From b6fbdbd8e5b9dc7744f2429e67f0e2685968775c Mon Sep 17 00:00:00 2001
From: Thomas Constans <thomas@opendoor.fr>
Date: Tue, 20 Apr 2021 11:10:38 +0200
Subject: [PATCH] mise au point enonce, separation solution

---
 0Readme.md                        | 14 +-------
 setup/tasks/main.yml => setup.yml | 19 ++++-------
 setup/.travis.yml                 | 29 -----------------
 setup/README.md                   | 38 ----------------------
 setup/defaults/main.yml           |  2 --
 setup/handlers/main.yml           |  2 --
 setup/meta/main.yml               | 53 -------------------------------
 setup/tests/inventory             |  2 --
 setup/tests/test.yml              |  5 ---
 setup/vars/main.yml               |  2 --
 setup_role.yml                    |  5 ---
 11 files changed, 7 insertions(+), 164 deletions(-)
 rename setup/tasks/main.yml => setup.yml (53%)
 delete mode 100644 setup/.travis.yml
 delete mode 100644 setup/README.md
 delete mode 100644 setup/defaults/main.yml
 delete mode 100644 setup/handlers/main.yml
 delete mode 100644 setup/meta/main.yml
 delete mode 100644 setup/tests/inventory
 delete mode 100644 setup/tests/test.yml
 delete mode 100644 setup/vars/main.yml
 delete mode 100644 setup_role.yml

diff --git a/0Readme.md b/0Readme.md
index f6ebf4f..c6681bb 100644
--- a/0Readme.md
+++ b/0Readme.md
@@ -10,19 +10,7 @@
 
 Convertir en un rôle nommé "setup" le 1er playbook mis au point lors de l'atelier "adhoc to playbook".
 
-Pour rappel, les commandes AdHoc correspondantes:
-
-```
-ansible localhost -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation" -u formation
-
-ansible cibles -u formation -k -m user -a "user=ansible password={{ '123Soleil2020%'| password_hash( 'sha512', 65534 | random( seed=inventory_hostname ) | string ) }} create_home=yes home=/home/ansible"
-
-ansible cibles -u formation -k -m lineinfile -a "path=/etc/sudoers.d/ansible state=present create=yes line='ansible ALL=(ALL)      NOPASSWD:  ALL' validate='/usr/sbin/visudo -cf %s'"
-
-ansible cibles -u formation -k -m copy -a "dest=/etc/sudoers.d/ansible content='ansible ALL=(ALL)      NOPASSWD:  ALL' validate='/usr/sbin/visudo -cf %s'"
-
-ansible cibles -u formation -k -m authorized_key -a "key={{ lookup( 'file', '~/.ssh/id_rsa.pub') }} user=ansible"
-```
+Pour rappel, ce playbook se trouve dans le fichier setup.yml
 
 ## Performance
 
diff --git a/setup/tasks/main.yml b/setup.yml
similarity index 53%
rename from setup/tasks/main.yml
rename to setup.yml
index a726534..666b960 100644
--- a/setup/tasks/main.yml
+++ b/setup.yml
@@ -1,49 +1,42 @@
+---
+- name: setup target to be managed by ansible
+  hosts: cibles
+  tasks:
   - name: warn people
-    tags: wip
     lineinfile:
       path: /etc/motd
+      create: yes
       line: "Host is managed by ansible, manual interaction not recommended"
       state: present
 
   - name: history
-    tags: wip
     lineinfile:
       path: /etc/history
       line: "{{ '%Y-%m-%d' | strftime }} - {{ ansible_play_name }}"
       state: present
       create: true
 
-# ansible localhost  -u formation  -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation"
   - name: generate ssh keys
-    tags: ssh
     openssh_keypair:
       path: "~/.ssh/id_rsa"
       size: 2048
-      owner: formation
-      group: formation
     delegate_to: localhost
     become: false
 
-# ansible cibles   -m user -a "name=ansible home=/home/ansible password={{ '123Soleil2020%'| password_hash('sha512') }}  create_home=yes"
   - name: create account
-    tags: user
     user:
       name: ansible
-      password: "{{ '123Soleil2020%' | password_hash('sha512') }}"
+      password: "{{ '123Soleil%' | password_hash('sha512',65534|random(seed=inventory_hostname) | string) }}"
       create_home: yes
       home: /home/ansible
 
-# ansible centos -m copy -a "dest=/etc/sudoers.d/ansible content="ansible ALL=(ALL)      NOPASSWD:  ALL validate='/usr/bin/visudo -cf %f'"
   - name: configure sudo
-    tags: sudo
     copy:
       content: "ansible ALL=(ALL)      NOPASSWD:  ALL"
       dest: /etc/sudoers.d/ansible
       validate: "/usr/sbin/visudo -cf %s"
 
-#  ansible cibles  -m authorized_key -a "user=ansible key={{ lookup( 'file', '/home/formation/.ssh/id_rsa.pub') }}"
   - name: deploy ssh key
-    tags: ssh
     authorized_key:
       user: ansible
       key: "{{ item }}"
diff --git a/setup/.travis.yml b/setup/.travis.yml
deleted file mode 100644
index 36bbf62..0000000
--- a/setup/.travis.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-language: python
-python: "2.7"
-
-# Use the new container infrastructure
-sudo: false
-
-# Install ansible
-addons:
-  apt:
-    packages:
-    - python-pip
-
-install:
-  # Install ansible
-  - pip install ansible
-
-  # Check ansible version
-  - ansible --version
-
-  # Create ansible.cfg with correct roles_path
-  - printf '[defaults]\nroles_path=../' >ansible.cfg
-
-script:
-  # Basic role syntax check
-  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
-
-notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
\ No newline at end of file
diff --git a/setup/README.md b/setup/README.md
deleted file mode 100644
index f782480..0000000
--- a/setup/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-Role Name
-=========
-
-Setup a host for ansible management
-
-Requirements
-------------
-
-None
-
-Role Variables
---------------
-
-None
-
-Dependencies
-------------
-
-None
-
-Example Playbook
-----------------
-
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
-
-    - hosts: servers
-      roles:
-         - setup
-
-License
--------
-
-BSD
-
-Author Information
-------------------
-
-Thomas C <thomas@opendoor.fr>
diff --git a/setup/defaults/main.yml b/setup/defaults/main.yml
deleted file mode 100644
index 75c4251..0000000
--- a/setup/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# defaults file for setup
\ No newline at end of file
diff --git a/setup/handlers/main.yml b/setup/handlers/main.yml
deleted file mode 100644
index 29dbaa7..0000000
--- a/setup/handlers/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# handlers file for setup
\ No newline at end of file
diff --git a/setup/meta/main.yml b/setup/meta/main.yml
deleted file mode 100644
index 227ad9c..0000000
--- a/setup/meta/main.yml
+++ /dev/null
@@ -1,53 +0,0 @@
-galaxy_info:
-  author: your name
-  description: your role description
-  company: your company (optional)
-
-  # If the issue tracker for your role is not on github, uncomment the
-  # next line and provide a value
-  # issue_tracker_url: http://example.com/issue/tracker
-
-  # Choose a valid license ID from https://spdx.org - some suggested licenses:
-  # - BSD-3-Clause (default)
-  # - MIT
-  # - GPL-2.0-or-later
-  # - GPL-3.0-only
-  # - Apache-2.0
-  # - CC-BY-4.0
-  license: license (GPL-2.0-or-later, MIT, etc)
-
-  min_ansible_version: 2.9
-
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
-  # min_ansible_container_version:
-
-  #
-  # Provide a list of supported platforms, and for each platform a list of versions.
-  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
-  # To view available platforms and versions (or releases), visit:
-  # https://galaxy.ansible.com/api/v1/platforms/
-  #
-  # platforms:
-  # - name: Fedora
-  #   versions:
-  #   - all
-  #   - 25
-  # - name: SomePlatform
-  #   versions:
-  #   - all
-  #   - 1.0
-  #   - 7
-  #   - 99.99
-
-  galaxy_tags: []
-    # List tags for your role here, one per line. A tag is a keyword that describes
-    # and categorizes the role. Users find roles by searching for tags. Be sure to
-    # remove the '[]' above, if you add tags to this list.
-    #
-    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
-    #       Maximum 20 tags per role.
-
-dependencies: []
-  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
-  # if you add dependencies to this list.
-  
\ No newline at end of file
diff --git a/setup/tests/inventory b/setup/tests/inventory
deleted file mode 100644
index 878877b..0000000
--- a/setup/tests/inventory
+++ /dev/null
@@ -1,2 +0,0 @@
-localhost
-
diff --git a/setup/tests/test.yml b/setup/tests/test.yml
deleted file mode 100644
index c1e233b..0000000
--- a/setup/tests/test.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- hosts: localhost
-  remote_user: root
-  roles:
-    - setup
\ No newline at end of file
diff --git a/setup/vars/main.yml b/setup/vars/main.yml
deleted file mode 100644
index 0905b6c..0000000
--- a/setup/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# vars file for setup
\ No newline at end of file
diff --git a/setup_role.yml b/setup_role.yml
deleted file mode 100644
index b0be167..0000000
--- a/setup_role.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: setup target to be managed by ansible using setup role
-  hosts: centos
-  roles:
-  - setup
\ No newline at end of file