Digial Ocean Ansible Base

Visit site

Creates a Digital Ocean droplet image with basic configuration and common dependencies using Ansible

Resulting Image Configuration

Installed packages and services

  • apt-transport-https
  • ca-certificates
  • ntp
  • iptables-persistent
  • dnsmasq
  • dopy
  • python-digitalocean
  • supervisor
  • unzip
  • dopy (fork that supports getting droplets by tag)

Created user, “droplet-user”

  • member of sudo users
  • specified key added to authorized keys

Other System Configurations

  • Configure supervsiord to start on boot
  • Add iptables rules to only allow SSH, established, and loopback connections
  • Configure dnsmasq for contional forwarding for a private domain (see Private DNS Zone on Github README for details)
  • Disable remote root login
  • Add the API token to /etc/do/api_token.yml

by: Matthew TiemanDecember 26, 2016Visit site

Was this helpful?
 

Publish your Tool on Community

Have you created an Integration, API Wrapper, Service, or other Tool that helps developers build on DigitalOcean? Help users find it by listing it in Community Tools.

Submit tool