From 5767c8e6404c0c5e04c99c4519583e6c46677fb4 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Fri, 26 Jan 2024 00:46:46 -0700 Subject: [PATCH] Add Configs & Servers/Linux/privacyIDEA.md --- Configs & Servers/Linux/privacyIDEA.md | 53 ++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 Configs & Servers/Linux/privacyIDEA.md diff --git a/Configs & Servers/Linux/privacyIDEA.md b/Configs & Servers/Linux/privacyIDEA.md new file mode 100644 index 0000000..9fc0323 --- /dev/null +++ b/Configs & Servers/Linux/privacyIDEA.md @@ -0,0 +1,53 @@ +**Purpose**: privacyIDEA is a modular authentication system. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication. + +!!! info "Assumptions" + It is assumed you have a provisioned virtual machine / physical machine, running Ubuntu Server 22.04 to deploy a privacyIDEA server. + +## Add Server to Inventory and Pull Inventory/Playbook Updates from Gitea +You need to target the new server using a template in AWX (preferrably). +- We will assume the FQDN of the server is `auth.bunny-lab.io` or just `auth` +- Be sure to add the host into the [AWX Homelab Inventory File](https://git.bunny-lab.io/GitOps/awx.bunny-lab.io/src/branch/main/inventories/homelab.ini) +- Update / Sync the "**Bunny-Lab**" project in AWX ([Resources > Projects > Bunny-Lab > Sync](https://awx.bunny-lab.io/#/projects/8/details)) +- Update / Sync the git.bunny-lab.io Inventory Source ([Resources > Inventories > Homelab > Sources > git.bunny-lab.io > Sync](https://awx.bunny-lab.io/#/inventories/inventory/2/sources/9/details)) + +## Create a template +Next, you want to make a template to automate the deployment of privacyIDEA on any servers that are members of the `[privacyideaServers]` inventory host group. This is useful for development / testing, as well as rapid re-deployment / scaling. +- Navigate to **Resources > Templates > Add** + +| **Field** | **Value** | +| :--- | :--- | +| Template Name | `Deploy PrivacyIDEA Server` | +| Description | `Ubuntu Server 22.04 Required` | +| Project | `Bunny-Lab` *(Click the Magnifying Lens)* | +| Inventory | `Homelab` | +| Playbook | `playbooks/Linux/Deployments/privacyIDEA.yml` | +| Execution Environment | `AWX EE (latest)` *(Click the Magnifying Lens)* | +| Credentials | `SSH: (LINUX) nicole` | + +**Options**: +- [X] Privilege Escalation: Checked +- [X] Enable Fact Storage: Checked + +## Launch the Template +Now we need to launch the template. Assuming all of the above was completed, we can now deploy the playbook/template against the Ubuntu Server via SSH. +- Launch the Template (Rocket Button) +- As the template runs, you will see deployment progress output on the screen + +!!! success + You will know if everything was successful if you see something that looks like the following: + ``` sh + ok: [auth] + TASK [Install wget and software-properties-common] ***************************** + ok: [auth] + TASK [Download PrivacyIDEA signing key] **************************************** + changed: [auth] + TASK [Add signing key for Ubuntu 22.04LTS] ************************************* + changed: [auth] + TASK [Add PrivacyIDEA repository] ********************************************** + changed: [auth] + TASK [Update apt cache] ******************************************************** + changed: [auth] + TASK [Install PrivacyIDEA with Apache2] **************************************** + changed: [auth] + PLAY RECAP *********************************************************************auth : ok=7 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 + ``` \ No newline at end of file