From 1ad00713330bab01a0e95a437912b52b966bef41 Mon Sep 17 00:00:00 2001 From: Sven Velt Date: Wed, 27 Nov 2024 10:46:12 +0100 Subject: [PATCH] Kapitel 06: Roles --- .gitmodules | 9 +++++++++ 06/_epel.yml | 7 +++++++ 06/_ssh.yml | 6 ++++++ 06/ansible.cfg | 31 ++++++++++++++++++++++++++++++ 06/dep-steps.yml | 6 ++++++ 06/git-urls.txt | 6 ++++++ 06/hosts_ssh_epel.yml | 12 ++++++++++++ 06/ntp-role.yml | 6 ++++++ ansible.cfg | 2 +- group_vars/all/ssh.yml | 3 +++ group_vars/apt/ssh.yml | 3 +++ helper/06_gitmodules.sh | 11 +++++++++++ host_vars/tn00-oracle7.yml | 3 +++ roles.extern/cleanup-hosts | 1 + roles.extern/epel | 1 + roles.extern/epel-simplified | 1 + roles.extern/hosts | 1 + roles.extern/ssh-keyonly | 1 + roles/dep-step1/tasks/main.yml | 5 +++++ roles/dep-step2/meta/main.yml | 4 ++++ roles/dep-step2/tasks/main.yml | 6 ++++++ roles/dep-step3/meta/main.yml | 5 +++++ roles/dep-step3/tasks/main.yml | 6 ++++++ roles/ntp/defaults/main.yml | 7 +++++++ roles/ntp/tasks/main.yml | 16 +++++++++++++++ roles/ntp/templates/chrony.conf.j2 | 1 + 26 files changed, 159 insertions(+), 1 deletion(-) create mode 100644 .gitmodules create mode 100644 06/_epel.yml create mode 100644 06/_ssh.yml create mode 100644 06/ansible.cfg create mode 100644 06/dep-steps.yml create mode 100644 06/git-urls.txt create mode 100644 06/hosts_ssh_epel.yml create mode 100644 06/ntp-role.yml create mode 100644 group_vars/all/ssh.yml create mode 100644 group_vars/apt/ssh.yml create mode 100755 helper/06_gitmodules.sh create mode 100644 host_vars/tn00-oracle7.yml create mode 160000 roles.extern/cleanup-hosts create mode 120000 roles.extern/epel create mode 160000 roles.extern/epel-simplified create mode 120000 roles.extern/hosts create mode 160000 roles.extern/ssh-keyonly create mode 100644 roles/dep-step1/tasks/main.yml create mode 100644 roles/dep-step2/meta/main.yml create mode 100644 roles/dep-step2/tasks/main.yml create mode 100644 roles/dep-step3/meta/main.yml create mode 100644 roles/dep-step3/tasks/main.yml create mode 100644 roles/ntp/defaults/main.yml create mode 100644 roles/ntp/tasks/main.yml create mode 120000 roles/ntp/templates/chrony.conf.j2 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..085e293 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,9 @@ +[submodule "roles.extern/cleanup-hosts"] + path = roles.extern/cleanup-hosts + url = https://git.velt.biz/Ansible/cleanup-hosts.git +[submodule "roles.extern/ssh-keyonly"] + path = roles.extern/ssh-keyonly + url = https://git.velt.biz/Ansible/role.ssh-keyonly.git +[submodule "roles.extern/epel-simplified"] + path = roles.extern/epel-simplified + url = https://git.velt.biz/Ansible/epel-simplified diff --git a/06/_epel.yml b/06/_epel.yml new file mode 100644 index 0000000..3966a6a --- /dev/null +++ b/06/_epel.yml @@ -0,0 +1,7 @@ +--- +- hosts: all + + roles: + + - role: epel + diff --git a/06/_ssh.yml b/06/_ssh.yml new file mode 100644 index 0000000..158f519 --- /dev/null +++ b/06/_ssh.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + + roles: + - ssh-keyonly + diff --git a/06/ansible.cfg b/06/ansible.cfg new file mode 100644 index 0000000..ba2b872 --- /dev/null +++ b/06/ansible.cfg @@ -0,0 +1,31 @@ +[defaults] + +# Inventory +inventory = ./hosts.ini + +# Roles paths +roles_path = ./roles:./roles.extern:/etc/ansible/roles + +# Interpreter Discovery - Ohne Warnings +interpreter_python = auto_silent + +# SSH +remote_user = root +#host_key_checking = False + +# Retry files +retry_files_enabled = yes +retry_files_save_path = ./.cache/Retry/ + +# Log files +#log_path = ./log/ansible.log + +# Farben ausschalten +#nocolor = 1 + +[colors] +# Für dunklen Hintergrund in der Console +verbose = bright blue +debug = bright gray +error = bright red + diff --git a/06/dep-steps.yml b/06/dep-steps.yml new file mode 100644 index 0000000..9cd05f1 --- /dev/null +++ b/06/dep-steps.yml @@ -0,0 +1,6 @@ +--- +- hosts: localhost + + roles: + - dep-step3 + diff --git a/06/git-urls.txt b/06/git-urls.txt new file mode 100644 index 0000000..6ce681c --- /dev/null +++ b/06/git-urls.txt @@ -0,0 +1,6 @@ +git clone https://git.velt.biz/Ansible/cleanup-hosts.git + +git clone https://git.velt.biz/Ansible/role.ssh-keyonly.git + +git clone https://git.velt.biz/Ansible/epel-simplified.git + diff --git a/06/hosts_ssh_epel.yml b/06/hosts_ssh_epel.yml new file mode 100644 index 0000000..5f4976a --- /dev/null +++ b/06/hosts_ssh_epel.yml @@ -0,0 +1,12 @@ +--- +- hosts: all + + roles: + + - cleanup-hosts + + - { role: ssh-keyonly } + + - role: epel + when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora" + diff --git a/06/ntp-role.yml b/06/ntp-role.yml new file mode 100644 index 0000000..743f533 --- /dev/null +++ b/06/ntp-role.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + + roles: + - ntp + diff --git a/ansible.cfg b/ansible.cfg index 6d3486f..a120663 120000 --- a/ansible.cfg +++ b/ansible.cfg @@ -1 +1 @@ -04/ansible.cfg \ No newline at end of file +06/ansible.cfg \ No newline at end of file diff --git a/group_vars/all/ssh.yml b/group_vars/all/ssh.yml new file mode 100644 index 0000000..6f6d9cf --- /dev/null +++ b/group_vars/all/ssh.yml @@ -0,0 +1,3 @@ +--- +ssh_service_name: sshd + diff --git a/group_vars/apt/ssh.yml b/group_vars/apt/ssh.yml new file mode 100644 index 0000000..9d3811f --- /dev/null +++ b/group_vars/apt/ssh.yml @@ -0,0 +1,3 @@ +--- +ssh_service_name: ssh + diff --git a/helper/06_gitmodules.sh b/helper/06_gitmodules.sh new file mode 100755 index 0000000..5b6fb66 --- /dev/null +++ b/helper/06_gitmodules.sh @@ -0,0 +1,11 @@ +#!/bin/bash -ex + +mkdir -p roles.extern + +git submodule add https://git.velt.biz/Ansible/cleanup-hosts.git roles.extern/cleanup-hosts +git submodule add https://git.velt.biz/Ansible/role.ssh-keyonly.git roles.extern/ssh-keyonly +git submodule add https://git.velt.biz/Ansible/epel-simplified roles.extern/epel-simplified + +ln -s cleanup-hosts roles.extern/hosts +ln -s epel-simplified roles.extern/epel + diff --git a/host_vars/tn00-oracle7.yml b/host_vars/tn00-oracle7.yml new file mode 100644 index 0000000..c4192bb --- /dev/null +++ b/host_vars/tn00-oracle7.yml @@ -0,0 +1,3 @@ +--- +epel_baseurl: http://archives.fedoraproject.org/pub/archive/epel/ + diff --git a/roles.extern/cleanup-hosts b/roles.extern/cleanup-hosts new file mode 160000 index 0000000..526b7e4 --- /dev/null +++ b/roles.extern/cleanup-hosts @@ -0,0 +1 @@ +Subproject commit 526b7e4bb5b81630f9f7b25bbc1035b42a454358 diff --git a/roles.extern/epel b/roles.extern/epel new file mode 120000 index 0000000..2154609 --- /dev/null +++ b/roles.extern/epel @@ -0,0 +1 @@ +epel-simplified \ No newline at end of file diff --git a/roles.extern/epel-simplified b/roles.extern/epel-simplified new file mode 160000 index 0000000..55ad5af --- /dev/null +++ b/roles.extern/epel-simplified @@ -0,0 +1 @@ +Subproject commit 55ad5aff48a6cbd07407614f835da5175e8e72cc diff --git a/roles.extern/hosts b/roles.extern/hosts new file mode 120000 index 0000000..7b9fd07 --- /dev/null +++ b/roles.extern/hosts @@ -0,0 +1 @@ +cleanup-hosts \ No newline at end of file diff --git a/roles.extern/ssh-keyonly b/roles.extern/ssh-keyonly new file mode 160000 index 0000000..c55557f --- /dev/null +++ b/roles.extern/ssh-keyonly @@ -0,0 +1 @@ +Subproject commit c55557f733bd798f5c30396dca5e3c83effe173e diff --git a/roles/dep-step1/tasks/main.yml b/roles/dep-step1/tasks/main.yml new file mode 100644 index 0000000..14b9e2e --- /dev/null +++ b/roles/dep-step1/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: Ausgabe + debug: + msg: Das ist Schritt 1 + diff --git a/roles/dep-step2/meta/main.yml b/roles/dep-step2/meta/main.yml new file mode 100644 index 0000000..082a259 --- /dev/null +++ b/roles/dep-step2/meta/main.yml @@ -0,0 +1,4 @@ +--- +dependencies: + - dep-step1 + diff --git a/roles/dep-step2/tasks/main.yml b/roles/dep-step2/tasks/main.yml new file mode 100644 index 0000000..0b2a920 --- /dev/null +++ b/roles/dep-step2/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Ausgabe + debug: + msg: Das ist Schritt 2 + + diff --git a/roles/dep-step3/meta/main.yml b/roles/dep-step3/meta/main.yml new file mode 100644 index 0000000..5765007 --- /dev/null +++ b/roles/dep-step3/meta/main.yml @@ -0,0 +1,5 @@ +--- +dependencies: + - dep-step2 + + diff --git a/roles/dep-step3/tasks/main.yml b/roles/dep-step3/tasks/main.yml new file mode 100644 index 0000000..eb8f5d0 --- /dev/null +++ b/roles/dep-step3/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Ausgabe + debug: + msg: Das ist Schritt 3 + + diff --git a/roles/ntp/defaults/main.yml b/roles/ntp/defaults/main.yml new file mode 100644 index 0000000..84e77fb --- /dev/null +++ b/roles/ntp/defaults/main.yml @@ -0,0 +1,7 @@ +--- +chrony_pools: + - 0.de.pool.ntp.org + - 1.de.pool.ntp.org + - 2.de.pool.ntp.org + - 3.de.pool.ntp.org + diff --git a/roles/ntp/tasks/main.yml b/roles/ntp/tasks/main.yml new file mode 100644 index 0000000..134cae2 --- /dev/null +++ b/roles/ntp/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: Install Chrony + package: name=chrony state=latest + +- name: Show pools + debug: var=chrony_pools + +- name: Template config file + template: "src=chrony.conf.j2 dest='{{ chrony_config_path }}' mode=0644 owner=root group=root backup=yes" + +- name: Restart Chrony with new config + service: "name='{{ chrony_service_name }}' state=restarted" + +- name: Enable Chrony at boot + service: "name={{ chrony_service_name }} state=started enabled=yes" + diff --git a/roles/ntp/templates/chrony.conf.j2 b/roles/ntp/templates/chrony.conf.j2 new file mode 120000 index 0000000..3516a48 --- /dev/null +++ b/roles/ntp/templates/chrony.conf.j2 @@ -0,0 +1 @@ +../../../05/chrony.conf.j2 \ No newline at end of file