Help us understand the problem. What is going on with this article?

FreeBSDな人がDebianを使う

More than 1 year has passed since last update.

ずっと、FreeBSD使ってきたけど、なにかとFreeBSDで動かないものとか多くていまいちなので、
FreeBSD使ってきた人がDebian使い始めるmemo

と、言っても事の発端はAnsibleでZABBIX4構築するためなので、初期設定もAnsible使ってみました。

Ansibleの導入

標準だとAnsibleのバージョンが古いため、Ubuntu PPAで配布されているものを利用します。
(参照:https://docs.ansible.com/ansible/2.5/installation_guide/intro_installation.html#latest-releases-via-apt-debian)

/etc/apt/sources.list
deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main
# apt update
# apt install dirmngr
# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
# apt install ansible

Playbookの作成

AnsibleのPlaybookを作ります。

setup.yml
---
- hosts: localhost
  user: root
  vars:
    admin_name: USER
    admin_password: PASSWORD
    admin_public_key_path: ~/.ssh/id_rsa.pub
  tasks:
    - name: set timezone to Asia/Tokyo
      timezone:
        name: Asia/Tokyo

    - name: Install sudo
      apt:
        name: sudo

    - name: Install ufw
      apt:
        name: ufw

    - name: Deny everything and enable UFW
      ufw:
        state: enabled
        policy: deny

    - name: Set logging
      ufw:
        logging: on

    - name: Accept SSHd
      ufw:
        rule: limit
        port: ssh
        proto: tcp

    - name: disallow root SSH access
      lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: "^PermitRootLogin "
        insertafter: "^#PermitRootLogin"
        line: "PermitRootLogin no"
        state: present

    - name: disallow password authentication
      lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: "^PasswordAuthentication "
        insertafter: "^#PasswordAuthentication "
        line: "PasswordAuthentication no"
        state: present

    - name: Add a new user
      user: name={{admin_name}} password={{ admin_password }} state=present group=sudo

    - name: resister a public key
      authorized_key:
        user={{ admin_name }}
        key="{{ lookup('file', '/root/.ssh/authorized_keys') }}"

    - name: restart sshd
      service: name=sshd state=restarted

Playbookの適用

localhostの後のカンマがミソらしい

#  ansible-playbook -i localhost, -c local setup.yml

細かいところ

そのうち、Ansibleにまとめます。

コマンド履歴の前方一致

FreeBSDだと、過去に入力したコマンドの一部を入力し、上カーソルを押すと、
前方一致で履歴表示するけど、Debianはそうもいかない。

ホームディレクトリの.inputrcに次の設定を入れると同じようになる。

~/.inputrc
"\e[A":history-search-backward
"\e[B":history-search-forward

ll が使えるようにする

~/.bash_profile
alias ll='ls -l --color=auto'

外にメールを投げられるようにする

FreeBSDだとSendmailが入ってて、SmartHostを設定すれば、sendmailコマンドから
メールが投げられるけど、Debianだとそういうの無いみたいで、ssmtpを使うといいっぽい

# apt get install ssmtp

手元の環境では、認証必要ないSMTPサーバがいるのでこんな感じ

/etc/ssmtp/ssmtp.conf
mailhub=RelayHost:25
hostname=ThisHostName
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした