Ansible playbook for base and initial configuration of web server hosting my personal websites.
Go to file
Alan Orth 42501acb74
Add install instructions for ansible-relayor
There are several ways to install external roles, ie via ansible-galaxy,
git submodules, etc. I found that adding this role to a requirements.yml
file and adding instructions to the README.md is probably the best way.

Using ansible-galaxy actually had issues because the ansible-relayor git
repository has version tags that use mixed styles, like v0.3.3 and 0.1.0
without a v.
2018-05-07 10:54:40 +03:00
group_vars group_vars/all: Disable TLS cipher suites using Triple DES 2016-08-27 18:25:37 +03:00
host_vars host_vars/web12: Update DNS resolvers for TLS stapling 2018-04-30 18:12:29 +03:00
misc-plays misc-plays/change_password.yml: Use become 2017-10-14 14:20:34 +03:00
roles roles/nginx: Allow custom resolvers for TLS stapling 2018-04-30 18:04:17 +03:00
vars Import OS-specific vars from task in common role 2018-04-25 18:04:29 +03:00
.gitignore .gitignore: Ignore Vagrant directory 2015-05-24 23:00:48 +03:00
LICENSE Add copy of GPLv3 license 2015-05-08 15:59:15 +03:00
Pipfile Update Ansible to 2.5.2 in pipenv 2018-04-29 11:41:24 +03:00
Pipfile.lock Update Ansible to 2.5.2 in pipenv 2018-04-29 11:41:24 +03:00
README.md Add install instructions for ansible-relayor 2018-05-07 10:54:40 +03:00
ansible.cfg Revert "ansible.cfg: Temporary workaround for Ansible > 2.4.0.0 connection issue" 2017-11-01 13:03:44 +02:00
requirements.yml Add install instructions for ansible-relayor 2018-05-07 10:54:40 +03:00
site.yml Add playbook for configuring Tor relays 2018-05-07 10:53:36 +03:00
tor-relay.yml Add playbook for configuring Tor relays 2018-05-07 10:53:36 +03:00
web.yml Import OS-specific vars from task in common role 2018-04-25 18:04:29 +03:00

README.md

Ansible Playbook

Ansible playbook for base and initial configuration of the web server hosting my personal websites. After successful execution of this playbook, however, there is still some manual work to import databases, copy site content, etc.

Assumptions

Before you can run this, a few things are assumed:

  • You have a clean, minimal Debian 9, Ubuntu 16.04, or Ubuntu 18.04 host up and running
  • You have a user account with password-less SSH access to the machine
  • You have sudo privileges on the remote host
  • You have created a hosts file with something like:
[web]
web01

Use

Once you've satisfied the the above assumptions, you can execute:

$ ansible-playbook web.yml

If setting up Tor relays, you need to install the ansible-relayor role:

$ ansible-galaxy install -r requirements.yml

Todo

  • Update packages for Ubuntu 18.04 (mariadb, nginx, tarsnap currently using packages for 17.10 artful)
  • Switch from cron-apt to unattended-upgrades

License

Copyright (C) 2014 - 2018 Alan Orth

The contents of this repository are free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.