sysadmin system administration


Ansible tips and notes.

Updating Linux

1 sudo apt upgrade && dist-upgrade && autoremove && autoclean

On client

1 sudo apt update && sudo apt install ansible -t
2 git clone
3 cd heimdall

to launch:

1 ansible-playbook -i inventory.ini site.yml

ad-hoc command

1 ansible  -i inventory.ini webservers -m ansible.builtin.file -a "dest=/etc/nginx/sites-available/ mode=600 owner=www-data group=www-data"  --become

On server

1 sudo adduser deploy
2 sudo groupadd wheel
3 sudo usermod -aG sudo deploy
4 sudo usermod -aG wheel deploy

Then sudo visudo, add %wheel ALL=(ALL) NOPASSWD: ALL

And edit /etc/shadow to add/edit deploy:!!:[...] for no password

make sure to add user to AllowUsers in sshd_config.


1 sudo service ssh reload

Add ssh key:

1 ssh-copy-id -p 34422 -i $HOME/.ssh/

(unecessary?) then:

1 sudo setfacl -R -m u:deploy:rwx /var/www/