diff --git a/ansible.cfg b/ansible.cfg index 0752a5b..f917a56 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,7 +1,7 @@ [defaults] roles_path = ./roles inventory = ./hosts -gathering = explicit +gathering = smart interpreter_python = auto_silent remote_user = root host_key_checking = False diff --git a/collections/README.md b/collections/README.md index 5f0beeb..d3ea311 100644 --- a/collections/README.md +++ b/collections/README.md @@ -1,31 +1,32 @@ # Collections -The porpouse of collections is get more modules and plugins to use in ansible. +The purpose of collections is get more modules and plugins to use in ansible. Collections are supported by Ansible community. # Install collections -In AWX-operator container , execute: +In *awx-operator* container, execute: ``` ansible-galaxy collection install -r requirements.yml ``` Where `requirements.yml` we need to specify the list of collections that we want to install: - ``` collections: - name: community.general - ``` -# Collection index: -[Index-Ansible-collections](https://docs.ansible.com/ansible/latest/collections/index.html) +# Collection index + +* https://docs.ansible.com/ansible/latest/collections/index.html # List collections -[Listing-collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html) To list installed collections, run `ansible-galaxy collection list` (inside awx operator container) - -# Install multiple collections with a requirements file -[Install-multiple](https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file) + +* https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html + +# Install multiple collections + +* https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file diff --git a/collections/requirements.yml b/collections/requirements.yml index 1c297cd..a745157 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -1,4 +1,3 @@ ---- collections: - name: community.general version: '>=9.0.0' diff --git a/group_vars/all.yaml b/group_vars/all.yaml index 0f02e94..9414cf6 100644 --- a/group_vars/all.yaml +++ b/group_vars/all.yaml @@ -1,3 +1,4 @@ +awx_pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjeIZVyppFK/dqOUa1PxgSeRVWk7MFmANYvSs+VHHnD4/BE//K8AxlxnyLl4e6jAcBFoIu1JLxbRKdOhx+Zgkq5OmEzp/XKzfEvnEU5CP+W2+5MwfkUQ3TetJsOoHiP/qYWPqqqfDFqNM1xs9am5Frv9BVu5pFiSO9oS14xVAlUOwnONQnRtAbuBOmMldpzxmuFY+Rs3G2MmokcOYrs5Z3TdCOG9bDGg8erzWklLW+aRYdXqMEZpwIZPcOFy6JXEyZ/9IpCLBN58IMr0RypFbgWb2Vo05iTI5j99Pzn//FgAhe6BXRyHSGOJ29hmKugt9sIY1N/H6aYqtTVR5EEIngY1XHtFywU1+qtYHMs8PB9Hl87zUkla0+S5Zn8q92y7DQFsOZ9ND6syEzWhiCP1ic3Wo76TVbuNoTW/XvgZnemx1epuOqDj9S7iGTSHMvvSop8z5hU2EQiVkgRPl4cM2fi0vF513ivq5IbCgg2VfXUOLM5E5y0TI7lzBriTtCuIk= awx@awx.verdnatura.es resolv: domain: verdnatura.es search: verdnatura.es diff --git a/playbooks/debian-base.yaml b/playbooks/debian-base.yaml deleted file mode 100644 index 2807e6d..0000000 --- a/playbooks/debian-base.yaml +++ /dev/null @@ -1,20 +0,0 @@ -- hosts: all - tasks: - - name: Set locales - import_role: - name: config-locales - - name: Set timezone - import_role: - name: config-tzdata - - name: Install and configure fail2ban service - import_role: - name: config-fail2ban - tags: config-fail2ban_config - - name: Install guest side - import_role: - name: config-server-type - tags: config-server-type_config - - name: Install and configure ntp - import_role: - name: config-ntp - tags: config-ntp_config diff --git a/playbooks/debian-ct.yaml b/playbooks/debian-ct.yaml deleted file mode 100644 index 6b0c442..0000000 --- a/playbooks/debian-ct.yaml +++ /dev/null @@ -1,27 +0,0 @@ -- hosts: all - - - name: Config relayhost smtp - import_role: - name: config-relayhost-smtp - when: relay_host_enabled is defined and relay_host_enabled - tags: config-relayhost-smtp_config - - name: Config centralized auth - import_role: - name: config-centralized-auth - when: centralized_auth_enabled is defined and centralized_auth_enabled - tags: config-centralized-auth_config - - name: Set locales - import_role: - name: config-locales - when: locales_enabled is defined and locales_enabled - tags: config-locales_config - - name: Set timezone - import_role: - name: config-tzdata - when: tzdata_enabled is defined and tzdata_enabled - tags: config-tzdata_config - - name: Install and configure fail2ban service - import_role: - name: config-fail2ban - when: fail2ban_enabled is defined and fail2ban_enabled - tags: config-fail2ban_config diff --git a/playbooks/debian-infra.yaml b/playbooks/debian-infra.yaml deleted file mode 100644 index 40ebf56..0000000 --- a/playbooks/debian-infra.yaml +++ /dev/null @@ -1,23 +0,0 @@ -- hosts: all - tasks: - - name: Configure debian os - import_role: - name: config-base-debian-os - - name: Set locales - import_role: - name: config-locales - - name: Set timezone - import_role: - name: config-tzdata - - name: Add-repos-vn - import_role: - name: config-repo-vn - - name: Install and configure fail2ban service - import_role: - name: config-fail2ban - - name: Install and configure nagios nrpe service - import_role: - name: config-nagios-nrpe - - name: Install and configure ntp - import_role: - name: config-ntp diff --git a/playbooks/debian-vm.yaml b/playbooks/debian-vm.yaml deleted file mode 100644 index 0e6ff3e..0000000 --- a/playbooks/debian-vm.yaml +++ /dev/null @@ -1,57 +0,0 @@ -- hosts: all - tasks: - - name: Install packages - import_role: - name: config-install-packages - when: packages_enabled is defined and packages_enabled - tags: config-install-packages_config - - name: Config relayhost smtp - import_role: - name: config-relayhost-smtp - when: relay_host_enabled is defined and relay_host_enabled - tags: config-relayhost-smtp_config - - name: Config centralized auth - import_role: - name: config-centralized-auth - when: centralized_auth_enabled is defined and centralized_auth_enabled - tags: config-centralized-auth_config - - name: configure secure grub - import_role: - name: config-secure-grub - when: secure_grub_enabled is defined and secure_grub_enabled - tags: config-secure-grub_config - - name: Install and configure hot plug - import_role: - name: config-hot-plug - when: hot_plug_enabled is defined and hot_plug_enabled - tags: config-hot-plug_config - - name: Set locales - import_role: - name: config-locales - when: locales_enabled is defined and locales_enabled - tags: config-locales_config - - name: Set timezone - import_role: - name: config-tzdata - when: tzdata_enabled is defined and tzdata_enabled - tags: config-tzdata_config - - name: Install and configure fail2ban service - import_role: - name: config-fail2ban - when: fail2ban_enabled is defined and fail2ban_enabled - tags: config-fail2ban_config - - name: Install guest side - import_role: - name: config-server-type - when: server_type_enabled is defined and server_type_enabled - tags: config-server-type_config - - name: Install and configure ntp - import_role: - name: config-ntp - when: ntp_enabled is defined and ntp_enabled - tags: config-ntp_config - - name: Install and configure AUTOFS HOMES - import_role: - name: config-autofs-homes - when: autofs_homes_enabled is defined and autofs_homes_enabled - tags: config-autofs-homes_config diff --git a/playbooks/debian.yaml b/playbooks/debian.yaml index 0db3d8a..85a6d8a 100644 --- a/playbooks/debian.yaml +++ b/playbooks/debian.yaml @@ -1,5 +1,14 @@ - hosts: all tasks: - - name: Configure base system - import_role: - name: linux-base + - name: Configure AWX user + import_role: + name: awx + - name: Configure base system + import_role: + name: linux-base + - name: Configure guest + import_role: + name: linux-guest + - name: Configure virtual machine + import_role: + name: linux-qemu diff --git a/playbooks/ping.yml b/playbooks/ping.yaml similarity index 100% rename from playbooks/ping.yml rename to playbooks/ping.yaml diff --git a/playbooks/print-facts.yaml b/playbooks/print-facts.yaml new file mode 100644 index 0000000..91e79a3 --- /dev/null +++ b/playbooks/print-facts.yaml @@ -0,0 +1,11 @@ +# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_vars_facts.html + +- hosts: all + gather_facts: yes + tasks: + - name: Print all available facts + ansible.builtin.debug: + var: ansible_facts + - name: Print variable value + debug: + msg: "Variable: {{ ansible_virtualization_type }}" diff --git a/roles/awx/vars/main.yaml b/roles/awx/vars/main.yaml deleted file mode 100644 index b8d6bad..0000000 --- a/roles/awx/vars/main.yaml +++ /dev/null @@ -1 +0,0 @@ -awx_pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjeIZVyppFK/dqOUa1PxgSeRVWk7MFmANYvSs+VHHnD4/BE//K8AxlxnyLl4e6jAcBFoIu1JLxbRKdOhx+Zgkq5OmEzp/XKzfEvnEU5CP+W2+5MwfkUQ3TetJsOoHiP/qYWPqqqfDFqNM1xs9am5Frv9BVu5pFiSO9oS14xVAlUOwnONQnRtAbuBOmMldpzxmuFY+Rs3G2MmokcOYrs5Z3TdCOG9bDGg8erzWklLW+aRYdXqMEZpwIZPcOFy6JXEyZ/9IpCLBN58IMr0RypFbgWb2Vo05iTI5j99Pzn//FgAhe6BXRyHSGOJ29hmKugt9sIY1N/H6aYqtTVR5EEIngY1XHtFywU1+qtYHMs8PB9Hl87zUkla0+S5Zn8q92y7DQFsOZ9ND6syEzWhiCP1ic3Wo76TVbuNoTW/XvgZnemx1epuOqDj9S7iGTSHMvvSop8z5hU2EQiVkgRPl4cM2fi0vF513ivq5IbCgg2VfXUOLM5E5y0TI7lzBriTtCuIk= awx@awx.verdnatura.es diff --git a/roles/linux-autofs/tasks/main.yaml b/roles/linux-autofs/tasks/main.yaml index 644c69f..bfdb347 100644 --- a/roles/linux-autofs/tasks/main.yaml +++ b/roles/linux-autofs/tasks/main.yaml @@ -1,6 +1,3 @@ -- name: Checking if configuration is needed - meta: end_host - when: autofs_homes_enabled is not defined or not autofs_homes_enabled - name: Install packages for autofs apt: name: "{{ item }}" diff --git a/roles/linux-base/tasks/main.yaml b/roles/linux-base/tasks/main.yaml index 54ed27f..ee0a9c0 100644 --- a/roles/linux-base/tasks/main.yaml +++ b/roles/linux-base/tasks/main.yaml @@ -1,10 +1,22 @@ +- name: Install base packages + apt: + name: "{{ item }}" + state: present + with_items: + - htop + - psmisc + - bash-completion + - screen + - aptitude +- include_role: + name: linux-sudoers - include_role: name: linux-motd - include_role: name: linux-profile -- include_role: - name: linux-sudoers - include_role: name: linux-vim - include_role: - name: linux-locale \ No newline at end of file + name: linux-locale +- include_role: + name: linux-nrpe \ No newline at end of file diff --git a/roles/linux-guest/tasks/main.yaml b/roles/linux-guest/tasks/main.yaml new file mode 100644 index 0000000..1a5dd2a --- /dev/null +++ b/roles/linux-guest/tasks/main.yaml @@ -0,0 +1,5 @@ +- name: Skip if not a guest + meta: end_host + when: ansible_virtualization_role != 'guest' +- include_role: + name: linux-auth diff --git a/roles/linux-install-packages/tasks/main.yaml b/roles/linux-install-packages/tasks/main.yaml deleted file mode 100644 index 3784a65..0000000 --- a/roles/linux-install-packages/tasks/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ -- name: Install base packages - apt: - name: "{{ item }}" - state: present - with_items: - - htop - - psmisc - - bash-completion - - screen - - aptitude diff --git a/roles/linux-ntp/handlers/main.yaml b/roles/linux-ntp/handlers/main.yaml index 52a882c..530fefe 100644 --- a/roles/linux-ntp/handlers/main.yaml +++ b/roles/linux-ntp/handlers/main.yaml @@ -1,4 +1,4 @@ - name: restart systemd-timesyncd service: - name: "{{ timesyncd_daemon }}" + name: systemd-timesyncd state: restarted \ No newline at end of file diff --git a/roles/linux-ntp/tasks/main.yaml b/roles/linux-ntp/tasks/main.yaml index 082e776..89fbe1e 100644 --- a/roles/linux-ntp/tasks/main.yaml +++ b/roles/linux-ntp/tasks/main.yaml @@ -1,6 +1,3 @@ -- name: Checking if configuration is needed - meta: end_host - when: ntp_enabled is not defined or not ntp_enabled - name: Configure /etc/systemd/timesyncd.conf lineinfile: path: /etc/systemd/timesyncd.conf @@ -20,5 +17,5 @@ notify: restart systemd-timesyncd - name: Service should start on boot service: - name: "{{ timesyncd_daemon }}" + name: systemd-timesyncd enabled: yes diff --git a/roles/linux-ntp/vars/main.yaml b/roles/linux-ntp/vars/main.yaml deleted file mode 100644 index 5dd02ed..0000000 --- a/roles/linux-ntp/vars/main.yaml +++ /dev/null @@ -1 +0,0 @@ -timesyncd_daemon: systemd-timesyncd diff --git a/roles/linux-qemu/tasks/main.yaml b/roles/linux-qemu/tasks/main.yaml index 1d295d3..80e5fac 100644 --- a/roles/linux-qemu/tasks/main.yaml +++ b/roles/linux-qemu/tasks/main.yaml @@ -1,3 +1,6 @@ +- name: Skip if not a QEMU guest + meta: end_host + when: not (ansible_virtualization_type == 'kvm' and ansible_virtualization_role == 'guest') - name: Install QEMU guest agent apt: name: qemu-guest-agent @@ -18,3 +21,5 @@ group: root - name: Generate GRUB configuration command: update-grub +- include_role: + name: linux-autofs diff --git a/roles/linux-relayhost/tasks/main.yaml b/roles/linux-relayhost/tasks/main.yaml index 13d0ed9..db2c7f2 100644 --- a/roles/linux-relayhost/tasks/main.yaml +++ b/roles/linux-relayhost/tasks/main.yaml @@ -4,7 +4,7 @@ state: present - name: Reconfigure relayhost lineinfile: - dest: "{{ exim_configuration_file }}" + dest: /etc/exim4/update-exim4.conf.conf regexp: "{{ item.regexp }}" line: "{{ item.line }}" state: present diff --git a/roles/linux-relayhost/vars/main.yaml b/roles/linux-relayhost/vars/main.yaml deleted file mode 100644 index 1764954..0000000 --- a/roles/linux-relayhost/vars/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ -exim_configuration_file: /etc/exim4/update-exim4.conf.conf -exim_daemon: exim4 diff --git a/roles/linux-sudoers/tasks/main.yaml b/roles/linux-sudoers/tasks/main.yaml index 54ec054..f512867 100644 --- a/roles/linux-sudoers/tasks/main.yaml +++ b/roles/linux-sudoers/tasks/main.yaml @@ -1,3 +1,7 @@ +- name: Install sudo package + apt: + name: sudo + state: present - name: Copy sudoers configuration file copy: src: vn diff --git a/roles/linux-vm/tasks/main.yaml b/roles/linux-vm/tasks/main.yaml deleted file mode 100644 index 54ed27f..0000000 --- a/roles/linux-vm/tasks/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ -- include_role: - name: linux-motd -- include_role: - name: linux-profile -- include_role: - name: linux-sudoers -- include_role: - name: linux-vim -- include_role: - name: linux-locale \ No newline at end of file