My personal collection of Ansible playbooks primarily for use in my Homelab.
Currently, all managed nodes are running either Proxmox CE 9.2.3 or Debian 13.5 so all of the playbooks in this repository are written exlusively for Debian-derived distros.
-
Hosts should be added to the
hosts.ymlinventory file in order for ansible to know how to reach it, establish groups, and know which subsequent plays to run. -
Manually SSH into the root account of the host at least once to accept the host key.
-
If step 2 required a password rather than utilizing SSH keys, edit
/etc/ssh/sshd_configand change the following lines:
PermitRootLogin notoPermitRootLogin no-passwordPasswordAuthentication yestoPasswordAuthentication no, then restart the ssh service by runningsystemctl restart sshd
-
Hosts need to have an authorized SSH key for the root account before running the
bootstrap.ymlplaybook. If creating a VM or container via Proxmox, this should be handled automatically. Alternatively, run the commandssh-copy-id <host> path/to/public_auth_key -
Run
ansible-playbook <host(s)> bootstrap.yml; which connects as the root account, establishes an ansible user/group, enables sudoers access, and adds a public SSH key for that user so that all future plays run as the ansible user rather than root. -
Once the
bootstrap.ymlplay runs successfully, the host should be properly configured for all future runs of the primary playbook in this repository.
Every managed node runs these plays; first 5 minute security, util packages, etc
Nodes running Proxmox CE bare-metal
Any Debian install (LXC/QEMU VM/Physical)
Hosts with Docker installed and a controlled list of running services that are managed entirely by this ansible playbook.