An ansible playbook to set up a GNU/Linux server. Services in docker. Security by default.
The goal is to have a server for a community or personal use that's easy to maintain, secure and easy (and fast) to rebuild from scratch in case of data loss or a migration.
The idea came from a great FLOSS project, sovereign, specially from sovereign 2 issue.
What you'll get with this repo is a recipe based in variables that will setup a working server for your specific needs. You'll have the data stored only in one or two directories depending on your choices, see backup. The docker containers will upgrade themselves automatically every time their service restarts (you can do this periodically or it'll happen anyways when you reboot).
Apart from this, it's easy to extend and doesn't prevent you from using other playbooks apart from this one or installing things manually.
These are the tested GNU/Linux distributions. Maybe it works on some other distributions too or just requires a few changes.
- debian
- buster
 
sudo and python.
Included as submodules in roles/.
- iptables_raw
- anarres_common
- anarres_sec
- letsencrypt-request
- anarres_nginx
- generic_docker_systemd
- add_nginx_proxy_conf
Their data and configuration files will be stored in your hosts data_path
directory, by default /data.
Check the full list at Supported services list - Anarres documentation.
For more info about each service and how to set it up, refer to the documentation.
Refer to Setup - Anarres documentation.
Make sure to backup your data_path (by default /data).
GPLv3
- m0wer: m0wer (at) autistici (dot) org
- acien101: amil101ftw (at) gmail (dot) com