This repository contains a minimal Ansible role used for bootstrapping an Ubuntu server.
The included tasks are:
- Copy configuration files
- Configure locale
- Install and update Ubuntu packages
- Create users, assigning groups and public keys
- Basic security configuration:
- Disable SSH root access
- Disable password authentication
- Install Fail2ban
- Configure UFW Firewall
- Configure Mailgun as a SMTP relay
- Install and configure NewRelic server monitoring
Ansible - 2.4 + above Ubuntu - 16.04 + above SSH Authentication for the root user.
Configure the following, on the file: roles/bootstrap/defaults/main.yml
mailgun_username: [email protected] mailgun_password: password
root_forward: [email protected]
users: - {name: 'USERNAME', public_key: 'SSH KEY for USERNAME', password: 'USERNAME PASSWORD' }
locale: en_US.UTF-8 language: 'en_US:en' timezone: America/Chicago
newrelic_license_key: "NEW RELIC LICENSE"
ufw_ports:
- "ssh"
- "http"
- "https"
Check the connection from Ansible to the server. From the project root you can ping to the server
ansible SERVER -m ping
Finally, the role can be executed using
ansible-playbook bootstrap.yml
If you don't need any of the tasks, just comment them in the main.yml file of the role.