GitPedia

Ansible debian bootstrap

Ansible bootstrap role for Debian/Devuan/Ubuntu/Raspbian servers

From HanXHX·Updated June 16, 2026·View on GitHub·

Ansible Debian/Devuan/Ubuntu/Raspbian bootstrap ==================================================== The project is written primarily in Jinja, distributed under the GNU General Public License v2.0 license, first published in 2015. Key topics include: ansible, ansible-role, ansible-roles, debian, devuan.

Latest release: 2.1.0
May 30, 2023View Changelog →

Ansible Debian/Devuan/Ubuntu/Raspbian bootstrap

Ansible Galaxy GitHub Workflow Status (with branch)

This role bootstraps Debian/Devuan/Ubuntu/Raspbian hosts:

  • Configure APT (sources.list)
  • Install minimal packages (vim, htop...)
  • Install Intel/AMD microcode if needed
  • Install and configure NTP daemon (OpenNTPd or NTP)
  • Add groups, users with SSH key, sudoers
  • Deploy bashrc, vimrc for root
  • Update few alternatives
  • Configure system: hostname, timezone and locale
  • Purge, delete and avoid systemd if wanted
  • Sysctl tuning

Supported versions

OSWorkingStable (active support)
Debian Stretch (9)YesNo
Debian Buster (10)YesYes
Debian Bullseye (11)YesYes
Debian Bookworm (12)YesYes
Devuan Ascii (2)YesNo
Raspbian Stretch (9)ExperimentalNo
Raspbian Buster (10)ExperimentalNo
Raspbian Bullseye (11)ExperimentalNo
Ubuntu Bionic (18.04)YesNo
Ubuntu Focal (20.04)ExperimentalNo
Ubuntu Jammy (22.04)ExperimentalNo

Requirements

Role Variables

APT configuration

Theses variables define hostname to configure APT (normal repo and backports):

  • dbs_apt_default_host: repository host. It can replace the last one (installed with this role) with a new one
  • dbs_apt_use_src: install "deb-src" repositories (default: false)
  • dbs_apt_components: components uses in sources.list (default: "main contrib non-free non-free-firmware")

Role setup

  • dbs_set_hostname: if true, change hostname
  • dbs_clean_hosts: if true, manages /etc/hosts file
  • dbs_set_locale: if true, configure locales
  • dbs_set_timezone: if true, set timezone
  • dbs_set_ntp: if true, install and configure OpenNTPd
  • dbs_set_apt: if true, configure APT repository

System configuration

  • dbs_hostname: system hostname
  • dbs_hostname_use_strategy: strategy used to set hostname check "use" in hostname module. You should update this var only if hostname fails (in LXC for example).
  • dbs_default_locale: default system locale
  • dbs_locales: list of installed locales
  • dbs_timezone: system timezone. If you need a "standard" timezone like UTC, you must use prefix "Etc/" (ex: "Etc/UTC")
  • dbs_sysctl_config: hash of kernel parameters, see: default/main.yml
  • dbs_use_systemd: delete systemd if set to false (persistent)
  • dbs_use_dotfiles: overwrite root dotfiles (bashrc, screenrc, vimrc)
  • dbs_uninstall_packages: packages list to uninstall

Alternatives

  • dbs_alternative_editor
  • dbs_alternative_awk

NTPd

  • dbs_ntp_hosts: hostnames NTP server list
  • dbs_ntp_pkg: package used to provide NTP: "openntpd" or "ntp"

Group

  • dbs_groups: list of group

Each row have few keys:

  • name: (M) username on system
  • system: (O) yes/no (default: no)
  • state: (O) present/absent (default: present)

(M) Mandatory
(O) Optionnal

User

  • dbs_users: list of user

Each row have few keys:

  • name: (M) username on system
  • password: (O) password with hash format (see ansible doc)
  • clear_password: (O) password as clear format (not recommanded)
  • update_password: (O) always / on_create
  • shell: (O) default is /bin/bash
  • comment: (O) default is an empty string
  • sudo: (O) boolean (true = can sudo)
  • group: (O) main group (default is name without password)
  • groups: (O) comma separated list of groups
  • createhome: (O) yes/no
  • system: (O) yes/no (default: no)
  • ssh_keys: (O) ssh public keys list
  • state: (O) present/absent (default: present)

(M) Mandatory
(O) Optionnal

Notes:

  • if password is specified, clear_password is not used!
  • clear_password is not idempotent with update_password = always (default)

For more information, look ansible user module doc.

Readonly vars

  • dbs_packages: list of packages to install
  • dbs_microcode_apt_distribution: location of package to install microcode
  • dbs_distro_packages: list specific package to install (related to OS version)
  • dbs_is_docker: boolean. Is true if current is a docker container

Dependencies

None.

Example Playbook

- hosts: servers
  roles:
     - { role: HanXHX.debian_bootstrap }

About Docker

Due to Docker limitations, theses features are disabled:

  • Removing systemd
  • Setting hostname
  • Configure sysctl

How to develop and test this role

Vagrant way

Install vagrant + virtualbox or docker

commandline
vagrant up debian-bullseye # with virtualbox
vagrant up docker-debian-bullseye # with docker

Molecule way

Install:

commandline
pip install molecule molecule[docker]

Run:

commandline
molecule -vv -c molecule/_shared/base.yml converge -s ubuntu-22.04

License

GPLv2

Donation

If this code helped you, or if you’ve used them for your projects, feel free to buy me some :beers:

  • Bitcoin: 1BQwhBeszzWbUTyK4aUyq3SRg7rBSHcEQn
  • Ethereum: 0x63abe6b2648fd892816d87a31e3d9d4365a737b5
  • Litecoin: LeNDw34zQLX84VvhCGADNvHMEgb5QyFXyD
  • Monero: 45wbf7VdQAZS5EWUrPhen7Wo4hy7Pa7c7ZBdaWQSRowtd3CZ5vpVw5nTPphTuqVQrnYZC72FXDYyfP31uJmfSQ6qRXFy3bQ

No crypto-currency? :star: the project is also a way of saying thank you! :sunglasses:

Author Information

Contributors

Showing top 2 contributors by commit count.

HanXHX

HanXHX

154 commits

robellegate

robellegate

4 commits

View all contributors on GitHub →

This article is auto-generated from HanXHX/ansible-debian-bootstrap via the GitHub API.Last fetched: 6/22/2026