Actions
Ansible Setup » History » Revision 12
« Previous |
Revision 12/32
(diff)
| Next »
Jon Goldberg, 04/03/2018 07:57 PM
Ansible Setup¶
Installation¶
Megaphone Ansible scripts assume Ansible 2.4+. If you're using Debian 9, install Ansible from backports.
sudo apt install ansible pass expect
sudo pip2 install python-linode #Needed for generating Linode VMs on the fly
# Debian 9:
sudo apt install -t stretch-backports ansible
Configuration¶
Clone the password repo:
mkdir $HOME/.password-store && cd $HOME/.password-store
git clone ssh://git@git.megaphonetech.com:10022/megaphone/passwords.git .
# For security reasons, explicitly set the GPG keys who can decrypt passwords you create
cp .gpg-id.example .gpg-id
Clone the ansible repo:
git clone ssh://git@git.megaphonetech.com:10022/megaphone/ansible.git
Create an ansible.log file and make it world-writable:
sudo touch /var/log/ansible.log
sudo chmod a+w /var/log/ansible.log
Localhost setup¶
[Note: You only need this to start managing your OWN host via Ansible, not to use Ansible to manage other servers]
sudo apt install acl
(This simplifies becoming an unprivileged user)- After adding your local computer to the Server List, create a folder for it in
<ansibleroot>/group_vars
. Set any reasonable defaults, in particularansible_authorized_keys
. This mitigates the security issue of having passwordless sudo access on each other's localhosts.
Updated by Jon Goldberg over 6 years ago · 12 revisions