initial commit

0Readme.md

@@ -0,0 +1,18 @@
+# Rôle
+----------
+
+*Tâche*: Écrire un rôle
+
+*Condition*: pour améliorer l'organisation et la maintenance de nos playbooks
+
+*Norme*: ansible-galaxy, vim
+
+## Pratique:*
+
+Convertir en un rôle nommé "setup" notre précédent playbook.
+
+Écrire un playbook permettant de lier nos machines à ce playbook
+
+## Performance
+
+Le playbook s'exécute correctement, le rôle est joué sur les machines cibles

setup/.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

setup/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+Setup a host for ansible management
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - setup
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Thomas C <thomas@opendoor.fr>

setup/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for setup

setup/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for setup

setup/meta/main.yml

@@ -0,0 +1,53 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.9
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
+  

setup/tasks/main.yml

@@ -0,0 +1,52 @@
+  - name: warn people
+    tags: wip
+    lineinfile:
+      path: /etc/motd
+      line: "Host is managed by ansible, manual interaction not recommended"
+      state: present
+
+  - name: history
+    tags: wip
+    lineinfile:
+      path: /etc/history
+      line: "{{ '%Y-%m-%d' | strftime }} - {{ ansible_play_name }}"
+      state: present
+      create: true
+
+# ansible localhost  -u formation  -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation"
+  - name: generate ssh keys
+    tags: ssh
+    openssh_keypair:
+      path: "~/.ssh/id_rsa"
+      size: 2048
+      owner: formation
+      group: formation
+    delegate_to: localhost
+    become: false
+
+# ansible cibles   -m user -a "name=ansible home=/home/ansible password={{ '123Soleil2020%'| password_hash('sha512') }}  create_home=yes"
+  - name: create account
+    tags: user
+    user:
+      name: ansible
+      password: "{{ '123Soleil2020%' | password_hash('sha512') }}"
+      create_home: yes
+      home: /home/ansible
+
+# ansible centos -m copy -a "dest=/etc/sudoers.d/ansible content="ansible ALL=(ALL)      NOPASSWD:  ALL validate='/usr/bin/visudo -cf %f'"
+  - name: configure sudo
+    tags: sudo
+    copy:
+      content: "ansible ALL=(ALL)      NOPASSWD:  ALL"
+      dest: /etc/sudoers.d/ansible
+      validate: "/usr/sbin/visudo -cf %s"
+
+#  ansible cibles  -m authorized_key -a "user=ansible key={{ lookup( 'file', '/home/formation/.ssh/id_rsa.pub') }}"
+  - name: deploy ssh key
+    tags: ssh
+    authorized_key:
+      user: ansible
+      key: "{{ item }}"
+    loop:
+    - "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"
+    - "https://infra.opendoor.fr/id_rsa.pub"

setup/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

setup/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - setup

setup/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for setup

setup_role.yml

@@ -0,0 +1,5 @@
+---
+- name: setup target to be managed by ansible using setup role
+  hosts: centos
+  roles:
+  - setup