• Install Ansible 2.7.5 or newer (e.g. pip install --user -r requirements.txt).

• Check do1.yml/ar1.yml and change the variables to your need.

Launch / destroy a Debian 8.11 x64 droplet on Digital Ocean.

$ ansible-playbook launch-DO.yml

This Playbook will:

• replace systemd with sysvinit
• change SSH port 22 -> 2222 (set in do1.yml & hosts.ini)
• configure swap file
• install openntpd
• configure sshd (PasswordAuthentication=no etc.)
• configure sudoers
• trim packages (leave only the needed ones)
• add 3rd-party repos for LEMP stack (Nginx, PHP5.6-7.3, MariaDB 10.x)
• install the EMP parts (nginx, mysqld, php-fpm)

See install and run example: doc/do1-log.md

Note: your API key should be in the file referenced by do_api_token in do1.yml.

Re-launch a Debian 8.11 x64 "Smart" VM on Aruba Cloud. Configuration is very much alike the one above.

Note:

• "Smart" VMs are billed monthly - you do not want them killed and re-created without second thought, and if you pay for them 1Euro/mo you likely don't want them deleted at all ;)

• put your username & password in a file like doc/aruba-secrets.ini

• listsrv-A.yml lets you check ArubaCloud server status, queued task and its progress.

• "Smart server" has Swap space pre-allocated as LVMs LV. We reclaim this space

launch-DO - If SSH key is not registered on DO this playbook will fail (FIXME).

The launch-DO.yml playbook was not "idempotent" - on the second attempt it failed on prohibited root-login. (AllowGroups sudo) - sshd_config loosened a bit (AllowGroups line commented out, RootLogin enabled) until better solution is found.

If playbook failed on timeout you may restart it but do not use launch.retry (may need dynamic inventory - FIXME). Re-running from the start is the only option now. There's very little time lost in case of launch-DO in that case, relaunch-A is a different story ;)

Checked with Ansible 2.7 from PPA & 2.8dev0 on Ubuntu 18.04/18.10 with Python 2.7 Last update Dec 27, 2018.