opnxng
/
vps-set-up-playbook
mirror of https://git.opnxng.com/opnxng/vps-set-up-playbook.git
1
0
Fork 0
Code
vps-set-up-playbook/README.md

1.4 KiB
Raw Permalink Blame History

Ansible playbook for setting up VPSs

An Ansible playbook for setting up VPSs (for Opnxng). It works for Debian-based servers in any architecture.

Before running

To install Debian on Oracle Cloud, refer to this documentation.

On a fresh Debian system, replace the default debian user:

# Give root account a password
sudo passwd root

# Configurate SSHD to temporarily allow root login with password
sudo nano /etc/ssh/sshd_config
sudo systemctl restart sshd
cp /home/debian/.ssh/authorized_keys /root/.ssh/authorized_keys

# Login as root, add new user and delete debian user
su root
sudo groupmod -n [user] debian
sudo usermod -l [user] debian
sudo usermod -d /home/[user] -m [user]
sudo passwd [user]
cp /root/.ssh/authorized_keys /home/[user]/.ssh/authorized_keys 

# SSH to [user]
sudo rm /root/.ssh/authorized_keys
sudo passwd -dl root

# Disable root in SSHD
sudo nano /etc/ssh/sshd_config

Configurations

You can modify the packages to be installed and the UFW rules.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.