Ansible Setup » History » Version 9
Jon Goldberg, 04/03/2018 07:30 PM
| 1 | 1 | Jon Goldberg | # Ansible Setup |
|---|---|---|---|
| 2 | |||
| 3 | 5 | Jon Goldberg | ### Installation |
| 4 | 2 | Jon Goldberg | Megaphone Ansible scripts assume Ansible 2.4+. If you're using Debian 9, install Ansible from backports. |
| 5 | |||
| 6 | 1 | Jon Goldberg | ```bash |
| 7 | 3 | Jon Goldberg | sudo apt install ansible pass expect |
| 8 | 1 | Jon Goldberg | sudo pip2 install python-linode #Needed for generating Linode VMs on the fly |
| 9 | 9 | Jon Goldberg | |
| 10 | 1 | Jon Goldberg | # Debian 9: |
| 11 | 4 | Jon Goldberg | sudo apt install -t stretch-backports ansible |
| 12 | 2 | Jon Goldberg | ``` |
| 13 | 5 | Jon Goldberg | |
| 14 | 6 | Jon Goldberg | ### Configuration |
| 15 | 9 | Jon Goldberg | Create an ansible.log file and make it world-writable: |
| 16 | |||
| 17 | ```bash |
||
| 18 | sudo touch /var/log/ansible.log |
||
| 19 | sudo chmod a+w /var/log/ansible.log |
||
| 20 | ``` |
||
| 21 | |||
| 22 | 6 | Jon Goldberg | TODO: Git clone the `ansible` and `passwords` repos to the appropriate place; copy `~/.passsword-store/.gpg.id.example to .gpg-id`. |
| 23 | |||
| 24 | 5 | Jon Goldberg | ### Localhost setup |
| 25 | [Note: You only need this to start managing your OWN host via Ansible, not to use Ansible to manage other servers] |
||
| 26 | 8 | Jon Goldberg | |
| 27 | 1 | Jon Goldberg | * `sudo apt install acl` (This simplifies [becoming an unprivileged user](http://docs.ansible.com/ansible/latest/user_guide/become.html)) |
| 28 | 8 | Jon Goldberg | * After adding your local computer to the [Server List](https://crm.megaphonetech.com/server-list), create a folder for it in `<ansibleroot>/group_vars`. Set any reasonable defaults, in particular `ansible_authorized_keys`. This mitigates the security issue of having passwordless sudo access on each other's localhosts. |