Ubuntu/Bespin/Ansible

From charlesreid1

Up: Ubuntu/Bespin

Previous: Ubuntu/Bespin/Gnome Setup

Next: Ubuntu/Bespin/PIA


Note that it is easiest and safest to perform these steps on a local network (e.g., a wifi router network) that has internet connectivity but that won't expose the Ubuntu server to the public internet.

Now use https://github.com/charlesreid1-com/charlesreid1-ansible to run the provision and base plays against the server. Note that this requires root access via ssh, so you have to edit your ssh config file to include this line:

/etc/ssh/sshd_config 

PermitRootLogin yes

Now restart the ssh service: 

sudo service ssh restart

and test that you can log in as root without a password: 

ssh root@<ip-for-bespin>

ONLY ENABLE THIS WHILE YOU RUN ANSIBLE! DISABLE IT WHEN YOU ARE DONE!

Now run ansible from a different machine: 

# run this from a different machine!
git clone git@github.com:charlesreid1-com/charlesreid1-ansible.git ansible
cd ansible

# provision (python3 install)
ANSIBLE_CONFIG="local.cfg" ansible-playbook --extra-vars "machine_name=bespin" provision.yml

# set up with all the things
ANSIBLE_CONFIG="local.cfg" ansible-playbook --extra-vars "machine_name=bespin" --vault-password-file=.vault_secret base.yml

Last, edit your ssh config to disable root login:

/etc/ssh/sshd_config

Remove this line! 

PermitRootLogin yes # REMOVE ME

and replace with this one: 

PermitRootLogin no

Now restart the ssh service: 

sudo service ssh restart
Retrieved from "https://charlesreid1.com/w/index.php?title=Ubuntu/Bespin/Ansible&oldid=28507"