This role bootstraps Debian server:
- Configure APT (sources.list)
- Install minimal packages (vim, htop...)
- Install Intel/AMD microcode if needed
- Install and configure Local DNS with Unbound. Feature in beta-test!
- Install and configure OpenNTPd
- Add user with SSH key, sudoers
- Deploy bashrc, vimrc for root
- Update few alternatives
- Configure system: hostname, timezone and locale
- Purge, delete and avoid systemd if wanted
- Sysctl tuning
This role needs sudo
package already installed.
Theses variables define hostname to configure APT (normal repo and backports):
dbs_debian_backport_host
dbs_apt_default_host
dbs_apt_use_src
: install "deb-src" repositories (default: false)dbs_apt_components
: components uses in sources.list (default: "main contrib non-free")
dbs_set_hostname
: if true, change hostnamedbs_set_locale
: if true, configure localesdbs_set_timezone
: if true, set timezonedbs_set_ntp
: if true, install and configure OpenNTPd
dbs_hostname
: system hostnamedbs_default_locale
: default system localedbs_locales
: list of installed localesdbs_timezone
: system timezonedbs_sysctl_config: list of kernel parameters, see
: [default/main.yml]dbs_use_systemd
: delete systemd if set to false (persistent)dbs_use_unbound
: configure Local DNS and manage network (default is false)dbs_use_dotfiles
: overwrite root dotfiles (bashrc, screenrc, vimrc)
dbs_alternative_editor
dbs_alternative_awk
dbs_ntp_host
: hostname of NTP server. Don't prepend with "0.", "1."...
dbs_users
: list of user
Each row have few keys:
name
: username on systemshell
: default is /bin/bashsudo
: boolean (true = can sudo)ssh_keys
: list of ssh public keys
dbs_packages
: list of packages to installdbs_hostname_files
: list of file where we should substitute bad hostnamedbs_microcode_apt_distribution
: location of package to install microcodedbs_distro_packages
: list specific package to install (related to debian version)
- Manage syslog daemons: rsyslog, syslog-ng...
- Support Devuan
- DNS management: pdns-recursor, resolv.conf...
- IP management
None.
- hosts: servers
roles:
- { role: HanXHX.debian_bootstrap }
Due to Docker limitations, we can't check:
- removing systemd
- setting hostname
- setting locales
- configure ubound
- configure sysctl
GPLv2
- You can find many other roles in my GitHub "lab": https://github.com/HanXHX/my-ansible-playbooks
- All issues, pull-request are welcome :)