Ansible

From Braindump
Jump to navigation Jump to search

vi /etc/ansible/hosts 

ansible -m ping all
ansible all -m raw -b --become-method=su --ask-become-pass -a "apk add python sudo shadow sed gawk findutils bind-tools"
ansible-playbook -b --become-method=su --ask-become-pass authorized_key.yml

http://docs.ansible.com/ansible/latest/authorized_key_module.html 

ansible ubuntu -m raw -b -u jan --ask-pass --become-method=sudo --ask-become-pass -a "apt update"
ansible alpine -m raw -b -u jan --ask-pass --become-method=sudo --ask-become-pass -a "apk update"

ssh-keygen -t ed25519
/home/jan/.ssh/id_ed25519.pub
apk add shadow
addgroup admin
usermod -a -G admin jan

/etc/sudoers 

%admin ALL=(ALL) ALL

ansible-playbook -i hosts playbook/authorized_key -l ubuntu -b -u jan --ask-pass --become-method=sudo --ask-become-pass

/etc/ansible/playbook/authorized_key 

- hosts: all
  tasks:
  - name: make directory
    file:
      path: "/home/jan/.ssh"
      state: directory
  - name: create empty file
    file:
      path: "/home/jan/.ssh/authorized_keys"
      state: touch
  - name: put pubkey
    lineinfile:
      path: "/home/jan/.ssh/authorized_keys"
      line: "{ { lookup('file', '/home/jan/.ssh/id_ed25519.pub') } }"

ansible-playbook -i hosts playbook/ubuntu-upgrade -b -u jan --become-method=sudo --ask-become-pass

/etc/ansible/playbook/ubuntu-upgrade 

- hosts: ubuntu
  tasks:
    - name: Update apt repo and cache on all Debian/Ubuntu boxes
      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600

    - name: Upgrade all packages on servers
      apt: upgrade=dist force_apt_get=yes

    - name: Check if a reboot is needed on all servers
      register: reboot_required_file
      stat: path=/var/run/reboot-required get_md5=no

    - name: Reboot the box if kernel updated
      reboot:
        msg: "Reboot initiated by Ansible for kernel updates"
        connect_timeout: 5
        reboot_timeout: 300
        pre_reboot_delay: 0
        post_reboot_delay: 30
        test_command: uptime
      when: reboot_required_file.stat.exists

ansible-playbook -b --become-method=sudo --ask-become-pass motd.yaml
ansible dev -m raw -b --ask-become-pass -a "apk add python py-simplejson"

ansible all -b --ask-become-pass -m command -a 'mv /etc/profile.d/color_prompt /etc/profile.d/color_prompt.sh'
ansible all -b --ask-become-pass -m command -a 'cat /etc/motd'

ansible -m raw -b --ask-become-pass -a "apk add python"
Retrieved from "https://www.janmg.com/wiki/index.php?title=Ansible&oldid=3"