This role installs and configures OVH Cloud's the Bastion secured jump host server. The ovhbastion role is based on the official Bastion installation instructions. Please visit the official Bastion documentation for more information.
Once you run this role, click here to view the next steps in configuring the Bastion.
- Debian 8+
- Ubuntu 18+
- CentOS 8
ssh_key: string with public ssh key for access to initial admin account
bastion_name: string with name of bastion host. the system's actual hostname is not recommended
bastion_create_admin: toggle creation of the superadmin account
bastion_superadmin_uname: string with username for the bastion superadmin (if enabled)
bastion_initial_users: list of users to create after bastion setup
bastion_initial_groups: list of groups to create after bastion setup
See defaults/main.yml for optional variables that can be set.
| attribute | type | description | required |
|---|---|---|---|
| name | string | name of the user to create | true |
| public_key | string | SSH ingress key for the bastion user. The key must be generated as either:
|
true |
| hosts | list(string) | List of DNS records/IP addresses to grant initial access to | false |
| groups | list(string) | List of groups the new user should belong to (currently disabled) | false |
| attribute | type | description | required |
|---|---|---|---|
| name | string | Group name | true |
| owner | string | Username of the group owner | true |
| hosts | list(string) | List of DNS records/IP addresses to grant initial access to | false |
$ ansible-galaxy install adamsbytes.ovhbastion- hosts: all
become: yes
gather_facts: yes
roles:
- role: adamsbytes.ovhbastion
vars:
ssh_key: "YOUR_PUBLIC_SSH_KEY_HERE"GPLv3