Running the secure-root playbook

I have what I think will amount to an easy question. I ran the deploy playbooks to get my server up and then the wordpress install. Worked great. I was looking at the security section of the wiki and I’m a bit confused. I already ran the server playbook with the root user to create the server. Should I have run the secure-root playbook first and then done server with the new username (admin)? If I’m doing it after the fact, do I need to still rerun the server playbook again?

@romero2k Although I think the recommended sequence is to run secure-root.yml first, I’m pretty sure it won’t cause problems to run it after server.yml. I did this once with a test site 2-3 months ago and didn’t notice problems (but didn’t test much). Glancing at the ansible tasks again, nothing catches my eye as a potential problem.

To be safe, you could test running the playbooks in this sequence on a development or staging site that matches the rest of your setup.

Edit: Regarding your question of whether you’ll need to re-run server.yml after secure-root.yml, I don’t think so. But if you want to run server.yml for some reason in the future, you’ll need to run it with the --ask-sudo-pass flag, and make the adjustments you probably already saw at

- remote_user: root
+ remote_user: admin
+ sudo: True