{"id":507,"date":"2022-10-11T05:21:14","date_gmt":"2023-04-22T20:33:44","guid":{"rendered":"https:\/\/www.silicloud.com\/ja\/blog\/index.php\/2023\/11\/30\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/"},"modified":"2025-08-01T00:07:36","modified_gmt":"2025-07-31T15:07:36","slug":"ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/","title":{"rendered":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5"},"content":{"rendered":"<p>\u8457\u8005\u306f\u3001Write for Donations\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u4e00\u74b0\u3068\u3057\u3066\u3001\u5bc4\u4ed8\u3092\u53d7\u3051\u308b\u305f\u3081\u306b\u30d5\u30ea\u30fc\uff06\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u57fa\u91d1\u3092\u9078\u3073\u307e\u3057\u305f\u3002<\/p>\n<h3>\u30a4\u30f3\u30c8\u30ed\u30c0\u30af\u30b7\u30e7\u30f3<\/h3>\n<p>Ansible\u306f\u3001\u30b5\u30fc\u30d0\u30fc\u3084\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30d7\u30ed\u30d3\u30b8\u30e7\u30cb\u30f3\u30b0\u3001\u8a2d\u5b9a\u7ba1\u7406\u3001\u5c55\u958b\u3092\u81ea\u52d5\u5316\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u308b\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30c4\u30fc\u30eb\u3067\u3059\u3002Ansible\u3092\u4f7f\u7528\u3059\u308b\u3068\u30011\u3064\u4ee5\u4e0a\u306e\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u30bf\u30b9\u30af\u3092\u81ea\u52d5\u5316\u3057\u305f\u308a\u3001\u8907\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u5206\u6563\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3057\u305f\u308a\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u30de\u30eb\u30c1\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3067\u306f\u3001\u5404\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u5b8c\u4e86\u3059\u308b\u306e\u306b\u6642\u9593\u304c\u304b\u304b\u308b\u3053\u3068\u304c\u3042\u308a\u307e\u3059\u304c\u3001Ansible\u3092\u4f7f\u7528\u3059\u308b\u3068\u81ea\u52d5\u5316\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3067\u30d7\u30ed\u30bb\u30b9\u3092\u30b9\u30d4\u30fc\u30c7\u30a3\u306b\u9032\u3081\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>Ansible\u306f\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u30ec\u30b9\u306a\u306e\u3067\u3001Ansible\u3092\u5b9f\u884c\u3059\u308b\u305f\u3081\u306b\u30b5\u30fc\u30d0\u30fc\u306b\u4efb\u610f\u306eAnsible\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u5fc5\u8981\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u3053\u308c\u3089\u306e\u30b5\u30fc\u30d0\u30fc\u306fAnsible\u30db\u30b9\u30c8\u3067\u3042\u308a\u3001Python 3\u3068OpenSSH\u304c\u4e8b\u524d\u306bUbuntu 22.04\u3068\u3059\u3079\u3066\u306eLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30ce\u30fc\u30c9\u306f\u81ea\u52d5\u5316\u3092\u958b\u59cb\u3059\u308b\u30de\u30b7\u30f3\u3067\u3042\u308a\u3001\u4e92\u63db\u6027\u306e\u3042\u308bUnix\u7cfb\u30aa\u30da\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u30b7\u30b9\u30c6\u30e0\u307e\u305f\u306fWindows\uff08Windows Subsystem for Linux\uff08WSL\uff09\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u5834\u5408\uff09\u3092\u5b9f\u884c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3067\u306f\u3001Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u8a2d\u5b9a\u3092\u81ea\u52d5\u5316\u3057\u307e\u3059\u3002\u3059\u3079\u3066\u306e\u30b5\u30fc\u30d0\u30fc\u3067\u6b21\u306e\u521d\u671f\u8a2d\u5b9a\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<ul class=\"post-ul\">\n<li>Updating installed packages<\/li>\n<li>Adding a non-root user with admin privileges<\/li>\n<li>Enabling SSH access for that non-root user<\/li>\n<li>Enabling the firewall<\/li>\n<li>Changing the port for SSH access and using the firewall to protect against brute-force attacks and boost the overall security of the servers<\/li>\n<li>Disabling remote login for the root account<\/li>\n<li>Making sure critical services are active<\/li>\n<li>Removing package dependencies that are no longer required<\/li>\n<\/ul>\n<p>ansible\u3092\u4f7f\u7528\u3057\u3066\u5404\u30bf\u30b9\u30af\u3092\u5b9a\u7fa9\u3059\u308b\u5305\u62ec\u7684\u306a\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u305f\u3081\u3001\u500b\u3005\u306e\u30b5\u30fc\u30d0\u306b\u500b\u5225\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u5fc5\u8981\u306a\u304f\u3001\u3053\u308c\u3089\u306e\u30bf\u30b9\u30af\u306f\u5358\u4e00\u306e\u30b3\u30de\u30f3\u30c9\u3067\u5b8c\u4e86\u3055\u308c\u307e\u3059\u3002\u6700\u521d\u306e\u30b5\u30fc\u30d0\u30fc\u8a2d\u5b9a\u5f8c\u3001\u30aa\u30d7\u30b7\u30e7\u30f3\u306e2\u6b21\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u3066\u30b5\u30fc\u30d0\u30fc\u7ba1\u7406\u3092\u81ea\u52d5\u5316\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002<\/p>\n<h2>\u524d\u63d0\u6761\u4ef6<\/h2>\n<p>\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3092\u5b8c\u4e86\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u5fc5\u8981\u3067\u3059\uff1a<\/p>\n<ul class=\"post-ul\">\n<li>Ansible installed on a machine that will act as your control node, which can be your local machine or a remote Linux server. To install Ansible, follow Step 1 of How To Install and Configure Ansible on Ubuntu 22.04, and you can refer to the official Ansible installation guide as needed for other operating systems.If your control node is a remote Ubuntu 22.04 server, be sure to set it up using the Initial Server Setup and create its SSH key pair as well.<br \/>\nGit installed on the control node. Follow the How To Install Git tutorials for popular Linux distributions.<br \/>\n(Optional) In Step 5, you will use Ansible Vault to create an encrypted password file for your hosts\u2019 users. Ansible Vault uses vi as its default editor. If your control node is a Linux machine and you prefer using nano, use the section on Setting the Ansible Vault Editor in the How To Use Ansible Vault tutorial to change the text editor linked to the EDITOR environment shell variable. This tutorial will use nano as the editor for Ansible Vault.<\/li>\n<li>Two or more Ubuntu 22.04 servers and the public IPv4 address of each server. No prior setup is required as you\u2019ll use Ansible to automate setup in Step 5, but you must have SSH access to these servers from the Ansible control node mentioned above. If you are using Silicon Cloud vServers, you\u2019ll find the IPv4 address in each server\u2019s Public Network section of the Networking tab in your dashboard.If your control node is a remote Ubuntu 22.04 server, be sure to use ssh-copy-id to connect the key pair to the hosts.<\/li>\n<\/ul>\n<h2>\u30b9\u30c6\u30c3\u30d71 &#8211; \u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30ce\u30fc\u30c9\u4e0a\u306eSSH\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u5909\u66f4<\/h2>\n<p>\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001\u5236\u5fa1\u30ce\u30fc\u30c9\u306eSSH\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u6307\u793a\u3092\u5909\u66f4\u3057\u307e\u3059\u3002\u3053\u306e\u5909\u66f4\u3092\u884c\u3046\u3068\u3001\u30ea\u30e2\u30fc\u30c8\u30de\u30b7\u30f3\u306eSSH\u30ad\u30fc\u306e\u6307\u7d0b\u3092\u53d7\u3051\u5165\u308c\u308b\u3088\u3046\u306b\u30d7\u30ed\u30f3\u30d7\u30c8\u304c\u8868\u793a\u3055\u308c\u306a\u304f\u306a\u308a\u307e\u3059\u3002\u5404\u30ea\u30e2\u30fc\u30c8\u30de\u30b7\u30f3\u306eSSH\u30ad\u30fc\u306e\u6307\u7d0b\u3092\u624b\u52d5\u3067\u53d7\u3051\u5165\u308c\u308b\u306e\u306f\u624b\u9593\u304c\u304b\u304b\u308b\u305f\u3081\u3001\u3053\u306e\u5909\u66f4\u306b\u3088\u308a\u3001\u8907\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u8a2d\u5b9a\u3092\u81ea\u52d5\u5316\u3059\u308b\u969b\u306e\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u306e\u554f\u984c\u304c\u89e3\u6c7a\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>Ansible\u306eknown_hosts\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u3001\u5358\u4e00\u306e\u30db\u30b9\u30c8\u306eSSH\u30ad\u30fc\u306e\u6307\u7d0b\u3092\u81ea\u52d5\u7684\u306b\u53d7\u3051\u5165\u308c\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u304c\u3001\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3067\u306f\u8907\u6570\u306e\u30db\u30b9\u30c8\u3092\u6271\u3063\u3066\u3044\u308b\u305f\u3081\u3001\u5236\u5fa1\u30ce\u30fc\u30c9\uff08\u901a\u5e38\u306f\u30ed\u30fc\u30ab\u30eb\u30de\u30b7\u30f3\uff09\u306eSSH\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u5909\u66f4\u3059\u308b\u65b9\u304c\u52b9\u679c\u7684\u3067\u3059\u3002<\/p>\n<p>\u6700\u521d\u306b\u3001\u5236\u5fa1\u30ce\u30fc\u30c9\u3067\u7aef\u672b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u8d77\u52d5\u3057\u3001nano\u3042\u308b\u3044\u306f\u304a\u6c17\u306b\u5165\u308a\u306e\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3092\u4f7f\u7528\u3057\u3066\u3001SSH\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u958b\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">sudo<\/span> <span class=\"token function\">nano<\/span> \/etc\/ssh\/ssh_config<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>StrictHostKeyChecking\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u884c\u3092\u898b\u3064\u3051\u3066\u3001\u30b3\u30e1\u30f3\u30c8\u3092\u89e3\u9664\u3057\u3001\u5024\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u5909\u66f4\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<div>\u4ee5\u4e0b\u306e\u6587\u3092\u65e5\u672c\u8a9e\u3067\u81ea\u7136\u306a\u8868\u73fe\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u30021\u3064\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u63d0\u4f9b\u3067\u5341\u5206\u3067\u3059\uff1a<br \/>\n\/etc\/ssh\/ssh_config\u2192 SSH\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3067\u3042\u308b\u3001\/etc\/ssh\/ssh_config<\/p>\n<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">..<\/span>.\r\n   StrictHostKeyChecking <mark>accept-new<\/mark>\r\n<span class=\"token punctuation\">..<\/span>.\r\n<\/code><\/pre>\n<p>\u30d5\u30a1\u30a4\u30eb\u3092\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002SSH\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u307f\u3092\u5909\u66f4\u3057\u305f\u305f\u3081\u3001SSH\u30c7\u30fc\u30e2\u30f3\u3092\u518d\u8aad\u307f\u8fbc\u307f\u3084\u518d\u8d77\u52d5\u3059\u308b\u5fc5\u8981\u306f\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u3082\u3057StrictHostKeyChecking\u306e\u5024\u3092\u6c38\u4e45\u7684\u306bask\u304b\u3089accept-new\u306b\u5909\u66f4\u3057\u305f\u304f\u306a\u3044\u5834\u5408\u306f\u3001\u30b9\u30c6\u30c3\u30d77\u3067\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u305f\u5f8c\u306b\u30c7\u30d5\u30a9\u30eb\u30c8\u306b\u623b\u3059\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u5024\u3092\u5909\u66f4\u3059\u308b\u3068\u3001\u30b7\u30b9\u30c6\u30e0\u304c\u81ea\u52d5\u7684\u306bSSH\u30ad\u30fc\u306e\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u3092\u53d7\u3051\u5165\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u304c\u3001\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u304c\u5909\u66f4\u3055\u308c\u308b\u3068\u3001\u540c\u3058\u30db\u30b9\u30c8\u304b\u3089\u306e\u5f8c\u7d9a\u306e\u63a5\u7d9a\u306f\u62d2\u5426\u3055\u308c\u307e\u3059\u3002\u3053\u306e\u6a5f\u80fd\u306b\u3088\u308a\u3001accept-new\u306e\u5909\u66f4\u306f\u305d\u306e\u6307\u793a\u306e\u5024\u3092no\u306b\u5909\u66f4\u3059\u308b\u3088\u308a\u3082\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ea\u30b9\u30af\u306f\u5c11\u306a\u304f\u306a\u308a\u307e\u3059\u3002<\/div>\n<\/div>\n<p>SSH\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6\u3092\u66f4\u65b0\u3057\u305f\u306e\u3067\u3001\u6b21\u306fAnsible\u306e\u8a2d\u5b9a\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u6b21\u306e\u624b\u9806\u3067\u884c\u3044\u307e\u3059\u3002<\/p>\n<h2>\u30b9\u30c6\u30c3\u30d72- Ansible\u30db\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u8a2d\u5b9a<\/h2>\n<p>Ansible\u306e\u30db\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\uff08\u307e\u305f\u306f\u30a4\u30f3\u30d9\u30f3\u30c8\u30ea\u30d5\u30a1\u30a4\u30eb\uff09\u306b\u306f\u3001Ansible\u30db\u30b9\u30c8\u306e\u60c5\u5831\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u60c5\u5831\u306b\u306f\u3001\u30b0\u30eb\u30fc\u30d7\u540d\u3001\u30a8\u30a4\u30ea\u30a2\u30b9\u3001\u30c9\u30e1\u30a4\u30f3\u540d\u3001IP\u30a2\u30c9\u30ec\u30b9\u306a\u3069\u304c\u542b\u307e\u308c\u308b\u5834\u5408\u304c\u3042\u308a\u307e\u3059\u3002\u30d5\u30a1\u30a4\u30eb\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\/etc\/ansible\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u914d\u7f6e\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u624b\u9806\u3067\u306f\u3001\u4e8b\u524d\u6e96\u5099\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u8d77\u52d5\u3057\u305fAnsible\u30db\u30b9\u30c8\u306eIP\u30a2\u30c9\u30ec\u30b9\u3092\u8ffd\u52a0\u3057\u3001Ansible playbook\u3092\u5b9f\u884c\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u307e\u3059\u3002<\/p>\n<p>\u6700\u521d\u306b\u3001nano\u307e\u305f\u306f\u304a\u6c17\u306b\u5165\u308a\u306e\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3092\u4f7f\u7528\u3057\u3066\u30db\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u958b\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">sudo<\/span> <span class=\"token function\">nano<\/span> \/etc\/ansible\/hosts<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u5192\u982d\u30b3\u30e1\u30f3\u30c8\u306e\u5f8c\u306b\u3001\u4ee5\u4e0b\u306e\u884c\u3092\u8ffd\u52a0\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<div>\u4ee5\u4e0b\u306e\u6587\u3092\u65e5\u672c\u8a9e\u3067\u81ea\u7136\u306b\u8a00\u3044\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u30021\u3064\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3067\u69cb\u3044\u307e\u305b\u3093\u3002<br \/>\n\u300c\/etc\/ansible\/hosts\u300d<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n\r\n<mark>host1<\/mark> ansible_host=<mark>host1<span class=\"token punctuation\">-<\/span>public<span class=\"token punctuation\">-<\/span>ip<span class=\"token punctuation\">-<\/span>address<\/mark>\r\n<mark>host2<\/mark> ansible_host=<mark>host2<span class=\"token punctuation\">-<\/span>public<span class=\"token punctuation\">-<\/span>ip<span class=\"token punctuation\">-<\/span>address<\/mark>\r\n<mark>host3<\/mark> ansible_host=<mark>host3<span class=\"token punctuation\">-<\/span>public<span class=\"token punctuation\">-<\/span>ip<span class=\"token punctuation\">-<\/span>address<\/mark>\r\n\r\n<span class=\"token punctuation\">[<\/span><mark>initial<\/mark><span class=\"token punctuation\">]<\/span>\r\n<mark>host1<\/mark>\r\n<mark>host2<\/mark>\r\n<mark>host3<\/mark>\r\n\r\n<span class=\"token punctuation\">[<\/span><mark>ongoing<\/mark><span class=\"token punctuation\">]<\/span>\r\n<mark>host1<\/mark>\r\n<mark>host2<\/mark>\r\n<mark>host3<\/mark>\r\n<\/code><\/pre>\n<p>\u30db\u30b9\u30c81\u3001\u30db\u30b9\u30c82\u3001\u30db\u30b9\u30c83\u306f\u305d\u308c\u305e\u308c\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u306e\u81ea\u52d5\u8a2d\u5b9a\u3092\u884c\u3044\u305f\u3044\u30db\u30b9\u30c8\u306b\u5bfe\u3059\u308b\u5225\u540d\u3067\u3059\u3002\u5225\u540d\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u4ed6\u306e\u5834\u6240\u3067\u30db\u30b9\u30c8\u3092\u53c2\u7167\u3059\u308b\u306e\u304c\u5bb9\u6613\u306b\u306a\u308a\u307e\u3059\u3002ansible_host\u306fAnsible\u306e\u63a5\u7d9a\u5909\u6570\u3067\u3042\u308a\u3001\u3053\u306e\u5834\u5408\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u30db\u30b9\u30c8\u306eIP\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u521d\u671f\u3068\u7d99\u7d9a\u306f\u3001Ansible\u30db\u30b9\u30c8\u306e\u30b5\u30f3\u30d7\u30eb\u30b0\u30eb\u30fc\u30d7\u540d\u3067\u3059\u3002\u30db\u30b9\u30c8\u304c\u4f55\u306b\u4f7f\u7528\u3055\u308c\u308b\u304b\u3092\u7c21\u5358\u306b\u77e5\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3088\u3046\u306a\u30b0\u30eb\u30fc\u30d7\u540d\u3092\u9078\u3093\u3067\u304f\u3060\u3055\u3044\u3002\u3053\u306e\u3088\u3046\u306b\u30db\u30b9\u30c8\u3092\u30b0\u30eb\u30fc\u30d7\u5316\u3059\u308b\u3068\u3001\u307e\u3068\u307e\u3063\u305f\u5f62\u3067\u5bfe\u5fdc\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u30db\u30b9\u30c8\u306f\u8907\u6570\u306e\u30b0\u30eb\u30fc\u30d7\u306b\u6240\u5c5e\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3067\u306f\u3001\u3075\u305f\u3064\u306e\u7570\u306a\u308b\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3067\u4f7f\u7528\u3055\u308c\u308b\u305f\u3081\u3001\u30db\u30b9\u30c8\u306f2\u3064\u306e\u7570\u306a\u308b\u30b0\u30eb\u30fc\u30d7\u306b\u5272\u308a\u5f53\u3066\u3089\u308c\u3066\u3044\u307e\u3059\u3002\u30b9\u30c6\u30c3\u30d76\u306e\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u305f\u3081\u306b\u306f\u300c\u521d\u671f\u30b0\u30eb\u30fc\u30d7\u300d\u3001\u30b9\u30c6\u30c3\u30d78\u306e\u5f8c\u7d9a\u30b5\u30fc\u30d0\u30fc\u7ba1\u7406\u306e\u305f\u3081\u306b\u306f\u300c\u7d99\u7d9a\u30b0\u30eb\u30fc\u30d7\u300d\u3068\u3057\u3066\u5272\u308a\u5f53\u3066\u3089\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>hostN\u306e\u30d1\u30d6\u30ea\u30c3\u30afIP\u30a2\u30c9\u30ec\u30b9\u306f\u3001\u5404Ansible\u30db\u30b9\u30c8\u306eIP\u30a2\u30c9\u30ec\u30b9\u3067\u3059\u3002host1\u306e\u30d1\u30d6\u30ea\u30c3\u30afIP\u30a2\u30c9\u30ec\u30b9\u3068\u305d\u306e\u5f8c\u306e\u884c\u306f\u3001\u81ea\u52d5\u5316\u306e\u4e00\u90e8\u3068\u306a\u308b\u30b5\u30fc\u30d0\u30fc\u306eIP\u30a2\u30c9\u30ec\u30b9\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u7de8\u96c6\u304c\u7d42\u308f\u3063\u305f\u3089\u3001\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u30a4\u30f3\u30d9\u30f3\u30c8\u30ea\u30d5\u30a1\u30a4\u30eb\u3067\u30db\u30b9\u30c8\u3092\u5b9a\u7fa9\u3059\u308b\u3053\u3068\u3067\u3001Ansible\u306e\u81ea\u52d5\u5316\u3067\u3069\u306e\u30db\u30b9\u30c8\u304c\u8a2d\u5b9a\u3055\u308c\u308b\u304b\u6307\u5b9a\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u6b21\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001\u8907\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u3059\u308b\u305f\u3081\u306e\u30b5\u30f3\u30d7\u30eb\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u30ea\u30dd\u30b8\u30c8\u30ea\u304b\u3089\u30af\u30ed\u30fc\u30f3\u3057\u307e\u3059\u3002<\/p>\n<h2>\u30b9\u30c6\u30c3\u30d73 \u2014 Ansible Ubuntu\u30a4\u30cb\u30b7\u30e3\u30eb\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u30af\u30ed\u30fc\u30f3\u64cd\u4f5c<\/h2>\n<p>\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001GitHub\u304b\u3089\u30b5\u30f3\u30d7\u30eb\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u30af\u30ed\u30fc\u30f3\u3057\u3066\u3001\u3053\u306e\u81ea\u52d5\u5316\u306b\u5fc5\u8981\u306a\u30d5\u30a1\u30a4\u30eb\u3092\u53d6\u5f97\u3057\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u306f\u3001\u30b5\u30f3\u30d7\u30eb\u306e\u30de\u30eb\u30c1\u30b5\u30fc\u30d0\u30fc\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\u306b\u5fc5\u8981\u306a3\u3064\u306e\u30d5\u30a1\u30a4\u30eb\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059: initial.yml\u3001ongoing.yml\u3001\u305d\u3057\u3066vars\/default.yml\u3067\u3059\u3002initial.yml\u30d5\u30a1\u30a4\u30eb\u306f\u3001Ansible\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u521d\u671f\u8a2d\u5b9a\u306e\u305f\u3081\u306b\u5b9f\u884c\u3059\u308b\u30d7\u30ec\u30a4\u3068\u30bf\u30b9\u30af\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002ongoing.yml\u30d5\u30a1\u30a4\u30eb\u306b\u306f\u3001\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u5f8c\u306b\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u5b9f\u884c\u3059\u308b\u30bf\u30b9\u30af\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002vars\/default.yml\u30d5\u30a1\u30a4\u30eb\u306b\u306f\u3001\u30b9\u30c6\u30c3\u30d76\u3068\u30b9\u30c6\u30c3\u30d78\u306e\u4e21\u65b9\u3067\u547c\u3073\u51fa\u3055\u308c\u308b\u5909\u6570\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u30af\u30ed\u30fc\u30f3\u3059\u308b\u306b\u306f\u3001\u6b21\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">git<\/span> clone https:\/\/github.com\/do-community\/ansible-ubuntu.git<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u3082\u3057\u3054\u81ea\u8eab\u306eSSH\u30ad\u30fc\u3092GitHub\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u8ffd\u52a0\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u6b21\u306e\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u30af\u30ed\u30fc\u30f3\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">git@github.com:do-community\/ansible-ubuntu.git<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u4eca\u3001\u3042\u306a\u305f\u306e\u4f5c\u696d\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306bansible-ubuntu\u3068\u3044\u3046\u540d\u524d\u306e\u30d5\u30a9\u30eb\u30c0\u304c\u4f5c\u6210\u3055\u308c\u307e\u3057\u305f\u3002\u305d\u306e\u30d5\u30a9\u30eb\u30c0\u306b\u79fb\u52d5\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token builtin class-name\">cd<\/span> ansible-ubuntu<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u306e\u6b8b\u308a\u306e\u90e8\u5206\u3067\u306f\u3001\u305d\u308c\u304c\u3042\u306a\u305f\u306e\u4f5c\u696d\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u3092\u81ea\u52d5\u5316\u3059\u308b\u305f\u3081\u306e\u30b5\u30f3\u30d7\u30eb\u30d5\u30a1\u30a4\u30eb\u3092\u53d6\u5f97\u3057\u307e\u3057\u305f\u3002\u6b21\u306b\u3001\u30db\u30b9\u30c8\u306b\u5408\u308f\u305b\u305f\u60c5\u5831\u3092\u542b\u3080vars\/default.yml\u30d5\u30a1\u30a4\u30eb\u3092\u66f4\u65b0\u3057\u3066\u3001\u30b7\u30b9\u30c6\u30e0\u3068\u9023\u643a\u3055\u305b\u307e\u3059\u3002<\/p>\n<h2>\u30b9\u30c6\u30c3\u30d74 \u2014 Ansible\u306e\u5909\u6570\u306e\u4fee\u6b63<\/h2>\n<p>\u3053\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3067\u306f\u3001\u81ea\u52d5\u5316\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092\u53c2\u7167\u3057\u307e\u3059\u304c\u3001\u6642\u9593\u7d4c\u904e\u306b\u4f34\u3044\u66f4\u65b0\u304c\u5fc5\u8981\u306a\u5834\u5408\u304c\u3042\u308a\u307e\u3059\u3002\u305d\u306e\u60c5\u5831\u30921\u3064\u306e\u5909\u6570\u30d5\u30a1\u30a4\u30eb\u306b\u914d\u7f6e\u3057\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5185\u3067\u5909\u6570\u3092\u547c\u3073\u51fa\u3059\u65b9\u304c\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5185\u3067\u76f4\u63a5\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0\u3059\u308b\u3088\u308a\u3082\u52b9\u7387\u7684\u3067\u3059\u3002\u305d\u306e\u305f\u3081\u3001\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001\u304a\u597d\u307f\u3084\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u8981\u4ef6\u306b\u5408\u308f\u305b\u3066\u5909\u6570\u3092vars\/default.yml\u30d5\u30a1\u30a4\u30eb\u3067\u5909\u66f4\u3057\u307e\u3059\u3002<\/p>\n<p>\u6700\u521d\u306b\u3001\u30d5\u30a1\u30a4\u30eb\u3092\u30ca\u30ce\u307e\u305f\u306f\u304a\u6c17\u306b\u5165\u308a\u306e\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3067\u958b\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">nano<\/span> vars\/default.yml<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u4ee5\u4e0b\u306e\u5909\u6570\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<div>\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u5909\u6570\u3092\u542b\u3080vars\/default.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token key atrule\">create_user<\/span><span class=\"token punctuation\">:<\/span> <mark>sammy<\/mark>\r\n\r\n<span class=\"token key atrule\">ssh_port<\/span><span class=\"token punctuation\">:<\/span> <mark><span class=\"token number\">5995<\/span><\/mark>\r\n\r\n<span class=\"token key atrule\">copy_local_key<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ lookup('file', lookup('env','HOME') + '\/.ssh\/<mark>id_rsa.pub<\/mark>') }}\"<\/span>\r\n<\/code><\/pre>\n<p>create_user\u5909\u6570\u306e\u5024\u306f\u3001\u5404\u30db\u30b9\u30c8\u306b\u4f5c\u6210\u3055\u308c\u308bsudo\u30e6\u30fc\u30b6\u30fc\u306e\u540d\u524d\u3067\u3042\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u5834\u5408\u306f\u300csammy\u300d\u3067\u3059\u304c\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u540d\u524d\u306f\u597d\u304d\u306a\u3088\u3046\u306b\u8a2d\u5b9a\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u4ee5\u4e0b\u306e\u901a\u308a\u65e5\u672c\u8a9e\u3067\u8a00\u3044\u63db\u3048\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>Ansible\u30db\u30b9\u30c8\u306b\u63a5\u7d9a\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3059\u308bSSH\u30dd\u30fc\u30c8\u306f\u3001ssh_port\u5909\u6570\u306b\u683c\u7d0d\u3055\u308c\u3066\u3044\u307e\u3059\u3002SSH\u306e\u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30fc\u30c8\u306f22\u3067\u3059\u304c\u3001\u5909\u66f4\u3059\u308b\u3053\u3068\u3067\u81ea\u52d5\u5316\u3055\u308c\u305f\u653b\u6483\u304c\u30b5\u30fc\u30d0\u30fc\u306b\u5bfe\u3057\u3066\u8457\u3057\u304f\u6e1b\u5c11\u3057\u307e\u3059\u3002\u3053\u306e\u5909\u66f4\u306f\u4efb\u610f\u3067\u3059\u304c\u3001\u30db\u30b9\u30c8\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u614b\u3092\u5411\u4e0a\u3055\u305b\u307e\u3059\u30021024\u304b\u308965535\u306e\u7bc4\u56f2\u5185\u3067\u3001Ansible\u30db\u30b9\u30c8\u4e0a\u306e\u4ed6\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3067\u4f7f\u7528\u3055\u308c\u3066\u3044\u306a\u3044\u3042\u307e\u308a\u77e5\u3089\u308c\u3066\u3044\u306a\u3044\u30dd\u30fc\u30c8\u3092\u9078\u629e\u3059\u3079\u304d\u3067\u3059\u3002\u3053\u306e\u4f8b\u3067\u306f\u30dd\u30fc\u30c85995\u3092\u4f7f\u7528\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30ce\u30fc\u30c9\u304cLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3057\u3066\u3044\u308b\u5834\u5408\u30011023\u3088\u308a\u5927\u304d\u3044\u756a\u53f7\u3092\u9078\u629e\u3057\u3001\/etc\/services\u3067\u305d\u308c\u3092\u691c\u7d22\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u4f8b\u3048\u3070\u3001grep 5995 \/etc\/services \u3092\u5b9f\u884c\u3057\u3066\u30015995\u304c\u4f7f\u7528\u3055\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u51fa\u529b\u304c\u306a\u3044\u5834\u5408\u306f\u3001\u305d\u306e\u30dd\u30fc\u30c8\u306f\u305d\u306e\u30d5\u30a1\u30a4\u30eb\u306b\u5b58\u5728\u3057\u306a\u3044\u305f\u3081\u3001\u5909\u6570\u306b\u5272\u308a\u5f53\u3066\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30ce\u30fc\u30c9\u304cLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u3067\u306f\u306a\u3044\u5834\u5408\u3067\u3001\u3069\u3053\u3067\u305d\u306e\u30b7\u30b9\u30c6\u30e0\u306e\u540c\u7b49\u306a\u5834\u6240\u3092\u898b\u3064\u3051\u308b\u304b\u308f\u304b\u3089\u306a\u3044\u5834\u5408\u306f\u3001Service Name and Transport Protocol Port Number Registry\u3092\u53c2\u7167\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/div>\n<\/div>\n<p>copy_local_key\u3068\u3044\u3046\u5909\u6570\u306f\u3001\u5236\u5fa1\u30ce\u30fc\u30c9\u306eSSH\u516c\u958b\u9375\u30d5\u30a1\u30a4\u30eb\u3092\u53c2\u7167\u3057\u3066\u3044\u307e\u3059\u3002\u305d\u306e\u30d5\u30a1\u30a4\u30eb\u306e\u540d\u524d\u304cid_rsa.pub\u3067\u3042\u308c\u3070\u3001\u305d\u306e\u884c\u306b\u5909\u66f4\u3092\u52a0\u3048\u308b\u5fc5\u8981\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u305d\u308c\u4ee5\u5916\u306e\u5834\u5408\u306f\u3001\u5236\u5fa1\u30ce\u30fc\u30c9\u306eSSH\u516c\u958b\u9375\u30d5\u30a1\u30a4\u30eb\u3068\u4e00\u81f4\u3059\u308b\u3088\u3046\u306b\u5909\u66f4\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u30d5\u30a1\u30a4\u30eb\u306f\u5236\u5fa1\u30ce\u30fc\u30c9\u306e~\/.ssh\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4e0b\u306b\u3042\u308a\u307e\u3059\u3002\u30b9\u30c6\u30c3\u30d75\u3067\u30e1\u30a4\u30f3\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u3001sudo\u7279\u6a29\u3092\u6301\u3064\u30e6\u30fc\u30b6\u30fc\u304c\u4f5c\u6210\u3055\u308c\u308b\u3068\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306f\u516c\u958b\u9375\u30d5\u30a1\u30a4\u30eb\u3092\u30e6\u30fc\u30b6\u30fc\u306e\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u30b3\u30d4\u30fc\u3057\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u521d\u671f\u30b5\u30fc\u30d0\u30fc\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u5f8c\u306b\u305d\u306e\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066SSH\u7d4c\u7531\u3067\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u7de8\u96c6\u304c\u5b8c\u4e86\u3057\u305f\u3089\u3001\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u300cvars\/default.yml\u300d\u306b\u5909\u6570\u306b\u5024\u3092\u5272\u308a\u5f53\u3066\u305f\u306e\u3067\u3001Ansible\u306f\u30b9\u30c6\u30c3\u30d76\u3068\u30b9\u30c6\u30c3\u30d78\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5b9f\u884c\u4e2d\u306b\u3053\u308c\u3089\u306e\u5909\u6570\u3092\u547c\u3073\u51fa\u3059\u3053\u3068\u304c\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002\u6b21\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001Ansible Vault\u3092\u4f7f\u7528\u3057\u3066\u3001\u5404\u30db\u30b9\u30c8\u306b\u4f5c\u6210\u3055\u308c\u308b\u30e6\u30fc\u30b6\u30fc\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u4f5c\u6210\u3057\u3001\u5b89\u5168\u306b\u4fdd\u8b77\u3057\u307e\u3059\u3002<\/p>\n<h2>\u30b9\u30c6\u30c3\u30d75 \u2014 \u6697\u53f7\u5316\u3055\u308c\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3059\u308b\u305f\u3081\u306bAnsible Vault\u3092\u4f7f\u7528\u3059\u308b<\/h2>\n<p>Ansible Vault\u306f\u3001playbooks\u3067\u53c2\u7167\u3055\u308c\u308b\u30d5\u30a1\u30a4\u30eb\u3068\u5909\u6570\u3092\u4f5c\u6210\u304a\u3088\u3073\u6697\u53f7\u5316\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u307e\u3059\u3002Ansible Vault\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001playbook\u306e\u5b9f\u884c\u4e2d\u306b\u6a5f\u5bc6\u60c5\u5831\u304c\u5e73\u6587\u3067\u9001\u4fe1\u3055\u308c\u306a\u3044\u3053\u3068\u304c\u4fdd\u8a3c\u3055\u308c\u307e\u3059\u3002\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001\u5404\u30db\u30b9\u30c8\u306esudo\u30e6\u30fc\u30b6\u30fc\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u4f5c\u6210\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u308b\u5024\u3092\u542b\u3080\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u3001\u6697\u53f7\u5316\u3057\u307e\u3059\u3002\u3053\u306e\u65b9\u6cd5\u3067Ansible Vault\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u521d\u671f\u306e\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u4e2d\u304a\u3088\u3073\u305d\u306e\u5f8c\u306eplaybooks\u5185\u3067\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5e73\u6587\u3067\u53c2\u7167\u3055\u308c\u306a\u3044\u3053\u3068\u304c\u4fdd\u8a3c\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u30a2\u30f3\u30b7\u30d6\u30eb-\u30a6\u30d6\u30f3\u30c8\u30a5\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u5185\u306b\u3044\u308b\u72b6\u614b\u3067\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u3063\u3066\u30dc\u30fc\u30eb\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u3001\u958b\u3044\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">ansible-vault create <mark>secret<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u6307\u793a\u304c\u8868\u793a\u3055\u308c\u305f\u3089\u3001\u79d8\u5bc6\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u6697\u53f7\u5316\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u308b\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3057\u3066\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u3053\u308c\u306f\u3001\u4fdd\u7ba1\u5eab\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3067\u3059\u3002\u30b9\u30c6\u30c3\u30d76\u3068\u30b9\u30c6\u30c3\u30d78\u3067\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u969b\u306b\u3001\u4fdd\u7ba1\u5eab\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5fc5\u8981\u306b\u306a\u308b\u305f\u3081\u3001\u5fd8\u308c\u306a\u3044\u3088\u3046\u306b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u91d1\u5eab\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3057\u3001\u78ba\u8a8d\u3057\u305f\u5f8c\u3001\u30b7\u30a7\u30eb\u306eEDITOR\u74b0\u5883\u5909\u6570\u306b\u30ea\u30f3\u30af\u3055\u308c\u3066\u3044\u308b\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3067\u79d8\u5bc6\u30d5\u30a1\u30a4\u30eb\u304c\u958b\u304d\u307e\u3059\u3002\u4ee5\u4e0b\u306e\u884c\u3092\u30d5\u30a1\u30a4\u30eb\u306b\u8ffd\u52a0\u3057\u3001type_a_strong_password_here\u3068type_a_salt_here\u306e\u5024\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<div>\u301c\/ansible-ubuntu\/secret \u3092\u65e5\u672c\u8a9e\u3067\u540c\u7fa9\u306e\u8868\u73fe\u306b\u5909\u3048\u308b\u3068\u3001\u6b21\u306e\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<br \/>\n\u301c\/ansible-ubuntu\/\u79d8\u5bc6<\/div>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">password: <mark>type_a_strong_password_here<\/mark><\/li>\n<li data-prefix=\"$\">password_salt: <mark>type_a_salt_here<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30d1\u30b9\u30ef\u30fc\u30c9\u5909\u6570\u306e\u5024\u306f\u3001\u5404\u30db\u30b9\u30c8\u306b\u4f5c\u6210\u3059\u308bsudo\u30e6\u30fc\u30b6\u30fc\u306e\u5b9f\u969b\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u306b\u306a\u308a\u307e\u3059\u3002 password_salt\u5909\u6570\u306f\u3001\u305d\u306e\u5024\u306b\u5bfe\u3057\u3066\u30bd\u30eb\u30c8\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002\u30bd\u30eb\u30c8\u306f\u3001\u30cf\u30c3\u30b7\u30e5\u3055\u308c\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u751f\u6210\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u308b\u9577\u3044\u30e9\u30f3\u30c0\u30e0\u306a\u5024\u3067\u3059\u3002\u30a2\u30eb\u30d5\u30a1\u30d9\u30c3\u30c8\u307e\u305f\u306f\u82f1\u6570\u5b57\u306e\u6587\u5b57\u5217\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u304c\u3001\u5358\u72ec\u306e\u6570\u5b57\u306e\u6587\u5b57\u5217\u3060\u3051\u3067\u306f\u6a5f\u80fd\u3057\u306a\u3044\u5834\u5408\u304c\u3042\u308a\u307e\u3059\u3002\u30cf\u30c3\u30b7\u30e5\u3055\u308c\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u751f\u6210\u3059\u308b\u969b\u306b\u30bd\u30eb\u30c8\u3092\u8ffd\u52a0\u3059\u308b\u3053\u3068\u3067\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u63a8\u6e2c\u3057\u305f\u308a\u30cf\u30c3\u30b7\u30e5\u3092\u89e3\u8aad\u3059\u308b\u3053\u3068\u304c\u3088\u308a\u56f0\u96e3\u306b\u306a\u308a\u307e\u3059\u3002\u4e21\u5909\u6570\u306f\u3001\u30b9\u30c6\u30c3\u30d76\u304a\u3088\u3073\u30b9\u30c6\u30c3\u30d78\u3067\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u969b\u306b\u547c\u3073\u51fa\u3055\u308c\u307e\u3059\u3002<\/p>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u30c6\u30b9\u30c8\u306e\u7d50\u679c\u3001\u6570\u5b57\u306e\u307f\u3067\u69cb\u6210\u3055\u308c\u305f\u5869\u304cStep 6\u3068Step 8\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5b9f\u884c\u306b\u554f\u984c\u3092\u5f15\u304d\u8d77\u3053\u3059\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\u3057\u304b\u3057\u3001\u30a2\u30eb\u30d5\u30a1\u30d9\u30c3\u30c8\u306e\u307f\u3067\u69cb\u6210\u3055\u308c\u305f\u5869\u306f\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u307e\u3057\u305f\u3002\u307e\u305f\u3001\u82f1\u6570\u5b57\u306e\u5869\u3082\u52d5\u4f5c\u3059\u308b\u306f\u305a\u3067\u3059\u3002\u5869\u3092\u6307\u5b9a\u3059\u308b\u969b\u306b\u306f\u3053\u308c\u3092\u5ff5\u982d\u306b\u7f6e\u3044\u3066\u304f\u3060\u3055\u3044\u3002<\/div>\n<\/div>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u7de8\u96c6\u304c\u7d42\u308f\u3063\u305f\u3089\u3001\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002 (\u30d5\u30a1\u30a4\u30eb\u306e\u3078\u3093\u3057\u3085\u3046\u304c \u304a\u308f\u3063\u305f\u3089\u3001\u307b\u305e\u3093\u3057\u3066 \u3068\u3058\u3066\u304f\u3060\u3055\u3044\u3002)<\/p>\n<p>\u4ee5\u4e0b\u306e\u65e5\u672c\u8a9e\u306e\u8868\u73fe\u3092\u53c2\u8003\u306b\u3057\u3066\u304f\u3060\u3055\u3044\uff1a<br \/>\n\u300c\u30e6\u30fc\u30b6\u30fc\u306b\u95a2\u3059\u308b\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u4f5c\u6210\u3059\u308b\u305f\u3081\u306e\u5909\u6570\u3092\u4f7f\u3063\u3066\u3001\u6697\u53f7\u5316\u3055\u308c\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u307e\u3057\u305f\u3002\u6b21\u306e\u624b\u9806\u3067\u306f\u3001\u30e1\u30a4\u30f3\u306eAnsible\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u3067\u3001\u30b9\u30c6\u30c3\u30d72\u3067\u6307\u5b9a\u3057\u305f\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u3057\u307e\u3059\u3002\u300d<\/p>\n<h2>\u30b9\u30c6\u30c3\u30d76\uff1aAnsible\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u30e1\u30a4\u30f3\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/h2>\n<p>\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u30a4\u30f3\u30d9\u30f3\u30c8\u30ea\u30d5\u30a1\u30a4\u30eb\u3067\u6307\u5b9a\u3057\u305f\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u3057\u307e\u3059\u3002\u307e\u305a\u3001\u30e1\u30a4\u30f3\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3067\u5b9a\u7fa9\u3055\u308c\u305f\u30bf\u30b9\u30af\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u6b21\u306b\u3001\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<p>Ansible\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306f\u30011\u3064\u307e\u305f\u306f\u8907\u6570\u306e\u30d7\u30ec\u30a4\u3068\u3001\u305d\u308c\u305e\u308c\u306e\u30d7\u30ec\u30a4\u306b\u95a2\u9023\u4ed8\u3051\u3089\u308c\u305f1\u3064\u4ee5\u4e0a\u306e\u30bf\u30b9\u30af\u3067\u69cb\u6210\u3055\u308c\u3066\u3044\u307e\u3059\u3002Ansible\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u5b9f\u884c\u3059\u308b\u30b5\u30f3\u30d7\u30eb\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306b\u306f\u3001\u5408\u8a0814\u306e\u30bf\u30b9\u30af\u3092\u6301\u30642\u3064\u306e\u30d7\u30ec\u30a4\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u524d\u306b\u3001\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u30d7\u30ed\u30bb\u30b9\u306b\u95a2\u4e0e\u3059\u308b\u5404\u30bf\u30b9\u30af\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u958b\u59cb\u3059\u308b\u306b\u306f\u3001nano\u307e\u305f\u306f\u304a\u6c17\u306b\u5165\u308a\u306e\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3067\u30d5\u30a1\u30a4\u30eb\u3092\u958b\u3044\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">nano<\/span> initial.yml<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<h3>\u30d7\u30ec\u30a41\uff1a<\/h3>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u6700\u521d\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u306b\u306f\u3001\u30d7\u30ec\u30a4\u306e\u632f\u308b\u821e\u3044\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u308b\u4ee5\u4e0b\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<div>initial.yml\u306e\u65e5\u672c\u8a9e\u306b\u3088\u308b\u8868\u73fe\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3067\u3059\uff081\u3064\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u307f\uff09\uff1a<br \/>\n\u521d\u671f.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Initial server setup tasks<\/mark>\r\n  <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> <mark>initial<\/mark>\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> root\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> secret\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u30d7\u30ec\u30a4\u306e\u540d\u524d\u306f\u3001\u30d7\u30ec\u30a4\u304c\u5b9f\u884c\u3055\u308c\u308b\u969b\u306b\u7aef\u672b\u306b\u8868\u793a\u3055\u308c\u308b\u30d7\u30ec\u30a4\u306e\u77ed\u3044\u8aac\u660e\u3067\u3059\u3002hosts\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u30d7\u30ec\u30a4\u306e\u5bfe\u8c61\u3068\u306a\u308b\u30db\u30b9\u30c8\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u5834\u5408\u3001\u30ad\u30fc\u30ef\u30fc\u30c9\u306b\u6e21\u3055\u308c\u308b\u30d1\u30bf\u30fc\u30f3\u306f\u3001\u30b9\u30c6\u30c3\u30d72\u3067\u6307\u5b9a\u3057\u305f\u30db\u30b9\u30c8\u306e\u30b0\u30eb\u30fc\u30d7\u540d\u3067\u3059\u3002remote_user\u30ad\u30fc\u30ef\u30fc\u30c9\u3092\u4f7f\u7528\u3057\u3066\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u305f\u3081\u306e\u30e6\u30fc\u30b6\u30fc\u540d\u3092\u6307\u5b9a\u3057\u307e\u3059\uff08\u3053\u306e\u5834\u5408\u306froot\uff09\u3002vars_files\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3059\u308b\u969b\u306b\u30d7\u30ec\u30a4\u304c\u53c2\u7167\u3059\u308b\u5909\u6570\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u30d5\u30a1\u30a4\u30eb\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u8a2d\u5b9a\u3067\u306f\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306fSSH\u30dd\u30fc\u30c822\u3092\u4ecb\u3057\u3066\u30eb\u30fc\u30c8\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u30db\u30b9\u30c8\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3088\u3046\u3068\u3057\u307e\u3059\u3002\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u305f\u30db\u30b9\u30c8\u3054\u3068\u306bOK\u306e\u5fdc\u7b54\u3092\u5831\u544a\u3057\u307e\u3059\u3002\u305d\u308c\u4ee5\u5916\u306e\u5834\u5408\u306f\u3001\u30b5\u30fc\u30d0\u30fc\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u306a\u3044\u3068\u5831\u544a\u3057\u3001\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308b\u30db\u30b9\u30c8\u306b\u5bfe\u3057\u3066\u3001\u30d7\u30ec\u30a4\u306e\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u59cb\u3081\u307e\u3059\u3002\u624b\u52d5\u3067\u3053\u306e\u8a2d\u5b9a\u3092\u884c\u3063\u3066\u3044\u308b\u5834\u5408\u3001\u3053\u306e\u81ea\u52d5\u5316\u306b\u3088\u308assh root@\u30db\u30b9\u30c8\u306eIP\u30a2\u30c9\u30ec\u30b9\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n<p>\u30ad\u30fc\u30ef\u30fc\u30c9\u30bb\u30af\u30b7\u30e7\u30f3\u306b\u7d9a\u3044\u3066\u3001\u9806\u6b21\u5b9f\u884c\u3055\u308c\u308b\u30bf\u30b9\u30af\u306e\u30ea\u30b9\u30c8\u304c\u3042\u308a\u307e\u3059\u3002\u6f14\u5287\u3068\u540c\u69d8\u306b\u3001\u5404\u30bf\u30b9\u30af\u306f\u540d\u524d\u3067\u59cb\u307e\u308a\u3001\u305d\u306e\u30bf\u30b9\u30af\u304c\u3069\u306e\u3088\u3046\u306a\u76ee\u7684\u3092\u679c\u305f\u3059\u304b\u306e\u77ed\u3044\u8aac\u660e\u304c\u8a18\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af1\uff1a\u30ad\u30e3\u30c3\u30b7\u30e5\u3092\u66f4\u65b0\u3057\u307e\u3059\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u6700\u521d\u306e\u30bf\u30b9\u30af\u306f\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u66f4\u65b0\u3067\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>update cache<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">update_cache<\/span><span class=\"token punctuation\">:<\/span> yes\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001ansible.builtin.apt \u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u30d1\u30c3\u30b1\u30fc\u30b8\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u3092\u66f4\u65b0\u3059\u308b\u305f\u3081\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u308b\u305f\u3081\u3001update_cache: yes \u3068\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001\u3057\u3070\u3057\u3070\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u305f\u3059\u3079\u3066\u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u66f4\u65b0\u3059\u308b\u524d\u306b\u3001Ubuntu \u30b5\u30fc\u30d0\u30fc\u306b\u30ed\u30b0\u30a4\u30f3\u3057 sudo apt update \u3068\u5165\u529b\u3059\u308b\u306e\u3068\u540c\u3058\u3053\u3068\u3092\u5b9f\u73fe\u3057\u307e\u3059\u3002<\/p>\n<h4>\u8ab2\u984c2\uff1a\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u3059\u3079\u3066\u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u66f4\u65b0\u3057\u307e\u3059\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e2\u3064\u76ee\u306e\u30bf\u30b9\u30af\u306f\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u66f4\u65b0\u3067\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Update all installed packages<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"*\"<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> latest\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u6700\u521d\u306e\u30bf\u30b9\u30af\u3068\u540c\u69d8\u306b\u3001\u3053\u306e\u30bf\u30b9\u30af\u3067\u3082ansible.builtin.apt\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u307e\u3059\u3002\u3053\u3053\u3067\u306f\u3001\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\uff08name: &#8220;*&#8221;\uff09\u3068state: latest\u3092\u4f7f\u7528\u3057\u3066\u3001\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u3059\u3079\u3066\u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u6700\u65b0\u3067\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001\u30b5\u30fc\u30d0\u30fc\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066sudo apt upgrade -y\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af3: NTP\u30b5\u30fc\u30d3\u30b9\u304c\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 (Tasuku 3: NTP s\u0101bisu ga seik\u014d ni d\u014dsa shite iru koto o kakunin shite kudasai.)<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u7b2c3\u306e\u30bf\u30b9\u30af\u306f\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30bf\u30a4\u30e0\u30d7\u30ed\u30c8\u30b3\u30eb\uff08NTP\uff09\u30c7\u30fc\u30e2\u30f3\u304c\u30a2\u30af\u30c6\u30a3\u30d6\u306b\u306a\u3063\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Make sure NTP service is running<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> started\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> systemd<span class=\"token punctuation\">-<\/span>timesyncd\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.systemd\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3066\u3001systemd-timesyncd\u3068\u3044\u3046NTP\u30c7\u30fc\u30e2\u30f3\u304c\u5b9f\u884c\u3055\u308c\u3066\u3044\u308b\u304b\u78ba\u8a8d\u3057\u307e\u3059\uff08\u72b6\u614b\uff1a\u958b\u59cb\uff09\u3002\u30b5\u30fc\u30d0\u30fc\u9593\u3067\u540c\u3058\u6642\u523b\u3092\u7dad\u6301\u3059\u308b\u305f\u3081\u306b\u3001\u5206\u6563\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u904b\u7528\u3059\u308b\u969b\u306b\u3053\u306e\u3088\u3046\u306a\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af4: sudo\u30b0\u30eb\u30fc\u30d7\u304c\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e4\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001sudo\u30b0\u30eb\u30fc\u30d7\u304c\u5b58\u5728\u3059\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Make sure we have a 'sudo' group<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.group<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> sudo\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.group\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3066\u3001\u30db\u30b9\u30c8\u4e0a\u306bsudo\u3068\u3044\u3046\u540d\u524d\u306e\u30b0\u30eb\u30fc\u30d7\u304c\u5b58\u5728\u3059\u308b\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff08\u72b6\u614b\uff1apresent\uff09\u3002\u6b21\u306e\u30bf\u30b9\u30af\u306f\u30db\u30b9\u30c8\u4e0a\u306bsudo\u30b0\u30eb\u30fc\u30d7\u304c\u5b58\u5728\u3059\u308b\u3053\u3068\u306b\u4f9d\u5b58\u3057\u3066\u3044\u308b\u305f\u3081\u3001\u3053\u306e\u30bf\u30b9\u30af\u3067\u306fsudo\u30b0\u30eb\u30fc\u30d7\u304c\u5b58\u5728\u3059\u308b\u304b\u3092\u78ba\u8a8d\u3057\u3001\u6b21\u306e\u30bf\u30b9\u30af\u304c\u5931\u6557\u3057\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af5\uff1asudo\u7279\u6a29\u3092\u6301\u3064\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u7b2c5\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001sudo\u6a29\u9650\u3092\u6301\u3064\u975e\u30eb\u30fc\u30c8\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Create a user with sudo privileges<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.user<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n    <span class=\"token key atrule\">groups<\/span><span class=\"token punctuation\">:<\/span> sudo\r\n    <span class=\"token key atrule\">append<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n    <span class=\"token key atrule\">create_home<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n    <span class=\"token key atrule\">shell<\/span><span class=\"token punctuation\">:<\/span> \/bin\/bash\r\n    <span class=\"token key atrule\">password<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password | password_hash('sha512', password_salt) }}\"<\/span>\r\n    <span class=\"token key atrule\">update_password<\/span><span class=\"token punctuation\">:<\/span> on_create\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u3053\u3067\u306f\u3001ansible.builtin.user\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3001\u30e6\u30fc\u30b6\u30fc\u3054\u3068\u306b\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3057\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u30b0\u30eb\u30fc\u30d7\u306bsudo\u30b0\u30eb\u30fc\u30d7\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002\u30e6\u30fc\u30b6\u30fc\u540d\u306fvars\/default.yml\u3067\u6307\u5b9a\u3057\u305fcreate_user\u5909\u6570\u306e\u5024\u304b\u3089\u6d3e\u751f\u3057\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u305f\u3081\u306b\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u304c\u4f5c\u6210\u3055\u308c\u3001\u9069\u5207\u306a\u30b7\u30a7\u30eb\u3067\u5272\u308a\u5f53\u3066\u3089\u308c\u308b\u3053\u3068\u3082\u78ba\u8a8d\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u30b9\u30c6\u30c3\u30d75\u3067\u8a2d\u5b9a\u3057\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u3068\u30bd\u30eb\u30c8\u306e\u7d44\u307f\u5408\u308f\u305b\u3092\u4f7f\u7528\u3057\u3066\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u30d1\u30e9\u30e1\u30fc\u30bf\u3068\u7d44\u307f\u5408\u308f\u305b\u305f\u95a2\u6570\u304cSHA-512\u306e\u6697\u53f7\u30cf\u30c3\u30b7\u30e5\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u547c\u3073\u51fa\u3057\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u30cf\u30c3\u30b7\u30e5\u5316\u3057\u307e\u3059\u3002\u79d8\u5bc6\u306e\u4fdd\u7ba1\u5eab\u30d5\u30a1\u30a4\u30eb\u3068\u30da\u30a2\u306b\u306a\u3063\u3066\u3044\u308b\u305f\u3081\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u306f\u5e73\u6587\u3067\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306b\u6e21\u3055\u308c\u308b\u3053\u3068\u306f\u3042\u308a\u307e\u305b\u3093\u3002update_password\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u30cf\u30c3\u30b7\u30e5\u5316\u3055\u308c\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u30e6\u30fc\u30b6\u30fc\u304c\u4f5c\u6210\u3055\u308c\u305f\u6700\u521d\u306e\u6642\u70b9\u3067\u306e\u307f\u8a2d\u5b9a\u3055\u308c\u308b\u3053\u3068\u3092\u4fdd\u8a3c\u3057\u307e\u3059\u3002\u3082\u3057\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u518d\u5b9f\u884c\u3057\u3066\u3082\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u306f\u518d\u751f\u6210\u3055\u308c\u307e\u305b\u3093\u3002<\/p>\n<h4>\u30bf\u30b9\u30af6\uff1a\u30ea\u30e2\u30fc\u30c8\u30e6\u30fc\u30b6\u30fc\u306e\u8a8d\u8a3c\u30ad\u30fc\u3092\u8a2d\u5b9a\u3059\u308b\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u7b2c6\u306e\u30bf\u30b9\u30af\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u9375\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<div>\u521d\u671f.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Set authorized key for remote user<\/mark>\r\n  <span class=\"token key atrule\">ansible.posix.authorized_key<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n    <span class=\"token key atrule\">key<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ copy_local_key }}\"<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.posix.authorized_key\u3092\u547c\u3073\u51fa\u3059\u3053\u3068\u3067\u516c\u958bSSH\u30ad\u30fc\u3092\u30db\u30b9\u30c8\u306b\u30b3\u30d4\u30fc\u3057\u307e\u3059\u3002user\u306e\u5024\u306f\u3001\u524d\u306e\u30bf\u30b9\u30af\u3067\u30db\u30b9\u30c8\u306b\u4f5c\u6210\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u306e\u540d\u524d\u3067\u3042\u308a\u3001key\u306f\u30b3\u30d4\u30fc\u3059\u308b\u30ad\u30fc\u3092\u6307\u3057\u307e\u3059\u3002\u4e21\u65b9\u306e\u5909\u6570\u306fvar\/default.yml\u30d5\u30a1\u30a4\u30eb\u3067\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001ssh-copy-id\u30b3\u30de\u30f3\u30c9\u3092\u624b\u52d5\u3067\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u3058\u52b9\u679c\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af7\uff1aroot\u306e\u30ea\u30e2\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3\u3092\u7121\u52b9\u306b\u3059\u308b<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e7\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001root\u30e6\u30fc\u30b6\u30fc\u306b\u5bfe\u3059\u308b\u30ea\u30e2\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3\u3092\u7121\u52b9\u306b\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Disable remote login for root<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.lineinfile<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/etc\/ssh\/sshd_config\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n    <span class=\"token key atrule\">regexp<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'^PermitRootLogin yes'<\/span>\r\n    <span class=\"token key atrule\">line<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'PermitRootLogin no'<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u6b21\u306b\u3001ansible.builtin.lineinfile\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001\u6b63\u898f\u8868\u73fe\uff08regexp\uff09\u3092\u4f7f\u7528\u3057\u3066\u3001\/etc\/ssh\/sshd_config\u30d5\u30a1\u30a4\u30eb\u5185\u306ePermitRootLogin\u3067\u59cb\u307e\u308b\u884c\u3092\u691c\u7d22\u3057\u3001\u305d\u308c\u3092line\u306e\u5024\u3067\u7f6e\u63db\u3057\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306b\u3088\u308a\u3001\u3053\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u5b9f\u884c\u5f8c\u3001root\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f7f\u7528\u3057\u305f\u30ea\u30e2\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3\u304c\u5931\u6557\u3059\u308b\u3053\u3068\u304c\u4fdd\u8a3c\u3055\u308c\u307e\u3059\u3002\u30bf\u30b9\u30af6\u3067\u4f5c\u6210\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u306e\u307f\u30ea\u30e2\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3\u304c\u6210\u529f\u3057\u307e\u3059\u3002\u30ea\u30e2\u30fc\u30c8\u30eb\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3\u3092\u7121\u52b9\u306b\u3059\u308b\u3053\u3068\u3067\u3001\u901a\u5e38sudo\u3068\u547c\u3070\u308c\u308b\u7279\u6a29\u6607\u683c\u306e\u65b9\u6cd5\u304c\u5fc5\u8981\u3068\u306a\u308a\u3001\u4e00\u822c\u306e\u30e6\u30fc\u30b6\u30fc\u306e\u307f\u304c\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u3001\u7ba1\u7406\u8005\u7279\u6a29\u3092\u53d6\u5f97\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<h4>\u8ab2\u984c8: SSH\u30dd\u30fc\u30c8\u306e\u5909\u66f4<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e8\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001SSH\u306e\u30dd\u30fc\u30c8\u3092\u5909\u66f4\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Change the SSH port\r\n  <span class=\"token key atrule\">ansible.builtin.lineinfile<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/etc\/ssh\/sshd_config\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n    <span class=\"token key atrule\">regexp<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'^#Port 22'<\/span>\r\n    <span class=\"token key atrule\">line<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'Port \"{{ ssh_port }}\"'<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>SSH\u304c\u4e00\u822c\u7684\u306a\u30dd\u30fc\u30c822\u3067\u5f85\u3061\u53d7\u3051\u3066\u3044\u308b\u305f\u3081\u3001\u305d\u306e\u30dd\u30fc\u30c8\u3092\u72d9\u3063\u305f\u81ea\u52d5\u653b\u6483\u306b\u3055\u3089\u3055\u308c\u3084\u3059\u3044\u50be\u5411\u304c\u3042\u308a\u307e\u3059\u3002SSH\u304c\u5f85\u3061\u53d7\u3051\u308b\u30dd\u30fc\u30c8\u3092\u5909\u66f4\u3059\u308b\u3053\u3068\u3067\u3001\u30db\u30b9\u30c8\u306b\u5bfe\u3059\u308b\u81ea\u52d5\u653b\u6483\u306e\u6570\u3092\u6e1b\u3089\u3059\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.lineinfile\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u3001SSH\u30c7\u30fc\u30e2\u30f3\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3067\u6b63\u898f\u8868\u73fe\u3067\u59cb\u307e\u308b\u884c\u3092\u691c\u7d22\u3057\u3001\u305d\u306e\u5024\u3092line\u30d1\u30e9\u30e1\u30fc\u30bf\u306e\u5024\u306b\u5909\u66f4\u3057\u307e\u3059\u3002SSH\u304c\u5f85\u3061\u53d7\u3051\u308b\u65b0\u3057\u3044\u30dd\u30fc\u30c8\u756a\u53f7\u306f\u3001\u30b9\u30c6\u30c3\u30d74\u3067ssh_port\u5909\u6570\u306b\u5272\u308a\u5f53\u3066\u305f\u30dd\u30fc\u30c8\u756a\u53f7\u306b\u306a\u308a\u307e\u3059\u3002\u3053\u306e\u30d7\u30ec\u30a4\u306e\u6700\u5f8c\u3067\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3057\u305f\u5f8c\u3001\u30dd\u30fc\u30c822\u7d4c\u7531\u3067\u30db\u30b9\u30c8\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u305b\u3093\u3002<\/p>\n<h4>\u30bf\u30b9\u30af9: UFW &#8211; SSH\u63a5\u7d9a\u3092\u8a31\u53ef\u3059\u308b<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e9\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001SSH\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u8a31\u53ef\u3057\u307e\u3059\u3002<\/p>\n<div>\u521d\u671f\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>UFW <span class=\"token punctuation\">-<\/span> Allow SSH connections<\/mark>\r\n  <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">rule<\/span><span class=\"token punctuation\">:<\/span> allow\r\n    <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u3053\u3067\u306f\u3001\u30b3\u30df\u30e5\u30cb\u30c6\u30a3\u5168\u4f53\u306eufw\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3001\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u4ecb\u3057\u3066SSH\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u8a31\u53ef\u3057\u307e\u3059\u3002SSH\u306e\u30dd\u30fc\u30c8\u756a\u53f7\u306f22\u3067\u306f\u306a\u304f\u3001\u30b9\u30c6\u30c3\u30d74\u306evars\/default.yml\u30d5\u30a1\u30a4\u30eb\u3067\u6307\u5b9a\u3057\u305f\u30ab\u30b9\u30bf\u30e0\u30dd\u30fc\u30c8\u756a\u53f7\u3067\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001ufw allow 5995\/tcp\u30b3\u30de\u30f3\u30c9\u3092\u624b\u52d5\u3067\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af10\uff1aSSH\u306e\u7dcf\u5f53\u305f\u308a\u653b\u6483\u304b\u3089\u306e\u4fdd\u8b77<\/h4>\n<p>\u7b2c\u5341\u306e\u30bf\u30b9\u30af\u306f\u3001\u7dcf\u5f53\u305f\u308a\u653b\u6483\u304b\u3089\u5b88\u308b\u305f\u3081\u306e\u5bfe\u7b56\u3067\u3059\u3002<\/p>\n<div>\u521d\u3081\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Brute<span class=\"token punctuation\">-<\/span>force attempt protection for SSH<\/mark>\r\n  <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">rule<\/span><span class=\"token punctuation\">:<\/span> limit\r\n    <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n    <span class=\"token key atrule\">proto<\/span><span class=\"token punctuation\">:<\/span> tcp\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>community.general.ufw\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u518d\u5ea6\u547c\u3073\u51fa\u3057\u3001\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u30ec\u30fc\u30c8\u5236\u9650\u30eb\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u300130\u79d2\u4ee5\u5185\u306bSSH\u30dd\u30fc\u30c8\u3078\u306e\u63a5\u7d9a\u8a66\u884c\u304c6\u56de\u4ee5\u4e0a\u5931\u6557\u3057\u305fIP\u30a2\u30c9\u30ec\u30b9\u306e\u30ed\u30b0\u30a4\u30f3\u30a2\u30af\u30bb\u30b9\u3092\u62d2\u5426\u3057\u307e\u3059\u3002\u30d7\u30ed\u30c8\u30d1\u30e9\u30e1\u30fc\u30bf\u306f\u5bfe\u8c61\u306e\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u6307\u5b9a\u3057\u307e\u3059\uff08\u3053\u306e\u5834\u5408\u3001TCP\uff09\u3002<\/p>\n<h4>\u30bf\u30b9\u30af11\uff1aUFW &#8211; \u4ed6\u306e\u7740\u4fe1\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u62d2\u5426\u3057\u3001UFW\u3092\u6709\u52b9\u5316\u3059\u308b<\/h4>\n<p>11\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\u3002 (J\u016bichi-banme no tasuku de wa, faiaw\u014dru o y\u016bk\u014d ni shimasu.)<\/p>\n<div>\u521d\u671f.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>UFW <span class=\"token punctuation\">-<\/span> Deny other incoming traffic and enable UFW<\/mark>\r\n  <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> enabled\r\n    <span class=\"token key atrule\">policy<\/span><span class=\"token punctuation\">:<\/span> deny\r\n    <span class=\"token key atrule\">direction<\/span><span class=\"token punctuation\">:<\/span> incoming\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001\u307e\u3060 community.general.ufw \u30e2\u30b8\u30e5\u30fc\u30eb\u306b\u4f9d\u5b58\u3057\u3066\u304a\u308a\u3001\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u3066\uff08\u72b6\u614b\uff1a\u6709\u52b9\uff09\u3001\u3059\u3079\u3066\u306e\u53d7\u4fe1\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u62d2\u5426\u3059\u308b\u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af12\uff1a\u4e0d\u8981\u306a\u4f9d\u5b58\u95a2\u4fc2\u3092\u524a\u9664\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u3053\u306e\u30d7\u30ec\u30a4\u306e\u7b2c12\u306e\u30bf\u30b9\u30af\u306f\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u4f9d\u5b58\u95a2\u4fc2\u3092\u30af\u30ea\u30fc\u30cb\u30f3\u30b0\u3059\u308b\u3053\u3068\u3067\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Remove dependencies that are no longer required<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">autoremove<\/span><span class=\"token punctuation\">:<\/span> yes\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>ansible.builtin.apt\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u518d\u5ea6\u547c\u3073\u51fa\u3059\u3053\u3068\u306b\u3088\u308a\u3001\u3053\u306e\u30bf\u30b9\u30af\u306f\u30b5\u30fc\u30d0\u4e0a\u3067\u4e0d\u8981\u306b\u306a\u3063\u305f\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u4f9d\u5b58\u95a2\u4fc2\u3092\u524a\u9664\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001\u624b\u52d5\u3067sudo apt autoremove\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af13: SSH\u30c7\u30fc\u30e2\u30f3\u3092\u518d\u8d77\u52d5\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u3053\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e13\u756a\u76ee\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001SSH\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<div>\u521d\u671f.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Restart the SSH daemon<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> restarted\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> ssh\r\n<\/code><\/pre>\n<p>\u6700\u5f8c\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.systemd\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u3001SSH\u30c7\u30fc\u30e2\u30f3\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002\u3053\u306e\u518d\u8d77\u52d5\u306f\u3001\u30c7\u30fc\u30e2\u30f3\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u5909\u66f4\u304c\u6709\u52b9\u306b\u306a\u308b\u305f\u3081\u306b\u884c\u308f\u308c\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001sudo systemctl restart ssh\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u30c7\u30fc\u30e2\u30f3\u3092\u518d\u8d77\u52d5\u3059\u308b\u306e\u3068\u540c\u3058\u52b9\u679c\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u30db\u30b9\u30c8\u3068\u306e\u6700\u521d\u306e\u63a5\u7d9a\u306f\u3001\u30dd\u30fc\u30c822\u3092\u7d4c\u7531\u3057\u3066root\u3068\u3057\u3066\u884c\u308f\u308c\u307e\u3057\u305f\u304c\u3001\u4ee5\u524d\u306e\u30bf\u30b9\u30af\u3067\u30dd\u30fc\u30c8\u756a\u53f7\u304c\u5909\u66f4\u3055\u308c\u3001\u30ea\u30e2\u30fc\u30c8root\u30ed\u30b0\u30a4\u30f3\u304c\u7121\u52b9\u5316\u3055\u308c\u305f\u305f\u3081\u3001\u3053\u306e\u30b9\u30c6\u30fc\u30b8\u3067\u306fSSH\u30c7\u30fc\u30e2\u30f3\u3092\u518d\u8d77\u52d5\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u30022\u756a\u76ee\u306e\u64cd\u4f5c\u3067\u306f\u3001\u63a5\u7d9a\u306e\u8a8d\u8a3c\u60c5\u5831\u304c\u7570\u306a\u308a\u307e\u3059\uff08root\u3067\u306f\u306a\u304f\u30e6\u30fc\u30b6\u30fc\u540d\u3092\u4f7f\u7528\u3057\u3001\u30dd\u30fc\u30c8\u756a\u53f7\u308222\u4ee5\u5916\u306e\u65b0\u3057\u304f\u5b9a\u7fa9\u3055\u308c\u305f\u756a\u53f7\u3067\u3059\uff09\u3002<\/p>\n<h3>\u30d7\u30ec\u30a42: \u521d\u671f\u8a2d\u5b9a\u5f8c\u306b\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<\/h3>\n<p>\u30d7\u30ec\u30a41\u306e\u6700\u5f8c\u306e\u30bf\u30b9\u30af\u304c\u6210\u529f\u88cf\u306b\u7d42\u4e86\u3057\u305f\u5f8c\u306b\u3001\u3053\u306e\u30d7\u30ec\u30a4\u304c\u958b\u59cb\u3055\u308c\u307e\u3059\u3002\u4ee5\u4e0b\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u306b\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml\u30d5\u30a1\u30a4\u30eb<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Rebooting hosts after initial setup<\/mark>\r\n  <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> initial\r\n  <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n  <span class=\"token key atrule\">become<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> ~\/secret\r\n  <span class=\"token key atrule\">vars<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">ansible_become_pass<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password }}\"<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u30b9\u30c6\u30c3\u30d72\u3067\u6307\u5b9a\u3055\u308c\u305f\u521d\u671f\u30b0\u30eb\u30fc\u30d7\u540d\u306f\/etc\/ansible\/hosts\u30d5\u30a1\u30a4\u30eb\u306b\u6e21\u3055\u308c\u308b\u30d1\u30bf\u30fc\u30f3\u3067\u3059\u3002\u30c7\u30d5\u30a9\u30eb\u30c8\u306eSSH\u30dd\u30fc\u30c822\u3092\u4f7f\u7528\u3057\u3066\u30db\u30b9\u30c8\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u306a\u304f\u306a\u308b\u305f\u3081\u3001\u30b9\u30c6\u30c3\u30d74\u3067\u8a2d\u5b9a\u3055\u308c\u305f\u30ab\u30b9\u30bf\u30e0SSH\u30dd\u30fc\u30c8\u3092port\u30ad\u30fc\u30ef\u30fc\u30c9\u3067\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>\u6700\u521d\u306e\u30d7\u30ec\u30a4\u3067\u306f\u3001Ansible \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306f\u30db\u30b9\u30c8\u306b root \u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u30ed\u30b0\u30a4\u30f3\u3057\u307e\u3057\u305f\u3002\u6700\u521d\u306e\u30d7\u30ec\u30a4\u3067\u30ea\u30e2\u30fc\u30c8 root \u30ed\u30b0\u30a4\u30f3\u304c\u7121\u52b9\u5316\u3055\u308c\u305f\u305f\u3081\u3001Ansible \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u304c\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u30e6\u30fc\u30b6\u30fc\u3092\u6307\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002remote_user \u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001Ansible \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u304c\u6700\u521d\u306e\u30d7\u30ec\u30a4\u306e\u30bf\u30b9\u30af 5 \u3067\u4f5c\u6210\u3055\u308c\u305f sudo \u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u5404\u30db\u30b9\u30c8\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3088\u3046\u306b\u6307\u793a\u3057\u307e\u3059\u3002<\/p>\n<p>\u300cbecome\u300d\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u6307\u5b9a\u3055\u308c\u305f\u30db\u30b9\u30c8\u3067\u306e\u30bf\u30b9\u30af\u306e\u5b9f\u884c\u306b\u7279\u6a29\u6607\u683c\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002\u3053\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u5fc5\u8981\u306a\u5834\u5408\u306b\u30bf\u30b9\u30af\u306e\u5b9f\u884c\u306b\u5bfe\u3057\u3066Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u304croot\u6a29\u9650\u3092\u4eee\u5b9a\u3059\u308b\u3088\u3046\u306b\u6307\u793a\u3057\u307e\u3059\u3002\u3053\u306e\u5834\u5408\u3001\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306fsudo\u3092\u4f7f\u7528\u3057\u3066root\u6a29\u9650\u3092\u4eee\u5b9a\u3057\u307e\u3059\u3002\u300cansible_become_pass\u300d\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u7279\u6a29\u6607\u683c\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001root\u6a29\u9650\u3092\u4eee\u5b9a\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u308b\u30d1\u30b9\u30ef\u30fc\u30c9\u3067\u3059\u3002\u3053\u306e\u5834\u5408\u3001Ansible Vault\u3067\u8a2d\u5b9a\u3057\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u6307\u3059\u5909\u6570\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>vars\/default.yml\u30d5\u30a1\u30a4\u30eb\u3092\u6307\u5b9a\u3059\u308b\u3060\u3051\u3067\u306a\u304f\u3001vars_files\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u30b9\u30c6\u30c3\u30d75\u3067\u8a2d\u5b9a\u3057\u305f\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30d5\u30a1\u30a4\u30eb\u3082\u6307\u3057\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u304c\u30d1\u30b9\u30ef\u30fc\u30c9\u5909\u6570\u3092\u898b\u3064\u3051\u308b\u5834\u6240\u304c\u308f\u304b\u308a\u307e\u3059\u3002<\/p>\n<p>\u30ad\u30fc\u30ef\u30fc\u30c9\u30bb\u30af\u30b7\u30e7\u30f3\u306e\u5f8c\u306b\u306f\u3001\u3053\u306e\u6f14\u5287\u3067\u5b9f\u884c\u3055\u308c\u308b\u552f\u4e00\u306e\u30bf\u30b9\u30af\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af14\uff1a\u5168\u3066\u306e\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3059\u308b<\/h4>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u3053\u308c\u306f2\u756a\u76ee\u306e\u30d7\u30ec\u30a4\u306e\u6700\u521d\u306e\u30bf\u30b9\u30af\u3067\u3059\u304c\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306f\u3053\u308c\u3092\u30d7\u30ec\u30a42\u306e\u30bf\u30b9\u30af1\u3068\u898b\u306a\u3059\u306e\u3067\u306f\u306a\u304f\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u30bf\u30b9\u30af14\u3068\u3057\u3066\u898b\u3066\u3044\u307e\u3059\u3002<\/div>\n<\/div>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u6700\u7d42\u30bf\u30b9\u30af\u306f\u3001\u3059\u3079\u3066\u306e\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Reboot all hosts<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.reboot<\/span><span class=\"token punctuation\">:<\/span>\r\n<\/code><\/pre>\n<p>\u6700\u521d\u306e\u30d7\u30ec\u30a4\u3067\u306e\u30bf\u30b9\u30af\u304c\u5b8c\u4e86\u3057\u305f\u5f8c\u3001\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3059\u308b\u3053\u3068\u3067\u3001\u30ab\u30fc\u30cd\u30eb\u3084\u30e9\u30a4\u30d6\u30e9\u30ea\u306e\u66f4\u65b0\u304c\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u524d\u306b\u6709\u52b9\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u5b8c\u5168\u306a\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u30d5\u30a1\u30a4\u30eb\u306f\u6b21\u306e\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Initial server setup tasks\r\n  <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> initial\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> root\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> secret\r\n\r\n  <span class=\"token key atrule\">tasks<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> update cache\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">update_cache<\/span><span class=\"token punctuation\">:<\/span> yes\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Update all installed packages\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"*\"<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> latest\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Make sure NTP service is running\r\n      <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> started\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> systemd<span class=\"token punctuation\">-<\/span>timesyncd\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Make sure we have a 'sudo' group\r\n      <span class=\"token key atrule\">ansible.builtin.group<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> sudo\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Create a user with sudo privileges\r\n      <span class=\"token key atrule\">ansible.builtin.user<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n        <span class=\"token key atrule\">groups<\/span><span class=\"token punctuation\">:<\/span> sudo\r\n        <span class=\"token key atrule\">append<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n        <span class=\"token key atrule\">create_home<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n        <span class=\"token key atrule\">shell<\/span><span class=\"token punctuation\">:<\/span> \/bin\/bash\r\n        <span class=\"token key atrule\">password<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password | password_hash('sha512', password_salt) }}\"<\/span>\r\n        <span class=\"token key atrule\">update_password<\/span><span class=\"token punctuation\">:<\/span> on_create\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Set authorized key for remote user\r\n      <span class=\"token key atrule\">ansible.builtin.authorized_key<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n        <span class=\"token key atrule\">key<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ copy_local_key }}\"<\/span>\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Disable remote login for root\r\n      <span class=\"token key atrule\">ansible.builtin.lineinfile<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/etc\/ssh\/sshd_config\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n        <span class=\"token key atrule\">regexp<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'^PermitRootLogin yes'<\/span>\r\n        <span class=\"token key atrule\">line<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'PermitRootLogin no'<\/span>\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Change the SSH port\r\n      <span class=\"token key atrule\">ansible.builtin.lineinfile<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/etc\/ssh\/sshd_config\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> present\r\n        <span class=\"token key atrule\">regexp<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'^#Port 22'<\/span>\r\n        <span class=\"token key atrule\">line<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">'Port \"{{ ssh_port }}\"'<\/span>\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> UFW <span class=\"token punctuation\">-<\/span> Allow SSH connections\r\n      <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">rule<\/span><span class=\"token punctuation\">:<\/span> allow\r\n        <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Brute<span class=\"token punctuation\">-<\/span>force attempt protection for SSH\r\n      <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">rule<\/span><span class=\"token punctuation\">:<\/span> limit\r\n        <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n        <span class=\"token key atrule\">proto<\/span><span class=\"token punctuation\">:<\/span> tcp\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> UFW <span class=\"token punctuation\">-<\/span> Deny other incoming traffic and enable UFW\r\n      <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> enabled\r\n        <span class=\"token key atrule\">policy<\/span><span class=\"token punctuation\">:<\/span> deny\r\n        <span class=\"token key atrule\">direction<\/span><span class=\"token punctuation\">:<\/span> incoming\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Remove dependencies that are no longer required\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">autoremove<\/span><span class=\"token punctuation\">:<\/span> yes\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Restart the SSH daemon\r\n      <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> restarted\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> ssh\r\n\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Rebooting hosts after initial setup\r\n  <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> initial\r\n  <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n  <span class=\"token key atrule\">become<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> secret\r\n  <span class=\"token key atrule\">vars<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">ansible_become_pass<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password }}\"<\/span>\r\n\r\n  <span class=\"token key atrule\">tasks<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Reboot all hosts\r\n      <span class=\"token key atrule\">ansible.builtin.reboot<\/span><span class=\"token punctuation\">:<\/span>\r\n<\/code><\/pre>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u7d42\u3048\u305f\u3089\u3001\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306b\u65b0\u3057\u3044\u30bf\u30b9\u30af\u3092\u8ffd\u52a0\u3057\u305f\u308a\u3001\u65e2\u5b58\u306e\u30bf\u30b9\u30af\u3092\u5909\u66f4\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u305f\u3060\u3057\u3001YAML\u30d5\u30a1\u30a4\u30eb\u3092\u5909\u66f4\u3059\u308b\u3068\u3001\u30b9\u30da\u30fc\u30b9\u306b\u654f\u611f\u306aYAML\u304c\u7834\u640d\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u305f\u3081\u3001\u30d5\u30a1\u30a4\u30eb\u306e\u3069\u306e\u90e8\u5206\u3092\u7de8\u96c6\u3059\u308b\u304b\u306b\u6ce8\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002Ansible\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u4f5c\u6210\u65b9\u6cd5\u306b\u3064\u3044\u3066\u306f\u3001\u5f0a\u793e\u306e\u30b7\u30ea\u30fc\u30ba\u300cAnsible\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u4f5c\u6210\u65b9\u6cd5\u300d\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/div>\n<\/div>\n<p>\u4eca\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u307e\u305a\u3001\u69cb\u6587\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">ansible-playbook &#8211;syntax-check &#8211;ask-vault-pass <mark>initial.yml<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30b9\u30c6\u30c3\u30d75\u3067\u4f5c\u6210\u3057\u305f\u4fdd\u7ba1\u5eab\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3059\u308b\u3088\u3046\u306b\u6c42\u3081\u3089\u308c\u307e\u3059\u3002\u8a8d\u8a3c\u304c\u6210\u529f\u3057\u305f\u5f8c\u306bYAML\u69cb\u6587\u306b\u30a8\u30e9\u30fc\u304c\u306a\u3051\u308c\u3070\u3001\u51fa\u529b\u306f\u6b21\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<div class=\"secondary-code-label\" title=\"Output\">Output<\/div>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>playbook: <mark>initial.yml<\/mark><\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u3001\u30d5\u30a1\u30a4\u30eb\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">ansible-playbook &#8211;ask-vault-pass <mark>initial.yml<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30d0\u30eb\u30c8\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u518d\u5ea6\u8981\u6c42\u3055\u308c\u307e\u3059\u3002\u8a8d\u8a3c\u304c\u6210\u529f\u3059\u308b\u3068\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u306f\u5404\u30db\u30b9\u30c8\u306broot\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u30ed\u30b0\u30a4\u30f3\u3057\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5185\u306e\u3059\u3079\u3066\u306e\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002\u500b\u3005\u306e\u30b5\u30fc\u30d0\u30fc\u3067ssh root@node-ip-address\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u4ee3\u308f\u308a\u306b\u3001Ansible\u306f\/etc\/ansible\/hosts\u3067\u6307\u5b9a\u3055\u308c\u305f\u3059\u3079\u3066\u306e\u30ce\u30fc\u30c9\u306b\u63a5\u7d9a\u3057\u3001\u305d\u306e\u5f8c\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u5185\u306e\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u306e\u30b5\u30f3\u30d7\u30eb\u30db\u30b9\u30c8\u3067\u306f\u3001Ansible\u306f3\u3064\u306e\u30db\u30b9\u30c8\u9593\u3067\u30bf\u30b9\u30af\u3092\u5b8c\u4e86\u3059\u308b\u306e\u306b\u7d043\u5206\u304b\u304b\u308a\u307e\u3057\u305f\u3002\u30bf\u30b9\u30af\u304c\u5b8c\u4e86\u3057\u305f\u3089\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u51fa\u529b\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<div class=\"secondary-code-label\" title=\"Output\">Output<\/div>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>PLAY RECAP ***************************************************************************************************** <mark>host1<\/mark> : ok=16 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 <mark>host2<\/mark> : ok=16 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 <mark>host3<\/mark> : ok=16 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u6210\u529f\u88c1\u5b9a\u3055\u308c\u305f\u5404\u30bf\u30b9\u30af\u3068\u30d7\u30ec\u30a4\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u30bb\u30af\u30b7\u30e7\u30f3\u306f\u3001OK\u5217\u306e\u6570\u306b\u52a0\u7b97\u3055\u308c\u307e\u3059\u30022\u3064\u306e\u30d7\u30ec\u30a4\u306714\u306e\u30bf\u30b9\u30af\u304c\u3042\u308a\u3001\u3059\u3079\u3066\u306e\u8a55\u4fa1\u304c\u6210\u529f\u3057\u305f\u5834\u5408\u3001\u305d\u306e\u6570\u306f16\u306b\u306a\u308a\u307e\u3059\u3002\u8a55\u4fa1\u3055\u308c\u305f\u30bf\u30b9\u30af\u306e\u4e2d\u3067\u3001\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u5909\u66f4\u304c\u884c\u308f\u308c\u305f\u306e\u306f11\u500b\u3060\u3051\u3067\u3042\u308a\u3001\u305d\u308c\u306f\u5909\u66f4\u5217\u3067\u8868\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u5230\u9054\u4e0d\u80fd\u306a\u30db\u30b9\u30c8\u306e\u6570\u306f\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u304c\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u306a\u304b\u3063\u305f\u30db\u30b9\u30c8\u306e\u6570\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u3069\u306e\u30bf\u30b9\u30af\u3082\u5931\u6557\u3057\u3066\u3044\u306a\u3044\u305f\u3081\u3001\u5931\u6557\u3057\u305f\u6570\u306f0\u3067\u3059\u3002<\/p>\n<p>\u30bf\u30b9\u30af\u306f\u3001\u30bf\u30b9\u30af\u306b\u6307\u5b9a\u3055\u308c\u305f\u6761\u4ef6\u304c\u6e80\u305f\u3055\u308c\u306a\u3044\u5834\u5408\u306b\u30b9\u30ad\u30c3\u30d7\u3055\u308c\u307e\u3059\uff08\u901a\u5e38\u306fwhen\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3092\u4f7f\u7528\u3057\u307e\u3059\uff09\u3002\u3053\u306e\u5834\u5408\u3001\u30bf\u30b9\u30af\u306f\u30b9\u30ad\u30c3\u30d7\u3055\u308c\u307e\u305b\u3093\u304c\u3001\u30b9\u30c6\u30c3\u30d78\u3067\u306f\u9069\u7528\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u6700\u5f8c\u306e2\u3064\u306e\u5217\uff08\u6551\u52a9\u3055\u308c\u305f\u3082\u306e\u3068\u7121\u8996\u3055\u308c\u305f\u3082\u306e\uff09\u306f\u3001\u6f14\u5287\u307e\u305f\u306f\u30bf\u30b9\u30af\u306e\u305f\u3081\u306b\u6307\u5b9a\u3055\u308c\u305f\u30a8\u30e9\u30fc\u30cf\u30f3\u30c9\u30ea\u30f3\u30b0\u306b\u95a2\u9023\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u3042\u306a\u305f\u306f\u73fe\u5728\u3001Ansible\u3092\u4f7f\u7528\u3057\u3066Ubuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u8907\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u81ea\u52d5\u5316\u3057\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3067\u6307\u5b9a\u3055\u308c\u305f\u3059\u3079\u3066\u306e\u30bf\u30b9\u30af\u3092\u5b8c\u4e86\u3059\u308b1\u3064\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u306b\u6210\u529f\u3057\u307e\u3057\u305f\u3002<\/p>\n<p>\u671f\u5f85\u901a\u308a\u306b\u3059\u3079\u3066\u304c\u52d5\u4f5c\u3057\u3066\u3044\u308b\u304b\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306b\u3001\u6b21\u306b\u30db\u30b9\u30c8\u306e\u30ed\u30b0\u30a4\u30f3\u3092\u884c\u3044\u3001\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u691c\u8a3c\u3057\u307e\u3059\u3002<\/p>\n<h2>\uff08\u4efb\u610f\uff09\u30b9\u30c6\u30c3\u30d77 \u2014 \u30b5\u30fc\u30d0\u30fc\u306e\u8a2d\u5b9a\u3092\u624b\u52d5\u3067\u78ba\u8a8d\u3059\u308b<\/h2>\n<p>\u524d\u306e\u624b\u9806\u306e\u6700\u5f8c\u306b\u3042\u308b\u30d7\u30ec\u30a4\u306e\u8981\u7d04\u306e\u51fa\u529b\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306b\u3001\u4e8b\u524d\u306b\u8a2d\u5b9a\u3055\u308c\u305f\u8cc7\u683c\u60c5\u5831\u3092\u4f7f\u7528\u3057\u3066\u30db\u30b9\u30c8\u306e1\u3064\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30a2\u30af\u30b7\u30e7\u30f3\u306f\u5b66\u7fd2\u306e\u76ee\u7684\u306e\u305f\u3081\u306b\u4efb\u610f\u306e\u3082\u306e\u3067\u3059\u3002\u306a\u305c\u306a\u3089\u3001Ansible\u306e\u8981\u7d04\u30ec\u30dd\u30fc\u30c8\u304c\u6b63\u78ba\u306a\u5b8c\u4e86\u3092\u5831\u544a\u3057\u3066\u3044\u308b\u304b\u3089\u3067\u3059\u3002<\/p>\n<p>\u6b21\u306e\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u3001\u30db\u30b9\u30c8\u306e1\u3064\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">ssh<\/span> <span class=\"token parameter variable\">-p<\/span> <mark><span class=\"token number\">5995<\/span><\/mark> <mark>sammy<\/mark>@<mark>host1-public-ip-address<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>Step 4\u3067\u8a2d\u5b9a\u3057\u305fSSH\u306e\u30ab\u30b9\u30bf\u30e0\u30dd\u30fc\u30c8\u756a\u53f7\uff085995\uff09\u3092\u6307\u5b9a\u3059\u308b\u305f\u3081\u306b\u3001-p\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u3001Step 6\u3067\u4f5c\u6210\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u3067\u3042\u308bsammy\u3092\u4f7f\u3044\u307e\u3059\u3002\u305d\u306e\u30dd\u30fc\u30c8\u7d4c\u7531\u3067\u305d\u306e\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u30db\u30b9\u30c8\u306b\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308c\u3070\u3001Ansible\u306f\u305d\u308c\u3089\u306e\u30bf\u30b9\u30af\u3092\u6210\u529f\u88cf\u306b\u5b8c\u4e86\u3057\u305f\u3068\u3044\u3046\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3059\u3002<\/p>\n<p>\u30ed\u30b0\u30a4\u30f3\u5f8c\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u3092\u66f4\u65b0\u3067\u304d\u308b\u304b\u3069\u3046\u304b\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">sudo<\/span> <span class=\"token function\">apt<\/span> update<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u5165\u529b\u3092\u6c42\u3081\u3089\u308c\u3001\u30b9\u30c6\u30c3\u30d75\u3067\u8a2d\u5b9a\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3067\u8a8d\u8a3c\u3067\u304d\u308b\u5834\u5408\u3001Ansible\u304c\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210\u3068\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u8a2d\u5b9a\u306e\u30bf\u30b9\u30af\u3092\u6b63\u5e38\u306b\u5b8c\u4e86\u3057\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u8a08\u753b\u66f8\u304c\u610f\u56f3\u901a\u308a\u306b\u6a5f\u80fd\u3057\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3057\u305f\u3089\u3001\u7d99\u7d9a\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306e\u305f\u3081\u306b\u7b2c\u4e8c\u306e\u8a08\u753b\u66f8\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<h2>\uff08\u30aa\u30d7\u30b7\u30e7\u30f3\uff09\u30b9\u30c6\u30c3\u30d78- \u30db\u30b9\u30c8\u306e\u7d99\u7d9a\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306b\u306fAnsible\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002<\/h2>\n<p>\u30b9\u30c6\u30c3\u30d76\u3067\u5b9f\u884c\u3055\u308c\u305f\u6700\u521d\u306e\u30b5\u30fc\u30d0\u30fc\u8a2d\u5b9a\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306f\u3001\u5e0c\u671b\u3059\u308b\u3060\u3051\u306e\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u3067\u304d\u307e\u3059\u304c\u3001\u305d\u306e\u521d\u671f\u8a2d\u5b9a\u306e\u5f8c\u306b\u30db\u30b9\u30c8\u3092\u7ba1\u7406\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u305b\u3093\u3002\u5404\u30db\u30b9\u30c8\u306b\u500b\u5225\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u3059\u304c\u3001\u305d\u308c\u306f\u8907\u6570\u306e\u30b5\u30fc\u30d0\u30fc\u3067\u540c\u6642\u306b\u4f5c\u696d\u3059\u308b\u305f\u3081\u306b\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u3055\u308c\u307e\u305b\u3093\u3002\u30b9\u30c6\u30c3\u30d73\u306e\u4e00\u74b0\u3068\u3057\u3066\u3001\u7d99\u7d9a\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306b\u4f7f\u7528\u3067\u304d\u308bongoing.yml\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3082\u53d6\u308a\u8fbc\u307f\u307e\u3057\u305f\u3002\u3053\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u306f\u3001ongoing.yml\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3057\u3066\u3001\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3067\u8a2d\u5b9a\u3057\u305f\u30db\u30b9\u30c8\u306e\u7d99\u7d9a\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u3092\u81ea\u52d5\u5316\u3057\u307e\u3059\u3002<\/p>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u524d\u306b\u3001\u5404\u30bf\u30b9\u30af\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u59cb\u3081\u308b\u524d\u306b\u3001nano\u3084\u304a\u6c17\u306b\u5165\u308a\u306e\u30c6\u30ad\u30b9\u30c8\u30a8\u30c7\u30a3\u30bf\u3067\u30d5\u30a1\u30a4\u30eb\u3092\u958b\u3044\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\"><span class=\"token function\">nano<\/span> ongoing.yml<\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u6700\u521d\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3068\u306f\u7570\u306a\u308a\u3001\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306b\u306f1\u3064\u306e\u30d7\u30ec\u30a4\u3068\u5c11\u306a\u3044\u30bf\u30b9\u30af\u3057\u304b\u542b\u307e\u308c\u3066\u3044\u307e\u305b\u3093\u3002<\/p>\n<h3>\u30d7\u30ec\u30a4\uff11\uff1a<\/h3>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u6700\u521d\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u306b\u3042\u308b\u4ee5\u4e0b\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u306f\u3001\u30d7\u30ec\u30a4\u306e\u52d5\u4f5c\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u307e\u3059\u3002<\/p>\n<div>\u9032\u884c\u4e2d\u306e\u3082\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> <mark>ongoing<\/mark>\r\n  <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n  <span class=\"token key atrule\">become<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> secret\r\n  <span class=\"token key atrule\">vars<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">ansible_become_pass<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password }}\"<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u30db\u30b9\u30c8\u30ad\u30fc\u30ef\u30fc\u30c9\u306b\u6e21\u3055\u308c\u308b\u30b0\u30eb\u30fc\u30d7\u4ee5\u5916\u306f\u3001\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e2\u756a\u76ee\u306e\u30d7\u30ec\u30a4\u3067\u4f7f\u7528\u3055\u308c\u308b\u30ad\u30fc\u30ef\u30fc\u30c9\u3068\u540c\u3058\u3067\u3059\u3002<\/p>\n<p>\u30ad\u30fc\u30ef\u30fc\u30c9\u306e\u5f8c\u306b\u306f\u3001\u9806\u756a\u306b\u5b9f\u884c\u3059\u308b\u30bf\u30b9\u30af\u306e\u30ea\u30b9\u30c8\u304c\u3042\u308a\u307e\u3059\u3002\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3068\u540c\u69d8\u306b\u3001\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u5404\u30bf\u30b9\u30af\u306f\u3001\u30bf\u30b9\u30af\u304c\u9054\u6210\u3059\u308b\u76ee\u7684\u3092\u77ed\u304f\u8aac\u660e\u3059\u308b\u540d\u524d\u3067\u59cb\u307e\u308a\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af1\uff1a\u30ad\u30e3\u30c3\u30b7\u30e5\u3092\u66f4\u65b0\u3059\u308b\u3002<\/h4>\n<p>\u6700\u521d\u306e\u30bf\u30b9\u30af\u306f\u30d1\u30c3\u30b1\u30fc\u30b8\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u66f4\u65b0\u3067\u3059\u3002<\/p>\n<div>\u73fe\u5728\u9032\u884c\u4e2d\u306e\u3082\u306e\u3002<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>update cache<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">update_cache<\/span><span class=\"token punctuation\">:<\/span> yes\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.apt\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u30d1\u30c3\u30b1\u30fc\u30b8\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u3092\u66f4\u65b0\u3057\u307e\u3059\u3002\u305d\u306e\u305f\u3081\u3001update_cache: yes\u3068\u3057\u3066\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001\u3057\u3070\u3057\u3070\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3084\u3059\u3079\u3066\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u66f4\u65b0\u306e\u524d\u306b\u3001Ubuntu\u30b5\u30fc\u30d0\u30fc\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066sudo apt update\u3068\u5165\u529b\u3059\u308b\u306e\u3068\u540c\u3058\u3053\u3068\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af2\uff1a\u3059\u3079\u3066\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u66f4\u65b0\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u7b2c\u4e8c\u306e\u30bf\u30b9\u30af\u306f\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<div>\u7d99\u7d9a\u4e2d\u3067\u3059\u3002<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Update all installed packages<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"*\"<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> latest\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u6700\u521d\u306e\u30bf\u30b9\u30af\u306e\u3088\u3046\u306b\u3001\u3053\u306e\u30bf\u30b9\u30af\u3067\u3082ansible.builtin.apt\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u307e\u3059\u3002\u3053\u3053\u3067\u306f\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u6307\u5b9a\u3059\u308b\u305f\u3081\u306b\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\uff08name: &#8220;*&#8221;\uff09\u3068state: latest\u3092\u4f7f\u7528\u3057\u3066\u3001\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f\u306e\u3059\u3079\u3066\u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u6700\u65b0\u3067\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001\u30b5\u30fc\u30d0\u30fc\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066sudo apt upgrade -y\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af3: NTP\u30b5\u30fc\u30d3\u30b9\u304c\u5b9f\u884c\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/h4>\n<p>\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u7b2c\u4e09\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001NTP\u30c7\u30fc\u30e2\u30f3\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u304c\u78ba\u5b9f\u306b\u884c\u308f\u308c\u307e\u3059\u3002<\/p>\n<div>\u9032\u884c\u4e2d\u3067\u3059\u3002<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Make sure NTP service is running<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> started\r\n    <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> systemd<span class=\"token punctuation\">-<\/span>timesyncd\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u30b5\u30fc\u30d0\u30fc\u4e0a\u306e\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30b5\u30fc\u30d3\u30b9\u304c\u3055\u307e\u3056\u307e\u306a\u7406\u7531\u3067\u5931\u6557\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u305f\u3081\u3001\u305d\u306e\u3088\u3046\u306a\u30b5\u30fc\u30d3\u30b9\u304c\u5f15\u304d\u7d9a\u304d\u30a2\u30af\u30c6\u30a3\u30d6\u3067\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u305f\u3044\u3067\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001systemd-timesyncd\u3068\u3044\u3046NTP\u30c7\u30fc\u30e2\u30f3\u304c\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u72b6\u614b\uff08started\uff09\u3067\u3042\u308b\u3053\u3068\u3092\u4fdd\u8a3c\u3059\u308b\u305f\u3081\u306b\u3001ansible.builtin.systemd\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af4\uff1aUFW &#8211; \u5b9f\u884c\u4e2d\u3067\u3059\u304b\uff1f<\/h4>\n<p>\u7b2c\u56db\u306e\u30bf\u30b9\u30af\u306fUFW\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u72b6\u614b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<div>\n<p>\u4ee5\u4e0b\u306e\u6587\u3092\u65e5\u672c\u8a9e\u3067\u8868\u73fe\u3059\u308b\uff08\u30aa\u30d7\u30b7\u30e7\u30f3\uff11\u3064\u3060\u3051\uff09\uff1a<\/p>\n<p>\u9032\u884c\u4e2d\u306e\u3082\u306e.yml<\/p>\n<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>UFW <span class=\"token punctuation\">-<\/span> Is it running<span class=\"token punctuation\">?<\/span><\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.command<\/span><span class=\"token punctuation\">:<\/span> ufw status\r\n    <span class=\"token key atrule\">register<\/span><span class=\"token punctuation\">:<\/span> <mark>ufw_status<\/mark>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>Ubuntu\u306eUFW\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u72b6\u614b\u306f\u3001sudo ufw status\u30b3\u30de\u30f3\u30c9\u3067\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002\u51fa\u529b\u306e\u6700\u521d\u306e\u884c\u306b\u306f\u3001Status: active\u307e\u305f\u306fStatus: inactive\u3068\u8868\u793a\u3055\u308c\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001ansible.builtin.command\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u540c\u3058\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u3001\u51fa\u529b\u3092ufw_status\u5909\u6570\u306b\u4fdd\u5b58\uff08\u767b\u9332\uff09\u3057\u307e\u3059\u3002\u305d\u306e\u5909\u6570\u306e\u5024\u306f\u3001\u6b21\u306e\u30bf\u30b9\u30af\u3067\u30af\u30a8\u30ea\u3055\u308c\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af5\uff1aUFW &#8211; UFW\u3092\u6709\u52b9\u306b\u3057\u3001\u7740\u4fe1\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u62d2\u5426\u3059\u308b<\/h4>\n<p>\u3082\u3057UFW\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u304c\u505c\u6b62\u3055\u308c\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u7b2c\u4e94\u306e\u30bf\u30b9\u30af\u3067\u518d\u5ea6\u6709\u52b9\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<div>\u73fe\u5728\u9032\u884c\u4e2d\u306e.yml\u30d5\u30a1\u30a4\u30eb<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>UFW <span class=\"token punctuation\">-<\/span> Enable UFW and deny incoming traffic<\/mark>\r\n  <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> enabled\r\n  <span class=\"token key atrule\">when<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"'inactive' in ufw_status.stdout\"<\/span>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001ufw_status\u5909\u6570\u306e\u51fa\u529b\u306binactive\u3068\u3044\u3046\u7528\u8a9e\u304c\u73fe\u308c\u305f\u5834\u5408\u306b\u306e\u307f\u3001community.general.ufw\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3066\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\u3002\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u304c\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u5834\u5408\u3001when\u6761\u4ef6\u304c\u6e80\u305f\u3055\u308c\u306a\u3044\u305f\u3081\u3001\u30bf\u30b9\u30af\u306f\u30b9\u30ad\u30c3\u30d7\u3055\u308c\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af6\uff1a\u5fc5\u8981\u306a\u304f\u306a\u3063\u305f\u4f9d\u5b58\u95a2\u4fc2\u3092\u524a\u9664\u3059\u308b\u3002<\/h4>\n<p>\u3053\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\uff16\u756a\u76ee\u306e\u30bf\u30b9\u30af\u306f\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u4f9d\u5b58\u95a2\u4fc2\u3092\u6574\u7406\u3059\u308b\u3053\u3068\u3067\u3059\u3002<\/p>\n<div>ongoing.yml\u3092\u65e5\u672c\u8a9e\u3067\u81ea\u7136\u306b\u8a00\u3044\u63db\u3048\u308b \uff1a<br \/>\n\u9032\u884c\u4e2d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Remove dependencies that are no longer required<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">autoremove<\/span><span class=\"token punctuation\">:<\/span> yes\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>\u3053\u306e\u30bf\u30b9\u30af\u306f\u3001ansible.builtin.apt\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3059\u3053\u3068\u3067\u3001\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u4e0d\u8981\u306b\u306a\u3063\u305f\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u4f9d\u5b58\u95a2\u4fc2\u3092\u524a\u9664\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001sudo apt autoremove\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<\/p>\n<h4>\u8ab2\u984c7\uff1a\u518d\u8d77\u52d5\u304c\u5fc5\u8981\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3059\u308b\u3002<\/h4>\n<p>\u7b2c7\u306e\u30bf\u30b9\u30af\u306f\u3001\u518d\u8d77\u52d5\u304c\u5fc5\u8981\u304b\u3069\u3046\u304b\u3092\u30c1\u30a7\u30c3\u30af\u3057\u307e\u3059\u3002<\/p>\n<div>\u7d9a\u884c\u4e2d\u3067\u3059\u3002<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Check if reboot required<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.stat<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/var\/run\/reboot<span class=\"token punctuation\">-<\/span>required\r\n  <span class=\"token key atrule\">register<\/span><span class=\"token punctuation\">:<\/span> <mark>reboot_required<\/mark>\r\n<span class=\"token punctuation\">...<\/span>\r\n<\/code><\/pre>\n<p>Ubuntu\u3067\u65b0\u3057\u304f\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u305f\u30d1\u30c3\u30b1\u30fc\u30b8\u3084\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u306b\u3088\u3063\u3066\u5c0e\u5165\u3055\u308c\u305f\u5909\u66f4\u3092\u6709\u52b9\u306b\u3059\u308b\u306b\u306f\u3001\u518d\u8d77\u52d5\u304c\u5fc5\u8981\u3067\u3042\u308b\u3053\u3068\u3092\u793a\u3059\u305f\u3081\u306b\u3001\/var\/run\/reboot-required \u30d5\u30a1\u30a4\u30eb\u304c\u4f5c\u6210\u3055\u308c\u307e\u3059\u3002\u3053\u306e\u30d5\u30a1\u30a4\u30eb\u304c\u5b58\u5728\u3059\u308b\u304b\u3069\u3046\u304b\u306f\u3001stat \/var\/run\/reboot-required \u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u30bf\u30b9\u30af\u3067\u306f\u3001\u540c\u3058\u3053\u3068\u3092\u884c\u3046\u305f\u3081\u306bansible.builtin.stat\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u547c\u3073\u51fa\u3057\u3001\u305d\u306e\u51fa\u529b\u3092reboot_required\u5909\u6570\u306b\u4fdd\u5b58\uff08\u767b\u9332\uff09\u3057\u307e\u3059\u3002\u305d\u306e\u5909\u6570\u306e\u5024\u306f\u3001\u6b21\u306e\u30bf\u30b9\u30af\u3067\u30af\u30a8\u30ea\u3055\u308c\u307e\u3059\u3002<\/p>\n<h4>\u30bf\u30b9\u30af8: \u5fc5\u8981\u306a\u3089\u518d\u8d77\u52d5\u3059\u308b<\/h4>\n<p>\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u30018\u756a\u76ee\u306e\u30bf\u30b9\u30af\u304c\u30b5\u30fc\u30d0\u30fc\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<div>\u9032\u884c\u4e2d\u3067\u3059\u3002<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">...<\/span>\r\n<span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <mark>Reboot if required<\/mark>\r\n  <span class=\"token key atrule\">ansible.builtin.reboot<\/span><span class=\"token punctuation\">:<\/span>\r\n  <span class=\"token key atrule\">when<\/span><span class=\"token punctuation\">:<\/span> <mark>reboot_required<\/mark>.stat.exists == true\r\n<\/code><\/pre>\n<p>\u4ee5\u4e0b\u306e\u30bf\u30b9\u30af\u306f\u3001\u30bf\u30b9\u30af7\u304b\u3089reboot_required\u5909\u6570\u3092\u30af\u30a8\u30ea\u3057\u3001\/var\/run\/reboot-required\u304c\u5b58\u5728\u3059\u308b\u5834\u5408\u306b\u306e\u307f\u3001ansible.builtin.reboot\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u30db\u30b9\u30c8\u3092\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002\u518d\u8d77\u52d5\u304c\u5fc5\u8981\u3067\u3001\u30db\u30b9\u30c8\u304c\u518d\u8d77\u52d5\u3055\u308c\u305f\u5834\u5408\u3001\u30bf\u30b9\u30af\u306f\u5909\u66f4\u3055\u308c\u305f\u3068\u3057\u3066\u30de\u30fc\u30af\u3055\u308c\u307e\u3059\u3002\u305d\u308c\u4ee5\u5916\u306e\u5834\u5408\u3001Ansible\u306f\u518d\u751f\u306e\u6982\u8981\u3067\u30b9\u30ad\u30c3\u30d7\u3055\u308c\u305f\u3068\u30de\u30fc\u30af\u3057\u307e\u3059\u3002<\/p>\n<p>\u7d99\u7d9a\u7684\u306a\u4fdd\u5b88\u4f5c\u696d\u306e\u305f\u3081\u306e\u5b8c\u5168\u306a\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u30d5\u30a1\u30a4\u30eb\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3067\u3059:<\/p>\n<div>\u6700\u521d\u306e.yml<\/div>\n<pre class=\"post-pre\"><code><span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">hosts<\/span><span class=\"token punctuation\">:<\/span> ongoing\r\n  <span class=\"token key atrule\">port<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ ssh_port }}\"<\/span>\r\n  <span class=\"token key atrule\">remote_user<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ create_user }}\"<\/span>\r\n  <span class=\"token key atrule\">become<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token boolean important\">true<\/span>\r\n  <span class=\"token key atrule\">vars_files<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> vars\/default.yml\r\n    <span class=\"token punctuation\">-<\/span> secret\r\n  <span class=\"token key atrule\">vars<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token key atrule\">ansible_become_pass<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"{{ password }}\"<\/span>\r\n\r\n  <span class=\"token key atrule\">tasks<\/span><span class=\"token punctuation\">:<\/span>\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> update cache\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">update_cache<\/span><span class=\"token punctuation\">:<\/span> yes\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Update all installed packages\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"*\"<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> latest\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Make sure NTP service is running\r\n      <span class=\"token key atrule\">ansible.builtin.systemd<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> started\r\n        <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> systemd<span class=\"token punctuation\">-<\/span>timesyncd\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> UFW <span class=\"token punctuation\">-<\/span> Is it running<span class=\"token punctuation\">?<\/span>\r\n      <span class=\"token key atrule\">ansible.builtin.command<\/span><span class=\"token punctuation\">:<\/span> ufw status\r\n      <span class=\"token key atrule\">register<\/span><span class=\"token punctuation\">:<\/span> ufw_status\r\n      \r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> UFW <span class=\"token punctuation\">-<\/span> Enable UFW and deny incoming traffic\r\n      <span class=\"token key atrule\">community.general.ufw<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">state<\/span><span class=\"token punctuation\">:<\/span> enabled\r\n      <span class=\"token key atrule\">when<\/span><span class=\"token punctuation\">:<\/span> <span class=\"token string\">\"'inactive' in ufw_status.stdout\"<\/span>\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Remove dependencies that are no longer required\r\n      <span class=\"token key atrule\">ansible.builtin.apt<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">autoremove<\/span><span class=\"token punctuation\">:<\/span> yes\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Check if reboot required\r\n      <span class=\"token key atrule\">ansible.builtin.stat<\/span><span class=\"token punctuation\">:<\/span>\r\n        <span class=\"token key atrule\">path<\/span><span class=\"token punctuation\">:<\/span> \/var\/run\/reboot<span class=\"token punctuation\">-<\/span>required\r\n      <span class=\"token key atrule\">register<\/span><span class=\"token punctuation\">:<\/span> reboot_required\r\n\r\n    <span class=\"token punctuation\">-<\/span> <span class=\"token key atrule\">name<\/span><span class=\"token punctuation\">:<\/span> Reboot if required\r\n      <span class=\"token key atrule\">ansible.builtin.reboot<\/span><span class=\"token punctuation\">:<\/span>\r\n      <span class=\"token key atrule\">when<\/span><span class=\"token punctuation\">:<\/span> reboot_required.stat.exists == true\r\n<\/code><\/pre>\n<p>\u30d5\u30a1\u30a4\u30eb\u306e\u78ba\u8a8d\u304c\u7d42\u308f\u3063\u305f\u3089\u3001\u4fdd\u5b58\u3057\u3066\u9589\u3058\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<div class=\"post-conf-note\">\n<p class=\"post-conf-desc\">Note<\/p>\n<div>\u6ce8\u610f\uff1a\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306b\u65b0\u3057\u3044\u30bf\u30b9\u30af\u3092\u8ffd\u52a0\u3057\u305f\u308a\u3001\u65e2\u5b58\u306e\u30bf\u30b9\u30af\u3092\u5909\u66f4\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u305f\u3060\u3057\u3001YAML\u30d5\u30a1\u30a4\u30eb\u3092\u5909\u66f4\u3059\u308b\u3068\u7834\u640d\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002YAML\u306f\u30b9\u30da\u30fc\u30b9\u306b\u654f\u611f\u3067\u3059\u306e\u3067\u3001\u30d5\u30a1\u30a4\u30eb\u306e\u3069\u306e\u90e8\u5206\u3092\u7de8\u96c6\u3059\u308b\u304b\u306b\u6ce8\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002Ansible\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u4f5c\u6210\u306b\u95a2\u3059\u308b\u8a73\u7d30\u306f\u3001\u5f0a\u793e\u306e\u300cAnsible\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u66f8\u304d\u65b9\u300d\u30b7\u30ea\u30fc\u30ba\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/div>\n<\/div>\n<p>\u4eca\u3001\u305d\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u5b9f\u884c\u3067\u304d\u307e\u3059\u3002\u6700\u521d\u306b\u3001\u69cb\u6587\u3092\u30c1\u30a7\u30c3\u30af\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">ansible-playbook &#8211;syntax-check &#8211;ask-vault-pass <mark>ongoing.yml<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30b9\u30c6\u30c3\u30d75\u3067\u4f5c\u6210\u3057\u305f\u4fdd\u7ba1\u5eab\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3059\u308b\u3088\u3046\u306b\u4fc3\u3055\u308c\u307e\u3059\u3002\u8a8d\u8a3c\u304c\u6210\u529f\u3057\u305f\u5f8c\u3001YAML\u69cb\u6587\u306b\u30a8\u30e9\u30fc\u304c\u306a\u3051\u308c\u3070\u3001\u4ee5\u4e0b\u306e\u7d50\u679c\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<div class=\"secondary-code-label\" title=\"Output\">Output<\/div>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>playbook: <mark>ongoing.yml<\/mark><\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3067\u3001\u30d5\u30a1\u30a4\u30eb\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<ol>\n<li data-prefix=\"$\">ansible-playbook &#8211;ask-vault-pass <mark>ongoing.yml<\/mark><\/li>\n<\/ol>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u30dc\u30fc\u30eb\u30c8\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u6c42\u3081\u3089\u308c\u307e\u3059\u3002\u8a8d\u8a3c\u304c\u6210\u529f\u3057\u305f\u5f8c\u3001Ansible\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u306f\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3059\u308b\u305f\u3081\u306b\u3001\u5404\u30db\u30b9\u30c8\u306bsammy\uff08\u307e\u305f\u306f\u6307\u5b9a\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u540d\uff09\u3068\u3057\u3066\u30ed\u30b0\u30a4\u30f3\u3057\u307e\u3059\u3002\u500b\u3005\u306e\u30b5\u30fc\u30d0\u30fc\u3067ssh -p 5995 sammy @ host_ip_address\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u4ee3\u308f\u308a\u306b\u3001Ansible\u306f\/etc\/ansible\/hosts\u306e\u9032\u884c\u4e2d\u306e\u30b0\u30eb\u30fc\u30d7\u3067\u6307\u5b9a\u3055\u308c\u305f\u30ce\u30fc\u30c9\u306b\u63a5\u7d9a\u3057\u3001\u305d\u306e\u5f8c\u3067\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u30bf\u30b9\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<p>\u3082\u3057\u30b3\u30de\u30f3\u30c9\u304c\u6210\u529f\u3057\u305f\u3089\u3001\u4ee5\u4e0b\u306e\u51fa\u529b\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<div class=\"secondary-code-label\" title=\"Output\">Output<\/div>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>PLAY RECAP ***************************************************************************************************** <mark>host1<\/mark> : ok=7 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 <mark>host2<\/mark> : ok=7 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 <mark>host3<\/mark> : ok=7 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0<\/p>\n<pre class=\"post-pre\"><code><\/code><\/pre>\n<p>\u6700\u521d\u306e\u30b5\u30fc\u30d0\u30fc\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u5834\u5408\u3068\u306f\u7570\u306a\u308a\u3001\u3053\u306e\u30d7\u30ec\u30a4\u30ea\u30b9\u30c8\u306e\u8981\u7d04\u3067\u306f\u3001when\u30d1\u30e9\u30e1\u30fc\u30bf\u3067\u8a2d\u5b9a\u3055\u308c\u305f\u6761\u4ef6\u306b\u5408\u308f\u306a\u304b\u3063\u305f\u305f\u3081\u30012\u3064\u306e\u30bf\u30b9\u30af\u304c\u30b9\u30ad\u30c3\u30d7\u3055\u308c\u305f\u3053\u3068\u304c\u8a18\u9332\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u5404\u30db\u30b9\u30c8\u306b\u500b\u5225\u306b\u30ed\u30b0\u30a4\u30f3\u305b\u305a\u306b\u3001\u3053\u306e\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u4f7f\u7528\u3057\u3066\u30db\u30b9\u30c8\u306e\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u304c\u3067\u304d\u307e\u3059\u3002\u30db\u30b9\u30c8\u4e0a\u306b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u69cb\u7bc9\u30fb\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u969b\u306b\u3001\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306b\u30bf\u30b9\u30af\u3092\u8ffd\u52a0\u3059\u308b\u3053\u3068\u3067Ansible\u3067\u3053\u308c\u3089\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3082\u7ba1\u7406\u3067\u304d\u307e\u3059\u3002<\/p>\n<h2>\u7d50\u8ad6 &#8211; Ketsuron<\/h2>\n<p>\u3053\u306e\u30c1\u30e5\u30fc\u30c8\u30ea\u30a2\u30eb\u3067\u306f\u3001Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u3057\u307e\u3057\u305f\u3002\u3055\u3089\u306b\u3001\u305d\u308c\u3089\u306e\u30b5\u30fc\u30d0\u30fc\u306e\u5b9a\u671f\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u306e\u305f\u3081\u306b\u30bb\u30ab\u30f3\u30c0\u30ea\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3082\u5b9f\u884c\u3057\u307e\u3057\u305f\u3002\u5206\u6563\u307e\u305f\u306f\u30af\u30e9\u30b9\u30bf\u30fc\u30e2\u30fc\u30c9\u3067Cassandra\u3084MinIO\u306e\u3088\u3046\u306a\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u5834\u5408\u3001Ansible\u306e\u81ea\u52d5\u5316\u306f\u6642\u9593\u306e\u7bc0\u7d04\u306b\u306a\u308b\u4fbf\u5229\u306a\u30c4\u30fc\u30eb\u3067\u3059\u3002<\/p>\n<p>\u516c\u5f0f\u306eAnsible\u30c9\u30ad\u30e5\u30e1\u30f3\u30c6\u30fc\u30b7\u30e7\u30f3\u30b5\u30a4\u30c8\u3067\u3055\u3089\u306a\u308b\u60c5\u5831\u3092\u5165\u624b\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u3092\u3055\u3089\u306b\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u69cb\u6210\u7ba1\u7406\u306e\u57fa\u790e\u3068\u3057\u3066\u300c\u30a2\u30f3\u30b5\u30a4\u30d6\u30eb\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u4f5c\u6210\u300d\u3068\u300c\u69cb\u6210\u7ba1\u7406101: \u30a2\u30f3\u30b5\u30a4\u30d6\u30eb\u30d7\u30ec\u30a4\u30d6\u30c3\u30af\u306e\u66f8\u304d\u65b9\u300d\u3092\u53c2\u8003\u306b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8457\u8005\u306f\u3001Write for Donations\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u4e00\u74b0\u3068\u3057\u3066\u3001\u5bc4\u4ed8\u3092\u53d7\u3051\u308b\u305f\u3081\u306b\u30d5\u30ea\u30fc\uff06\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u57fa\u91d1\u3092\u9078\u3073\u307e\u3057\u305f\u3002 \u30a4\u30f3\u30c8\u30ed\u30c0\u30af\u30b7\u30e7\u30f3 Ansible\u306f\u3001\u30b5\u30fc\u30d0\u30fc\u3084\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30d7\u30ed\u30d3\u30b8\u30e7\u30cb\u30f3\u30b0\u3001\u8a2d\u5b9a\u7ba1 [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[58,18],"class_list":["post-507","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-linux","tag-18"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5 - Blog - Silicon Cloud<\/title>\n<meta name=\"description\" content=\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/ja\/blog\/ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eubuntu-22-04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\" \/>\n<meta property=\"og:description\" content=\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/ja\/blog\/ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eubuntu-22-04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-22T20:33:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-31T15:07:36+00:00\" \/>\n<meta name=\"author\" content=\"\u84ee, \u7ffc\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u57f7\u7b46\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u84ee, \u7ffc\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"67\u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/\",\"url\":\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/\",\"name\":\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/#website\"},\"datePublished\":\"2023-04-22T20:33:44+00:00\",\"dateModified\":\"2025-07-31T15:07:36+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/cdc124a0aaebf26393d8d591183ca413\"},\"description\":\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002\",\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/ja\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/ja\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"ja\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/cdc124a0aaebf26393d8d591183ca413\",\"name\":\"\u84ee, \u7ffc\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/27308f733c7fcdac8617926a0100c77213339c4e501310a08c0baf946bf823bc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/27308f733c7fcdac8617926a0100c77213339c4e501310a08c0baf946bf823bc?s=96&d=mm&r=g\",\"caption\":\"\u84ee, \u7ffc\"},\"url\":\"https:\/\/www.silicloud.com\/ja\/blog\/author\/rentsubasa\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5 - Blog - Silicon Cloud","description":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/ja\/blog\/ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eubuntu-22-04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\/","og_locale":"ja_JP","og_type":"article","og_title":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5","og_description":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002","og_url":"https:\/\/www.silicloud.com\/ja\/blog\/ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eubuntu-22-04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-04-22T20:33:44+00:00","article_modified_time":"2025-07-31T15:07:36+00:00","author":"\u84ee, \u7ffc","twitter_card":"summary_large_image","twitter_misc":{"\u57f7\u7b46\u8005":"\u84ee, \u7ffc","\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"67\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/","url":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/","name":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/ja\/blog\/#website"},"datePublished":"2023-04-22T20:33:44+00:00","dateModified":"2025-07-31T15:07:36+00:00","author":{"@id":"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/cdc124a0aaebf26393d8d591183ca413"},"description":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5\u3092\u5206\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u3002\u5b9f\u8df5\u7684\u306a\u4f8b\u3068\u30b3\u30fc\u30c9\u3001\u6ce8\u610f\u70b9\u3092\u542b\u3081\u3066\u521d\u5fc3\u8005\u306b\u3082\u7406\u89e3\u3067\u304d\u308b\u3088\u3046\u8aac\u660e\u3057\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/ja\/blog\/"},{"@type":"ListItem","position":2,"name":"Ansible\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eUbuntu 22.04\u30b5\u30fc\u30d0\u30fc\u306e\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3092\u81ea\u52d5\u5316\u306e\u65b9\u6cd5"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/ja\/blog\/#website","url":"https:\/\/www.silicloud.com\/ja\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/cdc124a0aaebf26393d8d591183ca413","name":"\u84ee, \u7ffc","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.silicloud.com\/ja\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/27308f733c7fcdac8617926a0100c77213339c4e501310a08c0baf946bf823bc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/27308f733c7fcdac8617926a0100c77213339c4e501310a08c0baf946bf823bc?s=96&d=mm&r=g","caption":"\u84ee, \u7ffc"},"url":"https:\/\/www.silicloud.com\/ja\/blog\/author\/rentsubasa\/"},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.silicloud.com\/ja\/blog\/ansible%e3%82%92%e4%bd%bf%e7%94%a8%e3%81%97%e3%81%a6%e3%80%81%e8%a4%87%e6%95%b0%e3%81%aeubuntu-22-04%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%ae%e5%88%9d%e6%9c%9f%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/posts\/507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/comments?post=507"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/posts\/507\/revisions"}],"predecessor-version":[{"id":325801,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/posts\/507\/revisions\/325801"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/media?parent=507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/categories?post=507"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/ja\/blog\/wp-json\/wp\/v2\/tags?post=507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}