It was unclear where do to the commands. Not everyone will know ansible should not be run from the server. Also, the "optional" passwordless option was not actually optional, given how this was written.

vor 8 Jahren · a148858a6e
--- a/README.md
+++ b/README.md
 
															
															 Installation
														
 
															
															 ------------
														
 
															
															+## On the remote server
														
 
															
															+
														
 
															
															+The following steps are done on the remote server by `ssh`ing into it and running these commands.
														
 
															
															+
														
 
															
															 ### 1. Install required packages
														
 
															
															     apt-get install sudo
														
 
															
															     chown deploy:deploy /home/deploy -R
														
 
															
															     echo 'deploy ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/deploy
														
 
															
															-Your new account will be automatically set up for passwordless `sudo`.
														
 
															
															+Your new account will be automatically set up for passwordless `sudo`. Or you can just add your `deploy` user to the sudo group.
														
 
															
															+
														
 
															
															+    adduser deploy sudo
														
 
															
															+
														
 
															
															+## On your local machine
														
 
															
															+
														
 
															
															+Ansible (the toll setting up your server) runs locally on your computer and sends commands to the remote server. Download this repository somewhere on your machine, either through `Clone or Download > Download ZIP` above, `wget`, or `git` as below
														
 
															
															+    
														
 
															
															+    git https://github.com/sovereign/sovereign.git
														
 
															
															 ### 4. Configure your installation
														
 
															
															-Modify the settings in `group_vars/sovereign` to your liking. If you want to see how they’re used in context, just search for the corresponding string.
														
 
															
															+Modify the settings in the `group_vars/sovereign` folder to your liking. If you want to see how they’re used in context, just search for the corresponding string.
														
 
															
															 All of the variables in `group_vars/sovereign` must be set for sovereign to function.
														
 
															
															 Setting `password_hash` for your mail users is a bit tricky. You can generate one using [doveadm-pw](http://wiki2.dovecot.org/Tools/Doveadm/Pw).
														
 
															
															 To run the whole dang thing:
														
 
															
															-    ansible-playbook -i ./hosts site.yml
														
 
															
															+    ansible-playbook -i --ask-sudo-pass ./hosts site.yml
														
 
															
															+    
														
 
															
															+If you chose to make a passwordless sudo deploy users, you can omit the `--ask-sudo-pass` argument.
														
 
															
															 To run just one or more piece, use tags. I try to tag all my includes for easy isolated development. For example, to focus in on your firewall setup: