Perfect Linux machine setup with Ansible

In 2020, having a Linux IaaS machine configured and setup should be easy and fast: after all, it's the basic task anybody has to do in order to start working on more-meaningful and productive activities.

However, this is not always the case: you work in different environments (different cloud providers, on-premises environments, lab environments) where you have different base images and different tools, and creating the very same machine is still quite a daunting - or at least time-consuming - task.

This project aims to solve that, by providing a boilerplate yet complete and easy-to-use and easy-to-customize way to spin up your own Linux machine.

Usage

You will need Ansible on your workstation in order to run this project, and you will need to first install a base Linux image on your target system. The target system can be a Debian-based system or an Ubuntu-based system, since the apt package is used.

You can start the fun with the install.sh script which takes in input the hostname to configure.

In the output, you will receive the passwords for the default user and the root user. The script will add your local SSH keys as trusted keys for remote login, and will harden the Linux installation quite a bit. In the end, you will also have several utilities installed and a Docker daemon.

The playbook also uses the olivomarco/dotfiles repo in order to setup a custom and productive shell for the users of the system.

Parameters

Please note that some of the parameters provided by this template repo MUST BE CHANGED before running the script.

Customization starts by modifying files in this folder. In particular, consider that:

in all.yml you must modify the default_username variable
in all.yml you must modify the dot_forward_email variable
the vault.yml is an ansible-vault encrypted file (default password: secretpassword) which you must customize with your SMTP parameters

Final notes

You can, of course, customize everything and add your own tools and configurations: if you think you have found something useful which can be beneficial to any user using this package, please open a feature request and I will gladly evaluate it.

Destination directory /etc/exim4 does not exist

using vagrant ubuntu 1804, I encountered this error:

Install mozilla/sops...
  live done | msg: OK (29335186 bytes)
Enable dm_crypt module...
  live done
Enable compress on logrotate...
  live done | msg: line replaced
Configure timezone...
  live done | msg: executed `/usr/bin/timedatectl set-timezone UTC`
Configure ntp client and restart it...
  live done
Set up exim4 conf...
  live failed | **msg: Destination directory /etc/exim4 does not exist**
restart ntp (via handler)...
restart cron (via handler)...
restart fail2ban (via handler)...

- Play recap -
  live                       : ok=11   changed=9    unreachable=0    failed=1    rescued=0    ignored=0

Replaying it again, here's the log


PLAY [prod] **************************************************************************************************************************************************

TASK [Gathering Facts] ***************************************************************************************************************************************
[DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host live should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior
 Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See
https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12.
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
ok: [live]

TASK [nickjj.fail2ban : ensure fail2ban is installed] ********************************************************************************************************
ok: [live]

TASK [nickjj.fail2ban : ensure fail2ban is configured] *******************************************************************************************************
ok: [live] => (item=etc/fail2ban/jail.local)
ok: [live] => (item=etc/fail2ban/fail2ban.local)

TASK [nickjj.fail2ban : ensure fail2ban starts on a fresh reboot] ********************************************************************************************
ok: [live]

TASK [common : Upgrade packages] *****************************************************************************************************************************
ok: [live]

TASK [common : Install packages] *****************************************************************************************************************************
ok: [live]

TASK [common : Install mozilla/sops] *************************************************************************************************************************
ok: [live]

TASK [common : Enable dm_crypt module] ***********************************************************************************************************************
ok: [live]

TASK [common : Enable compress on logrotate] *****************************************************************************************************************
ok: [live]

TASK [common : Configure timezone] ***************************************************************************************************************************
ok: [live]

TASK [common : Configure ntp client and restart it] **********************************************************************************************************
ok: [live]

TASK [common : Set up exim4 conf] ****************************************************************************************************************************
fatal: [live]: FAILED! => {"changed": false, "checksum": "38fce86296304f3db942244f1e945b648f075041", "msg": "Destination directory /etc/exim4 does not exist"}

PLAY RECAP ***************************************************************************************************************************************************
live                       : ok=11   changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

olivomarco / my-ansible-linux-setup Goto Github PK

my-ansible-linux-setup's Introduction

Perfect Linux machine setup with Ansible

Usage

Parameters

Final notes

my-ansible-linux-setup's People

Contributors

Stargazers

Watchers

Forkers

my-ansible-linux-setup's Issues

Destination directory /etc/exim4 does not exist

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent