mise au point

Readme.md

@@ -0,0 +1,21 @@
+## Rôles
+
+**Tâche**: Écrire un rôle
+
+**Condition**: pour améliorer l'organisation et la maintenance de nos playbooks
+
+**Norme**: ansible-galaxy, vim
+
+## Pratique:
+
+Convertir en un rôle nommé "apache" le 1er playbook mis au point lors de l'atelier "handlers".
+
+Vous pouvez récupérer ce playbook via la commande:
+```bash
+git clone -b solution https://infra.opendoor.fr/git/tom/sib_12_handlers
+```
+
+
+## Performance
+
+Le playbook s'exécute correctement, le rôle est joué sur les machines cibles

apache.yml

@@ -0,0 +1,5 @@
+---
+- hosts: centos
+  name: install apache from role
+  roles:
+  - tco.apache

setup/defaults/main.yml

@@ -1,2 +0,0 @@
----
-# defaults file for setup

setup/files/sudo

@@ -1,3 +0,0 @@
-#Configuration sudo
-# en nopassword pour ansible
-ansible ALL=(ALL)      NOPASSWD:  ALL

setup/handlers/main.yml

@@ -1,2 +0,0 @@
----
-# handlers file for setup

setup/tasks/main.yml

@@ -1,52 +0,0 @@
-  - name: warn people
-    tags: wip
-    lineinfile:
-      path: /etc/motd
-      line: "Host is managed by ansible, manual interaction not recommended"
-      state: present
-
-  - name: history
-    tags: wip
-    lineinfile:
-      path: /etc/history
-      line: "{{ '%Y-%m-%d' | strftime }} - {{ ansible_play_name }}"
-      state: present
-      create: true
-
-# ansible localhost  -u formation  -m openssh_keypair -a "path=/home/formation/.ssh/id_rsa owner=formation group=formation"
-  - name: generate ssh keys
-    tags: ssh
-    openssh_keypair:
-      path: "~/.ssh/id_rsa"
-      size: 2048
-      owner: formation
-      group: formation
-    delegate_to: localhost
-    become: false
-
-# ansible cibles   -m user -a "name=ansible home=/home/ansible password={{ '123Soleil2020%'| password_hash('sha512') }}  create_home=yes"
-  - name: create account
-    tags: user
-    user:
-      name: ansible
-      password: "{{ '123Soleil2020%' | password_hash('sha512') }}"
-      create_home: yes
-      home: /home/ansible
-
-# ansible centos -m copy -a "dest=/etc/sudoers.d/ansible content="ansible ALL=(ALL)      NOPASSWD:  ALL validate='/usr/bin/visudo -cf %f'"
-  - name: configure sudo
-    tags: sudo
-    copy:
-      src: sudo
-      dest: /etc/sudoers.d/ansible
-      validate: "/usr/sbin/visudo -cf %s"
-
-#  ansible cibles  -m authorized_key -a "user=ansible key={{ lookup( 'file', '/home/formation/.ssh/id_rsa.pub') }}"
-  - name: deploy ssh key
-    tags: ssh
-    authorized_key:
-      user: ansible
-      key: "{{ item }}"
-    loop:
-    - "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"
-    - "https://infra.opendoor.fr/id_rsa.pub"

setup/vars/main.yml

@@ -1,2 +0,0 @@
----
-# vars file for setup

setup_role.yml

@@ -1,5 +0,0 @@
----
-- name: setup target to be managed by ansible using setup role
-  hosts: cibles
-  roles:
-  - setup

tco.apache/README.md

@@ -1,7 +1,7 @@
 Role Name
 =========
 
-Setup a host for ansible management
+Install apache
 
 Requirements
 ------------
@@ -23,9 +23,9 @@ Example Playbook
 
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
 
-    - hosts: servers
+    - hosts: centos
       roles:
-         - setup
+      - tco.apache
 
 License
 -------

tco.apache/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for tco.apache

tco.apache/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+# handlers file for tco
+- name: restart apache
+  service:
+    name: httpd
+    state: restarted

tco.apache/tasks/main.yml

@@ -0,0 +1,39 @@
+---
+- name: install apache
+  yum:
+    name: httpd
+    state: latest
+
+- name: conf httpd
+  template:
+    src: vhost.conf
+    dest: /etc/httpd/conf.d/vhost.conf
+    mode: 0640
+    owner: root
+    group: apache
+  notify: restart apache
+
+- name: activate apache
+  service:
+    name: httpd
+    enabled: yes
+    state: started
+
+- name: open firewall port
+  firewalld:
+    service: http
+    permanent: yes
+    immediate: yes
+    state: enabled
+  ignore_errors: yes
+
+- name: create documentroot
+  file:
+    name: /var/www/html/orsys.fr
+    state: directory
+
+- name: create index file
+  template:
+    src: index.txt
+    dest: /var/www/html/orsys.fr/index.html
+    mode: 0644

tco.apache/templates/index.txt

@@ -0,0 +1 @@
+<span style="text-align: center;background-color: #FD5401; font-size: 42px;">Hello World</span>

tco.apache/templates/vhost.conf

@@ -0,0 +1,16 @@
+<VirtualHost *:80>
+       ServerName    orsys.fr
+       ServerAlias   www.orsys.fr
+       DocumentRoot  /var/www/html/orsys.fr/
+       CustomLog     /var/log/httpd/orsys.fr_access.log combined
+       ErrorLog      /var/log/httpd/orsys.fr_error.log
+       <Directory />
+                Options none
+                Allowoverride none
+                Require all denied
+        </Directory>
+
+        <Directory /var/www/html/orsys.fr>
+                Require all granted
+        </Directory>
+</VirtualHost>

tco.apache/tests/test.yml

@@ -2,4 +2,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - setup
+    - tco.apache

tco.apache/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for tco.apache

vim.yml

@@ -1,4 +0,0 @@
----
-- hosts: all
-  roles:
-  - vim

vim/.travis.yml

@@ -1,29 +0,0 @@
----
-language: python
-python: "2.7"
-
-# Use the new container infrastructure
-sudo: false
-
-# Install ansible
-addons:
-  apt:
-    packages:
-    - python-pip
-
-install:
-  # Install ansible
-  - pip install ansible
-
-  # Check ansible version
-  - ansible --version
-
-  # Create ansible.cfg with correct roles_path
-  - printf '[defaults]\nroles_path=../' >ansible.cfg
-
-script:
-  # Basic role syntax check
-  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
-
-notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/

vim/README.md

@@ -1,38 +0,0 @@
-Role Name
-=========
-
-Install vim
-
-Ensure setup role is also applied, using role dependencies
-
-Requirements
-------------
-
-None
-
-Role Variables
---------------
-
-None
-
-Dependencies
-------------
-
-none
-
-Example Playbook
-----------------
-
-    - hosts: servers
-      roles:
-         - vim
-
-License
--------
-
-BSD
-
-Author Information
-------------------
-
-Thomas C <thomas@opendoor.fr>

vim/defaults/main.yml

@@ -1,2 +0,0 @@
----
-# defaults file for vim

vim/handlers/main.yml

@@ -1,2 +0,0 @@
----
-# handlers file for vim

vim/meta/main.yml

@@ -1,54 +0,0 @@
-galaxy_info:
-  author: Thomas C
-  description: install vim
-  company: OpenDoor
-
-  # If the issue tracker for your role is not on github, uncomment the
-  # next line and provide a value
-  # issue_tracker_url: http://example.com/issue/tracker
-
-  # Choose a valid license ID from https://spdx.org - some suggested licenses:
-  # - BSD-3-Clause (default)
-  # - MIT
-  # - GPL-2.0-or-later
-  # - GPL-3.0-only
-  # - Apache-2.0
-  # - CC-BY-4.0
-  license: license (GPL-2.0-or-later, MIT, etc)
-
-  min_ansible_version: 2.9
-
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
-  # min_ansible_container_version:
-
-  #
-  # Provide a list of supported platforms, and for each platform a list of versions.
-  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
-  # To view available platforms and versions (or releases), visit:
-  # https://galaxy.ansible.com/api/v1/platforms/
-  #
-  # platforms:
-  # - name: Fedora
-  #   versions:
-  #   - all
-  #   - 25
-  # - name: SomePlatform
-  #   versions:
-  #   - all
-  #   - 1.0
-  #   - 7
-  #   - 99.99
-
-  galaxy_tags: []
-    # List tags for your role here, one per line. A tag is a keyword that describes
-    # and categorizes the role. Users find roles by searching for tags. Be sure to
-    # remove the '[]' above, if you add tags to this list.
-    #
-    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
-    #       Maximum 20 tags per role.
-
-dependencies:
-- role: setup
-  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
-  # if you add dependencies to this list.
-  

vim/tasks/main.yml

@@ -1,18 +0,0 @@
----
-# tasks file for vim
-
-- name: install vim
-  yum:
-    name: vim-enhanced
-    state: present
-
-- name: remove nano
-  yum:
-    name: nano
-    state: absent
-
-- name: config vim
-  get_url:
-    url: https://cours.opendoor.fr/Fichiers/vimrc
-    dest: /etc/vimrc
-    mode: 0644

vim/tests/inventory

@@ -1,2 +0,0 @@
-localhost
-

vim/tests/test.yml

@@ -1,5 +0,0 @@
----
-- hosts: localhost
-  remote_user: root
-  roles:
-    - vim

vim/vars/main.yml

@@ -1,2 +0,0 @@
----
-# vars file for vim