I have what I think will amount to an easy question. I ran the deploy playbooks to get my server up and then the wordpress install. Worked great. I was looking at the security section of the wiki and I’m a bit confused. I already ran the server playbook with the root user to create the server. Should I have run the secure-root playbook first and then done server with the new username (admin)? If I’m doing it after the fact, do I need to still rerun the server playbook again?
@romero2k Although I think the recommended sequence is to run
secure-root.yml first, I’m pretty sure it won’t cause problems to run it after
server.yml. I did this once with a test site 2-3 months ago and didn’t notice problems (but didn’t test much). Glancing at the ansible tasks again, nothing catches my eye as a potential problem.
To be safe, you could test running the playbooks in this sequence on a development or staging site that matches the rest of your setup.
Edit: Regarding your question of whether you’ll need to re-run
secure-root.yml, I don’t think so. But if you want to run
server.yml for some reason in the future, you’ll need to run it with the
--ask-sudo-pass flag, and make the adjustments you probably already saw at https://github.com/roots/bedrock-ansible/wiki/Security:
- remote_user: root + remote_user: admin + sudo: True