Canonical Source: https://git.sr.ht/~xyhhx/ansible-kicksecure-docker-host
Use these playbooks to configure a Debian server to be distro-morphed to Kicksecure, hardened a bit more, and configured to run Docker.
This playbook was tested using OVH servers with an SSH key preinstalled (on the debian user instead of root)
You need a Linux (or Unix) system with only a few things preinstalled:
-
I generate a random word for my privileged user's username (security through obscurity bla bla bla)
-
I generate an Ed25519 SSH key
-
Set up the environment vars like so:
cp .env.example .env # Fill out the env vars $EDITOR .env
-
Finally, install the required Ansible Galaxy collections
make install-requirements
Just run the following commands and it should just set everything up for ya
make a setup-user
make up