Bootstrap ========= An ansible role to bootstrap a fresh system to be able to utilize Ansible. It will install all the ansible dependencies, create an ansible user and give it the necessary permissions, install an ssh key and finally setting SSH to only allow logins with an ssh key. Requirements ------------ * A pre-generated ssh key installed on the local system. (Defaults to `~/.ssh/ansible_rsa.pub`, but can be changed by setting the ansible_ssh_key_path variable. * Add the list of hosts to bootstrap to the [bootstrap] group in the ansible [inventory file](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html) file. Defaults to `hosts` in the root of the ansible git repo. * This role __must__ be run with the option `--ask-pass`. NOTE: Debian distros disable SSH root login by default. In order to run this role, you must first enable it by setting `PermitRootLogin yes` in `/etc/ssh/sshd_config` and restarting SSH `systemctl restart ssh` ``` [bootstrap] webserver1 webserver2 10.0.0.162 ``` Role Variables -------------- * __bootstrap_hosts__: DNS hostname(s) or IP address(es) of the host(s) to be bootstrapped. Defaults to the ansible inventory group "bootstrap" * __ansible\_ssh\_key\_path__: Local path to the public key ansible will install. Defaults to `~/.ssh/ansible_rsa.pub` * __ansible_username__: User that ansible will create for connecting over after bootstrapping. Defaults to `ansible` * __ssh_username__: User that ansible will connect over SSH as while doing the initial bootstrap installation. Defaults to `root` * __os_family__: Used to determine which package manager to use. Defaults to `redhat`. For Debian-style distros change to `debian` Example Usage ------------- #### Bootstrap a new server: ansible-playbook bootstrap.yml --ask-pass #### Bootstrap a server with a different ssh key: ansible-playbook bootstrap.yml --extra-vars 'ansible_ssh_key_path="~/.ssh/my_other_key.pub"' --ask-pass #### Bootstrap a Debian server: ansible-playbook bootstrap.yml --extra-vars 'os_family=debian' --ask-pass __Note__: This role __must__ be run with the option `--ask-pass`. License ------- GPLv3