xml Then I formatted the nftables files manually. Meh... |
||
---|---|---|
group_vars | ||
host_vars | ||
misc-plays | ||
roles | ||
vars | ||
.gitignore | ||
ansible.cfg | ||
LICENSE | ||
nomads.yml | ||
Pipfile | ||
Pipfile.lock | ||
README.md | ||
site.yml | ||
web.yml |
Ansible Playbook
Ansible playbook for base and initial configuration of the web server hosting my personal websites. After successful execution of this playbook, however, there is still some manual work to import databases, copy site content, etc.
Assumptions
Before you can run this, a few things are assumed:
- You have a clean, minimal Ubuntu 18.04/20.04 or Debian 10/11 host up and running
- Python 3 is installed on the remote server (requirement of Ansible)
- You have a user account with password-less SSH access to the machine
- You have sudo privileges on the remote host
- You have created a
hosts
file with something like:
[web]
web01
Use
Once you've satisfied the the above assumptions, you can execute:
$ ansible-playbook web.yml
Todo
- Switch from
cron-apt
tounattended-upgrades
License
Copyright (C) 2014–2021 Alan Orth
The contents of this repository are free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.