Update core, docker, nginx roles

This commit is contained in:
Shaun Reed 2020-04-15 23:03:42 +00:00
parent e2b109b149
commit 650731a5ba
15 changed files with 80 additions and 205 deletions

View File

@ -2,7 +2,9 @@
- hosts: dev
become: yes
roles:
- core
- docker
- shared
- nginx
- fail2ban
- postfix
- docker

View File

@ -2,4 +2,5 @@
- hosts: nginx-server
become: yes
roles:
- nginx
- nginx

View File

@ -1,76 +1,38 @@
core
Role Name
=========
A simple role for configuring a set of packages / settings on a new Ubuntu host using Ansible.
### Packages Added / Configured
Git
- Configure / set user name and email
SSH
- MOTD (Template, replacable, displayed on login.)
- PAM (Template, replacable, authusers file to bypass)
- authusers (Add users to file to bypass PAM settings)
Vim
- Install Vim
- Run https://github.com/shaunrd0/klips/scripts/setup-vim.sh
A brief description of the role goes here.
Requirements
------------
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
Found in `.../roles/core/defaults/main.yml`
```
---
packages: [git, vim, ssh]
ssh_port: 22
auth_methods: "publickey,keyboard-interactive"
git_email: "user@domain.com"
git_name: "First Last"
hostname: "localhost"
domain_name: "www.localhost.com"
```
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
#### Basic package installation variable -
Dependencies
------------
packages - A list of packages to install when running core configuration. Add package to this list and it will be installed on your new host. Further configuration will need to be done manually, unless the role is modified otherwise.
#### SSH Configuration Variables -
ssh_port - The port to configure SSH to listen on
auth_methods - Authentication methods to allow SSH base configuration to use. Otherwise, specify a match within the sshd_config
#### MOTD Configuration Variables -
hostname - The hostname of the box you are using, used in the MOTD for a host-specific greeting, so you know which host you are logged into when glancing between terminals.
domain_name - The domain name, if available, associated with this host.
#### Git Configuration Variables -
git_email - Email address to configure with Git
git_name - Full name to configure with Git (First Last || Shaun Reed)
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
After configuring the appropriate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```
---
- hosts: core
become: yes
roles:
- core
```
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

View File

@ -1,9 +1,8 @@
---
packages: [git, vim, ssh]
packages: [git, vim, ssh, libpam-yubico]
authusers: [user1, user2]
ssh_port: 22
auth_methods: "publickey,keyboard-interactive"
hostname: "localhost"
domain_name: "www.localhost.com"
git_email: "user@domain.com"
git_name: "First Last"
git_email: "email@domain.com"
git_name: "Shaun Reed"

View File

@ -2,11 +2,11 @@
*
|.===.
{{ ansible_hostname }} |.===. {{ ansible_fqdn }}
{}o o{}
----------------------ooO--(_)--Ooo--------------------------
# #
# username www.web.com #
# #
# #
# _/\\___ __/\\__ _/\\___ _/\\___ __/\\___ _/\\___ #
# (_ __))(_ ____)(_ _ _))(_ _ _))(_ ____))(_ _ )) #
@ -15,6 +15,6 @@
# \___| \\ \ _ //\_ \\ \_ \\ \ _____))\___| // #
# \// \// \// \// \// \// \// #
# #
# xxx.xxx.xxx.xx/xx #
# #
#_____________________________________________________________#

View File

@ -1,4 +1,4 @@
---
- name: Configure Git
template: src=files/.gitconfig dest=~/.gitconfig
copy: src=files/.gitconfig dest=~/.gitconfig

View File

@ -1,38 +1,38 @@
docker
Role Name
=========
A simple role for installing Docker and Docker Compose on a new Ubuntu host using Ansible.
A brief description of the role goes here.
Requirements
------------
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
Found in `.../roles/docker/defaults/main.yml`
```
---
docker_users: [user1, user2]
```
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
#### Docker Group Configuration Variable -
Dependencies
------------
docker_users - A list of users to configure / add to the docker group
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
After setting the users to configure with Docker in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```
---
- hosts: docker-host
become: yes
roles:
- docker
```
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

View File

@ -1,45 +1,38 @@
nginx
Role Name
=========
A simple role for installing and configuring nginx on a new Ubuntu host using Ansible. Supports templates for index.html and custom nginx.conf
A brief description of the role goes here.
Requirements
------------
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
Found in `.../roles/nginx/defaults/main.yml`
```
---
domain_name: "localhost"
nginx_root_dir: "/var/www/html/"
index_files: "index.html index.htm"
```
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
#### NGINX Configuration Variables -
Dependencies
------------
domain_name - Domain name to be used in nginx.conf, default value is the same as nginx base package default setting (localhost)
nginx_root_dir - The directory to point the default nginx server to
index_files - The files / types to be checked for content in our root directory
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
After configuring the approprate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```
---
- hosts: nginx-server
become: yes
roles:
- nginx
```
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

View File

@ -1,4 +1,7 @@
---
# defaults file for /etc/ansible/roles/nginx
#
packages: [nginx]
domain_name: "localhost"
nginx_root_dir: "/var/www/html/"
index_files: "index.html index.htm"

View File

@ -1,25 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Klips!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

View File

@ -1,55 +0,0 @@
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events { }
http {
include mime.types;
# Basic Server Configuration
server {
listen 80;
server_tokens off;
server_name {{ domain_name }};
location / {
root {{ nginx_root_dir }};
index {{ index_files }};
}
# Uncomment to pass for SSL
#return 301 https://$host$request_uri;
}
}
# Terminate SSL and route traffic
# server {
# server_name localhost;
# server_tokens off;
#
# SSL Settings
# listen 443 ssl;
# ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
# include /etc/letsencrypt/options-ssl-nginx.conf;
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# location / {
# include proxy_params;
# proxy_pass http://0.0.0.0:8080/;
# }
# }
# Private subdomain for routing custom ssh port
# server {
# server_name sub.domain.com;
# server_tokens off;
#
# location / {
# include proxy_params;
# proxy_pass http://0.0.0.0:3333;
# }
#
#}

View File

@ -1,7 +1,9 @@
---
- name: Copy nginx configuration file
template: src=files/nginx.conf dest=/etc/nginx/nginx.conf
template: src=files/nginx/nginx.conf dest=/etc/nginx/nginx.conf
- name: Copy index.html file
template: src=files/index.html dest=/var/www/html
template: src=files/nginx/index.html dest=/var/www/html
notify:
- restart nginx

View File

@ -1,4 +1,4 @@
---
- name: Install nginx Package
apt: name=nginx state=latest
- name: Install packages
apt: name="{{ item }}" state=latest
with_items: "{{ packages }}"

View File

@ -1,2 +0,0 @@
localhost

View File

@ -1,5 +0,0 @@
---
- hosts: localhost
remote_user: root
roles:
- /etc/ansible/roles/nginx