Configures vanilla RHEL system to be lightweight and bulletproof seedbox running rTorrent and ruTorrent. It aims to be secure (SELinux, SSL, Fail2Ban enabled) and creates very few logs (zero footprint).
- It is expected, that you have a brand new RHEL system and have Ansible access sorted out - including working
sudo. You can use my role luckylittle/ansible-role-create-user for passwordless SSH access and sudo.
defaults/main.yml:
set_timezone- change the time zone of the serverset_google_dns- iftrue, it will add Google DNS to the primary interfaceepel_dl- URL of the EPEL RPMxmlrpc_dl- URL of the XMLRPClibtorrent_dl- URL of the libtorrentrtorrent_dl- URL of the rtorrentrtorrent_port- what port should rtorrent listen onrt_memory_max_set- how much memory should rTorrent use by default. It is using 75% of your total memory by default.ftp_port- what port should vsftpd listen onpasv_port_range- what port range should be used for FTP PASVsingle_user- whentrueonly one FTP user will be used and it is the same username who runs this playbook. Whenfalse, this file is usedrutorrent_dl- URL of the ruTorrenthttps_port- what port should rutorrent listen onhtpasswd- HTTP basic password to log in to ruTorrent interfacefail2ban_ignore_ipv4- what IPv4 address should be excluded from being banned by Fail2Banrequire_reboot- does the machine require reboot after the playbook is finished
Note: Lot of the tasks rely on remote_user / ansible_user variable (user who logs in to the remote machine via Ansible). For example, it creates directory structure under that user.
None
echo 'password1' > password
ansible-playbook -i inventory --vault-password-file=password site.yml
[seedbox]
123.124.125.126---
- hosts: seedbox
remote_user: redhat
roles:
- ansible-role-zero-footprint-ruT-seedboxOn a brand new RHEL8.6, 1x vCPU, 4GB RAM playbook took 18m 32s to finish.
MIT
Lucian Maly <lmaly@redhat.com>