refs #8025 Tags added, added clean playbook, sudoers moved to guest

2024-09-26 12:16:03 +02:00 · 2024-09-26 12:16:03 +02:00 · 77616531ab
parent ae8ff99fc9
commit 77616531ab
19 changed files with 58 additions and 38 deletions
--- a/README.md
+++ b/README.md
@ -16,7 +16,7 @@ locally to ensure they work properly.

 Launch playbook on the fly on a host not declared in the inventory.
 ```
-ansible-playbook playbooks/test.yml -u root -i <ip_or_hostname>,
+ansible-playbook -u root -i <ip_or_hostname>, playbooks/test.yml
 ```

 *Note the comma at the end of the hostname or IP.*
--- a/playbooks/awx.yml
+++ b/playbooks/awx.yml
@ -1,6 +1,7 @@
- hosts: all
+- name: Configure AWX user
+  hosts: all
  gather_facts: no
+  become: no
  tasks:
-  - name: Configure AWX user
-    import_role:
+  - import_role:
      name: awx
--- a/playbooks/clean.yml
+++ b/playbooks/clean.yml
@ -0,0 +1,13 @@
+- name: Clean deprecated configuration
+  hosts: all
+  gather_facts: no
+  tasks:
+  - name: Delete awx-user
+    ansible.builtin.user:
+      name: awx-user
+      state: absent
+      remove: yes
+  - name: Delete awx-user sudoers file
+    file:
+      path: /etc/sudoers.d/awx-user
+      state: absent
--- a/playbooks/debian-upgrade.yml
+++ b/playbooks/debian-upgrade.yml
@ -1,5 +1,5 @@
- hosts: all
+- name: Upgrade Debian host
+  hosts: all
  tasks:
-  - name: Upgrade system
-    import_role:
+  - import_role:
      name: debian-upgrade
--- a/playbooks/debian.yml
+++ b/playbooks/debian.yml
@ -1,4 +1,5 @@
- hosts: all
+- name: Configure base Debian host
+  hosts: all
  tasks:
  - name: Configure base system
    import_role:
--- a/playbooks/facts.yml
+++ b/playbooks/facts.yml
@ -1,4 +1,5 @@
- hosts: all
+- name: Gather facts from host
+  hosts: all
  gather_facts: yes
  tasks:
  - name: Print all available facts
--- a/playbooks/freeradius.yml
+++ b/playbooks/freeradius.yml
@ -1,5 +1,5 @@
- hosts: all
+- name: Install and configure Freeradius with TOTP
+  hosts: all
  tasks:
-  - name: Install and configure Freeradius with TOTP
-    import_role:
+  - import_role:
      name: freeradius
--- a/playbooks/nsupdate.yml
+++ b/playbooks/nsupdate.yml
@ -1,5 +1,5 @@
- hosts: ns1
+- name: Configure zone with nsupdate
+  hosts: ns1
  tasks:
-  - name: Configure zone with nsupdate
-    import_role:
-      name: nsupdate
+  - import_role:
+      name: nsupdate
--- a/playbooks/ping.yml
+++ b/playbooks/ping.yml
@ -1,3 +1,4 @@
- hosts: all
+- name: Check that a host is alive and reachable
+  hosts: all
  tasks:
  - ping:
--- a/playbooks/send-mail.yml
+++ b/playbooks/send-mail.yml
@ -1,6 +1,6 @@
- hosts: localhost
+- name: Send mail
+  hosts: localhost
  become: no
  tasks:
-  - name: Send mail
-    import_role:
+  - import_role:
      name: send-mail
--- a/playbooks/test.yml
+++ b/playbooks/test.yml
@ -1,5 +1,5 @@
- hosts: all
+- name: Test role
+  hosts: all
  tasks:
-  - name: Test role
-    import_role:
+  - import_role:
      name: debian-base
--- a/playbooks/win-ping.yml
+++ b/playbooks/win-ping.yml
@ -1,5 +1,4 @@
- name: Ping Windows hosts
+- name: Ping Windows host
  hosts: all
  tasks:
-  - name: Ping Windows hosts
-    ansible.windows.win_ping:
+  - ansible.windows.win_ping:
--- a/playbooks/win-update.yml
+++ b/playbooks/win-update.yml
@ -1,4 +1,5 @@
- hosts: all
+- name: Update windows host
+  hosts: all
  serial: 1
  tasks:
  - block:
--- a/roles/awx/tasks/main.yaml
+++ b/roles/awx/tasks/main.yaml
@ -1,4 +1,4 @@
- name: Create AWX user
+- name: Create awx user
  user:
    name: awx
    password: '*'
@ -6,7 +6,7 @@
    groups: sudo
    state: present
    comment: ssh user
- name: Adding SSH public key
+- name: Add awx SSH public key
  authorized_key:
    user: awx
    key: "{{ awx_pub_key }}"
@ -14,7 +14,7 @@
  apt:
    name: sudo
    state: present
- name: Add user to sudoers
+- name: Add awx user to sudoers
  copy:
    src: sudoers
    dest: /etc/sudoers.d/awx
--- a/roles/debian-base/tasks/main.yml
+++ b/roles/debian-base/tasks/main.yml
@ -1,9 +1,12 @@
 - import_tasks: install.yml
 - import_tasks: locale.yml
 - import_tasks: tzdata.yml
- import_tasks: motd.yml
- import_tasks: profile.yml
- import_tasks: vim.yml
- import_tasks: sudoers.yml
- import_tasks: nrpe.yml
 - import_tasks: relayhost.yml
+- import_tasks: motd.yml
+  tags: [motd]
+- import_tasks: profile.yml
+  tags: [profile]
+- import_tasks: vim.yml
+  tags: [vim]
+- import_tasks: nrpe.yml
+  tags: [nrpe]
--- a/roles/debian-guest/files/sudoers
+++ b/roles/debian-guest/files/sudoers
--- a/roles/debian-guest/tasks/auth.yml
+++ b/roles/debian-guest/tasks/auth.yml
@ -1,4 +1,3 @@
-
 - name: Install packages
  apt:
    name: nslcd
@ -36,4 +35,4 @@
 - name: Restart NSLCD service
  service:
    name: nslcd
-    state: restarted
+    state: restarted
--- a/roles/debian-guest/tasks/main.yml
+++ b/roles/debian-guest/tasks/main.yml
@ -1,2 +1,3 @@
 - include_tasks: auth.yml
  when: false
+- import_tasks: sudoers.yml
--- a/roles/debian-guest/tasks/sudoers.yml
+++ b/roles/debian-guest/tasks/sudoers.yml
@ -2,7 +2,7 @@
  apt:
    name: sudo
    state: present
- name: Copy sudoers configuration file
+- name: Add sysadmin to sudoers
  copy:
    src: sudoers
    dest: /etc/sudoers.d/vn