ansible_host Rename ansible-host to ansible_host

2022-02-24 19:45:09 +00:00 · 2022-02-24 19:45:09 +00:00 · e508ff7974
commit e508ff7974
parent 26f85086fd
5 changed files with 1 additions and 1 deletions
--- a/roles/ansible_host/files/nginx.conf
+++ b/roles/ansible_host/files/nginx.conf
@ -0,0 +1,4 @@
+location /facts {
+  autoindex on;
+  autoindex_format json;
+}
--- a/roles/ansible_host/files/root-bashrc.sh
+++ b/roles/ansible_host/files/root-bashrc.sh
@ -0,0 +1,19 @@
+# .bashrc
+
+# User specific aliases and functions
+
+alias rm='rm -i'
+alias cp='cp -i'
+alias mv='mv -i'
+
+# Source global definitions
+if [ -f /etc/bashrc ]; then
+	. /etc/bashrc
+fi
+
+# make sure that ssh agent is running and connect to it
+[ -f /root/.ssh/agent ] && source /root/.ssh/agent > /dev/null
+if ! kill -0 "${SSH_AGENT_PID}" > /dev/null 2>&1 ; then
+    ssh-agent -s > /root/.ssh/agent
+    source /root/.ssh/agent > /dev/null
+fi
--- a/roles/ansible_host/meta/main.yml
+++ b/roles/ansible_host/meta/main.yml
@ -0,0 +1,5 @@
+---
+dependencies:
+  - {role: epel_repo}
+  - {role: git}
+  - {role: nginx/server}
--- a/roles/ansible_host/tasks/main.yml
+++ b/roles/ansible_host/tasks/main.yml
@ -0,0 +1,63 @@
+---
+- name: install ansible packages
+  ansible.builtin.package:
+    name: "{{ item }}"
+    state: installed
+  with_items:
+    - ansible
+    - ansible-collection-community-general
+    - python3-dns       # required for lookup('dig', 'hostname')
+    - python3-netaddr   # required by iptables role
+
+- name: create private directory and force permissions
+  ansible.builtin.file:
+    path: /export/private
+    owner: root
+    group: root
+    mode: 0700
+    state: directory
+
+- name: link private directory
+  ansible.builtin.file:
+    src: "/export/private"
+    dest: "/srv/private"
+    owner: root
+    group: "{{ ansible_wheel }}"
+    state: link
+    follow: false
+
+- name: allow http server to access /srv/ansible
+  community.general.sefcontext:
+    path: /srv/ansible(/.*)?
+    setype: httpd_sys_content_t
+- name: clone ansible repository
+  ansible.builtin.git:
+    dest: /srv/ansible
+    repo: https://git.foo.sh/ansible.git
+    update: false
+
+- name: link facts to nginx
+  ansible.builtin.file:
+    src: "/srv/ansible/facts"
+    dest: "/srv/web/{{ inventory_hostname }}/facts"
+    owner: root
+    group: "{{ ansible_wheel }}"
+    state: link
+    follow: false
+
+- name: create nginx conf
+  ansible.builtin.copy:
+    src: nginx.conf
+    dest: /etc/nginx/conf.d/{{ inventory_hostname }}/ansible.conf
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart nginx
+
+- name: add custom .bashrc for root
+  ansible.builtin.copy:
+    dest: /root/.bashrc
+    src: root-bashrc.sh
+    owner: root
+    group: "{{ ansible_wheel }}"
+    mode: 0600