Updated README.md and inventory

2023-11-11 05:36:40 +08:00 · 2023-11-11 05:36:40 +08:00 · a4c15380fa
commit a4c15380fa
parent 894613d795
3 changed files with 40 additions and 24 deletions
--- a/README.md
+++ b/README.md
@ -1,16 +1,42 @@
 # Ansible playbook to set up VPSs
-An Ansible playbook to set up VPSs (for Opnxng). It applies to Debian-based servers in any arch.
+An Ansible playbook to set up VPSs (for Opnxng). It applies to Debian-based servers in any architecture.
-## Oracle Cloud
+## Before running
-To install Debian on Oracle Cloud, refer to [this documentation](ORACLECLOUD.md)
+To install Debian on Oracle Cloud, refer to [this documentation](ORACLECLOUD.md).
 On a fresh Debian system, replace the default `debian` user:
 ```
 # Give root account a password
 sudo passwd root
 # Configurate SSHD to temporarily allow root login with password
 sudo nano /etc/ssh/sshd_config.d/sshd.conf
 # Login as root, add new user and delete debian user
 su root
 sudo groupmod -n [user] debian
 sudo usermod -l [user] debian
 sudo usermod -d /home/[user] -m [user]
 sudo passwd [user]
 sudo userdel debian
 sudo rm -r /home/debian
 # Switched [user] 
 su [user]
 sudo passwd -dl root
 # Configurate SSHD again to allow [user] login and to set a custom port
 sudo nano /etc/ssh/sshd_config.d/sshd.conf
 ```
 ## Configurations
 You can modify the [packages to be installed](set-up.yml) and the [UFW rules](roles/ufw/tasks/main.yml).
-Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yml](/opnxng/opnxng-set-up-playbook).
+Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yml](vars/secrets.example.yml).
 ## Contact
 Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.
--- a/19
+++ b/19
@ -2,47 +2,28 @@ oracle:
  hosts:
    oracle1:
      ansible_host: [REDACTED]
      wireguard_ip: 10.123.0.1
    oracle2:
      ansible_host: [REDACTED]
      wireguard_ip: 10.123.0.2
    oracle3:
      ansible_host: [REDACTED]
      wireguard_ip: 10.123.0.3
    oracle4:
      ansible_host: [REDACTED]
      wireguard_ip: 10.123.0.4
  vars:
    ansible_ssh_private_key_file: [REDACTED]
    ansible_user: [REDACTED]
    ansible_ssh_port: [REDACTED]
    pipelining: true
    ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
    ansible_python_interpreter: /usr/bin/python3
    TZ: Asia/Singapore
    wireguard_mask_bits: 24
    wireguard_port: [REDACTED]
 # ----------------------------------------------------------------------------------------------------
 cloudcompute:
  hosts:
    vultr:
      ansible_host: [REDACTED]
      wireguard_ip: 10.123.0.5
  vars:
    ansible_ssh_private_key_file: [REDACTED]
    ansible_user: [REDACTED]
    ansible_ssh_port: [REDACTED]
    pipelining: true
    ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
    ansible_python_interpreter: /usr/bin/python3
    TZ: Asia/Singapore
    wireguard_mask_bits: 24
    wireguard_port: [REDACTED]
--- a/vars/secrets.example.yml
+++ b/vars/secrets.example.yml
@ -0,0 +1,9 @@
 user:
 ssh_port:
 docker_dir:
 oracle_ipv4_cidr_block:
 wireguard_mesh_subnet:
 wireguard_mesh_control_host:
 wireguard_port: