skylab/omni-ansible
Archived
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix myriad bugs in playbooks

Browse Source 
Update inventory
This commit is contained in:
Ethan Paul 2018-12-22 13:55:36 -05:00
parent fd77dbfca4
commit 9a35e992d0
12 changed files with 99 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
omni.ini
View File

@ -1,3 +1,5 @@
router
[servers] [servers]
romulus romulus
remus remus
@ -5,9 +7,10 @@ novis
apex apex
[vms] [vms]
vm-host-nginx vm-dev-nginx
vm-host-gitea vm-host-gitea
vm-host-plex vm-host-plex
vm-host-bitwarden
vm-db-maria vm-db-maria
vm-db-prometheus vm-db-prometheus
nimbus-1 nimbus-1

63
playbooks/files/bashrc.sh
View File

@ -14,66 +14,3 @@ parse_git_branch() {
} }
export PS1="\[\e[0;97m\]\[\e[37m\]\u\[\e[1;94m\]@\[\e[94m\]\h\[\e[0;33m\]$(parse_git_branch) \[\e[37m\]\w\[\e[33m\] \[\e[0;97m\]$\[\e[0m\] " export PS1="\[\e[0;97m\]\[\e[37m\]\u\[\e[1;94m\]@\[\e[94m\]\h\[\e[0;33m\]$(parse_git_branch) \[\e[37m\]\w\[\e[33m\] \[\e[0;97m\]$\[\e[0m\] "
function venv() {
DIR="/home/$USER/.virtualenvs"
[[ -d $DIR ]] || mkdir $DIR
if [ ! -v $1 ] || [ $1 -eq '--help' ] || [ $1 -eq '-h' ]; then
echo "Custom python Virtualenv manager
\"Because pipenv is too hard and everything else sucks\"
Commands:
list List available virtualenvs
show Alias of list
delete <venv> Delete a virtualenv
del Alias of delete
rm Alias of delete
load <venv> Activate a virtualenv for usage
new <venv> <python> Create a new virtualenv. If <python> is not specified,
then the system default python is used
"
elif [ ! -v $1 ] || [ $1 -eq "list" ] || [ $1 -eq "show" ]; then
echo "hello"
ls $DIR
elif [ $1 -eq "del" ] || [ $1 -eq "rm" ]; then
if [ ! -v $2 ]; then
echo "Error: virtualenv name parameter not provided"
else
if [ ! -d "$DIR/$2" ]; then
echo "Error: virtualenv $2 does not exist"
else
rm -rf $DIR/$2
fi
fi
elif [ $1 -eq "new" ]; then
if [ ! -v $2 ]; then
echo "Error: virtualenv name parameter not provided"
else
if [ -d "$DIR/$2" ]; then
echo "Error: virtualenv $2 already exits"
elif [ -v $3 ]; then
virtualenv $2 --python=$3
else
virtualenv $2
fi
fi
elif [ $1 -eq "load" ]; then
if [ ! -v $2 ]; then
echo "Error: virtualenv name parameter not provided"
elif [ ! -d "$DIR/$2" ]; then
echo "Error: virtualenv $2 does not exist"
else
source $DIR/$2/bin/activate
fi
else
echo "No parameter provided"
fi
}

60
playbooks/provision.yml
View File

@ -1,37 +1,43 @@
--- ---
- include_playbook: dependencies.yml - import_playbook: dependencies.yml
- hosts: all - hosts: all
name: Init name: Init
tasks: tasks:
- name: Check system compatibility
when: ansible_distribution != "CentOS" and ansible_distribution != "Red Hat Enterprise Linux" and ansible_distribution != "Fedora"
meta: end_play
debug:
msg: "Standard configuration deployment is only supported on Fedora 28/29, Centos 7.5, and RHEL"
- name: Set hostname - name: Set hostname
become: true become: true
hostname: hostname:
name: "{{ default_host if default_host is defined else inventory_hostname }}" name: "{{ default_host if default_host is defined else inventory_hostname }}"
- name: Install MOTD - name: Install global bashrc
become: true
copy:
src: bashrc.sh
dest: /etc/profile.d/30-omni-bashrc.sh
mode: 0644
- name: Install SSH Banner
become: true become: true
template: template:
src: motd.j2 src: motd.j2
dest: /etc/motd dest: /etc/issue.net
mode: 0644 mode: 0644
- name: Install global bashrc - name: Configure SSH banner
become: true become: true
template: lineinfile:
src: bashrc.j2 path: /etc/ssh/sshd_config
dest: /etc/profile.d/30-omni-bashrc.sh regexp: '#Banner none'
mode: 0644 line: 'Banner /etc/issue.net'
- hosts: all - hosts: all
name: System packages name: System packages
tasks: tasks:
- name: Load package variables
include_vars:
file: packages.yml
- import_tasks: tasks/centos/repositories.yml - import_tasks: tasks/centos/repositories.yml
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
- import_tasks: tasks/centos/packages.yml - import_tasks: tasks/centos/packages.yml
@ -57,20 +63,18 @@
when: ansible_distribution == "Fedora" when: ansible_distribution == "Fedora"
# - import_tasks: common/debian/networkd.yml # - import_tasks: common/debian/networkd.yml
# when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu" # when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
- name: Configure systemd-networkd
when: enable_networkd == true - import_tasks: tasks/networkd.yml
- import_tasks: common/networkd.yml
- hosts: all - import_playbook: update-users-local.yml
name: Register static DHCP entries
- hosts: vms
name: Install ovirt agent
tasks: tasks:
- name: Install static DHCP leases - name: Install ovirt-agent
delegate_to: {{ router.address }} become: true
when: networking is defined yum:
edgeos_config: name: ovirt-guest-agent
save: true state: latest
lines:
- set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} mac-address {{ item.mac }}
- set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} ip-address {{ item.address }}
with_dict: "{{ networking }}"

2
playbooks/templates/motd.j2
View File

@ -5,4 +5,4 @@
| |_____ | | \ | | | | | |___| | | | \ | | | |_____ | |_____ | | \ | | | | | |___| | | | \ | | | |_____
|_______| |_| \__| |_| O |_______| |_| \__| |_______| |_______| |_| \__| |_| O |_______| |_| \__| |_______|
{{ description | default('ENPN Distributed System') }} {{ description | default('Omni Network System') }}

4
playbooks/update-system.yml
View File

@ -7,7 +7,7 @@
become: true become: true
yum: yum:
state: latest state: latest
name: * name: "*"
exclude: kernel*{{ ',' + exclude_upgrade | default('') }} exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
- name: Upgrade DNF packages - name: Upgrade DNF packages
@ -15,7 +15,7 @@
become: true become: true
dnf: dnf:
state: latest state: latest
name: * name: "*"
exclude: kernel*{{ ',' + exclude_upgrade | default('') }} exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
# - name: Upgrade APT packages # - name: Upgrade APT packages

15
playbooks/update-local-users.yml → playbooks/update-users-local.yml
View File

@ -4,20 +4,7 @@
- hosts: all - hosts: all
name: Prompt for variables name: Prompt for variables
tasks: tasks:
- name: Pre-processing - import_tasks: tasks/users-preprocessing.yml
tags: always
block:
- name: Load users
include_vars:
file: users.yml
- name: Reconcile user targets with host targets to get host users
set_fact:
local_users: "{{ local_users | default([]) + [item if item.targets | intersect(targets) else None] }}"
with_items: "{{ users }}"
- name: Get administrative users
set_fact:
local_admin_users: "{{ local_admin_users | default([]) + [item.name if item.admin else None] }}"
with_items: "{{ local_users | difference([None]) }}"
- name: Create local user accounts - name: Create local user accounts
tags: users_create tags: users_create

39
playbooks/update-users-network.yml Normal file
View File

@ -0,0 +1,39 @@
---
- hosts: router
name: Configure users on router
connection: network_cli
gather_facts: false
vars:
ansible_network_os: edgeos
tasks:
- import_tasks: tasks/users-preprocessing.yml
- name: Create users
edgeos_config:
lines:
- set system login user {{ item.name }} authentication encrypted-password "{{ item.password }}"
- set system login user {{ item.name }} full-name "{{ item.fullname if item.fullname is defined else "" }}"
- set system login user {{ item.name }} level {{ 'operator' if item.name != 'ansible' else 'admin' }}
with_items:
- "{{ local_users | difference([None]) }}"
- name: Grant administrative access to admin users
edgeos_config:
lines:
- set system login user {{ item.name }} level admin
with_items:
- "{{ local_admin_users | difference([None]) }}"
- name: Assemble loadkey files
copy:
src: keys/{{ item }}
dest: /tmp
with_items:
- "{{ local_admin_users | difference([None]) }}"
- name: Load keys
edgeos_config:
lines:
- loadkey {{ item }} /tmp/{{ item }}/*.pub
with_items:
- "{{ local_admin_users | difference([None]) }}"

5
tasks/centos/packages.yml
View File

@ -1,7 +1,4 @@
- name: Load package variables ---
include_vars:
file: packages.yml
- name: Install global packages using YUM - name: Install global packages using YUM
become: true become: true
yum: yum:

2
tasks/centos/repositories.yml
View File

@ -1,3 +1,4 @@
---
- name: Enable Extra Packages for Enterprise Linux - name: Enable Extra Packages for Enterprise Linux
become: true become: true
yum_repository: yum_repository:
@ -23,4 +24,5 @@
regex: enabled=1 regex: enabled=1
line: enabled=0 line: enabled=0
path: /etc/yum/pluginconf.d/subscription-manager.conf path: /etc/yum/pluginconf.d/subscription-manager.conf
create: yes
state: present state: present

5
tasks/fedora/packages.yml
View File

@ -1,7 +1,4 @@
- name: Load package variables ---
include_vars:
file: packages.yml
- name: Install global packages using DNF - name: Install global packages using DNF
become: true become: true
dnf: dnf:

2
tasks/networkd.yml
View File

@ -16,7 +16,7 @@
- name: Make .network files - name: Make .network files
become: true become: true
template: template:
src: dot.network.j2 src: network.j2
dest: "/etc/systemd/network/{{ item.key }}.network" dest: "/etc/systemd/network/{{ item.key }}.network"
with_dict: "{{ networking }}" with_dict: "{{ networking }}"

15
tasks/users-preprocessing.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Pre-processing
tags: always
block:
- name: Load users
include_vars:
file: users.yml
- name: Reconcile user targets with host targets to get host users
set_fact:
local_users: "{{ local_users | default([]) + [item if item.targets | intersect(targets) else None] }}"
with_items: "{{ users }}"
- name: Get administrative users
set_fact:
local_admin_users: "{{ local_admin_users | default([]) + [item.name if item.admin else None] }}"
with_items: "{{ local_users | difference([None]) }}"