Add runtime group assignment based on OS platform

2021-09-08 21:07:14 -04:00 · 2021-09-08 21:07:14 -04:00 · 8fd063d21d
parent 2814d42148
commit 8fd063d21d
4 changed files with 37 additions and 6 deletions
--- a/playbooks/provision.yaml
+++ b/playbooks/provision.yaml
@ -1,6 +1,14 @@
 ---
+- name: Group hosts by platform
+  hosts: all
+  tags:
+    - always
+  pre_tasks:
+    - include_tasks: tasks/meta/runtime-group-determination.yaml
+
+
 - name: Bootstrap remote ansible environment
-  hosts: all,!network,!network
+  hosts: linux
  tags:
    - always
  tasks:
@ -51,7 +59,7 @@


 - name: Configure common server settings
-  hosts: all,!network
+  hosts: linux
  vars_files:
    - vars/packages.yaml
  tasks:
@ -104,7 +112,7 @@


 - name: Configure SSH
-  hosts: all,!network
+  hosts: linux
  handlers:
    - name: restart-sshd
      become: true
--- a/playbooks/tasks
+++ b/playbooks/tasks
@ -0,0 +1 @@
+../tasks
--- a/playbooks/update.yaml
+++ b/playbooks/update.yaml
@ -1,6 +1,14 @@
 ---
+- name: Group hosts by platform
+  hosts: all
+  tags:
+    - always
+  pre_tasks:
+    - include_tasks: tasks/meta/runtime-group-determination.yaml
+
+
 - name: Update system
-  hosts: all,!network
+  hosts: linux
  tags:
    - packages
  vars_files:
@ -14,7 +22,7 @@
        state: latest

 - name: Update unix accounts
-  hosts: all,!network
+  hosts: linux
  tags:
    - accounts
    - access
@ -32,11 +40,13 @@
        - "{{ skylab_group }}"
        - "{{ skylab_group_admin }}"
        - "{{ skylab_group_automation }}"
+      loop_control:
+        label: "{{ item.name }},{{ item.gid }}"

    - name: Determine existing skylab users
      changed_when: false
      ansible.builtin.shell:
-        cmd: 'grep {{ skylab_group.name }} /etc/group | cut --delimiter : --fields 4 | tr "," "\n"'
+        cmd: 'grep "{{ skylab_group.name }}:" /etc/group | cut --delimiter : --fields 4 | tr "," "\n"'
      register: _existing_skylab_accounts

    - name: Delete removed user accounts
--- a/tasks/meta/runtime-group-determination.yaml
+++ b/tasks/meta/runtime-group-determination.yaml
@ -0,0 +1,12 @@
+---
+- name: Group EdgeOS hosts
+  when: ansible_kernel.endswith('UBNT')
+  changed_when: false
+  group_by:
+    key: edgeos
+
+- name: Group supported Linux hosts
+  when: ansible_distribution == "Rocky"
+  changed_when: false
+  group_by:
+    key: linux