ansible.cfg
@@ -1,8 +1,9 @@ [defaults] inventory = ./inventory remote_user = devops remote_user = olbohlen ask_pass = False remote_tmp = /var/tmp/.ansible-$LOGNAME/ log_path = ~/ansible-logs/run.log [privilege_escalation] become=False complex-conditionals.yaml
New file @@ -0,0 +1,9 @@ - name: play vars: conditions: - a - b tasks: - debug: msg: "foo" when: ansible_facts in conditions devices.j2
New file @@ -0,0 +1,6 @@ List of our block devices: {% for dev in ansible_facts['devices'] %} - Device name: {{ dev }} Device size: {{ ansible_facts['devices'][dev]['size'] }} {% endfor %} echo.yaml
New file @@ -0,0 +1,20 @@ --- - name: echo a var hosts: foobar gather_facts: false vars_files: - foobar-vault.yaml vars: #sample: "in play scope" tasks: - name: task1 debug: var: sample vars: sample: "in task level" register: reg_out - name: task2 debug: var: reg_out when: steptwo is defined empty-facts.yaml
New file @@ -0,0 +1,10 @@ --- - name: empty facts hosts: servera become: false gather_facts: true tasks: - name: print facts debug: var: ansible_facts['fqdn'] when: ansible_facts['fqdn'] is defined facts-scan.yaml
@@ -1,6 +1,6 @@ --- - name: scan facts hosts: demoext hosts: localhost become: false tasks: - debug: filter-defaults.yaml
New file @@ -0,0 +1,6 @@ --- - name: filter sample hosts: tttservers tasks: - debug: msg: '{{ foobar | default("need to set a value") }}' filter-mounts.yaml
New file @@ -0,0 +1,12 @@ --- - name: filter sample 2 hosts: servera become: false tasks: - name: print mounts debug: msg: "{{ ansible_facts['mounts'] | items2dict(key_name='mount', value_name='size_total') }}" register: foo - debug: var: foo['msg']['/'] foobar-vault.yaml
New file @@ -0,0 +1,6 @@ $ANSIBLE_VAULT;1.1;AES256 35333136353262376531356239303239343239643239383934323136326434623434333861613837 6666363938303463646565653439366431343335393132650a633131643966366435613834653665 65633532303034643334643237626134633238333064636234303136623666623035653334363862 6463346533323436310a626334353464633939373764353838643064626461386263336137306139 39636261393264666566393162306438366663323333623664313562646433366638 hash-or-dict-loop.yml
@@ -1,7 +1,7 @@ --- - name: a play for a simple loop hosts: server remote_user: devops hosts: foobar remote_user: olbohlen become: yes vars: installstate: present hostvars-play.yaml
@@ -1,8 +1,8 @@ --- - name: demonstrate hostvars magic var hosts: server hosts: foobar become: true remote_user: olbohlen tasks: - debug: msg: '{{ hostvars }}' - resizepart: targetsize: "{{ hostvars['servera']['ansible_facts']['disks']['vda1']['size'] }}" inventory
File was deleted inventory/iv1
New file @@ -0,0 +1,35 @@ [server:children] prod integration test [server:vars] svcname=chronyd [prod] serverxa [prod:vars] svcname=httpd [integration] serverxc svcname=nginx [test] serverxd svcname=mariadb [ext] #x230 remote_user=do407 demoext ansible_host=172.25.254.44 remote_user=devops ansible_python_interpreter=auto_silent [desktop] workstation [fake] foobar ansible_host=127.0.0.1 remote_user=olbohlen ansible_python_interpreter=auto_silent sample="inventory specific host var" [fake:vars] sample="inventory group var" [snafu] foobar ansible_host=127.0.0.1 remote_user=olbohlen ansible_python_interpreter=auto_silent inventory/iv2
New file @@ -0,0 +1,9 @@ [tttservers] servera ansible_host=172.18.1.100 serverb ansible_host=172.18.1.101 serverc ansible_host=172.18.1.102 serverd ansible_host=172.18.1.103 [tttservers:vars] ansible_python_interpreter=auto_silent ansible_ssh_user=localadm join-lists.yaml
New file @@ -0,0 +1,12 @@ --- - name: flatten a list hosts: localhost gather_facts: false become: false vars: nameservers: - 1.1.1.1 - 8.8.8.8 tasks: - debug: msg: "{{ nameservers | join(' ') }}" list-devices.yaml
New file @@ -0,0 +1,9 @@ --- - name: print device list in template become: true hosts: localhost tasks: - name: call template template: src: devices.j2 dest: /tmp/device-list motd-complex.j2
@@ -15,4 +15,5 @@ Part of the server group: {{ member }} {% endfor %} {{ ansible_facts['all_ipv4_addresses'] | to_nice_json }} {{ ansible_facts['all_ipv4_addresses'] | to_nice_json }} {{ ansible_facts['all_ipv4_addresses'] | to_nice_yaml }} pingmeharder.yaml
New file @@ -0,0 +1,11 @@ - name: ping me harder hosts: foobar tasks: - ping: register: ping_out - name: show ping result hosts: localhost tasks: - debug: var: ping_out play-with-complex-template.yml
@@ -1,19 +1,11 @@ --- - name: Simple play for class DO407 which introduces complex j2 templates hosts: server, desktop, demoext hosts: localhost become: true vars: users: - bob: name: Bob Andersen home: /home/bob - anne: name: Anne Clark home: /home/anne tasks: - name: use template to create /etc/motd template: src: motd-complex.j2 dest: /etc/motd play-with-roles.yml
@@ -8,7 +8,12 @@ msg: 'this runs before the roles' roles: - prep_server tasks: - name: prepare sample html content copy: dest: /var/www/htdocs/index.html content: "foobar" notify: "set permissions" post_tasks: - name: post_tasks run here debug: @@ -18,3 +23,8 @@ url: "http://localhost:80/index.html" return_content: yes when: port == 'http' handlers: - name: set permissions file: dest: /var/www/htdocs/index.html mode: 644 play-with-template.yml
@@ -1,6 +1,6 @@ --- - name: Simple play for class DO407 which introduces j2 templates hosts: server hosts: foobar become: true tasks: - name: use template to create /etc/motd roles/geerlingguy.redis/.gitignore
New file @@ -0,0 +1,2 @@ *.retry tests/test.sh roles/geerlingguy.redis/.travis.yml
New file @@ -0,0 +1,33 @@ --- services: docker env: - distro: centos7 redis_daemon: redis - distro: fedora27 redis_daemon: redis - distro: ubuntu1604 redis_daemon: redis-server script: # Configure test script so we can run extra tests after playbook is run. - export container_id=$(date +%s) - export cleanup=false # Download test shim. - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ - chmod +x ${PWD}/tests/test.sh # Run tests. - ${PWD}/tests/test.sh # Make sure Redis is running, and can be stopped and started cleanly. - 'docker exec --tty ${container_id} env TERM=xterm systemctl --no-pager status ${redis_daemon}' - 'docker exec --tty ${container_id} env TERM=xterm systemctl --no-pager stop ${redis_daemon}' - 'docker exec --tty ${container_id} env TERM=xterm systemctl --no-pager start ${redis_daemon}' after_failure: - 'docker exec --tty ${container_id} env TERM=xterm cat /var/log/redis/redis-server.log' notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ roles/geerlingguy.redis/LICENSE
New file @@ -0,0 +1,20 @@ The MIT License (MIT) Copyright (c) 2017 Jeff Geerling Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. roles/geerlingguy.redis/README.md
New file @@ -0,0 +1,119 @@ # Ansible Role: Redis [![Build Status](https://travis-ci.org/geerlingguy/ansible-role-redis.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-redis) Installs [Redis](http://redis.io/) on Linux. ## Requirements On RedHat-based distributions, requires the EPEL repository (you can simply add the role `geerlingguy.repo-epel` to install ensure EPEL is available). ## Role Variables redis_enablerepo: epel (Used only on RHEL/CentOS) The repository to use for Redis installation. Available variables are listed below, along with default values (see `defaults/main.yml`): redis_port: 6379 redis_bind_interface: 127.0.0.1 Port and interface on which Redis will listen. Set the interface to `0.0.0.0` to listen on all interfaces. redis_unixsocket: '' If set, Redis will also listen on a local Unix socket. redis_timeout: 300 Close a connection after a client is idle `N` seconds. Set to `0` to disable timeout. redis_loglevel: "notice" redis_logfile: /var/log/redis/redis-server.log Log level and log location (valid levels are `debug`, `verbose`, `notice`, and `warning`). redis_databases: 16 The number of Redis databases. # Set to an empty set to disable persistence (saving the DB to disk). redis_save: - 900 1 - 300 10 - 60 10000 Snapshotting configuration; setting values in this list will save the database to disk if the given number of seconds (e.g. `900`) and the given number of write operations (e.g. `1`) have occurred. redis_rdbcompression: "yes" redis_dbfilename: dump.rdb redis_dbdir: /var/lib/redis Database compression and location configuration. redis_maxmemory: 0 Limit memory usage to the specified amount of bytes. Leave at 0 for unlimited. redis_maxmemory_policy: "noeviction" The method to use to keep memory usage below the limit, if specified. See [Using Redis as an LRU cache](http://redis.io/topics/lru-cache). redis_maxmemory_samples: 5 Number of samples to use to approximate LRU. See [Using Redis as an LRU cache](http://redis.io/topics/lru-cache). redis_appendonly: "no" The appendonly option, if enabled, affords better data durability guarantees, at the cost of slightly slower performance. redis_appendfsync: "everysec" Valid values are `always` (slower, safest), `everysec` (happy medium), or `no` (let the filesystem flush data when it wants, most risky). # Add extra include files for local configuration/overrides. redis_includes: [] Add extra include file paths to this list to include more/localized Redis configuration. The redis package name for installation via the system package manager. Defaults to `redis-server` on Debian and `redis` on RHEL. redis_package_name: "redis-server" (Default for RHEL shown) The redis package name for installation via the system package manager. Defaults to `redis-server` on Debian and `redis` on RHEL. redis_requirepass: "" Set a password to require authentication to Redis. You can generate a strong password using `echo "my_password_here" | sha256sum`. redis_disabled_commands: [] For extra security, you can disable certain Redis commands (this is especially important if Redis is publicly accessible). For example: redis_disabled_commands: - FLUSHDB - FLUSHALL - KEYS - PEXPIRE - DEL - CONFIG - SHUTDOWN ## Dependencies None. ## Example Playbook - hosts: all roles: - role: geerlingguy.redis ## License MIT / BSD ## Author Information This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). roles/geerlingguy.redis/defaults/main.yml
New file @@ -0,0 +1,53 @@ --- # Used for RHEL/CentOS/Fedora only. Allows the use of different repos. redis_enablerepo: epel redis_port: 6379 redis_bind_interface: 127.0.0.1 redis_unixsocket: '' redis_timeout: 300 redis_loglevel: "notice" redis_logfile: /var/log/redis/redis-server.log redis_databases: 16 # Set to an empty set to disable persistence (saving the DB to disk). redis_save: - 900 1 - 300 10 - 60 10000 redis_rdbcompression: "yes" redis_dbfilename: dump.rdb redis_dbdir: /var/lib/redis redis_maxmemory: 0 redis_maxmemory_policy: "noeviction" redis_maxmemory_samples: 5 redis_appendonly: "no" redis_appendfsync: "everysec" # Add extra include files for local configuration/overrides. redis_includes: [] # Require authentication to Redis with a password. redis_requirepass: "" # Disable certain Redis commands for security reasons. redis_disabled_commands: [] # - FLUSHDB # - FLUSHALL # - KEYS # - PEXPIRE # - DEL # - CONFIG # - SHUTDOWN # - BGREWRITEAOF # - BGSAVE # - SAVE # - SPOP # - SREM # - RENAME # - DEBUG roles/geerlingguy.redis/handlers/main.yml
New file @@ -0,0 +1,3 @@ --- - name: restart redis service: "name={{ redis_daemon }} state=restarted" roles/geerlingguy.redis/meta/.galaxy_install_info
New file @@ -0,0 +1,2 @@ install_date: Wed Aug 19 13:39:49 2020 version: 1.6.0 roles/geerlingguy.redis/meta/main.yml
New file @@ -0,0 +1,33 @@ --- dependencies: [] galaxy_info: author: geerlingguy description: Redis for Linux company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" min_ansible_version: 2.4 platforms: - name: EL versions: - 6 - 7 - name: Fedora versions: - all - name: Debian versions: - all - name: Ubuntu versions: - all - name: Archlinux versions: - all galaxy_tags: - database - development - web - redis - cache - performance roles/geerlingguy.redis/tasks/main.yml
New file @@ -0,0 +1,29 @@ --- # Variable setup. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" - name: Define redis_package. set_fact: redis_package: "{{ __redis_package }}" when: redis_package is not defined # Setup/install tasks. - include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' - include_tasks: setup-Debian.yml when: ansible_os_family == 'Debian' - include_tasks: setup-Archlinux.yml when: ansible_os_family == 'Archlinux' - name: Ensure Redis is configured. template: src: redis.conf.j2 dest: "{{ redis_conf_path }}" mode: 0644 notify: restart redis - name: Ensure Redis is running and enabled on boot. service: "name={{ redis_daemon }} state=started enabled=yes" roles/geerlingguy.redis/tasks/setup-Archlinux.yml
New file @@ -0,0 +1,5 @@ --- - name: Ensure Redis is installed. pacman: name: "{{ redis_package }}" state: present roles/geerlingguy.redis/tasks/setup-Debian.yml
New file @@ -0,0 +1,5 @@ --- - name: Ensure Redis is installed. apt: name: "{{ redis_package }}" state: present roles/geerlingguy.redis/tasks/setup-RedHat.yml
New file @@ -0,0 +1,6 @@ --- - name: Ensure Redis is installed. package: name: "{{ redis_package }}" state: present enablerepo: "{{ redis_enablerepo }}" roles/geerlingguy.redis/templates/redis.conf.j2
New file @@ -0,0 +1,55 @@ # {{ ansible_managed }} daemonize yes pidfile /var/run/redis/{{ redis_daemon }}.pid port {{ redis_port }} bind {{ redis_bind_interface }} {% if redis_unixsocket %} unixsocket {{ redis_unixsocket }} {% endif %} timeout {{ redis_timeout }} loglevel {{ redis_loglevel }} logfile {{ redis_logfile }} # To enable logging to the system logger, just set 'syslog-enabled' to yes, # and optionally update the other syslog parameters to suit your needs. # syslog-enabled no # syslog-ident redis # syslog-facility local0 databases {{ redis_databases }} {% for save in redis_save %} save {{ save }} {% endfor %} rdbcompression {{ redis_rdbcompression }} dbfilename {{ redis_dbfilename }} dir {{ redis_dbdir }} # maxclients 128 {% if redis_maxmemory %} maxmemory {{ redis_maxmemory }} maxmemory-policy {{ redis_maxmemory_policy }} maxmemory-samples {{ redis_maxmemory_samples }} {% endif %} appendonly {{ redis_appendonly }} appendfsync {{ redis_appendfsync }} no-appendfsync-on-rewrite no {% for include in redis_includes %} include {{ include }} {% endfor %} {% if redis_requirepass %} requirepass {{ redis_requirepass }} {% endif %} {% for redis_disabled_command in redis_disabled_commands %} rename-command {{ redis_disabled_command }} "" {% endfor %} roles/geerlingguy.redis/tests/README.md
New file @@ -0,0 +1,11 @@ # Ansible Role tests To run the test playbook(s) in this directory: 1. Install and start Docker. 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 1. Make the test shim executable: `chmod +x tests/test.sh`. 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` roles/geerlingguy.redis/tests/test.yml
New file @@ -0,0 +1,15 @@ --- - hosts: all pre_tasks: - name: Update apt cache. apt: update_cache=yes cache_valid_time=600 when: ansible_os_family == 'Debian' - name: Clear out repo for Fedora. set_fact: redis_enablerepo: "" when: ansible_distribution == 'Fedora' roles: - role_under_test roles/geerlingguy.redis/vars/Archlinux.yml
New file @@ -0,0 +1,4 @@ --- __redis_package: redis redis_daemon: redis redis_conf_path: /etc/redis.conf roles/geerlingguy.redis/vars/Debian.yml
New file @@ -0,0 +1,4 @@ --- __redis_package: redis-server redis_daemon: redis-server redis_conf_path: /etc/redis/redis.conf roles/geerlingguy.redis/vars/RedHat.yml
New file @@ -0,0 +1,4 @@ --- __redis_package: redis redis_daemon: redis redis_conf_path: /etc/redis.conf shell.yaml
New file @@ -0,0 +1,17 @@ --- - name: sample shell out hosts: foobar remote_user: olbohlen vars: keyword: "10" tasks: - name: run a sample shell command shell: cal register: shell_out - name: debug shell_out debug: var: item loop: "{{ shell_out['stdout_lines'] }}" when: "keyword in item" simple-play.yml
@@ -1,7 +1,7 @@ --- - name: Simple play for class DO407 hosts: server become: yes hosts: localhost gather_facts: false tasks: - name: ping host @@ -10,10 +10,10 @@ copy: dest: /etc/motd content: "Welcome to our server!\n\n" - name: ensure postfix is installed package: - package: name: postfix state: installed name: ensure postfix is installed - name: ensure that postfix is stopped service: name: postfix @@ -23,7 +23,7 @@ - debug: msg: "{{ ansible_facts['fqdn'] }}" - name: Next play hosts: servera hosts: localhost tasks: - name: adjust /etc/motd copy: verbosity.yaml
@@ -1,6 +1,7 @@ --- - name: Demo for verbosity levels in debug hosts: servera hosts: localhost gather_facts: false vars: level: 0 tasks: which-groups.yaml
New file @@ -0,0 +1,11 @@ --- - name: play to show groups we are in hosts: fake become: false remote_user: olbohlen tasks: - name: print output debug: var: groups