basic:start

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Prochaine révision 		Révision précédente
basic:start [12/02/2021 15:32]
dani créée 		— (Version actuelle)
Ligne 1: Ligne 1:
-====== Initial configuration ====== 
  
-===== Clone our ansible-roles repo ===== 
- 
-<code bash> 
-git clone https://git.fws.fr/fws/ansible-roles.git 
-cd ansible-roles 
-</code> 
- 
-===== Create the configuration directories ===== 
- 
-Those directories will holds configurations of your hosts, groups etc. 
- 
-<code bash> 
-# This dir will contain your hosts inventories 
-mkdir inventories 
-# This one will contain vars for individual hosts 
-mkdir host_vars 
-# This one will contain vars for group of hosts 
-mkdir group_vars 
-# Will contain SSH related stuff 
-mkdir ssh 
-</code> 
- 
-===== Create an SSH key pair ===== 
- 
-The public key will have to be configured on the hosts you want to manage 
- 
-<code bash> 
-ssh-keygen -t rsa -b 4096 -f ssh/id_rsa 
-</code> 
-<note important>It's advised to protect the private key with a password</note> 
- 
-===== Create your inventory file ===== 
-This inventory will contains all the hosts you manage with ansible. You can have several inventories (eg, one per client). For example **inventories/fws.ini**. Here I create a single group of hosts named fws. And a single host **proxyin.fws.fr** 
- 
-<code ini> 
-[fws] 
-proxyin.fws.fr 
-</code> 
- 
-===== Setup the host to be managed ===== 
-On the machine proxyin.fws.fr, we have to configure a few things : 
-  * Create a user named ansible 
-  * Grant ansible full access to the system with sudo 
-  * Configure the public SSH key on this ansible user account 
- 
-<code bash> 
-useradd -m ansible 
-mkdir ~ansible/.ssh 
-cat <<_EOF > ~ansible/.ssh/authorized_keys 
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCj9d6jDy0m7xtqGfR0ywyXnq0lRfqqP0TzBhvCI4rcrJaDSLyA5/mnme0TLfy6YsOUZq2bl/9ZMr4mq4Yw23CGDDha4XR2SUWuKzzkCvvGvDwy0qXUhwsT2tafknCPFDv91bAL5DvWae/Bv/jwhVc/116ICYJOBnxljkD2M6xbnJE92uCkgzSvthuWwBZsT5Oh/ofxHWhpcRISZeWZ70l1/U6jr7nJeBDX8p+uLKpBb+VNywtTmgnFbrS1HSc9MWkWNV7GrrZgXS5DumdKm5uX7IkSKsPNWtKHdC4M7OskqIjK9Fdp1mvI2fOaeJ4/20u45ojaltKy+4Xu7XxqZR3/FCugrlBujyXPRQZQUiYBAqjaWL6KRNxXEBNB8Om2n8+rRv4jKZ6VVbXi+8yJ5Iqp8HWlUNAUfOzBT3O5cV1UUAEke5INJnmiuojsHk9MhWoqwQ71FmcvYTpAAPtT+SdmF2nK1jrC7Nea4ODdFksN799zg4Kfyb8Vuv/F+nL/5wKwmwI5B5NmoCtrt4ZY8PMn/J/tT4cjkSjhQZjbN4KcCFSjf5vKPE70/iUQWB3C9dqz0+bmqx0Q+zTMHkEGHIgVE/jl02CvoXPnCoEd8rVG08Koqh4TDLnr6trEHueKE3FCXK1b3pIjpbzQ6Ytg4Pq4NkbMMOQAlYN0AR7i+rvngQ== ansible@firewall-services.com 
-_EOF 
-chown -R ansible:ansible ~ansible/.ssh/ 
-chmod 700 ~ansible/.ssh/ 
-chmod 600 ~ansible/.ssh/authorized_keys 
-cat <<_EOF > /etc/sudoers.d/ansible 
-Defaults:ansible !requiretty 
-ansible ALL=(ALL) NOPASSWD: ALL 
-_EOF 
-chmod 600 /etc/sudoers.d/ansible 
-</code> 
- 
-<note important>Of course, adapt this to your own public SSH key !</note> 
  • basic/start.1613140373.txt.gz
  • Dernière modification: 12/02/2021 15:32
  • de dani