Production-ready Ansible playbooks and roles for server provisioning, configuration management, and automation. Built from real-world experience managing 50+ nodes.
- Server hardening and security baseline
- Docker and Kubernetes installation
- Prometheus node exporter and monitoring setup
- SSH key management and access controls
- Automated package updates and patching
- Idempotent and well-tested roles
| Role | Description |
|---|---|
| common | Base packages, users, timezone, NTP |
| security | SSH hardening, firewall, fail2ban |
| docker | Docker CE installation and configuration |
| kubernetes | K3s/kubeadm installation |
| monitoring | Node exporter, promtail setup |
# Install dependencies
ansible-galaxy install -r requirements.yml
# Test connectivity
ansible all -i inventory/hosts.yml -m ping
# Run full provisioning
ansible-playbook -i inventory/hosts.yml playbooks/site.yml
# Run specific role
ansible-playbook -i inventory/hosts.yml playbooks/site.yml --tags security├── ansible.cfg # Ansible configuration
├── inventory/
│ └── hosts.yml # Inventory file
├── group_vars/
│ └── all.yml # Global variables
├── playbooks/
│ ├── site.yml # Main playbook
│ ├── security.yml # Security hardening
│ └── docker.yml # Docker setup
└── roles/
├── common/ # Base configuration
├── security/ # Security hardening
├── docker/ # Docker installation
├── kubernetes/ # K8s setup
└── monitoring/ # Monitoring agents
# Syntax check
ansible-playbook playbooks/site.yml --syntax-check
# Dry run
ansible-playbook -i inventory/hosts.yml playbooks/site.yml --check
# Run on localhost
ansible-playbook -i "localhost," -c local playbooks/site.ymlAshwath Abraham Stephen Senior DevOps Engineer | LinkedIn | GitHub
MIT License - see LICENSE for details.