guillaumebriday/kamal-ansible-manager
Manage and optimize your servers automatically for Kamal with Ansible
Kamal Ansible Manager
This is an Ansible playbook to automatically optimize and secure your servers for Kamal, for Ubuntu only.
Here's a quick video walkthrough of how this repo works:
What's inside?
It will automatically update your packages and configure these packages to secure your server(s):
The playbook also:
- Remove Snap.
- Disable ssh password login.
- Configure
swapusing geerlingguy/ansible-role-swap.
Getting Started
Clone the repo:
$ git clone git@github.com:guillaumebriday/kamal-ansible-manager.git
$ cd kamal-ansible-managerCopy the inventory example file:
$ cp hosts.ini.example hosts.iniUpdate the <host1> with your server's IP address (you can have multiple servers):
$ vim hosts.iniInstall the requirements:
$ ansible-galaxy install -r requirements.ymlConfiguring vars
Variables can be configured in the playbook.yml file.
Also, you can override default variables provided in geerlingguy/ansible-role-swap to adjust the swap settings.
For instance:
vars:
security_autoupdate_reboot: "true"
security_autoupdate_reboot_time: "03:00"
swap_file_size_mb: '1024'Running the playbook
Run the playbook:
$ ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i hosts.ini playbook.ymlProvisioning Servers with Scaleway (Optional)
If you want to automatically create new compute instances on Scaleway, you can use the community.general.scaleway_compute module. Follow these steps:
Copy the example variables file and adjust the variables as needed:
$ cp roles/scaleway/vars/main.yml.example roles/scaleway/vars/main.ymlRun the playbook:
$ ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook scaleway.ymlThen, it will continue the provisioning process on the newly created servers.
Contributing
Do not hesitate to contribute to the project by adapting or adding features ! Bug reports or pull requests are welcome.
License
This project is released under the MIT license.