Login

u/AlpineGuy

▲ 20 r/ansible

For private setup, do you set up an actual physical control node?

I have a couple of home and cloud servers for various private use-cases. Right now slowly transitioning all setup to ansible. Love it so far!

Right now I am deploying everything from my Laptop. It is the only machine that contains all the credentials. Of course backups exist in various places, but no other machine.

Problem: When I am away from home, I have to carry my laptop with me, because if anything breaks, it's the only machine that allows me to log in and fix anything.

I could install an ssh client on my phone (iOS) and create keys, then I can at least log into servers, but still cannot run playbooks.

What I am thinking about: building a physical control node, i.e. a small PC with Linux, completely security isolated, only for that purpose, full disk encryption, the only way to login is ssh key, and from there I can access all other machines, run all playbooks. I could even install semaphore or something on it to get a web interface.

To be clear, I am not asking about connectivity - that is solved, all my machines and phones share a VPN and can talk to one another.

My current issue is with being able to run meaningful tasks while away, running ansible while on the road, being unclear about being able to trust iOS terminal apps...

tl;dr: (1) Does a physical control node make sense for a small private setup or is it more effort than it's worth? Do you have one?; (2) Can one trust iOS ssh terminal apps?

reddit.com
u/AlpineGuy — 6 days ago
▲ 0 r/selfhosted

How do you handle secure remote admin (while away from home)?

My infra is about 3 home servers and 2 cloud VMs running various services for family and myself.

Currently I strictly separate user from admin tasks. This means I am treating myself as a normal user. Almost all admin work can only be done from my Linux laptop in separate admin browser profile or with the SSH keys on that laptop. I am also transitioning more and more admin tasks to ansible, that also only lives on my laptop. (Of course the laptop has backups I can access in other ways.)

This means my phone/tablet (iOS) only have very limited user-level access to services. I am somewhat hesistant to trust closed-source systems and also the saas-based terminals for iOS.

This feels secure, but it has a major downside: when I am away with only phone + tablet and something breaks, I cannot really do any maintenance. Hence I carry my laptop whenever I am away for longer. I don't really like that as the laptop is heavy and bulky.

Options I am thinking about:

  1. Put admin SSH keys on my mobile devices: Maybe my distrust in phones is outdated. Phones are much more secure nowadays than PCs. I could just put Termius on there and access everything.
  2. Add a dedicated management box at home, reachable only via VPN, that can act as a bastion / ansible runner. Basically a "management machine". I would secure it tightly (only does ssh, no other services, no password access, only via VPN). However, that would be a single point of failure then -- master key to everything. But maybe with enough security features, I shouldn't be that hesistant. I could combine option 1+2, access the management box through my phone.
  3. A more complex setup of only allowing certain commands via ssh for certain users (admin via phone ssh, but limited options). That was a recommendation I found, but I find it complicated and again a tradeoff.
  4. Stick to my system, just accept the limitation that only my linux laptop can do thing -- look for a smaller, lighter laptop.

Any other ideas? How do you handle this tradeoff between security and being able to fix things while away from your main workstation?

Thanks!

reddit.com
u/AlpineGuy — 8 days ago