🤝Jobs

Ansible Playbook for SSH Teleport Server

Overview

We're looking for help writing an Ansible playbook that:

  • Assumes a new and empty Ubuntu 22.04 server
  • Installs Docker, Docker Compose, and enables Swarm mode
  • Installs Teleport as a docker-compose stack
  • Sets up an SSL (wildcard) certificate (pre-provided, not let's encrypt) to use by apache
  • Installs apache2 and configures it to proxy to Teleport
  • Installs and configures a firewall (iptables) to allow access to the server on port 443
  • Use IP tables to allow SSH acces by a whitelisted IP addresses
  • Installs Loki as a docker-compose stack
  • Installs Grafana as a docker-compose stack, pre-configured to connect to Loki
  • Installs Promtail, routing Host logs, Apache logs + Teleport logs to Loki

Requirements of the playbook:

  • It will live in a standalone private github repository
  • All environment-specific variables should be provided through an inventory file. No real hostnames, IPs, usernames, etc should be present in the repository
  • The repo contains clear documentation in the README.md file, explaining how to use the playbook and explaining the variables that can be set in the inventory file
  • The repo contains a documented example (ficticious) inventory file (.dist) as an example / template
  • The repo passes ansible-lint and ansible-review. Exceptions should be documented in the README.md file
  • The playbook should be written in a way that makes Loki and Grafana optional.
  • The playbook should support usage of fluent-bit with an external fluentd.

Badges

At LinkORB, we work with the Badge System for qualification and learning. Candidates will be evaluated on their ability to achieve the following badges:

  • 🏅 Git Basics Understand and apply basic Git concepts
  • 🏅 GitHub Basics Understand and apply basic GitHub concepts
  • 🏅 Ansible Basics Uses Ansible automation
  • 🏅 YAML Basics Able to read, create and maintain YAML files.

That said, at LinkORB we understand that no one knows everything and the learning journey is part of what we love about the work.

Ready to take on this gig?

Great, we are excited to hear from you! Please send us your proposal at engineering@linkorb.com.

Working at LinkORB

LinkORB Engineering is the sub-group of LinkORB focused on the development and operations of our products and platforms: innovative healthcare solutions for healthcare professionals and their patients.

We are a fully remote team collaborating almost entirely asynchronously to build and support products used by millions of families and thousands of healthcare professionals.

Read more about LinkORB Engineering. Specifically, you might check out our: