Merge work from ansible host
This commit is contained in:
commit
a2c326c177
|
@ -2,7 +2,9 @@
|
||||||
- hosts: dev
|
- hosts: dev
|
||||||
become: yes
|
become: yes
|
||||||
roles:
|
roles:
|
||||||
- core
|
- shared
|
||||||
- docker
|
|
||||||
- nginx
|
- nginx
|
||||||
|
- fail2ban
|
||||||
|
- postfix
|
||||||
|
- docker
|
||||||
|
|
||||||
|
|
|
@ -3,3 +3,4 @@
|
||||||
become: yes
|
become: yes
|
||||||
roles:
|
roles:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
|
|
|
@ -1,76 +1,38 @@
|
||||||
core
|
Role Name
|
||||||
=========
|
=========
|
||||||
|
|
||||||
A simple role for configuring a set of packages / settings on a new Ubuntu host using Ansible.
|
A brief description of the role goes here.
|
||||||
|
|
||||||
### Packages Added / Configured
|
|
||||||
|
|
||||||
Git
|
|
||||||
- Configure / set user name and email
|
|
||||||
|
|
||||||
SSH
|
|
||||||
- MOTD (Template, replacable, displayed on login.)
|
|
||||||
- PAM (Template, replacable, authusers file to bypass)
|
|
||||||
- authusers (Add users to file to bypass PAM settings)
|
|
||||||
|
|
||||||
Vim
|
|
||||||
- Install Vim
|
|
||||||
- Run https://github.com/shaunrd0/klips/scripts/setup-vim.sh
|
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
------------
|
------------
|
||||||
|
|
||||||
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
|
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
|
||||||
|
|
||||||
Role Variables
|
Role Variables
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
Found in `.../roles/core/defaults/main.yml`
|
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
|
||||||
```
|
|
||||||
---
|
|
||||||
packages: [git, vim, ssh]
|
|
||||||
ssh_port: 22
|
|
||||||
auth_methods: "publickey,keyboard-interactive"
|
|
||||||
git_email: "user@domain.com"
|
|
||||||
git_name: "First Last"
|
|
||||||
hostname: "localhost"
|
|
||||||
domain_name: "www.localhost.com"
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Basic package installation variable -
|
Dependencies
|
||||||
|
------------
|
||||||
|
|
||||||
packages - A list of packages to install when running core configuration. Add package to this list and it will be installed on your new host. Further configuration will need to be done manually, unless the role is modified otherwise.
|
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
|
||||||
|
|
||||||
#### SSH Configuration Variables -
|
|
||||||
|
|
||||||
ssh_port - The port to configure SSH to listen on
|
|
||||||
|
|
||||||
auth_methods - Authentication methods to allow SSH base configuration to use. Otherwise, specify a match within the sshd_config
|
|
||||||
|
|
||||||
#### MOTD Configuration Variables -
|
|
||||||
|
|
||||||
hostname - The hostname of the box you are using, used in the MOTD for a host-specific greeting, so you know which host you are logged into when glancing between terminals.
|
|
||||||
|
|
||||||
domain_name - The domain name, if available, associated with this host.
|
|
||||||
|
|
||||||
#### Git Configuration Variables -
|
|
||||||
|
|
||||||
git_email - Email address to configure with Git
|
|
||||||
|
|
||||||
git_name - Full name to configure with Git (First Last || Shaun Reed)
|
|
||||||
|
|
||||||
Example Playbook
|
Example Playbook
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
After configuring the appropriate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
|
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
||||||
|
|
||||||
```
|
- hosts: servers
|
||||||
---
|
|
||||||
- hosts: core
|
|
||||||
become: yes
|
|
||||||
roles:
|
roles:
|
||||||
- core
|
- { role: username.rolename, x: 42 }
|
||||||
```
|
|
||||||
|
|
||||||
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
|
License
|
||||||
|
-------
|
||||||
|
|
||||||
|
BSD
|
||||||
|
|
||||||
|
Author Information
|
||||||
|
------------------
|
||||||
|
|
||||||
|
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
---
|
---
|
||||||
packages: [git, vim, ssh]
|
packages: [git, vim, ssh, libpam-yubico]
|
||||||
|
authusers: [user1, user2]
|
||||||
ssh_port: 22
|
ssh_port: 22
|
||||||
auth_methods: "publickey,keyboard-interactive"
|
auth_methods: "publickey,keyboard-interactive"
|
||||||
hostname: "localhost"
|
git_email: "email@domain.com"
|
||||||
domain_name: "www.localhost.com"
|
git_name: "Shaun Reed"
|
||||||
git_email: "user@domain.com"
|
|
||||||
git_name: "First Last"
|
|
||||||
|
|
||||||
|
|
|
@ -2,11 +2,11 @@
|
||||||
|
|
||||||
|
|
||||||
*
|
*
|
||||||
|.===.
|
{{ ansible_hostname }} |.===. {{ ansible_fqdn }}
|
||||||
{}o o{}
|
{}o o{}
|
||||||
----------------------ooO--(_)--Ooo--------------------------
|
----------------------ooO--(_)--Ooo--------------------------
|
||||||
# #
|
# #
|
||||||
# username www.web.com #
|
# #
|
||||||
# #
|
# #
|
||||||
# _/\\___ __/\\__ _/\\___ _/\\___ __/\\___ _/\\___ #
|
# _/\\___ __/\\__ _/\\___ _/\\___ __/\\___ _/\\___ #
|
||||||
# (_ __))(_ ____)(_ _ _))(_ _ _))(_ ____))(_ _ )) #
|
# (_ __))(_ ____)(_ _ _))(_ _ _))(_ ____))(_ _ )) #
|
||||||
|
@ -15,6 +15,6 @@
|
||||||
# \___| \\ \ _ //\_ \\ \_ \\ \ _____))\___| // #
|
# \___| \\ \ _ //\_ \\ \_ \\ \ _____))\___| // #
|
||||||
# \// \// \// \// \// \// \// #
|
# \// \// \// \// \// \// \// #
|
||||||
# #
|
# #
|
||||||
# xxx.xxx.xxx.xx/xx #
|
# #
|
||||||
#_____________________________________________________________#
|
#_____________________________________________________________#
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Configure Git
|
- name: Configure Git
|
||||||
template: src=files/.gitconfig dest=~/.gitconfig
|
copy: src=files/.gitconfig dest=~/.gitconfig
|
||||||
|
|
||||||
|
|
|
@ -1,38 +1,38 @@
|
||||||
docker
|
Role Name
|
||||||
=========
|
=========
|
||||||
|
|
||||||
A simple role for installing Docker and Docker Compose on a new Ubuntu host using Ansible.
|
A brief description of the role goes here.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
------------
|
------------
|
||||||
|
|
||||||
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
|
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
|
||||||
|
|
||||||
Role Variables
|
Role Variables
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
Found in `.../roles/docker/defaults/main.yml`
|
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
|
||||||
```
|
|
||||||
---
|
|
||||||
docker_users: [user1, user2]
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Docker Group Configuration Variable -
|
Dependencies
|
||||||
|
------------
|
||||||
|
|
||||||
docker_users - A list of users to configure / add to the docker group
|
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
|
||||||
|
|
||||||
Example Playbook
|
Example Playbook
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
After setting the users to configure with Docker in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
|
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
||||||
|
|
||||||
```
|
- hosts: servers
|
||||||
---
|
|
||||||
- hosts: docker-host
|
|
||||||
become: yes
|
|
||||||
roles:
|
roles:
|
||||||
- docker
|
- { role: username.rolename, x: 42 }
|
||||||
```
|
|
||||||
|
|
||||||
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
|
License
|
||||||
|
-------
|
||||||
|
|
||||||
|
BSD
|
||||||
|
|
||||||
|
Author Information
|
||||||
|
------------------
|
||||||
|
|
||||||
|
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
|
||||||
|
|
|
@ -1,45 +1,38 @@
|
||||||
nginx
|
Role Name
|
||||||
=========
|
=========
|
||||||
|
|
||||||
A simple role for installing and configuring nginx on a new Ubuntu host using Ansible. Supports templates for index.html and custom nginx.conf
|
A brief description of the role goes here.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
------------
|
------------
|
||||||
|
|
||||||
Expects that the host is using apt package manager, and running a Debian / Ubuntu system.
|
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
|
||||||
|
|
||||||
Role Variables
|
Role Variables
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
Found in `.../roles/nginx/defaults/main.yml`
|
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
|
||||||
```
|
|
||||||
---
|
|
||||||
domain_name: "localhost"
|
|
||||||
nginx_root_dir: "/var/www/html/"
|
|
||||||
index_files: "index.html index.htm"
|
|
||||||
```
|
|
||||||
|
|
||||||
#### NGINX Configuration Variables -
|
Dependencies
|
||||||
|
------------
|
||||||
|
|
||||||
domain_name - Domain name to be used in nginx.conf, default value is the same as nginx base package default setting (localhost)
|
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
|
||||||
|
|
||||||
nginx_root_dir - The directory to point the default nginx server to
|
|
||||||
|
|
||||||
index_files - The files / types to be checked for content in our root directory
|
|
||||||
|
|
||||||
Example Playbook
|
Example Playbook
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
After configuring the approprate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file.
|
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
||||||
|
|
||||||
```
|
- hosts: servers
|
||||||
---
|
|
||||||
- hosts: nginx-server
|
|
||||||
become: yes
|
|
||||||
roles:
|
roles:
|
||||||
- nginx
|
- { role: username.rolename, x: 42 }
|
||||||
```
|
|
||||||
|
|
||||||
Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files.
|
License
|
||||||
|
-------
|
||||||
|
|
||||||
|
BSD
|
||||||
|
|
||||||
|
Author Information
|
||||||
|
------------------
|
||||||
|
|
||||||
|
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
---
|
---
|
||||||
|
# defaults file for /etc/ansible/roles/nginx
|
||||||
|
#
|
||||||
|
packages: [nginx]
|
||||||
domain_name: "localhost"
|
domain_name: "localhost"
|
||||||
nginx_root_dir: "/var/www/html/"
|
nginx_root_dir: "/var/www/html/"
|
||||||
index_files: "index.html index.htm"
|
index_files: "index.html index.htm"
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<title>Welcome to nginx!</title>
|
|
||||||
<style>
|
|
||||||
body {
|
|
||||||
width: 35em;
|
|
||||||
margin: 0 auto;
|
|
||||||
font-family: Tahoma, Verdana, Arial, sans-serif;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<h1>Klips!</h1>
|
|
||||||
<p>If you see this page, the nginx web server is successfully installed and
|
|
||||||
working. Further configuration is required.</p>
|
|
||||||
|
|
||||||
<p>For online documentation and support please refer to
|
|
||||||
<a href="http://nginx.org/">nginx.org</a>.<br/>
|
|
||||||
Commercial support is available at
|
|
||||||
<a href="http://nginx.com/">nginx.com</a>.</p>
|
|
||||||
|
|
||||||
<p><em>Thank you for using nginx.</em></p>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -1,55 +0,0 @@
|
||||||
user www-data;
|
|
||||||
worker_processes auto;
|
|
||||||
pid /run/nginx.pid;
|
|
||||||
|
|
||||||
events { }
|
|
||||||
|
|
||||||
http {
|
|
||||||
include mime.types;
|
|
||||||
|
|
||||||
# Basic Server Configuration
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_tokens off;
|
|
||||||
server_name {{ domain_name }};
|
|
||||||
|
|
||||||
location / {
|
|
||||||
root {{ nginx_root_dir }};
|
|
||||||
index {{ index_files }};
|
|
||||||
}
|
|
||||||
|
|
||||||
# Uncomment to pass for SSL
|
|
||||||
#return 301 https://$host$request_uri;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Terminate SSL and route traffic
|
|
||||||
# server {
|
|
||||||
# server_name localhost;
|
|
||||||
# server_tokens off;
|
|
||||||
#
|
|
||||||
# SSL Settings
|
|
||||||
# listen 443 ssl;
|
|
||||||
# ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
|
|
||||||
# ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
|
|
||||||
# include /etc/letsencrypt/options-ssl-nginx.conf;
|
|
||||||
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
|
||||||
|
|
||||||
# location / {
|
|
||||||
# include proxy_params;
|
|
||||||
# proxy_pass http://0.0.0.0:8080/;
|
|
||||||
# }
|
|
||||||
# }
|
|
||||||
|
|
||||||
# Private subdomain for routing custom ssh port
|
|
||||||
# server {
|
|
||||||
# server_name sub.domain.com;
|
|
||||||
# server_tokens off;
|
|
||||||
#
|
|
||||||
# location / {
|
|
||||||
# include proxy_params;
|
|
||||||
# proxy_pass http://0.0.0.0:3333;
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
#}
|
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
---
|
---
|
||||||
- name: Copy nginx configuration file
|
- name: Copy nginx configuration file
|
||||||
template: src=files/nginx.conf dest=/etc/nginx/nginx.conf
|
template: src=files/nginx/nginx.conf dest=/etc/nginx/nginx.conf
|
||||||
|
|
||||||
- name: Copy index.html file
|
- name: Copy index.html file
|
||||||
template: src=files/index.html dest=/var/www/html
|
template: src=files/nginx/index.html dest=/var/www/html
|
||||||
notify:
|
notify:
|
||||||
- restart nginx
|
- restart nginx
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Install nginx Package
|
- name: Install packages
|
||||||
apt: name=nginx state=latest
|
apt: name="{{ item }}" state=latest
|
||||||
|
with_items: "{{ packages }}"
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
localhost
|
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
---
|
|
||||||
- hosts: localhost
|
|
||||||
remote_user: root
|
|
||||||
roles:
|
|
||||||
- /etc/ansible/roles/nginx
|
|
Loading…
Reference in New Issue