# Server Setup - Automatic ###### tags: `phishing` ## Prerequisites & Server creation Install Ansible (and PIP) on your local machine. [(Reference guide](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pip)) ```bash= sudo python3 -m pip install ansible sudo python3 -m pip install paramiko # On Linux: apt install ansible ``` Create SSH key pair for the server: ```bash= ssh-keygen -b 2048 -t rsa # Generates an SSH key-pair, for example "workshop" ``` Create the server in Hetzner (password in Keepass).  Add your **public** SSH key. ```bash= cat /root/.ssh/workshop.pub ```   When the server is created, edit the reverse DNS name in the networking TAB:  Edit Ansible host-file: ```bash= sudo mkdir /etc/ansible sudo nano /etc/ansible/hosts ``` With the contents: ```bash= root@<your-ip> ``` Make Ansible use your SSH key when connecting to your server. ```bash= eval "$(ssh-agent -s)" ssh-add ~/.ssh/workshop # Private key. Also accepts .pem files, for example AWS uses this format ``` Test if you can execute the ping command: ```bash= ansible all -m ping ``` # Server configuration ## Initial Server Setup The following Ansible playbook will install SWAP, required software and update the system. ```bash= ansible-playbook -u root server_deploy.yml ``` ## Mailserver Now we are going to setup the mailserver. Edit the `poste_io_config.yml` file.  Edit the domain field, and put your name there for this demo. In real life situations you also have to edit the cf_api_token (Cloudflare API token) because you will be using a different domain. <details> <summary>Get the Cloudflare API key</summary> Login to Cloudflare and go to the API section:  There you can generate an API key (and tie it to a domain to increase security and not expose all other domains with this API key.) </details> ```bash= ansible-playbook -u root poste_io_config.yml ``` This will: - Setup the docker poste.io mailserver - Create the mail-user and admin account - Configure DKIM - Setup the mail DNS records in Cloudflare If you login into the Cloudflare dashboard, you see the new records in the DNS overview.