59 lines
1.7 KiB
YAML
59 lines
1.7 KiB
YAML
---
|
|
|
|
# Intended to be run once for every new server to secure the ssh connection allowing the team access
|
|
# with their public keys. This script will lock itself out from every server it is run on.
|
|
# Further playbooks are intended to be run by logging in as one of the created users.
|
|
# It also ensures python2 is installed as it's necessary for the modules used in this playbook at
|
|
# the time of this writing.
|
|
|
|
# The used login data depends on the used server provider. In most cases the ansible_user will be
|
|
# root, but we can't safely assume anything.
|
|
# The following line is an example for securing a new vagrant maching, after running `vagrant up`:
|
|
# ansible-playbook first_run.yml -i hosts -u vagrant --private-key='~/.vagrant.d/insecure_private_key'
|
|
# For real providers it could look like:
|
|
# ansible-playbook first_run.yml -i hosts -u root --private-key='~/.ssh/id_rsa'
|
|
# If you don't have a ssh-key on the server and the server expects password authentication use:
|
|
# ansible-playbook first_run.yml -i hosts -u root --ask-pass
|
|
|
|
#- hosts: all
|
|
# strategy: free
|
|
#
|
|
## vars_prompt:
|
|
##
|
|
## - name: ansible_become_password
|
|
## prompt: "Give your local Password here:"
|
|
#
|
|
# roles:
|
|
# - common
|
|
|
|
- hosts: ansible_dependencies
|
|
strategy: free
|
|
gather_facts: false
|
|
|
|
roles:
|
|
- ansible_dependencies-ubuntu-noble
|
|
- ansible_user_debian
|
|
|
|
- hosts: initial_setup
|
|
strategy: free
|
|
|
|
# vars_prompt:
|
|
#
|
|
# - name: ansible_become_password
|
|
# prompt: "Give your local Password here:"
|
|
|
|
roles:
|
|
- ubuntu-server
|
|
|
|
#- hosts: debian-server
|
|
# strategy: free
|
|
#
|
|
## vars_prompt:
|
|
##
|
|
## - name: ansible_become_password
|
|
## prompt: "Give your local Password here:"
|
|
#
|
|
# roles:
|
|
# - common
|
|
|