After creating a new VPS Ubuntu instance, one of the first things I do is lock down
root access and create an administrator account.
I was using Fabric to push out these modifications. Recently, however, I decided to switch to Ansible instead.
Here are the tasks this playbook needs to perform:
- Create administrator user account.
- Add administrator account to
- Add public keys from GitHub to authorized keys.
- Add firewall with SSH hole
- Secure SSH:
- Disable password auth
This is the resulting playbook:
An example of a playbook run:
I kept this to the absolute minimuim required to lock down the root account and create an administrator account. Everything else I do with a more comprehensive playbook.
Tested successfully on Ubuntu 14.04 and 15.10 with Ansible 1.9.4.