admin/freealberta
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
freealberta/mkdocs/site/adv/ansible/index.html
admin de3b349e60 documentation updates
2025-07-08 09:18:14 -06:00

2866 lines
110 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="Build Power. Not Rent It. Own your digital infrastructure.">
<meta name="author" content="Bunker Operations">
<link rel="canonical" href="https://cmlite.org/adv/ansible/">
<link rel="prev" href="../">
<link rel="next" href="../vscode-ssh/">
<link rel="icon" href="../../assets/favicon.png">
<meta name="generator" content="mkdocs-1.6.1, mkdocs-material-9.6.15">
<title>SSH + Tailscale + Ansible - Changemaker Lite</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.342714a4.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Inter:300,300i,400,400i,700,700i%7CJetBrains+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Inter";--md-code-font:"JetBrains Mono"}</style>
<link rel="stylesheet" href="../../stylesheets/extra.css">
<link rel="stylesheet" href="../../stylesheets/home.css">
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
<meta property="og:type" content="website" >
<meta property="og:title" content="SSH + Tailscale + Ansible - Changemaker Lite" >
<meta property="og:description" content="Build Power. Not Rent It. Own your digital infrastructure." >
<meta property="og:image" content="https://cmlite.org/assets/images/social/adv/ansible.png" >
<meta property="og:image:type" content="image/png" >
<meta property="og:image:width" content="1200" >
<meta property="og:image:height" content="630" >
<meta property="og:url" content="https://cmlite.org/adv/ansible/" >
<meta name="twitter:card" content="summary_large_image" >
<meta name="twitter:title" content="SSH + Tailscale + Ansible - Changemaker Lite" >
<meta name="twitter:description" content="Build Power. Not Rent It. Own your digital infrastructure." >
<meta name="twitter:image" content="https://cmlite.org/assets/images/social/adv/ansible.png" >
<!-- Custom meta tags or head content can go here -->
</head>
<body dir="ltr" data-md-color-scheme="slate" data-md-color-primary="deep-purple" data-md-color-accent="amber">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#setting-up-ansible-with-tailscale-for-remote-server-management" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
<aside class="md-banner">
<div class="md-banner__inner md-grid md-typeset">
<button class="md-banner__button md-icon" aria-label="Don't show this again">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12z"/></svg>
</button>
<a href="https://homepage.cmlite.org" class="login-button">Login</a>
Changemaker Archive. <a href="https://docs.bnkops.com">Learn more</a>
</div>
<script>var el=document.querySelector("[data-md-component=announce]");if(el){var content=el.querySelector(".md-typeset");__md_hash(content.innerHTML)===__md_get("__announce")&&(el.hidden=!0)}</script>
</aside>
</div>
<header class="md-header md-header--shadow md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="Changemaker Lite" class="md-header__button md-logo" aria-label="Changemaker Lite" data-md-component="logo">
<img src="../../assets/logo.png" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3zm0 5h18v2H3zm0 5h18v2H3z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Changemaker Lite
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
SSH + Tailscale + Ansible
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="" data-md-color-scheme="slate" data-md-color-primary="deep-purple" data-md-color-accent="amber" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_0">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3zm3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95zm-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31"/></svg>
</label>
<input class="md-option" data-md-color-media="" data-md-color-scheme="default" data-md-color-primary="deep-purple" data-md-color-accent="amber" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_0" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5s-1.65.15-2.39.42zM3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29zm.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14zM20.65 7l-1.77 3.79a7.02 7.02 0 0 0-2.38-4.15zm-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29zM12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44z"/></svg>
</label>
</form>
<script>var palette=__md_get("__palette");if(palette&&palette.color){if("(prefers-color-scheme)"===palette.color.media){var media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']");palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent")}for(var[key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<a href="javascript:void(0)" class="md-search__icon md-icon" title="Share" aria-label="Share" data-clipboard data-clipboard-text="" data-md-component="search-share" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M18 16.08c-.76 0-1.44.3-1.96.77L8.91 12.7c.05-.23.09-.46.09-.7s-.04-.47-.09-.7l7.05-4.11c.54.5 1.25.81 2.04.81a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3c0 .24.04.47.09.7L8.04 9.81C7.5 9.31 6.79 9 6 9a3 3 0 0 0-3 3 3 3 0 0 0 3 3c.79 0 1.5-.31 2.04-.81l7.12 4.15c-.05.21-.08.43-.08.66 0 1.61 1.31 2.91 2.92 2.91s2.92-1.3 2.92-2.91A2.92 2.92 0 0 0 18 16.08"/></svg>
</a>
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12z"/></svg>
</button>
</nav>
<div class="md-search__suggest" data-md-component="search-suggest"></div>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" tabindex="0" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://gitea.bnkops.com/admin/changemaker.lite" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81"/></svg>
</div>
<div class="md-source__repository">
changemaker.lite
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../.." class="md-tabs__link">
Home
</a>
</li>
<li class="md-tabs__item">
<a href="../../phil/" class="md-tabs__link">
Philosophy
</a>
</li>
<li class="md-tabs__item md-tabs__item--active">
<a href="../../build/" class="md-tabs__link">
Getting Started
</a>
</li>
<li class="md-tabs__item">
<a href="../../blog/" class="md-tabs__link">
Blog
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="Changemaker Lite" class="md-nav__button md-logo" aria-label="Changemaker Lite" data-md-component="logo">
<img src="../../assets/logo.png" alt="logo">
</a>
Changemaker Lite
</label>
<div class="md-nav__source">
<a href="https://gitea.bnkops.com/admin/changemaker.lite" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81"/></svg>
</div>
<div class="md-source__repository">
changemaker.lite
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
<span class="md-ellipsis">
Home
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../phil/" class="md-nav__link">
<span class="md-ellipsis">
Philosophy
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" checked>
<div class="md-nav__link md-nav__container">
<a href="../../build/" class="md-nav__link ">
<span class="md-ellipsis">
Getting Started
</span>
</a>
<label class="md-nav__link " for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Getting Started
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../build/server/" class="md-nav__link">
<span class="md-ellipsis">
Build Server
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../build/map/" class="md-nav__link">
<span class="md-ellipsis">
Build Map
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../build/site/" class="md-nav__link">
<span class="md-ellipsis">
Build Site
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_5" >
<div class="md-nav__link md-nav__container">
<a href="../../services/" class="md-nav__link ">
<span class="md-ellipsis">
Services
</span>
</a>
<label class="md-nav__link " for="__nav_3_5" id="__nav_3_5_label" tabindex="">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3_5">
<span class="md-nav__icon md-icon"></span>
Services
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../services/homepage/" class="md-nav__link">
<span class="md-ellipsis">
Homepage
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/code-server/" class="md-nav__link">
<span class="md-ellipsis">
Code Server
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/mkdocs/" class="md-nav__link">
<span class="md-ellipsis">
MKDocs
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/static-server/" class="md-nav__link">
<span class="md-ellipsis">
Static Server
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/listmonk/" class="md-nav__link">
<span class="md-ellipsis">
Listmonk
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/postgresql/" class="md-nav__link">
<span class="md-ellipsis">
PostgreSQL
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/n8n/" class="md-nav__link">
<span class="md-ellipsis">
n8n
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/nocodb/" class="md-nav__link">
<span class="md-ellipsis">
NocoDB
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/gitea/" class="md-nav__link">
<span class="md-ellipsis">
Gitea
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/map/" class="md-nav__link">
<span class="md-ellipsis">
Map
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../services/mini-qr/" class="md-nav__link">
<span class="md-ellipsis">
Mini QR
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_6" >
<div class="md-nav__link md-nav__container">
<a href="../../config/" class="md-nav__link ">
<span class="md-ellipsis">
Configuration
</span>
</a>
<label class="md-nav__link " for="__nav_3_6" id="__nav_3_6_label" tabindex="">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_6_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3_6">
<span class="md-nav__icon md-icon"></span>
Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../config/cloudflare-config/" class="md-nav__link">
<span class="md-ellipsis">
Cloudflare
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../config/mkdocs/" class="md-nav__link">
<span class="md-ellipsis">
MKdocs
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../config/coder/" class="md-nav__link">
<span class="md-ellipsis">
Code Server
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../config/map/" class="md-nav__link">
<span class="md-ellipsis">
Map
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3_7" checked>
<div class="md-nav__link md-nav__container">
<a href="../" class="md-nav__link ">
<span class="md-ellipsis">
Advanced Configuration
</span>
</a>
<label class="md-nav__link " for="__nav_3_7" id="__nav_3_7_label" tabindex="">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_7_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_3_7">
<span class="md-nav__icon md-icon"></span>
Advanced Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
SSH + Tailscale + Ansible
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
SSH + Tailscale + Ansible
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="On this page">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
On this page
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#overview" class="md-nav__link">
<span class="md-ellipsis">
Overview
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#what-youll-learn" class="md-nav__link">
<span class="md-ellipsis">
What You'll Learn
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#prerequisites" class="md-nav__link">
<span class="md-ellipsis">
Prerequisites
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#part-1-initial-setup-on-master-node" class="md-nav__link">
<span class="md-ellipsis">
Part 1: Initial Setup on Master Node
</span>
</a>
<nav class="md-nav" aria-label="Part 1: Initial Setup on Master Node">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-ansible-directory-structure" class="md-nav__link">
<span class="md-ellipsis">
1. Create Ansible Directory Structure
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-ansible" class="md-nav__link">
<span class="md-ellipsis">
2. Install Ansible
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-generate-ssh-keys-if-not-already-done" class="md-nav__link">
<span class="md-ellipsis">
3. Generate SSH Keys (if not already done)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-2-target-node-setup-physical-access-required-initially" class="md-nav__link">
<span class="md-ellipsis">
Part 2: Target Node Setup (Physical Access Required Initially)
</span>
</a>
<nav class="md-nav" aria-label="Part 2: Target Node Setup (Physical Access Required Initially)">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-enable-ssh-on-target-node" class="md-nav__link">
<span class="md-ellipsis">
1. Enable SSH on Target Node
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-configure-ssh-key-authentication" class="md-nav__link">
<span class="md-ellipsis">
2. Configure SSH Key Authentication
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-configure-ssh-security" class="md-nav__link">
<span class="md-ellipsis">
3. Configure SSH Security
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#4-configure-firewall" class="md-nav__link">
<span class="md-ellipsis">
4. Configure Firewall
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-3-test-local-ssh-connection" class="md-nav__link">
<span class="md-ellipsis">
Part 3: Test Local SSH Connection
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#part-4-set-up-tailscale-for-remote-access" class="md-nav__link">
<span class="md-ellipsis">
Part 4: Set Up Tailscale for Remote Access
</span>
</a>
<nav class="md-nav" aria-label="Part 4: Set Up Tailscale for Remote Access">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#why-tailscale-over-alternatives" class="md-nav__link">
<span class="md-ellipsis">
Why Tailscale Over Alternatives
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#1-install-tailscale-on-master-node" class="md-nav__link">
<span class="md-ellipsis">
1. Install Tailscale on Master Node
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-tailscale-on-target-nodes" class="md-nav__link">
<span class="md-ellipsis">
2. Install Tailscale on Target Nodes
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-get-tailscale-ip-addresses" class="md-nav__link">
<span class="md-ellipsis">
3. Get Tailscale IP Addresses
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-5-configure-ansible" class="md-nav__link">
<span class="md-ellipsis">
Part 5: Configure Ansible
</span>
</a>
<nav class="md-nav" aria-label="Part 5: Configure Ansible">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-inventory-file" class="md-nav__link">
<span class="md-ellipsis">
1. Create Inventory File
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-test-ansible-connectivity" class="md-nav__link">
<span class="md-ellipsis">
2. Test Ansible Connectivity
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-6-create-and-run-playbooks" class="md-nav__link">
<span class="md-ellipsis">
Part 6: Create and Run Playbooks
</span>
</a>
<nav class="md-nav" aria-label="Part 6: Create and Run Playbooks">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-simple-information-gathering-playbook" class="md-nav__link">
<span class="md-ellipsis">
1. Simple Information Gathering Playbook
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-run-the-playbook" class="md-nav__link">
<span class="md-ellipsis">
2. Run the Playbook
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-7-advanced-playbook-example" class="md-nav__link">
<span class="md-ellipsis">
Part 7: Advanced Playbook Example
</span>
</a>
<nav class="md-nav" aria-label="Part 7: Advanced Playbook Example">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#system-setup-playbook" class="md-nav__link">
<span class="md-ellipsis">
System Setup Playbook
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#troubleshooting-guide" class="md-nav__link">
<span class="md-ellipsis">
Troubleshooting Guide
</span>
</a>
<nav class="md-nav" aria-label="Troubleshooting Guide">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#ssh-issues" class="md-nav__link">
<span class="md-ellipsis">
SSH Issues
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#ansible-issues" class="md-nav__link">
<span class="md-ellipsis">
Ansible Issues
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#tailscale-issues" class="md-nav__link">
<span class="md-ellipsis">
Tailscale Issues
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#scaling-to-multiple-nodes" class="md-nav__link">
<span class="md-ellipsis">
Scaling to Multiple Nodes
</span>
</a>
<nav class="md-nav" aria-label="Scaling to Multiple Nodes">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#adding-new-nodes" class="md-nav__link">
<span class="md-ellipsis">
Adding New Nodes
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#group-management" class="md-nav__link">
<span class="md-ellipsis">
Group Management
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#best-practices" class="md-nav__link">
<span class="md-ellipsis">
Best Practices
</span>
</a>
<nav class="md-nav" aria-label="Best Practices">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#security" class="md-nav__link">
<span class="md-ellipsis">
Security
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#organization" class="md-nav__link">
<span class="md-ellipsis">
Organization
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#monitoring-and-maintenance" class="md-nav__link">
<span class="md-ellipsis">
Monitoring and Maintenance
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#alternative-approaches-we-considered" class="md-nav__link">
<span class="md-ellipsis">
Alternative Approaches We Considered
</span>
</a>
<nav class="md-nav" aria-label="Alternative Approaches We Considered">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#cloudflare-tunnels" class="md-nav__link">
<span class="md-ellipsis">
Cloudflare Tunnels
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#traditional-vpn" class="md-nav__link">
<span class="md-ellipsis">
Traditional VPN
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#ssh-reverse-tunnels" class="md-nav__link">
<span class="md-ellipsis">
SSH Reverse Tunnels
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#conclusion" class="md-nav__link">
<span class="md-ellipsis">
Conclusion
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#quick-reference-commands" class="md-nav__link">
<span class="md-ellipsis">
Quick Reference Commands
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../vscode-ssh/" class="md-nav__link">
<span class="md-ellipsis">
SSH + VScode
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../blog/" class="md-nav__link">
<span class="md-ellipsis">
Blog
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="On this page">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
On this page
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#overview" class="md-nav__link">
<span class="md-ellipsis">
Overview
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#what-youll-learn" class="md-nav__link">
<span class="md-ellipsis">
What You'll Learn
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#prerequisites" class="md-nav__link">
<span class="md-ellipsis">
Prerequisites
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#part-1-initial-setup-on-master-node" class="md-nav__link">
<span class="md-ellipsis">
Part 1: Initial Setup on Master Node
</span>
</a>
<nav class="md-nav" aria-label="Part 1: Initial Setup on Master Node">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-ansible-directory-structure" class="md-nav__link">
<span class="md-ellipsis">
1. Create Ansible Directory Structure
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-ansible" class="md-nav__link">
<span class="md-ellipsis">
2. Install Ansible
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-generate-ssh-keys-if-not-already-done" class="md-nav__link">
<span class="md-ellipsis">
3. Generate SSH Keys (if not already done)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-2-target-node-setup-physical-access-required-initially" class="md-nav__link">
<span class="md-ellipsis">
Part 2: Target Node Setup (Physical Access Required Initially)
</span>
</a>
<nav class="md-nav" aria-label="Part 2: Target Node Setup (Physical Access Required Initially)">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-enable-ssh-on-target-node" class="md-nav__link">
<span class="md-ellipsis">
1. Enable SSH on Target Node
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-configure-ssh-key-authentication" class="md-nav__link">
<span class="md-ellipsis">
2. Configure SSH Key Authentication
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-configure-ssh-security" class="md-nav__link">
<span class="md-ellipsis">
3. Configure SSH Security
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#4-configure-firewall" class="md-nav__link">
<span class="md-ellipsis">
4. Configure Firewall
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-3-test-local-ssh-connection" class="md-nav__link">
<span class="md-ellipsis">
Part 3: Test Local SSH Connection
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#part-4-set-up-tailscale-for-remote-access" class="md-nav__link">
<span class="md-ellipsis">
Part 4: Set Up Tailscale for Remote Access
</span>
</a>
<nav class="md-nav" aria-label="Part 4: Set Up Tailscale for Remote Access">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#why-tailscale-over-alternatives" class="md-nav__link">
<span class="md-ellipsis">
Why Tailscale Over Alternatives
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#1-install-tailscale-on-master-node" class="md-nav__link">
<span class="md-ellipsis">
1. Install Tailscale on Master Node
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-tailscale-on-target-nodes" class="md-nav__link">
<span class="md-ellipsis">
2. Install Tailscale on Target Nodes
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-get-tailscale-ip-addresses" class="md-nav__link">
<span class="md-ellipsis">
3. Get Tailscale IP Addresses
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-5-configure-ansible" class="md-nav__link">
<span class="md-ellipsis">
Part 5: Configure Ansible
</span>
</a>
<nav class="md-nav" aria-label="Part 5: Configure Ansible">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-inventory-file" class="md-nav__link">
<span class="md-ellipsis">
1. Create Inventory File
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-test-ansible-connectivity" class="md-nav__link">
<span class="md-ellipsis">
2. Test Ansible Connectivity
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-6-create-and-run-playbooks" class="md-nav__link">
<span class="md-ellipsis">
Part 6: Create and Run Playbooks
</span>
</a>
<nav class="md-nav" aria-label="Part 6: Create and Run Playbooks">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-simple-information-gathering-playbook" class="md-nav__link">
<span class="md-ellipsis">
1. Simple Information Gathering Playbook
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-run-the-playbook" class="md-nav__link">
<span class="md-ellipsis">
2. Run the Playbook
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#part-7-advanced-playbook-example" class="md-nav__link">
<span class="md-ellipsis">
Part 7: Advanced Playbook Example
</span>
</a>
<nav class="md-nav" aria-label="Part 7: Advanced Playbook Example">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#system-setup-playbook" class="md-nav__link">
<span class="md-ellipsis">
System Setup Playbook
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#troubleshooting-guide" class="md-nav__link">
<span class="md-ellipsis">
Troubleshooting Guide
</span>
</a>
<nav class="md-nav" aria-label="Troubleshooting Guide">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#ssh-issues" class="md-nav__link">
<span class="md-ellipsis">
SSH Issues
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#ansible-issues" class="md-nav__link">
<span class="md-ellipsis">
Ansible Issues
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#tailscale-issues" class="md-nav__link">
<span class="md-ellipsis">
Tailscale Issues
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#scaling-to-multiple-nodes" class="md-nav__link">
<span class="md-ellipsis">
Scaling to Multiple Nodes
</span>
</a>
<nav class="md-nav" aria-label="Scaling to Multiple Nodes">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#adding-new-nodes" class="md-nav__link">
<span class="md-ellipsis">
Adding New Nodes
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#group-management" class="md-nav__link">
<span class="md-ellipsis">
Group Management
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#best-practices" class="md-nav__link">
<span class="md-ellipsis">
Best Practices
</span>
</a>
<nav class="md-nav" aria-label="Best Practices">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#security" class="md-nav__link">
<span class="md-ellipsis">
Security
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#organization" class="md-nav__link">
<span class="md-ellipsis">
Organization
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#monitoring-and-maintenance" class="md-nav__link">
<span class="md-ellipsis">
Monitoring and Maintenance
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#alternative-approaches-we-considered" class="md-nav__link">
<span class="md-ellipsis">
Alternative Approaches We Considered
</span>
</a>
<nav class="md-nav" aria-label="Alternative Approaches We Considered">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#cloudflare-tunnels" class="md-nav__link">
<span class="md-ellipsis">
Cloudflare Tunnels
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#traditional-vpn" class="md-nav__link">
<span class="md-ellipsis">
Traditional VPN
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#ssh-reverse-tunnels" class="md-nav__link">
<span class="md-ellipsis">
SSH Reverse Tunnels
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#conclusion" class="md-nav__link">
<span class="md-ellipsis">
Conclusion
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#quick-reference-commands" class="md-nav__link">
<span class="md-ellipsis">
Quick Reference Commands
</span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="setting-up-ansible-with-tailscale-for-remote-server-management">Setting Up Ansible with Tailscale for Remote Server Management<a class="headerlink" href="#setting-up-ansible-with-tailscale-for-remote-server-management" title="Permanent link">&para;</a></h1>
<h2 id="overview">Overview<a class="headerlink" href="#overview" title="Permanent link">&para;</a></h2>
<p>This guide walks you through setting up Ansible to manage remote servers (like ThinkCentre units) using Tailscale for secure networking. This approach provides reliable remote access without complex port forwarding or VPN configurations.</p>
<p>In plainer language; this allows you to manage several Changemaker nodes remotely. If you are a full time campaigner, this can enable you to manage several campaigns infrastructure from a central location while each user gets their own Changemaker box. </p>
<h2 id="what-youll-learn">What You'll Learn<a class="headerlink" href="#what-youll-learn" title="Permanent link">&para;</a></h2>
<ul>
<li>How to set up Ansible for infrastructure automation</li>
<li>How to configure secure remote access using Tailscale</li>
<li>How to troubleshoot common SSH and networking issues</li>
<li>Why this approach is better than alternatives like Cloudflare Tunnels for simple SSH access</li>
</ul>
<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">&para;</a></h2>
<ul>
<li><strong>Master Node</strong>: Your main computer running Ubuntu/Linux (control machine)</li>
<li><strong>Target Nodes</strong>: Remote servers/ThinkCentres running Ubuntu/Linux</li>
<li><strong>Both machines</strong>: Must have internet access</li>
<li><strong>User Account</strong>: Same username on all machines (recommended)</li>
</ul>
<h2 id="part-1-initial-setup-on-master-node">Part 1: Initial Setup on Master Node<a class="headerlink" href="#part-1-initial-setup-on-master-node" title="Permanent link">&para;</a></h2>
<h3 id="1-create-ansible-directory-structure">1. Create Ansible Directory Structure<a class="headerlink" href="#1-create-ansible-directory-structure" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-0-1"><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a><span class="c1"># Create project directory</span>
</span><span id="__span-0-2"><a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a>mkdir<span class="w"> </span>~/ansible_quickstart
</span><span id="__span-0-3"><a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a><span class="nb">cd</span><span class="w"> </span>~/ansible_quickstart
</span><span id="__span-0-4"><a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a>
</span><span id="__span-0-5"><a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a><span class="c1"># Create directory structure</span>
</span><span id="__span-0-6"><a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a>mkdir<span class="w"> </span>-p<span class="w"> </span>group_vars<span class="w"> </span>host_vars<span class="w"> </span>roles<span class="w"> </span>playbooks
</span></code></pre></div>
<h3 id="2-install-ansible">2. Install Ansible<a class="headerlink" href="#2-install-ansible" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-1-1"><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>sudo<span class="w"> </span>apt<span class="w"> </span>update
</span><span id="__span-1-2"><a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a>sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>ansible
</span></code></pre></div>
<h3 id="3-generate-ssh-keys-if-not-already-done">3. Generate SSH Keys (if not already done)<a class="headerlink" href="#3-generate-ssh-keys-if-not-already-done" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-2-1"><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a><span class="c1"># Generate SSH key pair</span>
</span><span id="__span-2-2"><a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a>ssh-keygen<span class="w"> </span>-t<span class="w"> </span>rsa<span class="w"> </span>-b<span class="w"> </span><span class="m">4096</span><span class="w"> </span>-f<span class="w"> </span>~/.ssh/id_rsa
</span><span id="__span-2-3"><a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a>
</span><span id="__span-2-4"><a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a><span class="c1"># Display public key (save this for later)</span>
</span><span id="__span-2-5"><a id="__codelineno-2-5" name="__codelineno-2-5" href="#__codelineno-2-5"></a>cat<span class="w"> </span>~/.ssh/id_rsa.pub
</span></code></pre></div>
<h2 id="part-2-target-node-setup-physical-access-required-initially">Part 2: Target Node Setup (Physical Access Required Initially)<a class="headerlink" href="#part-2-target-node-setup-physical-access-required-initially" title="Permanent link">&para;</a></h2>
<h3 id="1-enable-ssh-on-target-node">1. Enable SSH on Target Node<a class="headerlink" href="#1-enable-ssh-on-target-node" title="Permanent link">&para;</a></h3>
<p>Access each target node physically (monitor + keyboard):</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-3-1"><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a><span class="c1"># Update system</span>
</span><span id="__span-3-2"><a id="__codelineno-3-2" name="__codelineno-3-2" href="#__codelineno-3-2"></a>sudo<span class="w"> </span>apt<span class="w"> </span>update<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span>sudo<span class="w"> </span>apt<span class="w"> </span>upgrade<span class="w"> </span>-y
</span><span id="__span-3-3"><a id="__codelineno-3-3" name="__codelineno-3-3" href="#__codelineno-3-3"></a>
</span><span id="__span-3-4"><a id="__codelineno-3-4" name="__codelineno-3-4" href="#__codelineno-3-4"></a><span class="c1"># Install and enable SSH</span>
</span><span id="__span-3-5"><a id="__codelineno-3-5" name="__codelineno-3-5" href="#__codelineno-3-5"></a>sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>openssh-server
</span><span id="__span-3-6"><a id="__codelineno-3-6" name="__codelineno-3-6" href="#__codelineno-3-6"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span><span class="nb">enable</span><span class="w"> </span>ssh
</span><span id="__span-3-7"><a id="__codelineno-3-7" name="__codelineno-3-7" href="#__codelineno-3-7"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span>start<span class="w"> </span>ssh
</span><span id="__span-3-8"><a id="__codelineno-3-8" name="__codelineno-3-8" href="#__codelineno-3-8"></a>
</span><span id="__span-3-9"><a id="__codelineno-3-9" name="__codelineno-3-9" href="#__codelineno-3-9"></a><span class="c1"># Check SSH status</span>
</span><span id="__span-3-10"><a id="__codelineno-3-10" name="__codelineno-3-10" href="#__codelineno-3-10"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span>status<span class="w"> </span>ssh
</span></code></pre></div>
<p><strong>Note</strong>: If you get "Unit ssh.service could not be found", you need to install the SSH server first:</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-4-1"><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a><span class="c1"># Install OpenSSH server</span>
</span><span id="__span-4-2"><a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a>sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>openssh-server
</span><span id="__span-4-3"><a id="__codelineno-4-3" name="__codelineno-4-3" href="#__codelineno-4-3"></a>
</span><span id="__span-4-4"><a id="__codelineno-4-4" name="__codelineno-4-4" href="#__codelineno-4-4"></a><span class="c1"># Then start and enable SSH</span>
</span><span id="__span-4-5"><a id="__codelineno-4-5" name="__codelineno-4-5" href="#__codelineno-4-5"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span>start<span class="w"> </span>ssh
</span><span id="__span-4-6"><a id="__codelineno-4-6" name="__codelineno-4-6" href="#__codelineno-4-6"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span><span class="nb">enable</span><span class="w"> </span>ssh
</span><span id="__span-4-7"><a id="__codelineno-4-7" name="__codelineno-4-7" href="#__codelineno-4-7"></a>
</span><span id="__span-4-8"><a id="__codelineno-4-8" name="__codelineno-4-8" href="#__codelineno-4-8"></a><span class="c1"># Verify SSH is running and listening</span>
</span><span id="__span-4-9"><a id="__codelineno-4-9" name="__codelineno-4-9" href="#__codelineno-4-9"></a>sudo<span class="w"> </span>ss<span class="w"> </span>-tlnp<span class="w"> </span><span class="p">|</span><span class="w"> </span>grep<span class="w"> </span>:22
</span></code></pre></div>
<p>You should see SSH listening on port 22.</p>
<h3 id="2-configure-ssh-key-authentication">2. Configure SSH Key Authentication<a class="headerlink" href="#2-configure-ssh-key-authentication" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-5-1"><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a><span class="c1"># Create .ssh directory</span>
</span><span id="__span-5-2"><a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a>mkdir<span class="w"> </span>-p<span class="w"> </span>~/.ssh
</span><span id="__span-5-3"><a id="__codelineno-5-3" name="__codelineno-5-3" href="#__codelineno-5-3"></a>chmod<span class="w"> </span><span class="m">700</span><span class="w"> </span>~/.ssh
</span><span id="__span-5-4"><a id="__codelineno-5-4" name="__codelineno-5-4" href="#__codelineno-5-4"></a>
</span><span id="__span-5-5"><a id="__codelineno-5-5" name="__codelineno-5-5" href="#__codelineno-5-5"></a><span class="c1"># Create authorized_keys file</span>
</span><span id="__span-5-6"><a id="__codelineno-5-6" name="__codelineno-5-6" href="#__codelineno-5-6"></a>nano<span class="w"> </span>~/.ssh/authorized_keys
</span></code></pre></div>
<p>Paste your public key from the master node, then:</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-6-1"><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a><span class="c1"># Set proper permissions</span>
</span><span id="__span-6-2"><a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a>chmod<span class="w"> </span><span class="m">600</span><span class="w"> </span>~/.ssh/authorized_keys
</span></code></pre></div>
<h3 id="3-configure-ssh-security">3. Configure SSH Security<a class="headerlink" href="#3-configure-ssh-security" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-7-1"><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a><span class="c1"># Edit SSH config</span>
</span><span id="__span-7-2"><a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a>sudo<span class="w"> </span>nano<span class="w"> </span>/etc/ssh/sshd_config
</span></code></pre></div>
<p>Ensure these lines are uncommented:</p>
<div class="language-text highlight"><pre><span></span><code><span id="__span-8-1"><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>PubkeyAuthentication yes
</span><span id="__span-8-2"><a id="__codelineno-8-2" name="__codelineno-8-2" href="#__codelineno-8-2"></a>AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
</span></code></pre></div>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-9-1"><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a><span class="c1"># Restart SSH service</span>
</span><span id="__span-9-2"><a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a>sudo<span class="w"> </span>systemctl<span class="w"> </span>restart<span class="w"> </span>ssh
</span></code></pre></div>
<h3 id="4-configure-firewall">4. Configure Firewall<a class="headerlink" href="#4-configure-firewall" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-10-1"><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a><span class="c1"># Check firewall status</span>
</span><span id="__span-10-2"><a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a>sudo<span class="w"> </span>ufw<span class="w"> </span>status
</span><span id="__span-10-3"><a id="__codelineno-10-3" name="__codelineno-10-3" href="#__codelineno-10-3"></a>
</span><span id="__span-10-4"><a id="__codelineno-10-4" name="__codelineno-10-4" href="#__codelineno-10-4"></a><span class="c1"># Allow SSH through firewall</span>
</span><span id="__span-10-5"><a id="__codelineno-10-5" name="__codelineno-10-5" href="#__codelineno-10-5"></a>sudo<span class="w"> </span>ufw<span class="w"> </span>allow<span class="w"> </span>ssh
</span><span id="__span-10-6"><a id="__codelineno-10-6" name="__codelineno-10-6" href="#__codelineno-10-6"></a>
</span><span id="__span-10-7"><a id="__codelineno-10-7" name="__codelineno-10-7" href="#__codelineno-10-7"></a><span class="c1"># Fix home directory permissions (required for SSH keys)</span>
</span><span id="__span-10-8"><a id="__codelineno-10-8" name="__codelineno-10-8" href="#__codelineno-10-8"></a>chmod<span class="w"> </span><span class="m">755</span><span class="w"> </span>~/
</span></code></pre></div>
<h2 id="part-3-test-local-ssh-connection">Part 3: Test Local SSH Connection<a class="headerlink" href="#part-3-test-local-ssh-connection" title="Permanent link">&para;</a></h2>
<p>Before proceeding with remote access, test SSH connectivity locally:</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-11-1"><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a><span class="c1"># From master node, test SSH to target</span>
</span><span id="__span-11-2"><a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a>ssh<span class="w"> </span>username@&lt;target-local-ip&gt;
</span></code></pre></div>
<p><strong>Common Issues and Solutions:</strong></p>
<ul>
<li><strong>Connection hangs</strong>: Check firewall rules (<code>sudo ufw allow ssh</code>)</li>
<li><strong>Permission denied</strong>: Verify SSH keys and file permissions</li>
<li><strong>SSH config errors</strong>: Ensure <code>PubkeyAuthentication yes</code> is set</li>
</ul>
<h2 id="part-4-set-up-tailscale-for-remote-access">Part 4: Set Up Tailscale for Remote Access<a class="headerlink" href="#part-4-set-up-tailscale-for-remote-access" title="Permanent link">&para;</a></h2>
<h3 id="why-tailscale-over-alternatives">Why Tailscale Over Alternatives<a class="headerlink" href="#why-tailscale-over-alternatives" title="Permanent link">&para;</a></h3>
<p>We initially tried Cloudflare Tunnels but encountered complexity with:</p>
<ul>
<li>DNS routing issues</li>
<li>Complex configuration for SSH</li>
<li>Same-network testing problems</li>
<li>Multiple configuration approaches with varying success</li>
</ul>
<p><strong>Tailscale is superior because:</strong></p>
<ul>
<li>Zero configuration mesh networking</li>
<li>Works from any network</li>
<li>Persistent IP addresses</li>
<li>No port forwarding needed</li>
<li>Free for personal use</li>
</ul>
<h3 id="1-install-tailscale-on-master-node">1. Install Tailscale on Master Node<a class="headerlink" href="#1-install-tailscale-on-master-node" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-12-1"><a id="__codelineno-12-1" name="__codelineno-12-1" href="#__codelineno-12-1"></a><span class="c1"># Install Tailscale</span>
</span><span id="__span-12-2"><a id="__codelineno-12-2" name="__codelineno-12-2" href="#__codelineno-12-2"></a>curl<span class="w"> </span>-fsSL<span class="w"> </span>https://tailscale.com/install.sh<span class="w"> </span><span class="p">|</span><span class="w"> </span>sh
</span><span id="__span-12-3"><a id="__codelineno-12-3" name="__codelineno-12-3" href="#__codelineno-12-3"></a>
</span><span id="__span-12-4"><a id="__codelineno-12-4" name="__codelineno-12-4" href="#__codelineno-12-4"></a><span class="c1"># Connect to Tailscale network</span>
</span><span id="__span-12-5"><a id="__codelineno-12-5" name="__codelineno-12-5" href="#__codelineno-12-5"></a>sudo<span class="w"> </span>tailscale<span class="w"> </span>up
</span></code></pre></div>
<p>Follow the authentication URL to connect with your Google/Microsoft/GitHub account.</p>
<h3 id="2-install-tailscale-on-target-nodes">2. Install Tailscale on Target Nodes<a class="headerlink" href="#2-install-tailscale-on-target-nodes" title="Permanent link">&para;</a></h3>
<p><strong>On each target node:</strong></p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-13-1"><a id="__codelineno-13-1" name="__codelineno-13-1" href="#__codelineno-13-1"></a><span class="c1"># Install Tailscale</span>
</span><span id="__span-13-2"><a id="__codelineno-13-2" name="__codelineno-13-2" href="#__codelineno-13-2"></a>curl<span class="w"> </span>-fsSL<span class="w"> </span>https://tailscale.com/install.sh<span class="w"> </span><span class="p">|</span><span class="w"> </span>sh
</span><span id="__span-13-3"><a id="__codelineno-13-3" name="__codelineno-13-3" href="#__codelineno-13-3"></a>
</span><span id="__span-13-4"><a id="__codelineno-13-4" name="__codelineno-13-4" href="#__codelineno-13-4"></a><span class="c1"># Connect to Tailscale network</span>
</span><span id="__span-13-5"><a id="__codelineno-13-5" name="__codelineno-13-5" href="#__codelineno-13-5"></a>sudo<span class="w"> </span>tailscale<span class="w"> </span>up
</span></code></pre></div>
<p>Authenticate each device through the provided URL.</p>
<h3 id="3-get-tailscale-ip-addresses">3. Get Tailscale IP Addresses<a class="headerlink" href="#3-get-tailscale-ip-addresses" title="Permanent link">&para;</a></h3>
<p><strong>On each machine:</strong></p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-14-1"><a id="__codelineno-14-1" name="__codelineno-14-1" href="#__codelineno-14-1"></a><span class="c1"># Get your Tailscale IP</span>
</span><span id="__span-14-2"><a id="__codelineno-14-2" name="__codelineno-14-2" href="#__codelineno-14-2"></a>tailscale<span class="w"> </span>ip<span class="w"> </span>-4
</span></code></pre></div>
<p>Each device receives a persistent IP like <code>100.x.x.x</code>.</p>
<h2 id="part-5-configure-ansible">Part 5: Configure Ansible<a class="headerlink" href="#part-5-configure-ansible" title="Permanent link">&para;</a></h2>
<h3 id="1-create-inventory-file">1. Create Inventory File<a class="headerlink" href="#1-create-inventory-file" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-15-1"><a id="__codelineno-15-1" name="__codelineno-15-1" href="#__codelineno-15-1"></a><span class="c1"># Create inventory.ini</span>
</span><span id="__span-15-2"><a id="__codelineno-15-2" name="__codelineno-15-2" href="#__codelineno-15-2"></a><span class="nb">cd</span><span class="w"> </span>~/ansible_quickstart
</span><span id="__span-15-3"><a id="__codelineno-15-3" name="__codelineno-15-3" href="#__codelineno-15-3"></a>nano<span class="w"> </span>inventory.ini
</span></code></pre></div>
<p><strong>Content:</strong></p>
<div class="language-ini highlight"><pre><span></span><code><span id="__span-16-1"><a id="__codelineno-16-1" name="__codelineno-16-1" href="#__codelineno-16-1"></a><span class="k">[thinkcenter]</span>
</span><span id="__span-16-2"><a id="__codelineno-16-2" name="__codelineno-16-2" href="#__codelineno-16-2"></a><span class="na">tc-node1 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=your-username</span>
</span><span id="__span-16-3"><a id="__codelineno-16-3" name="__codelineno-16-3" href="#__codelineno-16-3"></a><span class="na">tc-node2 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=your-username</span>
</span><span id="__span-16-4"><a id="__codelineno-16-4" name="__codelineno-16-4" href="#__codelineno-16-4"></a>
</span><span id="__span-16-5"><a id="__codelineno-16-5" name="__codelineno-16-5" href="#__codelineno-16-5"></a><span class="k">[all:vars]</span>
</span><span id="__span-16-6"><a id="__codelineno-16-6" name="__codelineno-16-6" href="#__codelineno-16-6"></a><span class="na">ansible_ssh_private_key_file</span><span class="o">=</span><span class="s">~/.ssh/id_rsa</span>
</span><span id="__span-16-7"><a id="__codelineno-16-7" name="__codelineno-16-7" href="#__codelineno-16-7"></a><span class="na">ansible_host_key_checking</span><span class="o">=</span><span class="s">False</span>
</span></code></pre></div>
<p>Replace:</p>
<ul>
<li><code>100.x.x.x</code> with actual Tailscale IPs</li>
<li><code>your-username</code> with your actual username</li>
</ul>
<h3 id="2-test-ansible-connectivity">2. Test Ansible Connectivity<a class="headerlink" href="#2-test-ansible-connectivity" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-17-1"><a id="__codelineno-17-1" name="__codelineno-17-1" href="#__codelineno-17-1"></a><span class="c1"># Test connection to all nodes</span>
</span><span id="__span-17-2"><a id="__codelineno-17-2" name="__codelineno-17-2" href="#__codelineno-17-2"></a>ansible<span class="w"> </span>all<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>-m<span class="w"> </span>ping
</span></code></pre></div>
<p><strong>Expected output:</strong></p>
<div class="language-text highlight"><pre><span></span><code><span id="__span-18-1"><a id="__codelineno-18-1" name="__codelineno-18-1" href="#__codelineno-18-1"></a>tc-node1 | SUCCESS =&gt; {
</span><span id="__span-18-2"><a id="__codelineno-18-2" name="__codelineno-18-2" href="#__codelineno-18-2"></a> &quot;changed&quot;: false,
</span><span id="__span-18-3"><a id="__codelineno-18-3" name="__codelineno-18-3" href="#__codelineno-18-3"></a> &quot;ping&quot;: &quot;pong&quot;
</span><span id="__span-18-4"><a id="__codelineno-18-4" name="__codelineno-18-4" href="#__codelineno-18-4"></a>}
</span></code></pre></div>
<h2 id="part-6-create-and-run-playbooks">Part 6: Create and Run Playbooks<a class="headerlink" href="#part-6-create-and-run-playbooks" title="Permanent link">&para;</a></h2>
<h3 id="1-simple-information-gathering-playbook">1. Simple Information Gathering Playbook<a class="headerlink" href="#1-simple-information-gathering-playbook" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-19-1"><a id="__codelineno-19-1" name="__codelineno-19-1" href="#__codelineno-19-1"></a>mkdir<span class="w"> </span>-p<span class="w"> </span>playbooks
</span><span id="__span-19-2"><a id="__codelineno-19-2" name="__codelineno-19-2" href="#__codelineno-19-2"></a>nano<span class="w"> </span>playbooks/info-playbook.yml
</span></code></pre></div>
<p><strong>Content:</strong></p>
<div class="language-yaml highlight"><pre><span></span><code><span id="__span-20-1"><a id="__codelineno-20-1" name="__codelineno-20-1" href="#__codelineno-20-1"></a><span class="nn">---</span>
</span><span id="__span-20-2"><a id="__codelineno-20-2" name="__codelineno-20-2" href="#__codelineno-20-2"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Gather Node Information</span>
</span><span id="__span-20-3"><a id="__codelineno-20-3" name="__codelineno-20-3" href="#__codelineno-20-3"></a><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">all</span>
</span><span id="__span-20-4"><a id="__codelineno-20-4" name="__codelineno-20-4" href="#__codelineno-20-4"></a><span class="w"> </span><span class="nt">tasks</span><span class="p">:</span>
</span><span id="__span-20-5"><a id="__codelineno-20-5" name="__codelineno-20-5" href="#__codelineno-20-5"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Get system information</span>
</span><span id="__span-20-6"><a id="__codelineno-20-6" name="__codelineno-20-6" href="#__codelineno-20-6"></a><span class="w"> </span><span class="nt">setup</span><span class="p">:</span>
</span><span id="__span-20-7"><a id="__codelineno-20-7" name="__codelineno-20-7" href="#__codelineno-20-7"></a>
</span><span id="__span-20-8"><a id="__codelineno-20-8" name="__codelineno-20-8" href="#__codelineno-20-8"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Display basic system info</span>
</span><span id="__span-20-9"><a id="__codelineno-20-9" name="__codelineno-20-9" href="#__codelineno-20-9"></a><span class="w"> </span><span class="nt">debug</span><span class="p">:</span>
</span><span id="__span-20-10"><a id="__codelineno-20-10" name="__codelineno-20-10" href="#__codelineno-20-10"></a><span class="w"> </span><span class="nt">msg</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|</span>
</span><span id="__span-20-11"><a id="__codelineno-20-11" name="__codelineno-20-11" href="#__codelineno-20-11"></a><span class="w"> </span><span class="no">Hostname: {{ ansible_hostname }}</span>
</span><span id="__span-20-12"><a id="__codelineno-20-12" name="__codelineno-20-12" href="#__codelineno-20-12"></a><span class="w"> </span><span class="no">Operating System: {{ ansible_distribution }} {{ ansible_distribution_version }}</span>
</span><span id="__span-20-13"><a id="__codelineno-20-13" name="__codelineno-20-13" href="#__codelineno-20-13"></a><span class="w"> </span><span class="no">Architecture: {{ ansible_architecture }}</span>
</span><span id="__span-20-14"><a id="__codelineno-20-14" name="__codelineno-20-14" href="#__codelineno-20-14"></a><span class="w"> </span><span class="no">Memory: {{ ansible_memtotal_mb }}MB</span>
</span><span id="__span-20-15"><a id="__codelineno-20-15" name="__codelineno-20-15" href="#__codelineno-20-15"></a><span class="w"> </span><span class="no">CPU Cores: {{ ansible_processor_vcpus }}</span>
</span><span id="__span-20-16"><a id="__codelineno-20-16" name="__codelineno-20-16" href="#__codelineno-20-16"></a>
</span><span id="__span-20-17"><a id="__codelineno-20-17" name="__codelineno-20-17" href="#__codelineno-20-17"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Show disk usage</span>
</span><span id="__span-20-18"><a id="__codelineno-20-18" name="__codelineno-20-18" href="#__codelineno-20-18"></a><span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">df -h /</span>
</span><span id="__span-20-19"><a id="__codelineno-20-19" name="__codelineno-20-19" href="#__codelineno-20-19"></a><span class="w"> </span><span class="nt">register</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">disk_info</span>
</span><span id="__span-20-20"><a id="__codelineno-20-20" name="__codelineno-20-20" href="#__codelineno-20-20"></a>
</span><span id="__span-20-21"><a id="__codelineno-20-21" name="__codelineno-20-21" href="#__codelineno-20-21"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Display disk usage</span>
</span><span id="__span-20-22"><a id="__codelineno-20-22" name="__codelineno-20-22" href="#__codelineno-20-22"></a><span class="w"> </span><span class="nt">debug</span><span class="p">:</span>
</span><span id="__span-20-23"><a id="__codelineno-20-23" name="__codelineno-20-23" href="#__codelineno-20-23"></a><span class="w"> </span><span class="nt">msg</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;Root</span><span class="nv"> </span><span class="s">filesystem</span><span class="nv"> </span><span class="s">usage:</span><span class="nv"> </span><span class="s">{{</span><span class="nv"> </span><span class="s">disk_info.stdout_lines[1]</span><span class="nv"> </span><span class="s">}}&quot;</span>
</span><span id="__span-20-24"><a id="__codelineno-20-24" name="__codelineno-20-24" href="#__codelineno-20-24"></a>
</span><span id="__span-20-25"><a id="__codelineno-20-25" name="__codelineno-20-25" href="#__codelineno-20-25"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Check uptime</span>
</span><span id="__span-20-26"><a id="__codelineno-20-26" name="__codelineno-20-26" href="#__codelineno-20-26"></a><span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">uptime</span>
</span><span id="__span-20-27"><a id="__codelineno-20-27" name="__codelineno-20-27" href="#__codelineno-20-27"></a><span class="w"> </span><span class="nt">register</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">uptime_info</span>
</span><span id="__span-20-28"><a id="__codelineno-20-28" name="__codelineno-20-28" href="#__codelineno-20-28"></a>
</span><span id="__span-20-29"><a id="__codelineno-20-29" name="__codelineno-20-29" href="#__codelineno-20-29"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Display uptime</span>
</span><span id="__span-20-30"><a id="__codelineno-20-30" name="__codelineno-20-30" href="#__codelineno-20-30"></a><span class="w"> </span><span class="nt">debug</span><span class="p">:</span>
</span><span id="__span-20-31"><a id="__codelineno-20-31" name="__codelineno-20-31" href="#__codelineno-20-31"></a><span class="w"> </span><span class="nt">msg</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;System</span><span class="nv"> </span><span class="s">uptime:</span><span class="nv"> </span><span class="s">{{</span><span class="nv"> </span><span class="s">uptime_info.stdout</span><span class="nv"> </span><span class="s">}}&quot;</span>
</span></code></pre></div>
<h3 id="2-run-the-playbook">2. Run the Playbook<a class="headerlink" href="#2-run-the-playbook" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-21-1"><a id="__codelineno-21-1" name="__codelineno-21-1" href="#__codelineno-21-1"></a>ansible-playbook<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>playbooks/info-playbook.yml
</span></code></pre></div>
<h2 id="part-7-advanced-playbook-example">Part 7: Advanced Playbook Example<a class="headerlink" href="#part-7-advanced-playbook-example" title="Permanent link">&para;</a></h2>
<h3 id="system-setup-playbook">System Setup Playbook<a class="headerlink" href="#system-setup-playbook" title="Permanent link">&para;</a></h3>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-22-1"><a id="__codelineno-22-1" name="__codelineno-22-1" href="#__codelineno-22-1"></a>nano<span class="w"> </span>playbooks/setup-node.yml
</span></code></pre></div>
<p><strong>Content:</strong></p>
<div class="language-yaml highlight"><pre><span></span><code><span id="__span-23-1"><a id="__codelineno-23-1" name="__codelineno-23-1" href="#__codelineno-23-1"></a><span class="nn">---</span>
</span><span id="__span-23-2"><a id="__codelineno-23-2" name="__codelineno-23-2" href="#__codelineno-23-2"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Setup ThinkCentre Node</span>
</span><span id="__span-23-3"><a id="__codelineno-23-3" name="__codelineno-23-3" href="#__codelineno-23-3"></a><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">all</span>
</span><span id="__span-23-4"><a id="__codelineno-23-4" name="__codelineno-23-4" href="#__codelineno-23-4"></a><span class="w"> </span><span class="nt">become</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-23-5"><a id="__codelineno-23-5" name="__codelineno-23-5" href="#__codelineno-23-5"></a><span class="w"> </span><span class="nt">tasks</span><span class="p">:</span>
</span><span id="__span-23-6"><a id="__codelineno-23-6" name="__codelineno-23-6" href="#__codelineno-23-6"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Update package cache</span>
</span><span id="__span-23-7"><a id="__codelineno-23-7" name="__codelineno-23-7" href="#__codelineno-23-7"></a><span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
</span><span id="__span-23-8"><a id="__codelineno-23-8" name="__codelineno-23-8" href="#__codelineno-23-8"></a><span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-23-9"><a id="__codelineno-23-9" name="__codelineno-23-9" href="#__codelineno-23-9"></a>
</span><span id="__span-23-10"><a id="__codelineno-23-10" name="__codelineno-23-10" href="#__codelineno-23-10"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install essential packages</span>
</span><span id="__span-23-11"><a id="__codelineno-23-11" name="__codelineno-23-11" href="#__codelineno-23-11"></a><span class="w"> </span><span class="nt">package</span><span class="p">:</span>
</span><span id="__span-23-12"><a id="__codelineno-23-12" name="__codelineno-23-12" href="#__codelineno-23-12"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span>
</span><span id="__span-23-13"><a id="__codelineno-23-13" name="__codelineno-23-13" href="#__codelineno-23-13"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">htop</span>
</span><span id="__span-23-14"><a id="__codelineno-23-14" name="__codelineno-23-14" href="#__codelineno-23-14"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">vim</span>
</span><span id="__span-23-15"><a id="__codelineno-23-15" name="__codelineno-23-15" href="#__codelineno-23-15"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">curl</span>
</span><span id="__span-23-16"><a id="__codelineno-23-16" name="__codelineno-23-16" href="#__codelineno-23-16"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">git</span>
</span><span id="__span-23-17"><a id="__codelineno-23-17" name="__codelineno-23-17" href="#__codelineno-23-17"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">docker.io</span>
</span><span id="__span-23-18"><a id="__codelineno-23-18" name="__codelineno-23-18" href="#__codelineno-23-18"></a><span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
</span><span id="__span-23-19"><a id="__codelineno-23-19" name="__codelineno-23-19" href="#__codelineno-23-19"></a>
</span><span id="__span-23-20"><a id="__codelineno-23-20" name="__codelineno-23-20" href="#__codelineno-23-20"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Add user to docker group</span>
</span><span id="__span-23-21"><a id="__codelineno-23-21" name="__codelineno-23-21" href="#__codelineno-23-21"></a><span class="w"> </span><span class="nt">user</span><span class="p">:</span>
</span><span id="__span-23-22"><a id="__codelineno-23-22" name="__codelineno-23-22" href="#__codelineno-23-22"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;{{</span><span class="nv"> </span><span class="s">ansible_user</span><span class="nv"> </span><span class="s">}}&quot;</span>
</span><span id="__span-23-23"><a id="__codelineno-23-23" name="__codelineno-23-23" href="#__codelineno-23-23"></a><span class="w"> </span><span class="nt">groups</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">docker</span>
</span><span id="__span-23-24"><a id="__codelineno-23-24" name="__codelineno-23-24" href="#__codelineno-23-24"></a><span class="w"> </span><span class="nt">append</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-23-25"><a id="__codelineno-23-25" name="__codelineno-23-25" href="#__codelineno-23-25"></a>
</span><span id="__span-23-26"><a id="__codelineno-23-26" name="__codelineno-23-26" href="#__codelineno-23-26"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create management directory</span>
</span><span id="__span-23-27"><a id="__codelineno-23-27" name="__codelineno-23-27" href="#__codelineno-23-27"></a><span class="w"> </span><span class="nt">file</span><span class="p">:</span>
</span><span id="__span-23-28"><a id="__codelineno-23-28" name="__codelineno-23-28" href="#__codelineno-23-28"></a><span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/opt/management</span>
</span><span id="__span-23-29"><a id="__codelineno-23-29" name="__codelineno-23-29" href="#__codelineno-23-29"></a><span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">directory</span>
</span><span id="__span-23-30"><a id="__codelineno-23-30" name="__codelineno-23-30" href="#__codelineno-23-30"></a><span class="w"> </span><span class="nt">owner</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;{{</span><span class="nv"> </span><span class="s">ansible_user</span><span class="nv"> </span><span class="s">}}&quot;</span>
</span><span id="__span-23-31"><a id="__codelineno-23-31" name="__codelineno-23-31" href="#__codelineno-23-31"></a><span class="w"> </span><span class="nt">group</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;{{</span><span class="nv"> </span><span class="s">ansible_user</span><span class="nv"> </span><span class="s">}}&quot;</span>
</span></code></pre></div>
<h2 id="troubleshooting-guide">Troubleshooting Guide<a class="headerlink" href="#troubleshooting-guide" title="Permanent link">&para;</a></h2>
<h3 id="ssh-issues">SSH Issues<a class="headerlink" href="#ssh-issues" title="Permanent link">&para;</a></h3>
<p><strong>Problem: SSH connection hangs</strong></p>
<ul>
<li>Check firewall: <code>sudo ufw status</code> and <code>sudo ufw allow ssh</code></li>
<li>Verify SSH service: <code>sudo systemctl status ssh</code></li>
<li>Test local connectivity first</li>
</ul>
<p><strong>Problem: Permission denied (publickey)</strong></p>
<ul>
<li>Check SSH key permissions: <code>chmod 600 ~/.ssh/authorized_keys</code></li>
<li>Verify home directory permissions: <code>chmod 755 ~/</code></li>
<li>Ensure SSH config allows key auth: <code>PubkeyAuthentication yes</code></li>
</ul>
<p><strong>Problem: Bad owner or permissions on SSH config</strong></p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-24-1"><a id="__codelineno-24-1" name="__codelineno-24-1" href="#__codelineno-24-1"></a>chmod<span class="w"> </span><span class="m">600</span><span class="w"> </span>~/.ssh/config
</span></code></pre></div>
<h3 id="ansible-issues">Ansible Issues<a class="headerlink" href="#ansible-issues" title="Permanent link">&para;</a></h3>
<p><strong>Problem: Host key verification failed</strong></p>
<ul>
<li>Add to inventory: <code>ansible_host_key_checking=False</code></li>
</ul>
<p><strong>Problem: Ansible command not found</strong></p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-25-1"><a id="__codelineno-25-1" name="__codelineno-25-1" href="#__codelineno-25-1"></a>sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>ansible
</span></code></pre></div>
<p><strong>Problem: Connection timeouts</strong></p>
<ul>
<li>Verify Tailscale connectivity: <code>ping &lt;tailscale-ip&gt;</code></li>
<li>Check if both nodes are connected: <code>tailscale status</code></li>
</ul>
<h3 id="tailscale-issues">Tailscale Issues<a class="headerlink" href="#tailscale-issues" title="Permanent link">&para;</a></h3>
<p><strong>Problem: Can't connect to Tailscale IP</strong></p>
<ul>
<li>Verify both devices are authenticated: <code>tailscale status</code></li>
<li>Check Tailscale is running: <code>sudo systemctl status tailscaled</code></li>
<li>Restart Tailscale: <code>sudo tailscale up</code></li>
</ul>
<h2 id="scaling-to-multiple-nodes">Scaling to Multiple Nodes<a class="headerlink" href="#scaling-to-multiple-nodes" title="Permanent link">&para;</a></h2>
<h3 id="adding-new-nodes">Adding New Nodes<a class="headerlink" href="#adding-new-nodes" title="Permanent link">&para;</a></h3>
<ol>
<li><strong>Install Tailscale on new node</strong></li>
<li><strong>Set up SSH access</strong> (repeat Part 2)</li>
<li><strong>Add to inventory.ini:</strong></li>
</ol>
<div class="language-ini highlight"><pre><span></span><code><span id="__span-26-1"><a id="__codelineno-26-1" name="__codelineno-26-1" href="#__codelineno-26-1"></a><span class="k">[thinkcenter]</span>
</span><span id="__span-26-2"><a id="__codelineno-26-2" name="__codelineno-26-2" href="#__codelineno-26-2"></a><span class="na">tc-node1 ansible_host</span><span class="o">=</span><span class="s">100.125.148.60 ansible_user=bunker-admin</span>
</span><span id="__span-26-3"><a id="__codelineno-26-3" name="__codelineno-26-3" href="#__codelineno-26-3"></a><span class="na">tc-node2 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=bunker-admin</span>
</span><span id="__span-26-4"><a id="__codelineno-26-4" name="__codelineno-26-4" href="#__codelineno-26-4"></a><span class="na">tc-node3 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=bunker-admin</span>
</span></code></pre></div>
<h3 id="group-management">Group Management<a class="headerlink" href="#group-management" title="Permanent link">&para;</a></h3>
<div class="language-ini highlight"><pre><span></span><code><span id="__span-27-1"><a id="__codelineno-27-1" name="__codelineno-27-1" href="#__codelineno-27-1"></a><span class="k">[webservers]</span>
</span><span id="__span-27-2"><a id="__codelineno-27-2" name="__codelineno-27-2" href="#__codelineno-27-2"></a><span class="na">tc-node1 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=bunker-admin</span>
</span><span id="__span-27-3"><a id="__codelineno-27-3" name="__codelineno-27-3" href="#__codelineno-27-3"></a><span class="na">tc-node2 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=bunker-admin</span>
</span><span id="__span-27-4"><a id="__codelineno-27-4" name="__codelineno-27-4" href="#__codelineno-27-4"></a>
</span><span id="__span-27-5"><a id="__codelineno-27-5" name="__codelineno-27-5" href="#__codelineno-27-5"></a><span class="k">[databases]</span>
</span><span id="__span-27-6"><a id="__codelineno-27-6" name="__codelineno-27-6" href="#__codelineno-27-6"></a><span class="na">tc-node3 ansible_host</span><span class="o">=</span><span class="s">100.x.x.x ansible_user=bunker-admin</span>
</span><span id="__span-27-7"><a id="__codelineno-27-7" name="__codelineno-27-7" href="#__codelineno-27-7"></a>
</span><span id="__span-27-8"><a id="__codelineno-27-8" name="__codelineno-27-8" href="#__codelineno-27-8"></a><span class="k">[all:vars]</span>
</span><span id="__span-27-9"><a id="__codelineno-27-9" name="__codelineno-27-9" href="#__codelineno-27-9"></a><span class="na">ansible_ssh_private_key_file</span><span class="o">=</span><span class="s">~/.ssh/id_rsa</span>
</span><span id="__span-27-10"><a id="__codelineno-27-10" name="__codelineno-27-10" href="#__codelineno-27-10"></a><span class="na">ansible_host_key_checking</span><span class="o">=</span><span class="s">False</span>
</span></code></pre></div>
<p>Run playbooks on specific groups:</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-28-1"><a id="__codelineno-28-1" name="__codelineno-28-1" href="#__codelineno-28-1"></a>ansible-playbook<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>-l<span class="w"> </span>webservers<span class="w"> </span>playbook.yml
</span></code></pre></div>
<h2 id="best-practices">Best Practices<a class="headerlink" href="#best-practices" title="Permanent link">&para;</a></h2>
<h3 id="security">Security<a class="headerlink" href="#security" title="Permanent link">&para;</a></h3>
<ul>
<li>Use SSH keys, not passwords</li>
<li>Keep Tailscale client updated</li>
<li>Regular security updates via Ansible</li>
<li>Use <code>become: yes</code> only when necessary</li>
</ul>
<h3 id="organization">Organization<a class="headerlink" href="#organization" title="Permanent link">&para;</a></h3>
<div class="language-text highlight"><pre><span></span><code><span id="__span-29-1"><a id="__codelineno-29-1" name="__codelineno-29-1" href="#__codelineno-29-1"></a>ansible_quickstart/
</span><span id="__span-29-2"><a id="__codelineno-29-2" name="__codelineno-29-2" href="#__codelineno-29-2"></a>├── inventory.ini
</span><span id="__span-29-3"><a id="__codelineno-29-3" name="__codelineno-29-3" href="#__codelineno-29-3"></a>├── group_vars/
</span><span id="__span-29-4"><a id="__codelineno-29-4" name="__codelineno-29-4" href="#__codelineno-29-4"></a>├── host_vars/
</span><span id="__span-29-5"><a id="__codelineno-29-5" name="__codelineno-29-5" href="#__codelineno-29-5"></a>├── roles/
</span><span id="__span-29-6"><a id="__codelineno-29-6" name="__codelineno-29-6" href="#__codelineno-29-6"></a>└── playbooks/
</span><span id="__span-29-7"><a id="__codelineno-29-7" name="__codelineno-29-7" href="#__codelineno-29-7"></a> ├── info-playbook.yml
</span><span id="__span-29-8"><a id="__codelineno-29-8" name="__codelineno-29-8" href="#__codelineno-29-8"></a> ├── setup-node.yml
</span><span id="__span-29-9"><a id="__codelineno-29-9" name="__codelineno-29-9" href="#__codelineno-29-9"></a> └── maintenance.yml
</span></code></pre></div>
<h3 id="monitoring-and-maintenance">Monitoring and Maintenance<a class="headerlink" href="#monitoring-and-maintenance" title="Permanent link">&para;</a></h3>
<p>Create regular maintenance playbooks:</p>
<div class="language-yaml highlight"><pre><span></span><code><span id="__span-30-1"><a id="__codelineno-30-1" name="__codelineno-30-1" href="#__codelineno-30-1"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">System maintenance</span>
</span><span id="__span-30-2"><a id="__codelineno-30-2" name="__codelineno-30-2" href="#__codelineno-30-2"></a><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">all</span>
</span><span id="__span-30-3"><a id="__codelineno-30-3" name="__codelineno-30-3" href="#__codelineno-30-3"></a><span class="w"> </span><span class="nt">become</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-30-4"><a id="__codelineno-30-4" name="__codelineno-30-4" href="#__codelineno-30-4"></a><span class="w"> </span><span class="nt">tasks</span><span class="p">:</span>
</span><span id="__span-30-5"><a id="__codelineno-30-5" name="__codelineno-30-5" href="#__codelineno-30-5"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Update all packages</span>
</span><span id="__span-30-6"><a id="__codelineno-30-6" name="__codelineno-30-6" href="#__codelineno-30-6"></a><span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
</span><span id="__span-30-7"><a id="__codelineno-30-7" name="__codelineno-30-7" href="#__codelineno-30-7"></a><span class="w"> </span><span class="nt">upgrade</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">dist</span>
</span><span id="__span-30-8"><a id="__codelineno-30-8" name="__codelineno-30-8" href="#__codelineno-30-8"></a><span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-30-9"><a id="__codelineno-30-9" name="__codelineno-30-9" href="#__codelineno-30-9"></a>
</span><span id="__span-30-10"><a id="__codelineno-30-10" name="__codelineno-30-10" href="#__codelineno-30-10"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Clean package cache</span>
</span><span id="__span-30-11"><a id="__codelineno-30-11" name="__codelineno-30-11" href="#__codelineno-30-11"></a><span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
</span><span id="__span-30-12"><a id="__codelineno-30-12" name="__codelineno-30-12" href="#__codelineno-30-12"></a><span class="w"> </span><span class="nt">autoclean</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span><span id="__span-30-13"><a id="__codelineno-30-13" name="__codelineno-30-13" href="#__codelineno-30-13"></a><span class="w"> </span><span class="nt">autoremove</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
</span></code></pre></div>
<h2 id="alternative-approaches-we-considered">Alternative Approaches We Considered<a class="headerlink" href="#alternative-approaches-we-considered" title="Permanent link">&para;</a></h2>
<h3 id="cloudflare-tunnels">Cloudflare Tunnels<a class="headerlink" href="#cloudflare-tunnels" title="Permanent link">&para;</a></h3>
<ul>
<li><strong>Pros</strong>: Good for web services, handles NAT traversal</li>
<li><strong>Cons</strong>: Complex SSH setup, DNS routing issues, same-network problems</li>
<li><strong>Use case</strong>: Better for web applications than SSH access</li>
</ul>
<h3 id="traditional-vpn">Traditional VPN<a class="headerlink" href="#traditional-vpn" title="Permanent link">&para;</a></h3>
<ul>
<li><strong>Pros</strong>: Full network access</li>
<li><strong>Cons</strong>: Complex setup, port forwarding required, router configuration</li>
<li><strong>Use case</strong>: When you control the network infrastructure</li>
</ul>
<h3 id="ssh-reverse-tunnels">SSH Reverse Tunnels<a class="headerlink" href="#ssh-reverse-tunnels" title="Permanent link">&para;</a></h3>
<ul>
<li><strong>Pros</strong>: Simple concept</li>
<li><strong>Cons</strong>: Requires VPS, single point of failure, manual setup</li>
<li><strong>Use case</strong>: Temporary access or when other methods fail</li>
</ul>
<h2 id="conclusion">Conclusion<a class="headerlink" href="#conclusion" title="Permanent link">&para;</a></h2>
<p>This setup provides:</p>
<ul>
<li><strong>Reliable remote access</strong> from anywhere</li>
<li><strong>Secure mesh networking</strong> with Tailscale</li>
<li><strong>Infrastructure automation</strong> with Ansible</li>
<li><strong>Easy scaling</strong> to multiple nodes</li>
<li><strong>No complex networking</strong> required</li>
</ul>
<p>The combination of Ansible + Tailscale is ideal for managing distributed infrastructure without the complexity of traditional VPN setups or the limitations of cloud-specific solutions.</p>
<h2 id="quick-reference-commands">Quick Reference Commands<a class="headerlink" href="#quick-reference-commands" title="Permanent link">&para;</a></h2>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-31-1"><a id="__codelineno-31-1" name="__codelineno-31-1" href="#__codelineno-31-1"></a><span class="c1"># Check Tailscale status</span>
</span><span id="__span-31-2"><a id="__codelineno-31-2" name="__codelineno-31-2" href="#__codelineno-31-2"></a>tailscale<span class="w"> </span>status
</span><span id="__span-31-3"><a id="__codelineno-31-3" name="__codelineno-31-3" href="#__codelineno-31-3"></a>
</span><span id="__span-31-4"><a id="__codelineno-31-4" name="__codelineno-31-4" href="#__codelineno-31-4"></a><span class="c1"># Test Ansible connectivity</span>
</span><span id="__span-31-5"><a id="__codelineno-31-5" name="__codelineno-31-5" href="#__codelineno-31-5"></a>ansible<span class="w"> </span>all<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>-m<span class="w"> </span>ping
</span><span id="__span-31-6"><a id="__codelineno-31-6" name="__codelineno-31-6" href="#__codelineno-31-6"></a>
</span><span id="__span-31-7"><a id="__codelineno-31-7" name="__codelineno-31-7" href="#__codelineno-31-7"></a><span class="c1"># Run playbook on all hosts</span>
</span><span id="__span-31-8"><a id="__codelineno-31-8" name="__codelineno-31-8" href="#__codelineno-31-8"></a>ansible-playbook<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>playbook.yml
</span><span id="__span-31-9"><a id="__codelineno-31-9" name="__codelineno-31-9" href="#__codelineno-31-9"></a>
</span><span id="__span-31-10"><a id="__codelineno-31-10" name="__codelineno-31-10" href="#__codelineno-31-10"></a><span class="c1"># Run playbook on specific group</span>
</span><span id="__span-31-11"><a id="__codelineno-31-11" name="__codelineno-31-11" href="#__codelineno-31-11"></a>ansible-playbook<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>-l<span class="w"> </span>groupname<span class="w"> </span>playbook.yml
</span><span id="__span-31-12"><a id="__codelineno-31-12" name="__codelineno-31-12" href="#__codelineno-31-12"></a>
</span><span id="__span-31-13"><a id="__codelineno-31-13" name="__codelineno-31-13" href="#__codelineno-31-13"></a><span class="c1"># Run single command on all hosts</span>
</span><span id="__span-31-14"><a id="__codelineno-31-14" name="__codelineno-31-14" href="#__codelineno-31-14"></a>ansible<span class="w"> </span>all<span class="w"> </span>-i<span class="w"> </span>inventory.ini<span class="w"> </span>-m<span class="w"> </span><span class="nb">command</span><span class="w"> </span>-a<span class="w"> </span><span class="s2">&quot;uptime&quot;</span>
</span><span id="__span-31-15"><a id="__codelineno-31-15" name="__codelineno-31-15" href="#__codelineno-31-15"></a>
</span><span id="__span-31-16"><a id="__codelineno-31-16" name="__codelineno-31-16" href="#__codelineno-31-16"></a><span class="c1"># SSH to node via Tailscale</span>
</span><span id="__span-31-17"><a id="__codelineno-31-17" name="__codelineno-31-17" href="#__codelineno-31-17"></a>ssh<span class="w"> </span>username@100.x.x.x
</span></code></pre></div>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../" class="md-footer__link md-footer__link--prev" aria-label="Previous: Advanced Configurations">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg>
</div>
<div class="md-footer__title">
<span class="md-footer__direction">
Previous
</span>
<div class="md-ellipsis">
Advanced Configurations
</div>
</div>
</a>
<a href="../vscode-ssh/" class="md-footer__link md-footer__link--next" aria-label="Next: SSH + VScode">
<div class="md-footer__title">
<span class="md-footer__direction">
Next
</span>
<div class="md-ellipsis">
SSH + VScode
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2024 The Bunker Operations <a href="#__consent">Change cookie settings</a>
</div>
</div>
<div class="md-social">
<a href="https://gitea.bnkops.com/admin" target="_blank" rel="noopener" title="Gitea Repository" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M165.9 397.4c0 2-2.3 3.6-5.2 3.6-3.3.3-5.6-1.3-5.6-3.6 0-2 2.3-3.6 5.2-3.6 3-.3 5.6 1.3 5.6 3.6m-31.1-4.5c-.7 2 1.3 4.3 4.3 4.9 2.6 1 5.6 0 6.2-2s-1.3-4.3-4.3-5.2c-2.6-.7-5.5.3-6.2 2.3m44.2-1.7c-2.9.7-4.9 2.6-4.6 4.9.3 2 2.9 3.3 5.9 2.6 2.9-.7 4.9-2.6 4.6-4.6-.3-1.9-3-3.2-5.9-2.9M244.8 8C106.1 8 0 113.3 0 252c0 110.9 69.8 205.8 169.5 239.2 12.8 2.3 17.3-5.6 17.3-12.1 0-6.2-.3-40.4-.3-61.4 0 0-70 15-84.7-29.8 0 0-11.4-29.1-27.8-36.6 0 0-22.9-15.7 1.6-15.4 0 0 24.9 2 38.6 25.8 21.9 38.6 58.6 27.5 72.9 20.9 2.3-16 8.8-27.1 16-33.7-55.9-6.2-112.3-14.3-112.3-110.5 0-27.5 7.6-41.3 23.6-58.9-2.6-6.5-11.1-33.3 2.6-67.9 20.9-6.5 69 27 69 27 20-5.6 41.5-8.5 62.8-8.5s42.8 2.9 62.8 8.5c0 0 48.1-33.6 69-27 13.7 34.7 5.2 61.4 2.6 67.9 16 17.7 25.8 31.5 25.8 58.9 0 96.5-58.9 104.2-114.8 110.5 9.2 7.9 17 22.9 17 46.4 0 33.7-.3 75.4-.3 83.6 0 6.5 4.6 14.4 17.3 12.1C428.2 457.8 496 362.9 496 252 496 113.3 383.5 8 244.8 8M97.2 352.9c-1.3 1-1 3.3.7 5.2 1.6 1.6 3.9 2.3 5.2 1 1.3-1 1-3.3-.7-5.2-1.6-1.6-3.9-2.3-5.2-1m-10.8-8.1c-.7 1.3.3 2.9 2.3 3.9 1.6 1 3.6.7 4.3-.7.7-1.3-.3-2.9-2.3-3.9-2-.6-3.6-.3-4.3.7m32.4 35.6c-1.6 1.3-1 4.3 1.3 6.2 2.3 2.3 5.2 2.6 6.5 1 1.3-1.3.7-4.3-1.3-6.2-2.2-2.3-5.2-2.6-6.5-1m-11.4-14.7c-1.6 1-1.6 3.6 0 5.9s4.3 3.3 5.6 2.3c1.6-1.3 1.6-3.9 0-6.2-1.4-2.3-4-3.3-5.6-2"/></svg>
</a>
<a href="https://listmonk.bnkops.com/subscription/form" target="_blank" rel="noopener" title="Newsletter" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M498.1 5.6c10.1 7 15.4 19.1 13.5 31.2l-64 416c-1.5 9.7-7.4 18.2-16 23s-18.9 5.4-28 1.6L284 427.7l-68.5 74.1c-8.9 9.7-22.9 12.9-35.2 8.1S160 493.2 160 480v-83.6c0-4 1.5-7.8 4.2-10.8l167.6-182.8c5.8-6.3 5.6-16-.4-22s-15.7-6.4-22-.7L106 360.8l-88.3-44.2C7.1 311.3.3 300.7 0 288.9s5.9-22.8 16.1-28.7l448-256c10.7-6.1 23.9-5.5 34 1.4"/></svg>
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<div class="md-progress" data-md-component="progress" role="progressbar"></div>
<script id="__config" type="application/json">{"base": "../..", "features": ["announce.dismiss", "content.action.edit", "content.action.view", "content.code.annotate", "content.code.copy", "content.tooltips", "navigation.expand", "navigation.footer", "navigation.indexes", "navigation.instant", "navigation.instant.prefetch", "navigation.instant.progress", "navigation.path", "navigation.prune", "navigation.sections", "navigation.tabs", "navigation.tabs.sticky", "navigation.top", "navigation.tracking", "search.highlight", "search.share", "search.suggest", "toc.follow"], "search": "../../assets/javascripts/workers/search.d50fe291.min.js", "tags": null, "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": null}</script>
<script src="../../assets/javascripts/bundle.56ea9cef.min.js"></script>
<script src="../../javascripts/home.js"></script>
<script src="../../javascripts/github-widget.js"></script>
<script src="../../javascripts/gitea-widget.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink