When I order a new server from a hosting provider which doesn't have images like AMIs or user-created Images, I generally get a minimal OS installation and a root user account.
The first thing I need to do on the server, before I can start securely configuring the server from an admin user account, and deploying an app to that server, is to *create* the admin user account with which I'll do the rest of the work, and then disable password-based login and root SSH access. Currently, I have two separate playbooks to accomplish these two separate tasks (first setting up the server/security minimally, second configuring the server and deploying an app). Are there any better ways of doing this? Basically, I'd like to have a way of saying "if this is a new server/my admin user can't connect, first run this set of plays as the root user, then continue on as the normal remote_user". Using Digital Ocean or AWS makes this a bit easier, as I can use Packer and create an initial image that already has the minimal base configuration... but I manage a lot of hosts from a lot of providers, and usually don't have a way to manage fresh images. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ae22b634-63ea-4335-8577-1f75c8f5aaa4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
