Ansible 101: Beyond “Hello World”

Most Ansible tutorials stop at printing “Hello World.” That’s like learning to drive in a parking lot—it doesn’t prepare you for the road.

Today, we’ll write a real, useful playbook that you could use in production.

What We’ll Build

A playbook that:

  1. Updates system packages
  2. Installs essential tools
  3. Configures basic security
  4. Sets up a non-root user with SSH access

The Playbook

Create first-playbook.yml:

---
- name: Initialize new server
  hosts: all
  become: yes
  vars:
    admin_user: "ibdaaadmin"
    admin_ssh_key: "{{ lookup('file', '~/.ssh/id_ed25519.pub') }}"
  
  tasks:
    - name: Update apt cache
      apt:
        update_cache: yes
        cache_valid_time: 3600
    
    - name: Install essential packages
      apt:
        name:
          - curl
          - git
          - htop
          - tmux
          - vim
        state: present
    
    - name: Create admin user
      user:
        name: "{{ admin_user }}"
        groups: sudo
        append: yes
        shell: /bin/bash
        create_home: yes
    
    - name: Add SSH key for admin
      authorized_key:
        user: "{{ admin_user }}"
        key: "{{ admin_ssh_key }}"
    
    - name: Disable root SSH login
      lineinfile:
        path: /etc/ssh/sshd_config
        regexp: '^PermitRootLogin'
        line: 'PermitRootLogin no'
      notify: restart ssh
    
    - name: Enable firewall
      ufw:
        state: enabled
        policy: deny
        direction: incoming
    
    - name: Allow SSH
      ufw:
        rule: allow
        port: '22'
        proto: tcp
  
  handlers:
    - name: restart ssh
      service:
        name: sshd
        state: restarted