Setting Up Your Odroid-C1 Easily with Ansible

I’ve been toying around with a pair of Odroid-C1’s lately, and it’s always a pain to have to go through setting them up. I’m used to the tools I have at work that allow me to provision/configure multiple hosts as once, one of them being a variant of Ansible. So why not take the same approach to home deployments?

I’ll run you through my initial playbook that I’ve run on my Odroids to set them up. Hopefully this will help take the pain out of what you do. And before I go any further, I want to give a shout out to ThorneLabs, whose post was the inspiration for me writing this.

Installing and Setting Up Your Ansible Environment

I’m using OS X as my primary OS at work/home. So from here on out, you may notice OS X-centric commands (e.g., anything using Hombrew). I’ll do my best to point those out when they pop up.

To start, you’ll need to install Ansible. For OS X, simply type:

1
brew install ansible

For other OS’s (e.g., Linux desktops), you’ll want to use the following:

1
sudo pip install ansible

Then, you’ll need to get a working directory up and running. Here’s what mine looks like:

1
2
3
4
5
6
tools/ansible - [master] » tree .
.
├── inventory
│   └── hosts
└── playbooks
    └── odroidSetup.yml

You can do something similar if you’d like. Keep in mind, that this is being done locally and not on your odroid.

Once you’ve set up your working directory, you’ll need to set up your hosts file for Ansible. Keep in mind, this is going to be different than /etc/hosts. Your Ansible hosts file will contain your device(s) and will look something like this:

1
2
3
4
5
6
7
8
9
10
11
ansible/inventory - [master] » cat hosts
[odroids-local]
od1.example.com ansible_ssh_host=192.168.1.2
od2.example.com ansible_ssh_host=192.168.1.3

[webservers]
web1.example.com
web2.example.com

[dbservers]

One thing to note here, you’ll need an IP (i.e., the ansible_ssh_host line) if your Odroid’s name isn’t resolvable through DNS. Cool, so now that we’ve got our environment set up, you’ll need a playbook.

Writing Your Ansible Playbook

Let’s take a look at the playbook:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
---
- name: Initial Odroid Setup
  hosts: odroids-local
  user: root
  vars:
    - root_password: 'HASHED ROOT PASSWORD HERE'
    - <YOUR USER>_password: 'USER PASSSWORD HERE'

  tasks:
  - name: Change root password
    user:
      name=root
      password=

  - name: Add user <YOUR USER>
    user:
      name=<YOUR USER>
      password=
      comment="<YOUR USER'S REAL NAME>"
      state=present
      shell=/bin/bash

  - name: Add SSH public key to user <YOUR USER>
    authorized_key:
      user=<YOUR USER>
      key=""

  - name: Add user <YOUR USER> to sudoers
    lineinfile:
      "dest=/etc/sudoers
      regexp='^<YOUR USER> ALL'
      line='<YOUR USER> ALL=(ALL) NOPASSWD: ALL'
      state=present"

  - name: Disallow root SSH access
    lineinfile:
      dest=/etc/ssh/sshd_config
      regexp="^PermitRootLogin"
      line="PermitRootLogin no"
      state=present
    notify:
      - restart sshd

  - name: Disallow SSH GSS API authentication
    lineinfile:
      dest=/etc/ssh/sshd_config
      regexp="^GSSAPIAuthentication"
      line="GSSAPIAuthentication no"
      state=present
    notify:
      - restart sshd

  - name: Run apt-get update & upgrade
    apt: update_cache=yes upgrade=dist

  - name: Install Packages
    apt: name= state=latest
    with_items:
         - vim
         - git
         - nginx

  handlers:
  - name: restart sshd
    service:
      name=sshd
      state=restarted

Even if you’ve not touched Ansible before, it’s going to be pretty quick to pick up. As a note, Ansible uses YAML for it’s files, and YAML’s a bit particular about spacing. So when you write this, do your best to keep your spacing correct. If you need/want to understand more about spacing, head over to Ansible’s documentation on YAML, which does an excellent job on explaining how to space things out.

Let’s go over a few things you’ll want to change in your version of the playbook:

  1. Make sure to change the user specification. I know, but I’m not taking anything for granted here.
  2. Make sure that you set up hashed passwords. I can’t stress this enough. If you need to know how, take a gander:

    1
     openssl passwd -1 "YOUR/ROOT HASHED PASSWORD"
    

Once you’ve changed the user and the password hashes, you should be good to go, so let’s run this puppy!

1
 ansible-playbook -i inventory/hosts playbooks/odroidSetup.yml --private-key ~/.ssh/id_rsa

You should then be able to log in with your new user and su to root with the hashed password.

Give it a shot, and let me know if you have any questions!

Cheers,

Aaron

Aaron Sachs

Aaron Sachs
Linux geek, small-time brewer, banjo player, and incessantly curious dude.

Moving (Back) To Linux

I'm a bit of a productivity nerd, I'll admit. Over the last couple of years, I've cultivated a workflow that revolved around a lot of OS ...… Continue reading

My Workspace

Published on December 09, 2016

It Came From the Night Shift

Published on November 29, 2016