42 lines
1.3 KiB
Markdown
42 lines
1.3 KiB
Markdown
# Ansible playbook to set up VPSs
|
|
|
|
An Ansible playbook to set up VPSs (for Opnxng). It applies to Debian-based servers in any architecture.
|
|
|
|
## Before running
|
|
|
|
To install Debian on Oracle Cloud, refer to [this documentation](ORACLECLOUD.md).
|
|
|
|
On a fresh Debian system, replace the default `debian` user:
|
|
|
|
```
|
|
# Give root account a password
|
|
sudo passwd root
|
|
|
|
# Configurate SSHD to temporarily allow root login with password
|
|
sudo nano /etc/ssh/sshd_config.d/sshd.conf
|
|
|
|
# Login as root, add new user and delete debian user
|
|
su root
|
|
sudo groupmod -n [user] debian
|
|
sudo usermod -l [user] debian
|
|
sudo usermod -d /home/[user] -m [user]
|
|
sudo passwd [user]
|
|
sudo userdel debian
|
|
sudo rm -r /home/debian
|
|
|
|
# Switched [user]
|
|
su [user]
|
|
sudo passwd -dl root
|
|
|
|
# Configurate SSHD again to allow [user] login and to set a custom port
|
|
sudo nano /etc/ssh/sshd_config.d/sshd.conf
|
|
```
|
|
|
|
## Configurations
|
|
|
|
You can modify the [packages to be installed](set-up.yml) and the [UFW rules](roles/ufw/tasks/main.yml).
|
|
|
|
Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yml](vars/secrets.example.yml).
|
|
|
|
## Contact
|
|
Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it. |