21 lines
1.1 KiB
YAML
21 lines
1.1 KiB
YAML
---
|
|
|
|
# Intended to be run once for every new server to secure the ssh connection allowing the team access
|
|
# with their public keys. This script will lock itself out from every server it is run on.
|
|
# Further playbooks are intended to be run by logging in as one of the created users.
|
|
# It also ensures python2 is installed as it's necessary for the modules used in this playbook at
|
|
# the time of this writing.
|
|
|
|
# The used login data depends on the used server provider. In most cases the ansible_user will be
|
|
# root, but we can't safely assume anything.
|
|
# The following line is an example for securing a new vagrant maching, after running `vagrant up`:
|
|
# ansible-playbook first_run.yml -i hosts -u vagrant --private-key='~/.vagrant.d/insecure_private_key'
|
|
# For real providers it could look like:
|
|
# ansible-playbook first_run.yml -i hosts -u root --private-key='~/.ssh/id_rsa'
|
|
# If you don't have a ssh-key on the server and the server expects password authentication use:
|
|
# ansible-playbook first_run.yml -i hosts -u root --ask-pass
|
|
|
|
- hosts: all
|
|
roles:
|
|
- ansible_dependencies-bookworm
|