Phil 7fdb52e91b add comprehensive documentation for all Ansible roles

- Add main README with infrastructure overview and usage instructions
- Document bootstrap role for server initialization and security hardening
- Document common role for shared server configuration
- Document cron role for scheduled tasks and automation
- Document docker role with detailed service descriptions and deployment patterns
- Include MMDL service documentation with setup requirements
- Add troubleshooting guides and security considerations

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-06-06 10:51:39 -06:00

1.2 KiB

Raw Blame History

Bootstrap Role

Purpose

Performs initial server setup and hardening for new Ubuntu/Debian servers.

What It Does

User Management

Creates a new user account with sudo privileges (specified by created_username variable)
Configures passwordless sudo for the sudo group
Sets up SSH key authentication using your local ~/.ssh/id_ed25519.pub key
Disables root password authentication

System Packages

Installs aptitude for better package management
Installs essential packages:
- curl - HTTP client
- vim - Text editor
- git - Version control
- ufw - Uncomplicated Firewall

Security Configuration

Configures UFW firewall to:
- Allow SSH connections
- Enable firewall with default deny policy
Hardens SSH configuration

Variables Required

created_username: The username to create (typically set in bootstrap.yml)
tailscale_key: Tailscale authentication key (prompted during playbook run)

Dependencies

Requires the artis3n.tailscale role for VPN setup
Requires your SSH public key at ~/.ssh/id_ed25519.pub

Usage

ansible-playbook bootstrap.yml -i hosts.yml

This role is designed to be run once on a fresh server before deploying other services.

1.2 KiB Raw Blame History

Bootstrap Role

Purpose

What It Does

User Management

System Packages

Security Configuration

Variables Required

Dependencies

Usage

1.2 KiB

Raw Blame History