Kapitel 06: Roles

.gitmodules

@@ -0,0 +1,9 @@
+[submodule "roles.extern/cleanup-hosts"]
+	path = roles.extern/cleanup-hosts
+	url = https://git.velt.biz/Ansible/cleanup-hosts.git
+[submodule "roles.extern/ssh-keyonly"]
+	path = roles.extern/ssh-keyonly
+	url = https://git.velt.biz/Ansible/role.ssh-keyonly.git
+[submodule "roles.extern/epel-simplified"]
+	path = roles.extern/epel-simplified
+	url = https://git.velt.biz/Ansible/epel-simplified

06/_epel.yml

@@ -0,0 +1,7 @@
+---
+- hosts: all
+
+  roles:
+
+    - role: epel
+

06/_ssh.yml

@@ -0,0 +1,6 @@
+---
+- hosts: all
+
+  roles:
+    - ssh-keyonly
+

06/ansible.cfg

@@ -0,0 +1,31 @@
+[defaults]
+
+# Inventory
+inventory = ./hosts.ini
+
+# Roles paths
+roles_path = ./roles:./roles.extern:/etc/ansible/roles
+
+# Interpreter Discovery - Ohne Warnings
+interpreter_python = auto_silent
+
+# SSH
+remote_user = root
+#host_key_checking = False
+
+# Retry files
+retry_files_enabled = yes
+retry_files_save_path = ./.cache/Retry/
+
+# Log files
+#log_path = ./log/ansible.log
+
+# Farben ausschalten
+#nocolor = 1
+
+[colors]
+# Für dunklen Hintergrund in der Console
+verbose = bright blue
+debug = bright gray
+error = bright red
+

06/git-urls.txt

@@ -0,0 +1,6 @@
+git clone https://git.velt.biz/Ansible/cleanup-hosts.git
+
+git clone https://git.velt.biz/Ansible/ssh-keyonly.git
+
+git clone https://git.velt.biz/Ansible/epel-simplified.git
+

06/hosts_ssh_epel.yml

@@ -0,0 +1,12 @@
+---
+- hosts: all
+
+  roles:
+
+    - cleanup-hosts
+
+    - { role: ssh-keyonly }
+
+    - role: epel
+      when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora"
+

06/ntp-role.yml

@@ -0,0 +1,6 @@
+---
+- hosts: all
+
+  roles:
+    - ntp
+

group_vars/all/ssh.yml

@@ -0,0 +1,3 @@
+---
+ssh_service_name: sshd
+

group_vars/apt/ssh.yml

@@ -0,0 +1,3 @@
+---
+ssh_service_name: ssh
+

group_vars/ubuntu/chrony.yml

@@ -0,0 +1,7 @@
+---
+chrony_pools:
+  - 0.ubuntu.pool.ntp.org
+  - 1.ubuntu.pool.ntp.org
+  - 2.ubuntu.pool.ntp.org
+  - 3.ubuntu.pool.ntp.org
+

roles.extern/cleanup-hosts

@@ -0,0 +1 @@
+Subproject commit 526b7e4bb5b81630f9f7b25bbc1035b42a454358

roles.extern/epel

@@ -0,0 +1 @@
+epel-simplified

roles.extern/epel-simplified

@@ -0,0 +1 @@
+Subproject commit 55ad5aff48a6cbd07407614f835da5175e8e72cc

roles.extern/hosts

@@ -0,0 +1 @@
+cleanup-hosts

roles.extern/ssh-keyonly

@@ -0,0 +1 @@
+Subproject commit c55557f733bd798f5c30396dca5e3c83effe173e

roles/ntp/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+chrony_pools:
+  - 0.de.pool.ntp.org
+  - 1.de.pool.ntp.org
+  - 2.de.pool.ntp.org
+  - 3.de.pool.ntp.org
+

roles/ntp/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- name: Install Chrony
+  package: name=chrony state=latest
+
+- name: Show pools
+  debug: var=chrony_pools
+
+- name: Template config file
+  template: "src=chrony.conf.j2 dest='{{ chrony_config_path }}' mode=0644 owner=root group=root backup=yes"
+
+- name: Restart Chrony with new config
+  service: "name='{{ chrony_service_name }}' state=restarted"
+
+- name: Enable Chrony at boot
+  service: "name={{ chrony_service_name }} state=started enabled=yes"
+

roles/ntp/templates/chrony.conf.j2

@@ -0,0 +1 @@
+../../../05/chrony.conf.j2