Coder Social home page Coder Social logo

ansible-user-create's Introduction

Ansible for Server Security Setup

Inventory

[staging]

hostname=<host name> ansible_ssh_host=<your server ip address> ansible_user=ubuntu  ansible_ssh_private_key_file=./host_ssh/<add your key name>

[staging:vars]
ansible_python_interpreter=/usr/bin/python3

If you use nginx server, you need to remove # of nginx-ratelimit task in site.yaml

roles:
    # - { role: nginx-ratelimit, tags: 'nginx-ratelimit'} # if you use nginx server remove "#" 
    - { role: fix-security, tags: 'fix-security' }

Create User Password

python3 createpass.py

type password and copy hash

paste to user.password (./group_var/all.yaml)

user:
  name: 'admin'
  password: 'password-hash-here'

Add Allow IP address to access ssh

Add SSH allow ip to ssh.allow_ip group_vars/all.yaml (you can add ip/network range example 192.168.1.2 or 192.168.1.1/24)

ssh:
  allow_ip: 
    - 192.168.1.2
    - 192.168.1.1/24

save your host's accessable private key at host_ssh

add your public key to host_ssh

ssh-keygen -y -f {yourkey}.pem > {yourkey}.pub

after key generate

you need to add your public key name in follow task of fix-security/task/all.yaml,

- name: Add SSH public key for "{{ user.name }}"
  become: yes
  become_user: root
  authorized_key:
    user: "{{ user.name }}"
    key: "{{item }}"
    state: present
  loop:
    - "{{ lookup('file', './host_ssh/<your public key name>.pub') }}"

After finished "restart sshd" TASK, task will fail, Don't worry it's normal because we block normal connection ๐Ÿ˜„

  1. Make sure you update inventory file before running the playbook.
  2. Review variables in group_vars/all.yaml,
  3. Install jmespath package on the Ansible control machine 
    pip install jmespath

Useful commands

Playbook syntax check

ansible-playbook -v --syntax-check site.yaml

Run playbook

ansible-playbook -v site.yaml

ansible-user-create's People

Contributors

kharalk avatar

Watchers

Kumarar Kharal avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.