Use the straightforward instructions in this article to install DigitalOcean using Ansible. We can solve your DigitalOcean issues at Skynats with the help of our DigitalOcean Managed Services.
How to Install DigitalOcean using Ansible
To automate the procedures for setting up a DigitalOcean server, we will use an Ansible playbook. Aptitude, which Ansible uses in place of the apt package manager, and system packages will be installed using this playbook. The administrative group wheels will be created, and sudo without a password will be configured. Also, create a brand-new sudo user.
The authorized keys file on the remote host also receives the addition of a local SSH public key for the new administrative user by the playbook. The execution of this playbook disables password-based authentication for the root user. Additionally, it configured the UFW firewall to accept only SSH connections and reject all other types of traffic.
Operating Ansible Playbook
1. The initial server setup playbook and all of its dependencies must be obtained from the Ansible Playbooks do-community repository. There will be a duplicate of this repository in the local folder of the Ansible control node. The repository must be cloned using the controller node if this is our first time doing it:
cd ~
git clone https://github.com/do-community/ansible-playbooks.git
cd ansible-playbooks
2. If we have already cloned this repository, we need to go to the ansible-playbooks, copy it, and use the git pull command to ensure that we have the most recent contents:
cd ~/ansible-playbooks
git pull
3. We want the files inside the setup_ubuntu1804
folder.
setup_ubuntu1804
├── playbook.yml
└── vars
└── default.yml
4. Presently we’ve to adjust the playbook’s variable document to tweak its qualities. So open the vars/default.yml
file by going to setup_ubuntu1804
folder.
cd setup_ubuntu1804
nano vars/default.yml
5. After we open the vars/default.yml file, to make customization easier, we need to be aware of specific fields. It includes:
create_user: the new sudo user’s name.
copy_local_key: The location of a local SSH public key file that must be transferred to a remote server and added as the new sudo user’s authorized key. The default value uses the lookup plugin to obtain the complete path to the default public key for the current system user at the Ansible control node.
sys_packages: An array containing a list of the packages that should be installed on the hosts as part of the initial server configuration.
6. Save the file after you’ve made your changes, then quit it.
7. We can now use the servers to run this playbook. Use the code below to execute this playbook on server X while logged in as root:
ansible-playbook playbook.yml -l serverX -u root
8. We can use the code listed below to log into the server once the playbook has finished running:
ssh skynats@server_host_or_IP
9. If we have changed the copy local key variable to point to a custom SSH key, then when connecting over SSH as the new user, we must supply an additional parameter describing the location of its private key counterpart. E.g.
ssh skynats@server_host_or_IP -i ~/.ssh/ansible_controller_key
10. After logging in to the server, we can check the UFW firewall’s active rules to make sure it is configured properly:
sudo ufw status
Output
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Conclusion
In this article, our technical team shared a 10-step process for using Ansible Playbooks to automate server deployment on the DigitalOcean platform.