3.1 KiB
Purpose: privacyIDEA is a modular authentication system. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication.
!!! info "Assumptions" It is assumed you have a provisioned virtual machine / physical machine, running Ubuntu Server 22.04 to deploy a privacyIDEA server.
Add Server to Inventory and Pull Inventory/Playbook Updates from Gitea
You need to target the new server using a template in AWX (preferrably).
- We will assume the FQDN of the server is
auth.bunny-lab.ioor justauth - Be sure to add the host into the AWX Homelab Inventory File
- Update / Sync the "Bunny-Lab" project in AWX (Resources > Projects > Bunny-Lab > Sync)
- Update / Sync the git.bunny-lab.io Inventory Source (Resources > Inventories > Homelab > Sources > git.bunny-lab.io > Sync)
Create a Template
Next, you want to make a template to automate the deployment of privacyIDEA on any servers that are members of the [privacyideaServers] inventory host group. This is useful for development / testing, as well as rapid re-deployment / scaling.
- Navigate to Resources > Templates > Add
| Field | Value |
|---|---|
| Template Name | Deploy PrivacyIDEA Server |
| Description | Ubuntu Server 22.04 Required |
| Project | Bunny-Lab (Click the Magnifying Lens) |
| Inventory | Homelab |
| Playbook | playbooks/Linux/Deployments/privacyIDEA.yml |
| Execution Environment | AWX EE (latest) (Click the Magnifying Lens) |
| Credentials | SSH: (LINUX) nicole |
Options:
- Privilege Escalation: Checked
- Enable Fact Storage: Checked
Launch the Template
Now we need to launch the template. Assuming all of the above was completed, we can now deploy the playbook/template against the Ubuntu Server via SSH.
- Launch the Template (Rocket Button)
- As the template runs, you will see deployment progress output on the screen
!!! success
You will know if everything was successful if you see something that looks like the following:
sh ok: [auth] TASK [Install wget and software-properties-common] ***************************** ok: [auth] TASK [Download PrivacyIDEA signing key] **************************************** changed: [auth] TASK [Add signing key for Ubuntu 22.04LTS] ************************************* changed: [auth] TASK [Add PrivacyIDEA repository] ********************************************** changed: [auth] TASK [Update apt cache] ******************************************************** changed: [auth] TASK [Install PrivacyIDEA with Apache2] **************************************** changed: [auth] PLAY RECAP *********************************************************************auth : ok=7 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0