salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reorganize, add cockpit role

Browse Source
This commit is contained in:
Salt 2019-10-11 14:08:22 -05:00
parent 52fd78e28b
commit 86562b3ccc
9 changed files with 58 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible.cfg
View File

@ -1,6 +1,5 @@
[defaults] [defaults]
#inventory = hosts inventory = inventory
inventory = ec2.py
remote_user = ubuntu remote_user = ubuntu
private_key_file = ~/.ssh/ansible private_key_file = ~/.ssh/ansible
ssh_extra_args =-o ForwardAgent=yes -o StrictHostKeyChecking=no ssh_extra_args =-o ForwardAgent=yes -o StrictHostKeyChecking=no

5
provision.yml → ec2.yml
View File

@ -4,9 +4,8 @@
- hosts: ec2 - hosts: ec2
roles: roles:
- common - common
- hosts: tag_userlogon_true - hosts: tag_role_cockpit
roles: roles:
- user - user
- hosts: tag_ansiblehost_true
roles:
- ansiblehost - ansiblehost
- cockpit

0
ec2.ini → inventory/ec2.ini
View File

0
ec2.py → inventory/ec2.py
View File

1
roles/cockpit/files/ansiblekey Symbolic link
View File

@ -0,0 +1 @@
../../ansiblehost/files/ansiblekey

2
roles/cockpit/meta/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
allow_duplicates: no

23
roles/cockpit/tasks/main.yml Normal file
View File

@ -0,0 +1,23 @@
#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Install Cockpit-required packages via apt
apt:
name: "{{ packages }}"
vars:
packages:
- cockpit
become: true
- name: Copy Ansible private key
copy:
src: "{{ role_path }}/files/ansiblekey"
dest: ~/.ssh/id_rsa
mode: 0600
become: true
become_user: cockpit
- name: Add configs for all EC2 instances
# TODO: https://docs.ansible.com/ansible/latest/modules/template_module.html
debug:
msg: "{{ item }}"
with_inventory_hostnames:
- ec2

15
roles/common/tasks/main.yml
View File

@ -15,3 +15,18 @@
packages: packages:
- vim - vim
become: true become: true
- name: Assure Cockpit user
user:
name: cockpit
shell: /bin/bash
groups: sudo
append: yes
become: yes
- name: Authorize key for Cockpit user
authorized_key:
user: cockpit
state: present
manage_dir: yes
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= salt@dsk-cstm-0"
become: yes
become_user: cockpit

16
roles/user/tasks/main.yml
View File

@ -1,11 +1,23 @@
#!/usr/bin/ansible-playbook #!/usr/bin/ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: Initialize user salt - name: Assure user salt
vars:
salt_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
37666131343936663962386535343939373161343337383436613961303637376136633736353533
3366623536646563383563373265313134663464396231370a303033353661336436386561366139
30393536393634653566646636366436656435623534626266343632313336336336346131383361
3366343932383930350a383637646261373135376138633533306530306339316235353262356135
34626466363266616265653064333365663663306330666632343864373335626265323230633331
33623431633665353964623437636231623366383733626266353162633762373035376638663936
62383065653836366431316461663862393130653761643937376565366435646665313961663534
64303363653631653433343361616635373966326433663466636164613062343561333036613937
35616666633737356331653632323639373330396433366639326466373639313630
user: user:
name: salt name: salt
shell: /bin/bash shell: /bin/bash
password: "***REMOVED***" password: "{{ salt_pass }}"
groups: sudo groups: sudo
append: yes append: yes
become: yes become: yes