From 8b09775b21573ddc2c354235b5c2d894dfa5bfc0 Mon Sep 17 00:00:00 2001
From: Thomas Constans <thomas@opendoor.fr>
Date: Tue, 22 Sep 2020 15:42:05 +0200
Subject: [PATCH] initial commit

---
 0Readme.md              |  18 ++++++++++++++
 setup.tgz               | Bin 0 -> 20480 bytes
 setup/.travis.yml       |  29 ++++++++++++++++++++++
 setup/README.md         |  38 ++++++++++++++++++++++++++++
 setup/defaults/main.yml |   2 ++
 setup/handlers/main.yml |   2 ++
 setup/meta/main.yml     |  53 ++++++++++++++++++++++++++++++++++++++++
 setup/tasks/main.yml    |  52 +++++++++++++++++++++++++++++++++++++++
 setup/tests/inventory   |   2 ++
 setup/tests/test.yml    |   5 ++++
 setup/vars/main.yml     |   2 ++
 setup_role.yml          |   5 ++++
 12 files changed, 208 insertions(+)
 create mode 100644 0Readme.md
 create mode 100644 setup.tgz
 create mode 100644 setup/.travis.yml
 create mode 100644 setup/README.md
 create mode 100644 setup/defaults/main.yml
 create mode 100644 setup/handlers/main.yml
 create mode 100644 setup/meta/main.yml
 create mode 100644 setup/tasks/main.yml
 create mode 100644 setup/tests/inventory
 create mode 100644 setup/tests/test.yml
 create mode 100644 setup/vars/main.yml
 create mode 100644 setup_role.yml

diff --git a/0Readme.md b/0Readme.md
new file mode 100644
index 0000000..2caf7a7
--- /dev/null
+++ b/0Readme.md
@@ -0,0 +1,18 @@
+# Rôle
+----------
+
+*Tâche*: Écrire un rôle
+
+*Condition*: pour améliorer l'organisation et la maintenance de nos playbooks
+
+*Norme*: ansible-galaxy, vim
+
+## Pratique:*
+
+Convertir en un rôle nommé "setup" notre précédent playbook.
+
+Écrire un playbook permettant de lier nos machines à ce playbook
+
+## Performance
+
+Le playbook s'exécute correctement, le rôle est joué sur les machines cibles
diff --git a/setup.tgz b/setup.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..866a54ea835d8a0e99edcc35d511301c5897fed6
GIT binary patch
literal 20480
zcmeHOZExGi5%y>Pih+YbHel-2vKpa2)N#@_K#~jMw8i0i5Z2^MB202wE@@l6yZ-h*
zv%92e#kG~5Wh5>2!4h|8XJ?<8otd4bwJgf4x3kqxAD_u&yo0adXgF+sa~FSh2BXPn
zI2a8l{llI9pg)=ncWAs-sT}iC7a}LxDO7UrbPx64JNWDE)JFe>OtM%MQg6i)Sizg>
z|7h5U{)eNZajXBQuo|oXL>6Kzsy9pca{UiRgI51fq5hqQ{u2?U-Bl7l`n;_Fqa*nB
zyZ!%Ya5%30zuW(lqsb2SA6=3=82+F8|AmOf^=cNSb2asdL|H6VKBbi^b4o=b(H2S_
z<WW{cDs>&Xie<AIM1e{&k**wpd!jvMhKYFJ1I;sfGpAxHDbl)>ROBMKkU7m&Zs#*>
zBTcC)NTsxhie-6zKxGPciA)O~YuKdnx}Z2pC5beoELWFNh~IQ6;?h!>8D?&VS((RE
zS{6k%?e*lfK&+Ep@a!3?o};o7o-UQrj#m_7l0c?-e)Edvxk?NZ4K6whue&N=kWX4A
zl61LPNL|Q!gl06Kq5I|8D}Usl#-aq9y-?0Y85jGm^WB?I?$@6_y!D6OzOQnh199GH
z9&vLTuUykfCW578V%Knb>c9NKKQzxy-f1oP-a6w0!lVZzi@@k4iPD)!b#xxf*`>_2
zQSz|+qM<KnM9`^93-|}9>vbwX91?5mpa!4S3SLoCCUj!?HO4s3T_bUG%AjIfPi`hQ
zbRTNH#*v0a%z<*2shm;fYz20c=mTQ{Y(f&S)a{VC8sz5Ic5+xCY@0%rb_%+R^pXli
zGA$FC19lQ|Ow|Bmn1V8q7g12g$P%krVUtj12gDuA^^>B@NM4b+6j99Z)TF=;CR(%H
zgP^&LrO;CEA7GG<3Tr8Bo@`lmLw21`jG2lo>Rk?c)$F>*@EC~drpnrQ%TDQ!GE})R
z6jaY`NeCthxm}-6!?F44o6SC@GZ^y+hwVn=2hI$c@1*AX;zjp`F(Kz(3bD{r`tc_a
z@UD2v`sB8?y}y(>OiE#2XD~G0;9WXlLU;^l^g^z#R35?&h{Cy_bEzFqhB<%=7b=hb
zDYfx4Y@%KIi-uj(JOTkXXgXh!mLd<9QMxb^uqa)6$=f)GUs8@`E)#W$XP9>9$DcYR
z&hdCaku@O^LK0pB45(N_KsGow2df-j=lkzJy`J8zAdZrVjTZw1X-p0~F$-dMnMWF3
zFme%ROJNK$3Mg0#cuDvJW4_GOe%^^|v(<)uD+A+YR_l48%w!tMG>Bw{xkKDIb*2J%
zH#Bq?>Ni-xT<<~w>wMNk;ugnsMD7T?ZPV9*fX)B9h=K4$Tgm=*IPbeJ|HEm2w4VPR
zqFm7Ce@|c{zVCanNEfA8AaG<Wq<^VrzoxW1>`rz)?-{#L;|5d2xH@DLlEz%<A}@mi
ze$&%ssHQX*v6ejMO^V72!l{d79{i<BO<E)}6Y~h6HMqdMrjY}Po!8Hz%=02U+(xZ+
zUWPczAi?c9j8{5c%HX1!whDjfLEv+ViSN6B>~g+bn%Hl9yTN>c%%E6erFkxc!bXi*
zCW@uu0#}_DbA$w!%;}&0o|?d7NRGSRUWdM`<M({wc{YExOL-|Y{JQbNdWD?o8a^KK
zHs$jX)>r3BT@WfVh3@fR-kRh`t|dw@kq@hUMZRyj_?C-@+&P*@2!u%F46ax594YMu
zLczls#;w8Is|P%RS+`Sch=8mA34O7h+8>L-{(r;z-+07zg27-sJZ$TK8>;X(ku~+d
ztpd;k@qaWps^kBtKW6=p29tgp|9_KWHyq4i(H<JFM4sZ@rBEC}Fd}oVm?98n=7|qu
zi1$$}IgIg#<KdKgC?xa}RfMjU>5w@5S>c3-Gf^T^1o)7TTrMIWa9b&2#BLmGaJE69
zG8G?$T2tl;Ww`5@A-ETumE=+*+;On3gvEJ_!=It!L)eCbHiwZpU_#cPf2Pj!AN=Qu
z|2*u_FNBO{UPLJB{Q4{AL$8y3#$kEJV4>$fh-je+OhPe5g$v~<q(W8R5vxGNONNI0
zl24wAiPLyWNZ~}L^>T(oZYH9fd_lVm@o{g7GkLEj?sY-ci^5s11*t1kWRB}TTI8zC
zZk}1l3bBO*DW^FY&L?SmZnoH=$soBV!);CP{;N54y?z|Fr!?#z{?2e9D-zPcYH_aF
zNVeV_q7t%zOtS)sV-1cOan9BN&UHFjVHj|!N&{zLhANB&ij{I)Q7~Q(wW=u-TJuT!
zn01ZYr869Yqj=aK_MdltfhF7C*;44`UPmv*crfhjv;N7da%On0q;4W=yGR6qDq)?h
zdJ89uWghuQ1)|+#P9O(LHL)|oHNjwt6~X6{RrojLL+#a7Lx@;jY))f3)tn7OL{YO)
znjs8Sh9nZUhAMAyY<4r}@mz2Sdlh_~@?*sDZq;z|_U-W={_I<OfB*f5le4qGy_yoC
zk;|}A2(=z}dZo^L=TX|j;SyZQ59aiI-noUMf>&8^-GwO{DAtcGVuhlU1b}TMN`(?H
z&iSg(R_An42@TdpYP~KtbPojUy<FKLFtkN;Y=n?^uR)VFUmGME+3;ed;bpc*9rmJ~
z1M1wfv%6V&ZY;0~6>2Q8LhZ_K;3iaV|K1j)!pvA<CAV8GM6yPQf>ctwGf0@(QND4D
zpGkbn1sEBLw~2)rW2z&DIT?1@orFr|-FfaD77y9oFfz4dPl15V|31DxdG+pfHwm{g
z<pcR&e=<C(>p%AWkHOLSsLlVjqKq}BAGsX-o-g{2tB>cM@k=47QJYi+k-TyqE}i4M
zIM4ei|4~LL4&y<4C?nM$&wGy&J_wlgUqv4Ag~)9Z6rCK=t41aIPA;$QeI4Oe!qh}=
z5%HX!_a+VEGUQ^uNXgyraV34JuDI3?|JS%*+~f6_x=|XSm~RR_mz9tv;38d(QW6>u
zIe_8f`@Xq=h_A#7x0ARMG`9xqSGoF+i&NuOeS;TLQM7Y?$+=on8mfFT=Pl?5yq@>g
z-Yr%O@;qD>dfth-fkpM~CWESxt$%plr=?0D;wk+e6+8U;L&MpA=dCIEo=3a?t4h{(
zYCd0Z{vW#g|G@<NzkUDf9>qOU*P8yfQUZ9$|My4h?|+~QG;00-BdPdaHtay3;Xcs3
zmcX~9@Y(Dkja}S3vhDm|K)~*Q1i<Z;f4`*u>-_&<blATC`y}So(EnC^KQH28|39en
ze;fZt{eJ8JpG5!G|MUKDegBgH{*_H)_di}Z3S%5uzMlM_-~Vm%|Lq&gn*O&E10MGO
zpXdK0-2b-ke{Wy^*8f-gzl{OgNBrxW!R~+ip3$}>`||qFU_2VM{(oEgX!339zkaK%
zN$?22AN2o&`uz`g{u_<k{QnVv-+;x<t@{@gjW^)il6)HoH1~h?p6O#t{^0(fOxDl;
z!%_SHe~+z(JNa?`S6^J+I0G{O_JKEZ?8^hWQv8BT<0{MDV%^EJZTxl+u=}6O{#!cy
r1B(A5|2v$t`QNu=M6IMP0xbe90xbe90xbe90xbe90xbgH1OopCoZtWB

literal 0
HcmV?d00001

diff --git a/setup/.travis.yml b/setup/.travis.yml
new file mode 100644
index 0000000..36bbf62
--- /dev/null
+++ b/setup/.travis.yml
@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/
\ No newline at end of file
diff --git a/setup/README.md b/setup/README.md
new file mode 100644
index 0000000..f782480
--- /dev/null
+++ b/setup/README.md
@@ -0,0 +1,38 @@
+Role Name
+=========
+
+Setup a host for ansible management
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - setup
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Thomas C <thomas@opendoor.fr>
diff --git a/setup/defaults/main.yml b/setup/defaults/main.yml
new file mode 100644
index 0000000..75c4251
--- /dev/null
+++ b/setup/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for setup
\ No newline at end of file
diff --git a/setup/handlers/main.yml b/setup/handlers/main.yml
new file mode 100644
index 0000000..29dbaa7
--- /dev/null
+++ b/setup/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for setup
\ No newline at end of file
diff --git a/setup/meta/main.yml b/setup/meta/main.yml
new file mode 100644
index 0000000..227ad9c
--- /dev/null
+++ b/setup/meta/main.yml
@@ -0,0 +1,53 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.9
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
+  
\ No newline at end of file
diff --git a/setup/tasks/main.yml b/setup/tasks/main.yml
new file mode 100644
index 0000000..a726534
--- /dev/null
+++ b/setup/tasks/main.yml
@@ -0,0 +1,52 @@
+  - name: warn people
+    tags: wip
+    lineinfile:
+      path: /etc/motd
+      line: "Host is managed by ansible, manual interaction not recommended"
+      state: present
+
+  - name: history
+    tags: wip
+    lineinfile:
+      path: /etc/history
+      line: "{{ '%Y-%m-%d' | strftime }} - {{ ansible_play_name }}"
+      state: present
+      create: true
+
+# ansible localhost  -u formation  -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation"
+  - name: generate ssh keys
+    tags: ssh
+    openssh_keypair:
+      path: "~/.ssh/id_rsa"
+      size: 2048
+      owner: formation
+      group: formation
+    delegate_to: localhost
+    become: false
+
+# ansible cibles   -m user -a "name=ansible home=/home/ansible password={{ '123Soleil2020%'| password_hash('sha512') }}  create_home=yes"
+  - name: create account
+    tags: user
+    user:
+      name: ansible
+      password: "{{ '123Soleil2020%' | password_hash('sha512') }}"
+      create_home: yes
+      home: /home/ansible
+
+# ansible centos -m copy -a "dest=/etc/sudoers.d/ansible content="ansible ALL=(ALL)      NOPASSWD:  ALL validate='/usr/bin/visudo -cf %f'"
+  - name: configure sudo
+    tags: sudo
+    copy:
+      content: "ansible ALL=(ALL)      NOPASSWD:  ALL"
+      dest: /etc/sudoers.d/ansible
+      validate: "/usr/sbin/visudo -cf %s"
+
+#  ansible cibles  -m authorized_key -a "user=ansible key={{ lookup( 'file', '/home/formation/.ssh/id_rsa.pub') }}"
+  - name: deploy ssh key
+    tags: ssh
+    authorized_key:
+      user: ansible
+      key: "{{ item }}"
+    loop:
+    - "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"
+    - "https://infra.opendoor.fr/id_rsa.pub"
\ No newline at end of file
diff --git a/setup/tests/inventory b/setup/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/setup/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/setup/tests/test.yml b/setup/tests/test.yml
new file mode 100644
index 0000000..c1e233b
--- /dev/null
+++ b/setup/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - setup
\ No newline at end of file
diff --git a/setup/vars/main.yml b/setup/vars/main.yml
new file mode 100644
index 0000000..0905b6c
--- /dev/null
+++ b/setup/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for setup
\ No newline at end of file
diff --git a/setup_role.yml b/setup_role.yml
new file mode 100644
index 0000000..b0be167
--- /dev/null
+++ b/setup_role.yml
@@ -0,0 +1,5 @@
+---
+- name: setup target to be managed by ansible using setup role
+  hosts: centos
+  roles:
+  - setup
\ No newline at end of file