This guide will describe how to get start with Ansible. I’m using Linux Mint 22.2.

Install Ansible#

To install Ansible using apt:

apt update
apt install ansible

Create Ansible user#

We will run all ansible code as a separate user called ansible. This user will have sudo permissions and only login with ssh key based authentication.

  1. Create user:
adduser ansible

For now we do set a password, because we need that for the ssh-copy-id command.

  1. Add user to sudo group
usermod -aG sudo ansible
  1. Check the group membership:
groups ansible
ansible : ansible sudo users

Configure ssh key-based authentication#

Ansible manages remote nodes over SSH. To automate tasks without entering passwords continuously, set up SSH keys:

  1. Generate key pairs on your local machine (control node):
ssh-keygen -t ecdsa -b 521 -C "ansible@host"
  1. Copy the key to target machines (including localhost if managing itself)
ssh-copy-id user@target-node-ip

This will copy the public part of the key to the .ssh/authorized_keys file.

For added security, we set the directive PasswordAuthentication no in the /etc/ssh/sshd_config file. This is to ensure that the ansible user can only login with the private key.

  1. Create an Inventory File
[my_nodes]
192.168.1.10
192.168.1.11

[local]
localhost ansible_connection=local
  1. Basic usage examples
  • test connectivity 
    ansible all -m ping -i inventory.ini
  • run a command on all servers 
    ansible all -m shell -a "uptime" -i inventory.ini
  • run a playbook 
    ansible-playbook site.yml -i inventory.ini
  1. Best Practices for Linux Mint/Desktop
  • Ansible Pull: For personal desktop automation, you can use ansible-pull to pull configurations directly from a Git repository to localhost.
  • Vault: Use ansible-vault to encrypt sensitive variables (passwords, keys) in your playbooks.
  • User/Group: If you are managing desktop specific items (like Cinnamon panel, themes), use the user module to interact with dconf/gsettings.
  • OS Codename: Note that distribution_release might return the Mint codename (e.g., “ulyssa”) instead of the underlying Ubuntu codename (e.g., “focal”), which can affect repository management.