An ansible playbook that runs a number of roles that together perform some basic server setup and hardening.

• Clone this repository.
  • $ git clone https://github.com/glillico/server-setup.git
  • Change to the repositories directory.
    • $ cd server-setup
  • Install requirements.
    • $ ansible-galaxy install -r requirements.yml
  • Make a copy of the file example.config.yml and modify it to meet your requirements.
    • $ cp example-config.yml config.yml
  • Make a copy of the file example.inventory.ini and modify it to meet your requirements.
    • $ cp example-inventory.ini inventory.ini
  • Copy the ssh keys for your initial user into the keys directory, and modify the config.yml file appropriately.
  • Run the playbook.
    • $ ansible-playbook main.yml

• It is possible run a specifc section of the playbook by using the ansible-playbook's --tags feature.
  • $ ansible-playbook main.yml -t "docker,reboot"
• The available tage are
  • add_rm_pkgs, auto_pkg_updates, configure_sudo, docker, fail2ban, firewall, hostname, issue, ntp, reboot, selinux, host_keys, ssh_keys, sshd, sync_sudo, update_pkgs, users

See the individual roles for variable descriptions.

• ansible-role-add_rm_pkgs
  
• ansible-role-auto_pkg_updates
  
• ansible-role-configure_firewall
  
• ansible-role-configure_ntp
  
• ansible-role-configure_sshd
  
• ansible-role-configure_sudo
  
• ansible-role-copy_etc_issue
• ansible-role-install_docker
  
• ansible-role-install_fail2ban
  
• ansible-role-manage_selinux
  
• ansible-role-reboot_server
  
• ansible-role-regenerate_ssh_host_keys
  
• ansible-role-set_hostname
  
• ansible-role-setup_ssh_keys
  
• ansible-role-setup_users
  
• ansible-role-sync_sudo
  
• ansible-role-update_pkgs
  

MIT

Created in 2022 by Graham Lillico.