0
0
Fork 0
Ansible playbook for setting up VPSs
Go to file
Opnxng 037fce2d51 Modified systemd-resolved role 2024-01-23 08:03:31 +08:00
roles Modified systemd-resolved role 2024-01-23 08:03:31 +08:00
vars Modified ssh role 2023-12-15 04:54:22 +08:00
.gitignore Modified ssh role 2023-12-15 04:54:22 +08:00
LICENSE Inital commit 2023-11-11 02:06:42 +08:00
ORACLECLOUD.md Inital commit 2023-11-11 02:06:42 +08:00
README.md Added systemd-resolved + neovim role 2023-11-16 23:03:07 +08:00
set-up.yaml Modified systemd-resolved role 2024-01-23 08:03:31 +08:00
staging Updated README.md and inventory 2023-11-11 05:36:40 +08:00

README.md

Ansible playbook for setting up VPSs

An Ansible playbook for setting up VPSs (for Opnxng). It works for Debian-based servers in any architecture.

Before running

To install Debian on Oracle Cloud, refer to this documentation.

On a fresh Debian system, replace the default debian user:

# Give root account a password
sudo passwd root

# Configurate SSHD to temporarily allow root login with password
sudo nano /etc/ssh/sshd_config
sudo systemctl restart sshd
cp /home/debian/.ssh/authorized_keys /root/.ssh/authorized_keys

# Login as root, add new user and delete debian user
su root
sudo groupmod -n [user] debian
sudo usermod -l [user] debian
sudo usermod -d /home/[user] -m [user]
sudo passwd [user]
cp /root/.ssh/authorized_keys /home/[user]/.ssh/authorized_keys 

# SSH to [user]
sudo rm /root/.ssh/authorized_keys
sudo passwd -dl root

# Disable root in SSHD
sudo nano /etc/ssh/sshd_config

Configurations

You can modify the packages to be installed and the UFW rules.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.