2021-07-14 21:38:30 +02:00
|
|
|
# hosts role for Ansible
|
2021-02-09 17:05:00 +01:00
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
Bootstrap hosts, installing standard packages and user settings
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
## Role Variables
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_cloudinit_config` - cloud-init yaml config
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-07-14 21:38:30 +02:00
|
|
|
hosts_cloudinit_config:
|
|
|
|
preserve_hostname: false
|
|
|
|
datasource_list:
|
|
|
|
- Ec2
|
|
|
|
datasource:
|
|
|
|
Ec2:
|
|
|
|
metadata_urls:
|
|
|
|
- 'http://169.254.169.254'
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_cloudinit_enable` - Install and configure cloud-init
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-07-14 21:38:30 +02:00
|
|
|
hosts_cloudinit_enable: false
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-15 00:58:24 +02:00
|
|
|
* `hosts_git_repositories` - Clone git repositories
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_git_repositories:
|
|
|
|
- { "repo": "https://github.com/aynicos/myos", "dest": "/dns/com/github/aynicos/myos", "key_file": "~/.ssh/id_rsa", "version": "master" }
|
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_packages` - List of packages to install/remove on your hosts, should be overrided for a specific distro
|
2021-06-16 13:19:52 +02:00
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_packages: []
|
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_packages_common` - List of packages to install/remove on your hosts, common to all distros
|
2021-06-16 13:19:52 +02:00
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_packages_common:
|
|
|
|
- { "name": "bash", "state": "present" }
|
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_packages_distro` - List of packages to install/remove on your hosts, specific to a distro
|
2021-06-16 13:19:52 +02:00
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_packages_distro:
|
|
|
|
- { "name": "vim-nox", "state": "present" }
|
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_services` - List of services to enable/disable on your hosts
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-07-14 21:38:30 +02:00
|
|
|
hosts_services:
|
|
|
|
# Enable ansible, running ansible pull at boot
|
|
|
|
- { "name": "ansible", "state": "started", "enabled": "yes" }
|
|
|
|
# Enable zram, creating virtual swap devices compressed in RAM, usefull on hosts without physical swap to increase performances
|
|
|
|
- { "name": "zram", "state": "started", "enabled": "yes" }
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_authorized_keys` - List of urls to add ssh public keys in ~/.ssh/authorized_keys
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-06-16 13:19:52 +02:00
|
|
|
hosts_ssh_authorized_keys:
|
2021-07-14 21:38:30 +02:00
|
|
|
- https://github.com/aynicos.keys
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_bastion_hostname` - Hostname of ssh bastion added in ~/.ssh/myos/config
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-06-16 13:19:52 +02:00
|
|
|
hosts_ssh_bastion_hostname: 8.4.2.1
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_bastion_username` - Username of ssh bastion added in ~/.ssh/myos/config
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-06-16 13:19:52 +02:00
|
|
|
hosts_ssh_bastion_username: root
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_private_ip_range` - Ip range proxified through ssh bastion to add in ~/.ssh/myos/config
|
2021-02-09 17:05:00 +01:00
|
|
|
|
2021-06-16 13:19:52 +02:00
|
|
|
``` yaml
|
|
|
|
hosts_ssh_private_ip_range: 10.* 192.168.42.*
|
|
|
|
```
|
2021-02-09 17:05:00 +01:00
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_private_keys` - List of ssh private keys to copy, default to ~/.ssh/id_rsa
|
2021-06-16 13:19:52 +02:00
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_ssh_private_keys:
|
|
|
|
- ~/.ssh/id_rsa
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_public_hosts` - List of host names to add ssh public fingerprints in ~/.ssh/known_hosts
|
2021-02-09 17:05:00 +01:00
|
|
|
|
2021-06-16 13:19:52 +02:00
|
|
|
``` yaml
|
|
|
|
hosts_ssh_public_hosts:
|
|
|
|
- github.com
|
|
|
|
- gitlab.com
|
|
|
|
```
|
2021-02-09 17:05:00 +01:00
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_ssh_username` - User to ssh on remote hosts
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` yaml
|
2021-06-16 13:19:52 +02:00
|
|
|
hosts_ssh_username: root
|
|
|
|
```
|
|
|
|
|
2021-07-15 00:58:24 +02:00
|
|
|
* `hosts_update` - Update hosts every day
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_update: false
|
|
|
|
```
|
|
|
|
|
|
|
|
* `hosts_user_env` - List of environment variables to add in file ~/.myos
|
2021-06-16 13:19:52 +02:00
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
``` yaml
|
|
|
|
hosts_user_env:
|
|
|
|
- ENV
|
|
|
|
- DOCKER
|
|
|
|
```
|
2021-06-16 13:19:52 +02:00
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
* `hosts_user_rc_enable` - Call specific functions on user login, allowing it to customize his session
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_user_rc_enable: false
|
|
|
|
```
|
|
|
|
|
|
|
|
* `hosts_user_rc_functions` - List of specific functions to call on user login, defined in /etc/profile.d/rc_functions.sh
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
hosts_user_rc_functions:
|
|
|
|
# customize PROMPT variable
|
|
|
|
- { "path": "10_prompt_set", "state": "touch" }
|
|
|
|
# customize PS1 variable
|
|
|
|
- { "path": "10_ps1_set", "state": "touch" }
|
|
|
|
# create and/or attach a tmux session
|
|
|
|
- { "path": "20_tmux_attach", "state": "touch" }
|
|
|
|
# display host infos
|
|
|
|
- { "path": "30_pfetch", "state": "touch" }
|
|
|
|
# create and/or attach a screen session
|
|
|
|
- { "path": "30_screen_attach", "state": "touch" }
|
|
|
|
# launch ssh agent and load private keys in ~/.ssh
|
|
|
|
- { "path": "40_ssh_add", "state": "touch" }
|
|
|
|
# remove tmux_attach
|
|
|
|
- { "path": "20_tmux_attach", "state": "absent" }
|
|
|
|
```
|
|
|
|
|
|
|
|
## Example playbook
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
- hosts: 'hosts'
|
|
|
|
roles:
|
|
|
|
- role: 'aynicos.hosts'
|
|
|
|
hosts_services:
|
|
|
|
- { "name": "local", "state": "started", "enabled": "yes" }
|
|
|
|
- { "name": "zram", "state": "started", "enabled": "yes" }
|
|
|
|
hosts_user_rc_enable: true
|
2021-02-09 17:05:00 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
## Tests
|
|
|
|
|
2021-07-14 21:38:30 +02:00
|
|
|
To test this role on your `hosts`, run the tests/playbook.yml playbook.
|
2021-02-09 17:05:00 +01:00
|
|
|
|
|
|
|
``` bash
|
|
|
|
$ ansible-playbook tests/playbook.yml
|
|
|
|
```
|