- add "new_host" role for system setup

- no longer use "all" to mention all hosts in playbooks - update of hosts file to now use localhost as "test"
author: boom2 <blizzack@blizzack.com> 2023-12-14 17:24:25 -0500
committer: boom2 <blizzack@blizzack.com> 2023-12-14 17:24:25 -0500
commit: f30709d7dbe88d82c4df66c476db36cb5c0ce903 (patch)
tree: ca861d7aa3e30c73a4fefeb9186f221cf15a8ff5 /ansible-practice/system
parent: d8a7729358a2fd3b911022e45d0197fda3e5da94 (diff)
14 files changed, 299 insertions, 5 deletions
diff --git a/ansible-practice/system/01-playbook-create-bash-configs.yml b/ansible-practice/system/01-playbook-create-bash-configs.yml
index ff2156c..d65ee4c 100644
--- a/ansible-practice/system/01-playbook-create-bash-configs.yml
+++ b/ansible-practice/system/01-playbook-create-bash-configs.yml
@@ -3,7 +3,7 @@
 
 ---
 - name: "01 - custom ansible - create bash config files w/ content"
-#  hosts: all
+#  hosts: dev
   hosts: localhost
   connection: local
   tasks:
diff --git a/ansible-practice/system/02-playbook-copy-bash-configs.yml b/ansible-practice/system/02-playbook-copy-bash-configs.yml
index adc1e4e..b2050b9 100644
--- a/ansible-practice/system/02-playbook-copy-bash-configs.yml
+++ b/ansible-practice/system/02-playbook-copy-bash-configs.yml
@@ -5,7 +5,7 @@
 
 ---
 - name: "02 - custom ansible - copy bash config files w/ content"
-  hosts: all
+  hosts: dev
 #  hosts: localhost
 #  connection: local
   tasks:
diff --git a/ansible-practice/system/03-playbook-print-gateway.yml b/ansible-practice/system/03-playbook-print-gateway.yml
index 7fd2277..48fcb90 100644
--- a/ansible-practice/system/03-playbook-print-gateway.yml
+++ b/ansible-practice/system/03-playbook-print-gateway.yml
@@ -6,7 +6,7 @@
 
 ---
 - name: "03 - display some per host info"
-  hosts: all
+  hosts: dev
 #  hosts: localhost
 #  connection: local
   tasks:
diff --git a/ansible-practice/system/04-playbook-bash-configs.yml b/ansible-practice/system/04-playbook-bash-configs.yml
index 99da687..608e761 100644
--- a/ansible-practice/system/04-playbook-bash-configs.yml
+++ b/ansible-practice/system/04-playbook-bash-configs.yml
@@ -3,7 +3,7 @@
 #     - this only works when we create a '/vars' directory w/ our variables in it
 
 ---
-- hosts: all
+- hosts: dev
 #- hosts: localhost
 #  connection: local
   vars_files:
diff --git a/ansible-practice/system/06-playbook-print-group-vars.yml b/ansible-practice/system/06-playbook-print-group-vars.yml
index 850bea2..701503c 100644
--- a/ansible-practice/system/06-playbook-print-group-vars.yml
+++ b/ansible-practice/system/06-playbook-print-group-vars.yml
@@ -41,4 +41,4 @@
 
   - name: Print the group variable
     ansible.builtin.debug:
-      msg: prefix variable = {{ prefix_dir }}
+      msg: prefix variable = {{ home_dir }}
diff --git a/ansible-practice/system/08-playbook-add-gpg-keys.yml b/ansible-practice/system/08-playbook-add-gpg-keys.yml
new file mode 100644
index 0000000..f2592cb
--- /dev/null
+++ b/ansible-practice/system/08-playbook-add-gpg-keys.yml
@@ -0,0 +1,31 @@
+---
+- name: "08 - custom ansible - add slackware-related gpg keys to users keychain"
+  hosts: localhost
+  tasks:
+  - name: Register a variable
+    ansible.builtin.shell: gpg --list-keys
+    register: gpg_results
+
+  - name: add slackware key
+    ansible.builtin.shell: |
+      set timeout 300
+      wget -q -O - https://mirrors.slackware.com/slackware/slackware64-current/GPG-KEY | gpg --import -
+      exit 0
+    when: gpg_results.stdout.find('security@slackware.com') == -1
+    tags: ['slackware_pubkey']
+
+  - name: add slackbuilds key
+    ansible.builtin.shell: |
+      set timeout 300
+      wget -q -O - http://slackbuilds.org/GPG-KEY | gpg --import -
+      exit 0
+    when: gpg_results.stdout.find('slackbuilds-devel@slackbuilds.org') == -1
+    tags: ['slackbuilds_pubkey']
+
+  - name: add alienbob key
+    ansible.builtin.shell: |
+      set timeout 300
+      wget -q -O - http://slackware.com/~alien/alien.gpg.asc | gpg --import -
+      exit 0
+    when: gpg_results.stdout.find('alien@slackware.com') == -1
+    tags: ['alienbob_pubkey']
diff --git a/ansible-practice/system/08-playbook-add-gpg-keys.yml~ b/ansible-practice/system/08-playbook-add-gpg-keys.yml~
new file mode 100644
index 0000000..889d146
--- /dev/null
+++ b/ansible-practice/system/08-playbook-add-gpg-keys.yml~
@@ -0,0 +1,5 @@
+---
+- name: "08 - custom ansible - add slackware-related gpg keys to users keychain"
+  hosts: localhost
+  roles:
+    - bash_config
+\ No newline at end of file
diff --git a/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml b/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml
new file mode 100644
index 0000000..e43553d
--- /dev/null
+++ b/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml
@@ -0,0 +1,49 @@
+# create backup copies of system files on managed node
+#
+#   https://www.freekb.net/Article?id=759
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://phoenixnap.com/kb/ansible-check-if-file-exists
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
+#
+#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
+#   
+
+---
+- name: "09 - custom ansible - backup system files on controller"
+  hosts: localhost
+  tasks:
+  - name: check backup directory status
+    ansible.builtin.stat:
+      path: "{{ backup_etc_dir }}"
+    register: backup_dir
+    tags: ['backup_dir_status']
+
+  - name: create backup directory if it does not exist
+    ansible.builtin.file:
+      path: "{{ backup_etc_dir }}"
+      state: directory
+    when: backup_dir.stat.isdir is not defined
+    tags: ['create_backup_dir']
+
+#- name: Print a debug message
+#  ansible.builtin.debug:
+#    msg: "isdir isn't defined (path doesn't exist)"
+#  when: backup_dir.stat.islnk is not defined
+
+  - name: backup special '/etc/' files locally
+    ansible.builtin.shell: |
+      sudo cp -a /etc/hosts.allow {{ backup_etc_dir }}/
+           cp -a /etc/hosts.deny {{ backup_etc_dir }}/
+	   cp -a /etc/inetd.conf {{ backup_etc_dir }}/
+	   cp -a /etc/sudoers {{ backup_etc_dir }}/
+	   cp -a /etc/hosts {{ backup_etc_dir }}/
+	   cp -a /etc/fstab {{ backup_etc_dir }}/
+	   cp -a /etc/inittab {{ backup_etc_dir }}/
+      exit 0
+    delegate_to: localhost
+    run_once: true
+    when: backup_dir.stat.isdir is defined
+    tags: ['backup_files']
diff --git a/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~ b/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~
new file mode 100644
index 0000000..90ca529
--- /dev/null
+++ b/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~
@@ -0,0 +1,81 @@
+# create backup copies of system files on control node
+#
+#   https://www.freekb.net/Article?id=759
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://phoenixnap.com/kb/ansible-check-if-file-exists
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
+#
+#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
+#   
+#
+#   had to run the command like so:
+#
+#     ansible-playbook 09-playbook-copy-system-files.yml --ask-become-pass
+#     
+#        -or-
+#
+#     ansible-playbook 09-playbook-copy-system-files.yml -K
+#
+#        -or-
+#
+#     ansible-playbook 09-playbook-copy-system-files.yml --become -K
+#
+
+---
+- name: "09 - custom ansible - backup system files"
+  hosts: localhost
+  tasks:
+  - name: check backup directory status
+    ansible.builtin.stat:
+      path: "{{ backup_etc_dir }}"
+    register: backup_dir
+    tags: ['backup_dir_status']
+
+  - name: create backup directory if it does not exist
+    ansible.builtin.file:
+      path: "{{ backup_etc_dir }}"
+      state: directory
+    when: backup_dir.stat.isdir is not defined
+    tags: ['create_backup_dir']
+
+#- name: Print a debug message
+#  ansible.builtin.debug:
+#    msg: "isdir isn't defined (path doesn't exist)"
+#  when: backup_dir.stat.islnk is not defined
+
+#  - name: backup '/etc/fstab' 
+#    ansible.builtin.copy:
+#      src: /etc/fstab
+#      remote_src: true
+#      dest: "{{ backup_etc_dir }}/fstab"
+##      backup: true
+#    when: backup_dir.stat.isdir is defined
+#    delegate_to: localhost
+#    run_once: true
+#    tags: ['fstab']
+
+#  - name: backup '/etc/fstab' locally
+#    ansible.builtin.shell: sudo cp -a /etc/fstab {{ backup_etc_dir }}/
+#    delegate_to: localhost
+#    run_once: true
+#    when: backup_dir.stat.isdir is defined
+#    tags: ['fstab']
+
+  - name: backup special '/etc/' files locally
+    ansible.builtin.shell: |
+      sudo cp -a /etc/hosts.allow {{ backup_etc_dir }}/
+           cp -a /etc/hosts.deny {{ backup_etc_dir }}/
+	   cp -a /etc/inetd.conf {{ backup_etc_dir }}/
+	   cp -a /etc/sudoers {{ backup_etc_dir }}/
+	   cp -a /etc/hosts {{ backup_etc_dir }}/
+	   cp -a /etc/fstab {{ backup_etc_dir }}/
+	   cp -a /etc/inittab {{ backup_etc_dir }}/
+      exit 0
+    delegate_to: localhost
+    run_once: true
+    when: backup_dir.stat.isdir is defined
+    tags: ['fstab']
+
diff --git a/ansible-practice/system/09-playbook-copy-system-files.yml~ b/ansible-practice/system/09-playbook-copy-system-files.yml~
new file mode 100644
index 0000000..17b0f00
--- /dev/null
+++ b/ansible-practice/system/09-playbook-copy-system-files.yml~
@@ -0,0 +1,32 @@
+# reboot a host
+#   https://www.freekb.net/Article?id=3078
+#   https://www.freekb.net/Article?id=2395
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/reboot_module.html
+#
+#   - will need to find another option for reboot cuz this was a wonky behavior from ansible
+#     - it asked me to enter my passphrase 5 times before actually took properly
+#   
+#   had to run the command like so:
+#
+#     ansible-playbook 11-playbook-reboot.yml --ask-become-pass
+#
+#        -or-
+#
+#     ansible-playbook 11-playbook-reboot.yml -K
+#
+#        -or-
+#
+#     ansible-playbook 11-playbook-reboot.yml --become -K
+#
+
+---
+- name: "08 - custom ansible - backup system files"
+  hosts: all
+  tasks:
+    - name: reboot a host
+      ansible.builtin.reboot:
+        msg: "reboot initiated by ansible"
+        connect_timeout: 5
+        post_reboot_delay: 30
+      become: yes
+...
+\ No newline at end of file
diff --git a/ansible-practice/system/10-playbook-copy-system-files-on-node.yml b/ansible-practice/system/10-playbook-copy-system-files-on-node.yml
new file mode 100644
index 0000000..c073d44
--- /dev/null
+++ b/ansible-practice/system/10-playbook-copy-system-files-on-node.yml
@@ -0,0 +1,59 @@
+# create backup copies of system files on control node
+#
+#   https://www.freekb.net/Article?id=759
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://phoenixnap.com/kb/ansible-check-if-file-exists
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
+#
+#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
+#   https://docs.ansible.com/ansible/latest/plugins/become.html
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html
+#
+#   had to run the command like so:
+#
+#     ansible-playbook 10-playbook-copy-system-files-on-node.yml --ask-become-pass
+#     
+#        -or-
+#
+#     ansible-playbook 10-playbook-copy-system-files-on-node.yml -K
+#
+---
+- name: "10 - custom ansible - backup system files on node"
+  hosts: dev
+  tasks:
+  - name: check backup directory status
+    ansible.builtin.stat:
+      path: "{{ backup_etc_dir }}"
+    register: backup_dir
+    tags: ['backup_dir_status']
+
+  - name: create backup directory if it does not exist
+    ansible.builtin.file:
+      path: "{{ backup_etc_dir }}"
+      state: directory
+    become: true
+    become_user: root
+    when: backup_dir.stat.isdir is not defined
+    tags: ['create_backup_dir']
+
+  - name: backup of system files
+    ansible.builtin.copy:
+      src: /etc/{{ item  }}
+      remote_src: true
+      dest: "{{ backup_etc_dir }}/"
+      mode: preserve
+    with_items:
+      - hosts.allow
+      - hosts.deny
+      - inetd.conf
+      - sudoers
+      - hosts
+      - fstab
+      - inittab
+    become: true
+    become_user: root
+    when: backup_dir.stat.isdir is defined
+    tags: ['backup_files']
diff --git a/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~ b/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~
new file mode 100644
index 0000000..460dd21
--- /dev/null
+++ b/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~
@@ -0,0 +1,25 @@
+# create backup copies of system files on control node
+#
+#   https://www.freekb.net/Article?id=759
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
+#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
+#   https://phoenixnap.com/kb/ansible-check-if-file-exists
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
+#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
+#
+#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
+#   
+#
+#   had to run the command like so:
+#
+#     ansible-playbook 10-playbook-copy-system-files-on-node.yml --ask-become-pass
+#     
+#        -or-
+#
+#     ansible-playbook 10-playbook-copy-system-files-on-node.yml -K
+#
+#        -or-
+#
+#     ansible-playbook 10-playbook-copy-system-files-on-node.yml --become -K
+#
diff --git a/ansible-practice/system/11-playbook-herd-new-host.yml b/ansible-practice/system/11-playbook-herd-new-host.yml
new file mode 100644
index 0000000..dd6a204
--- /dev/null
+++ b/ansible-practice/system/11-playbook-herd-new-host.yml
@@ -0,0 +1,7 @@
+#  https://docs.ansible.com/ansible/2.9/user_guide/playbooks_reuse.html
+
+---
+- name: "11 - custom ansible - herd new host"
+  hosts: dev
+  roles:
+    - new_host
+\ No newline at end of file
diff --git a/ansible-practice/system/11-playbook-herd-new-host.yml~ b/ansible-practice/system/11-playbook-herd-new-host.yml~
new file mode 100644
index 0000000..6ffe1ea
--- /dev/null
+++ b/ansible-practice/system/11-playbook-herd-new-host.yml~
@@ -0,0 +1,5 @@
+---
+- name: "11 - custom ansible - herd new host"
+  hosts: localhost
+  roles:
+    - bash_config
+\ No newline at end of file
author	boom2 <blizzack@blizzack.com>	2023-12-14 17:24:25 -0500
committer	boom2 <blizzack@blizzack.com>	2023-12-14 17:24:25 -0500
commit	f30709d7dbe88d82c4df66c476db36cb5c0ce903 (patch)
tree	ca861d7aa3e30c73a4fefeb9186f221cf15a8ff5 /ansible-practice/system
parent	d8a7729358a2fd3b911022e45d0197fda3e5da94 (diff)