tom/sib_15_roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: tom:719dd8618bcf9843f20536c347ed6398cb2c1ea7
Branches Tags
tom:master tom:solution tom:solution_setup tom:master_setup tom:apache_solution tom:solution_var tom:solutionApache
...
compare: tom:apache_solution
Branches Tags
tom:solution tom:solution_setup tom:master_setup tom:apache_solution tom:master tom:solution_var tom:solutionApache

6 Commits
719dd8618b ... apache_sol

Author SHA1 Message Date
Thomas Constans
d5ffc62bca mise au point 2021-11-30 10:55:41 +01:00
Thomas Constans
b6e736e264 solution apache 2021-11-30 10:51:49 +01:00
Thomas Constans
7c7e0658fc back to apache 2021-11-30 10:46:03 +01:00
Thomas Constans
a41ee487a4 rename readme 2021-11-16 09:35:03 +01:00
Thomas Constans
8a2930d635 ajout fichier src 2021-06-10 13:55:45 +02:00
Thomas Constans
b6fbdbd8e5 mise au point enonce, separation solution 2021-04-20 11:10:38 +02:00
20 changed files with 96 additions and 119 deletions
Expand all files Collapse all files

29
0Readme.md
View File

@@ -1,29 +0,0 @@
## Rôles
**Tâche**: Écrire un rôle
**Condition**: pour améliorer l'organisation et la maintenance de nos playbooks
**Norme**: ansible-galaxy, vim
## Pratique:
Convertir en un rôle nommé "setup" le 1er playbook mis au point lors de l'atelier "adhoc to playbook".
Pour rappel, les commandes AdHoc correspondantes:
```
ansible localhost -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation" -u formation
ansible cibles -u formation -k -m user -a "user=ansible password={{ '123Soleil2020%'| password_hash( 'sha512', 65534 | random( seed=inventory_hostname ) | string ) }} create_home=yes home=/home/ansible"
ansible cibles -u formation -k -m lineinfile -a "path=/etc/sudoers.d/ansible state=present create=yes line='ansible ALL=(ALL) NOPASSWD: ALL' validate='/usr/sbin/visudo -cf %s'"
ansible cibles -u formation -k -m copy -a "dest=/etc/sudoers.d/ansible content='ansible ALL=(ALL) NOPASSWD: ALL' validate='/usr/sbin/visudo -cf %s'"
ansible cibles -u formation -k -m authorized_key -a "key={{ lookup( 'file', '~/.ssh/id_rsa.pub') }} user=ansible"
```
## Performance
Le playbook s'exécute correctement, le rôle est joué sur les machines cibles

23
1dependances.md
View File

@@ -1,23 +0,0 @@
## Dépendances entre rôles
**Tâche**: Écrire un rôle dépendant d'un autre
**Condition**: pour améliorer l'organisation et la maintenance de nos playbooks
**Norme**: ansible-galaxy, vim, meta
### Préparation
Créez un rôle "vim" qui s'assure:
- de la présence du paquet vim-enhanced
- de l'absence du paquet nano
- de la présence du fichier https://cours.opendoor.fr/Fichiers/vimrc dans /etc/vimrc
### Pratique
Faire en sorte que ce rôle "vim" dépende du rôle "setup" précédemment mis en place, c'est à dire que utiliser le rôle "vim" entraîne automatiquement l'utilisation du rôle "setup"
### Validation
Les 2 rôles sont exécutés

21
Readme.md Normal file
View File

@@ -0,0 +1,21 @@
## Rôles
**Tâche**: Écrire un rôle
**Condition**: pour améliorer l'organisation et la maintenance de nos playbooks
**Norme**: ansible-galaxy, vim
## Pratique:
Convertir en un rôle nommé "apache" le 1er playbook mis au point lors de l'atelier "handlers".
Vous pouvez récupérer ce playbook via la commande:
```bash
git clone -b solution https://infra.opendoor.fr/git/tom/sib_12_handlers
```
## Performance
Le playbook s'exécute correctement, le rôle est joué sur les machines cibles

5
apache.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- hosts: centos
name: install apache from role
roles:
- tco.apache

2
setup/defaults/main.yml
View File

@@ -1,2 +0,0 @@
---
# defaults file for setup

2
setup/handlers/main.yml
View File

@@ -1,2 +0,0 @@
---
# handlers file for setup

52
setup/tasks/main.yml
View File

@@ -1,52 +0,0 @@
- name: warn people
tags: wip
lineinfile:
path: /etc/motd
line: "Host is managed by ansible, manual interaction not recommended"
state: present
- name: history
tags: wip
lineinfile:
path: /etc/history
line: "{{ '%Y-%m-%d' | strftime }} - {{ ansible_play_name }}"
state: present
create: true
# ansible localhost -u formation -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation"
- name: generate ssh keys
tags: ssh
openssh_keypair:
path: "~/.ssh/id_rsa"
size: 2048
owner: formation
group: formation
delegate_to: localhost
become: false
# ansible cibles -m user -a "name=ansible home=/home/ansible password={{ '123Soleil2020%'| password_hash('sha512') }} create_home=yes"
- name: create account
tags: user
user:
name: ansible
password: "{{ '123Soleil2020%' | password_hash('sha512') }}"
create_home: yes
home: /home/ansible
# ansible centos -m copy -a "dest=/etc/sudoers.d/ansible content="ansible ALL=(ALL) NOPASSWD: ALL validate='/usr/bin/visudo -cf %f'"
- name: configure sudo
tags: sudo
copy:
content: "ansible ALL=(ALL) NOPASSWD: ALL"
dest: /etc/sudoers.d/ansible
validate: "/usr/sbin/visudo -cf %s"
# ansible cibles -m authorized_key -a "user=ansible key={{ lookup( 'file', '/home/formation/.ssh/id_rsa.pub') }}"
- name: deploy ssh key
tags: ssh
authorized_key:
user: ansible
key: "{{ item }}"
loop:
- "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"
- "https://infra.opendoor.fr/id_rsa.pub"

2
setup/vars/main.yml
View File

@@ -1,2 +0,0 @@
---
# vars file for setup

5
setup_role.yml
View File

@@ -1,5 +0,0 @@
---
- name: setup target to be managed by ansible using setup role
hosts: centos
roles:
- setup

0
setup/.travis.yml → tco.apache/.travis.yml
View File

6
setup/README.md → tco.apache/README.md
View File

@@ -1,7 +1,7 @@
Role Name Role Name
========= =========
Setup a host for ansible management Install apache
Requirements Requirements
------------ ------------
@@ -23,9 +23,9 @@ Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers - hosts: centos
roles: roles:
- setup - tco.apache
License License
------- -------

2
tco.apache/defaults/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# defaults file for tco.apache

6
tco.apache/handlers/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# handlers file for tco
- name: restart apache
service:
name: httpd
state: restarted

0
setup/meta/main.yml → tco.apache/meta/main.yml
View File

39
tco.apache/tasks/main.yml Normal file
View File

@@ -0,0 +1,39 @@
---
- name: install apache
yum:
name: httpd
state: latest
- name: conf httpd
template:
src: vhost.conf
dest: /etc/httpd/conf.d/vhost.conf
mode: 0640
owner: root
group: apache
notify: restart apache
- name: activate apache
service:
name: httpd
enabled: yes
state: started
- name: open firewall port
firewalld:
service: http
permanent: yes
immediate: yes
state: enabled
ignore_errors: yes
- name: create documentroot
file:
name: /var/www/html/orsys.fr
state: directory
- name: create index file
template:
src: index.txt
dest: /var/www/html/orsys.fr/index.html
mode: 0644

1
tco.apache/templates/index.txt Normal file
View File

@@ -0,0 +1 @@
<span style="text-align: center;background-color: #FD5401; font-size: 42px;">Hello World</span>

16
tco.apache/templates/vhost.conf Normal file
View File

@@ -0,0 +1,16 @@
<VirtualHost *:80>
ServerName orsys.fr
ServerAlias www.orsys.fr
DocumentRoot /var/www/html/orsys.fr/
CustomLog /var/log/httpd/orsys.fr_access.log combined
ErrorLog /var/log/httpd/orsys.fr_error.log
<Directory />
Options none
Allowoverride none
Require all denied
</Directory>
<Directory /var/www/html/orsys.fr>
Require all granted
</Directory>
</VirtualHost>

0
setup/tests/inventory → tco.apache/tests/inventory
View File

2
setup/tests/test.yml → tco.apache/tests/test.yml
View File

@@ -2,4 +2,4 @@
- hosts: localhost - hosts: localhost
remote_user: root remote_user: root
roles: roles:
- setup - tco.apache

2
tco.apache/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for tco.apache