Skip to content
This repository has been archived by the owner on Feb 5, 2022. It is now read-only.

Latest commit

 

History

History
77 lines (52 loc) · 1.67 KB

README.md

File metadata and controls

77 lines (52 loc) · 1.67 KB

Digital Ocean Bootstrap

Bootstrap Digital Ocean droplets using Ansible to:

  • Configure SSH key
  • Launch a droplet
  • Configure DNS domain
  • Destroy droplet

Inspired by hostmaster/ansible-digitalocean-bootstrap.

Installation

  • Install Ansible 2.0

  • Make sure your python path is configured correctly. For example:

    # On Ubuntu
    export PYTHONPATH=/usr/local/lib/python2.7/site-packages
    # On OS X
    export PYTHONPATH=/Library/Python/2.7/site-packages
  • Copy vars.yml.dist to vars.yml and change the variables to your need.

Digital Ocean configuration

Create a new API key on the API access page. Add the api_token to vars.yml.

Playbooks

launch.yml

Launch and provision a new server on Digital Ocean.

    ansible-playbook -i hosts launch.yml

What this Playbook do for you?

  • configure swap file
  • install ufw, fail2ban
  • configure ufw allow ports for SSH
  • make sshd more secure:
    • PermitRootLogin=no
    • PasswordAuthentication=no
    • AllowGroups=sudo
  • config sudoers

destroy.yml

Destroys a server on Digital Ocean.

    ansible-playbook -i hosts destroy.yml

Known issues

  • dopy 0.3.7 is broken (error "name 'DoError' is not defined"). Downgrade use version 0.3.5 using pip install dopy==0.3.5.

  • digital_ocean_domain is broken (error "'Domain' object has no attribute 'id'") when you run the plabook the second time. Keep the "DNS name" empty to avoid this error.