diff options
Diffstat (limited to 'home/.ansible/roles/new_host/tasks')
6 files changed, 173 insertions, 0 deletions
diff --git a/home/.ansible/roles/new_host/tasks/backup_system_files.yml b/home/.ansible/roles/new_host/tasks/backup_system_files.yml new file mode 100644 index 0000000..d04a45a --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/backup_system_files.yml @@ -0,0 +1,60 @@ +# - a bit of a contrived example of backing up files on a managed host +# +# https://stackoverflow.com/questions/24162996/how-to-move-rename-a-file-using-an-ansible-task-on-a-remote-system + +--- +- name: check backup directory status + ansible.builtin.stat: + path: "{{ backup_etc_dir }}" + register: backup_dir + tags: ['backup_dir_status'] + +- name: create backup directory if it does not exist + ansible.builtin.file: + path: "{{ backup_etc_dir }}" + state: directory + become: true + become_user: root + when: backup_dir.stat.isdir is not defined + tags: ['create_backup_dir'] + +- name: backup of system files + ansible.builtin.copy: + src: /etc/{{ item }} + remote_src: true + dest: "{{ backup_etc_dir }}/" + mode: preserve + with_items: + - hosts.allow~ + - hosts.deny~ + - inetd.conf + - sudoers.dist + - hosts + - fstab + - inittab + become: true + become_user: root + tags: ['backup_system_files'] + +- name: backup slackpkg files + ansible.builtin.copy: + src: /etc/slackpkg/{{ item }} + remote_src: true + dest: "{{ backup_etc_dir }}/" + mode: preserve + with_items: + - blacklist~ + - mirrors~ + become: true + become_user: root + tags: ['backup_slackpkg_files'] + +- name: rename our test files + ansible.builtin.shell: | + sudo mv {{ backup_etc_dir }}/hosts.allow~ {{ backup_etc_dir }}/hosts.allow + sudo mv {{ backup_etc_dir }}/hosts.deny~ {{ backup_etc_dir }}/hosts.deny + sudo mv {{ backup_etc_dir }}/sudoers.dist {{ backup_etc_dir }}/sudoers + sudo mv {{ backup_etc_dir }}/blacklist~ {{ backup_etc_dir }}/blacklist + sudo mv {{ backup_etc_dir }}/mirrors~ {{ backup_etc_dir }}/mirrors + exit 0 + tags: ['rename_files'] diff --git a/home/.ansible/roles/new_host/tasks/backup_system_files.yml~ b/home/.ansible/roles/new_host/tasks/backup_system_files.yml~ new file mode 100644 index 0000000..3c899e5 --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/backup_system_files.yml~ @@ -0,0 +1,34 @@ +--- +- name: check backup directory status + ansible.builtin.stat: + path: "{{ backup_etc_dir }}" + register: backup_dir + tags: ['backup_dir_status'] + +- name: create backup directory if it does not exist + ansible.builtin.file: + path: "{{ backup_etc_dir }}" + state: directory + become: true + become_user: root + when: backup_dir.stat.isdir is not defined + tags: ['create_backup_dir'] + +- name: backup of system files + ansible.builtin.copy: + src: /etc/{{ item }} + remote_src: true + dest: "{{ backup_etc_dir }}/" + mode: preserve + with_items: + - hosts.allow + - hosts.deny + - inetd.conf + - sudoers + - hosts + - fstab + - inittab + become: true + become_user: root + when: backup_dir.stat.isdir is defined + tags: ['backup_files'] diff --git a/home/.ansible/roles/new_host/tasks/main.yml b/home/.ansible/roles/new_host/tasks/main.yml new file mode 100644 index 0000000..fdbb644 --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/main.yml @@ -0,0 +1,8 @@ +# https://docs.ansible.com/ansible/2.9/user_guide/playbooks_reuse_includes.html#including-and-importing-task-files +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/import_playbook_module.html +--- +- name: backup system files + ansible.builtin.import_tasks: backup_system_files.yml + +- name: update system files + ansible.builtin.import_tasks: update_system_files.yml diff --git a/home/.ansible/roles/new_host/tasks/main.yml~ b/home/.ansible/roles/new_host/tasks/main.yml~ new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/main.yml~ diff --git a/home/.ansible/roles/new_host/tasks/update_system_files.yml b/home/.ansible/roles/new_host/tasks/update_system_files.yml new file mode 100644 index 0000000..90e0851 --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/update_system_files.yml @@ -0,0 +1,64 @@ +# - a sample / example of copying files from the controller to the managed nodes +# - and/or updating files in place +# +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/lineinfile_module.html +# https://docs.python.org/3/library/re.html +# https://pythex.org/ + +# + +--- +- name: copy 'hosts.allow' to node(s) + ansible.builtin.copy: + src: hosts.allow + dest: "{{ backup_etc_dir }}/hosts.allow" + owner: root + group: root + mode: '0644' + tags: ['hosts.allow'] + +- name: copy 'hosts.deny' to node(s) + ansible.builtin.copy: + src: hosts.deny + dest: "{{ backup_etc_dir }}/hosts.deny" + owner: root + group: root + mode: '0644' + tags: ['hosts.deny'] + +- name: Validate the sudoers file before saving + ansible.builtin.lineinfile: + path: "{{ backup_etc_dir }}/sudoers" + state: present + regexp: '^# %wheel ALL=\(ALL:ALL\) ALL' + line: '%wheel ALL=(ALL:ALL) ALL' + validate: /usr/sbin/visudo -cf %s + tags: ['sudoers'] + +- name: copy 'rc.firewall' to node(s) + ansible.builtin.copy: + src: rc.firewall + dest: "{{ backup_etc_dir }}/rc.firewall" + owner: root + group: root + mode: '0755' + tags: ['rc.firewall'] + +- name: update slackpg mirror + ansible.builtin.lineinfile: + path: "{{ backup_etc_dir }}/mirrors" + state: present +# # slackware-current +# regexp: '^# https://mirror.slackbuilds.org/slackware/slackware64-current/' +# line: 'https://mirror.slackbuilds.org/slackware/slackware64-current/' + # slackware-15.0 + regexp: '^# https://mirror.slackbuilds.org/slackware/slackware64-15.0/' + line: 'https://mirror.slackbuilds.org/slackware/slackware64-15.0/' + tags: ['slackpkg_mirrors'] + + +#- name: update slackpg blacklist +# ansible.builtin.replace: +# path: "{{ backup_etc_dir }}/blacklist" + diff --git a/home/.ansible/roles/new_host/tasks/update_system_files.yml~ b/home/.ansible/roles/new_host/tasks/update_system_files.yml~ new file mode 100644 index 0000000..f5e331b --- /dev/null +++ b/home/.ansible/roles/new_host/tasks/update_system_files.yml~ @@ -0,0 +1,7 @@ +--- +- name: copy '.bash_aliases' + ansible.builtin.copy: + src: .bash_aliases + dest: "{{ backup_etc_dir }}/.bash_aliases" + mode: '0644' + tags: ['bash_aliases'] |