Post Installation steps on Ubuntu using Ansible

Ansible is a configuration management and provisioning tool, similar to Chef, Puppet or Salt. It’s one of the simplest and the easiest to get started with because it’s “just SSH”; It uses SSH to connect to servers and run the configured Tasks.

Ansible Introduction – Please must read this really good and detail Ansible Introduction

Here are the steps to install the Ansible on Ubuntu 14.04 LTS:

sudo apt-add-repository -y ppa:ansible/ansible
sudo apt-get update
sudo apt-get install -y ansible

Then download this Repository from the GitHub.

git clone

Note: If git is not installed then you can simply download the zip file.

With this role you can prepare your machine to do the following tasks:

  1. Install the minimum essential packages ( build-essential, python-software-properties, git)
  2. Setting Hostname
  3. Add the additional sudo user and it’s ssh key with passwordless sudo option
  4. Enable the Multiverse repository
  5. OpenNTPD Installation
  6. Timezone Configuration
  7. VIM-nox Installation
  8. SSMTP Installation and Configuration with Gmail for Sending System Alerts
  9. Automatic Security Updates Installation
  10. Disable the Default UFW
  11. Fail2Ban Installation and Configuration

To use this role, edit the site.yml file and mentioned this role:

vi site.yml
 - hosts: server
   sudo: True
   gather_facts: True
      - common

After that, edit the hosts file and enter the ip of your remote server, on which you want to perform all these tasks:

vi hosts

In my case, it is


After this, edit the encrypted common/vars/main.yml file with this command:

ansible-vault edit common/vars/main.yml

Note: Default vault password is tendo

Change these values as per your requirement. Don’t forget to change the with your public key file inside the common/files directory.

 # Username & Password that we want to create on the Linux Server
 username: arbab
 password: $6$ZdqWXxLVpGlBeFlTIDWIRMfkhzuB6KxzXXtJ8jAbBmvqweeHnvViAyx6F/FfZ81
 # Mentioned your GMAIL ID and Password Here
 gmail_password: tendo123
 # Fail2Ban will send the Alerts on this Email
 # Hostname Settings
 default_ip: #ip address of the server either public or private
 hostname: tendo #hostname of the Linux Server
 domain: #Domain name that will be used in fqdn
 fqdn: "{{ hostname }}.{{ domain }}" #FQDN that will be used in hosts file
 # Timezone Setting
 timezone: "Asia/Karachi"

Note that the password for the user is also hashed. To generate the crypted passwords for the user module, use the following command(s):

# The whois package makes the mkpasswd command available on Ubuntu

sudo apt-get install -y whois

# Create a password hash

mkpasswd --method=SHA-512

#This will generate a hashed password for you to use with the user module.

Then run this command and I am supposing that you are connecting to your remote server using ssh key, if you are not using ssh key then add the -k flag:

ansible-playbook --ask-vault-pass -i hosts -u arbab site.yml

ansibleNote: Please don’t forget to change arbab with your username and default vault password, which is ‘tendo

After successful completion of these tasks, it will show you the summary, something like this:

resultEnjoy :-)

Hope this will help you!

Please Remember me in your prayers!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: