Ansible Rollout Playbooks
This repository contains a collection of Ansible playbooks and roles for setting up my base Debian systems.
Requirements
Some playbooks require roles from Ansible Galaxy:
ansible-galaxy install -r requirements.yml
Roles
- base_setup - Role to set up a base system
- Installs basic packages
- Sets time zone
- Sets up authorized key for user
- Creates user with or without password
- system_update - Role to update the system
- tor - Role to install Tor
- offsec_scanning - Role to install scanning tools
Playbooks
- playbooks/setup_base_system.yml - Sets up the base system
- Can generate passwords with the
generate_user_passwordvariable - Passwords will be placed in a file called
generated_passwords.txt
- Can generate passwords with the
- playbooks/update_systems.yml - Updates the systems
- playbooks/install_tor.yml - Installs Tor for all hosts in the
tor_systemsgroup - playbooks/setup_scanner.yml - Installs scanning tools on all hosts in the
scannersgroup.
Testing
If you would like to test out the plays before using them on your live systems, this repository includes a Vagrantfile, Ansible test configuration, and a test inventory.
To test the plays, run the following commands:
vagrant up
ANSIBLE_CONFIG=test_ansible.cfg ansible-playbook playbooks/setup_base_system.yml -e "generate_user_password=yes"
ANSIBLE_CONFIG=test_ansible.cfg ansible-playbook playbooks/update_systems.yml
ANSIBLE_CONFIG=test_ansible.cfg ansible-playbook playbooks/install_tor.yml
This will set up the base system with passwords generated for the user, update the systems,
and install Tor on the tor_systems group.