Ansible configuration for the S1 server based on Proxmox
-
Ansible instsalled on the managing host (from where ansible is launched)
# Homebrew on MacOS $ brew install ansible # Or through pip $ pip install ansible
-
SSH open on destination host (which is configured)
# Check that sshd is running $ ps aux | grep ssh root 1608 0.0 0.0 13360 7724 ? Ss 19:51 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups root 13326 0.0 0.0 6244 712 pts/1 S+ 21:10 0:00 grep ssh
SSH daemon config and port must be properly set up
Port 3322 AddressFamily inet ListenAddress xxx.xxx.xxx.xxx PermitRootLogin noIf changed, restart the service
$ systemctl restart ssh
Check the port is properly open and ssh daemon listens for connections
$ ss -an | grep 3322 tcp LISTEN 0 128 xxx.xxx.xxx.xxx:3322 0.0.0.0:*
-
SSH user configured
On managing host:
# Generate a key on managing host with password $ ssh-keygen -t rsa -b 2048 -C "" -f ~/.ssh/ansible-s1-alpsee # Copy the public part of that key to server $ cat ~/.ssh/ansible-s1-alpsee.pub
On destination host:
# Add ansible user with password on destination host $ adduser ansible # Add this user to sudo group $ usermod -aG sudo ansible $ su ansible # Paste the public part to the keys file on the destination host $ su ansible $ mkdir ~/.ssh && chmod 0700 ~/.ssh $ vim ~/.ssh/authorized_keys && chmod 0600 ~/.ssh/authorized_keys
-
Test SSH connection from the managing host to the destination host
# Replace the IP below with the actual IPv4 address of the destination host ssh -i ~/.ssh/ansible-s1-alpsee ansible@xxx.xxx.xxx.xxx