Loading playbook.yaml +15 −222 Original line number Diff line number Diff line --- # execute this role - name: "install and configure common items" hosts: "all" - name: "install and configure the Zabbix Agent" serial: 2 hosts: "all" become: true # import handlers handlers: - import_tasks: "handlers/main.yaml" # include tasks tasks: # load os variables - name: "include os specific vars" ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yaml" tags: "always" # set hostname - name: "set hostname" ansible.builtin.import_tasks: "tasks/hostname.yaml" when: "ansible_os_family == 'Debian'" tags: "hostname" # set locale - name: "set locale" ansible.builtin.import_tasks: "tasks/locale.yaml" when: "ansible_os_family == 'Debian'" tags: "locale" # environment - name: "environment" ansible.builtin.import_tasks: "tasks/environment.yaml" tags: "environment-file" # motd - name: "motd" ansible.builtin.import_tasks: "tasks/motd.yaml" tags: "motd" # cron jobs - name: "cron jobs" ansible.builtin.import_tasks: "tasks/cron.yaml" tags: "cron" # swap - name: "swap" ansible.builtin.import_tasks: "tasks/swap.yaml" when: - 'type == "vm"' - "ansible_os_family =='Debian'" tags: "swap" # manage fstab - name: "manage fstab" ansible.builtin.import_tasks: "tasks/fstab.yaml" tags: "fstab" # apk - name: "apk" ansible.builtin.import_tasks: "tasks/apk/packages.yaml" when: 'ansible_os_family == "Alpine"' tags: "apk" # apt - name: "apt" ansible.builtin.import_tasks: "tasks/apt/sources.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" - name: "apt - update" ansible.builtin.import_tasks: "tasks/apt/update.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-update" - name: "apt - packages" ansible.builtin.import_tasks: "tasks/apt/packages.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - config" ansible.builtin.import_tasks: "tasks/apt/config.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - cleanup" ansible.builtin.import_tasks: "tasks/apt/cleanup.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-cleanup" # manage profile - name: "manage profile" ansible.builtin.import_tasks: "tasks/profile.yaml" tags: "profile" # telemetry - name: "telemetry" ansible.builtin.import_tasks: "tasks/telemetry.yaml" when: "ansible_os_family == 'Debian'" tags: "telemetry" # service - name: "service" ansible.builtin.include_tasks: "tasks/service.yaml" loop: "{{ service }}" loop_control: loop_var: "__service" when: - "service is defined" - "ansible_os_family == 'Debian'" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # chrony - name: "ntp" ansible.builtin.import_tasks: "tasks/ntp.yaml" when: 'type == "vm" or type == "hw"' tags: "ntp" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # snap - name: "snap - daemon" ansible.builtin.import_tasks: "tasks/snap/snap_daemon.yaml" when: "ansible_os_family == 'Debian'" tags: "snap" - name: "snap - package" ansible.builtin.import_tasks: "tasks/snap/snap_package.yaml" when: - "snap_package is defined" - "ansible_os_family == 'Debian'" tags: "snap" # lxd - name: "lxd" ansible.builtin.import_tasks: "tasks/lxd.yaml" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "lxd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # sysctl - name: "sysctl - set sysctl" ansible.builtin.include_tasks: "tasks/sysctl.yaml" loop: "{{ sysctl }}" loop_control: loop_var: "__sysctl" when: 'type == "vm" or type == "hw"' tags: "sysctl" # systemctl - name: "sysctl - set systemctl" ansible.builtin.include_tasks: "tasks/systemctl.yaml" loop: "{{ systemctl }}" loop_control: loop_var: "__systemctl" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "systemctl" # syslog - name: "syslog - install" ansible.builtin.import_tasks: "tasks/syslog/install.yaml" when: "syslog_enable" tags: "syslog" - name: "syslog - config" ansible.builtin.import_tasks: "tasks/syslog/config.yaml" when: "syslog_enable" tags: "syslog" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # journald - name: "journald" ansible.builtin.import_tasks: "tasks/journald.yaml" when: "ansible_os_family == 'Debian'" tags: "journald" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # timezone - name: "timezone" ansible.builtin.import_tasks: "tasks/timezone.yaml" tags: "timezone" # sshd - name: "sshd" ansible.builtin.import_tasks: "tasks/sshd.yaml" tags: "sshd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # user - name: "user - create users" ansible.builtin.include_tasks: "tasks/user.yaml" tags: "usermanagement" loop: "{{ users }}" loop_control: loop_var: "__user" # firewall - name: "firewall" ansible.builtin.import_tasks: "tasks/firewall.yaml" when: "ansible_os_family == 'Debian'" tags: "firewall" # due to semaphore bug we need to do this ourselves - name: "force-update requirements" ansible.builtin.command: cmd: "ansible-galaxy install -f -r roles/requirements.yml" become: false delegate_to: "localhost" changed_when: false failed_when: false # execute the role - name: "execute role: common" ansible.builtin.include_role: name: "common" roles/requirements.yml 0 → 100644 +6 −0 Original line number Diff line number Diff line --- roles: - name: "common" src: "https://gitlab.simoncor.net/ansible/ans-common" scm: "git" tasks/main.yaml 0 → 100644 +216 −0 Original line number Diff line number Diff line --- # load os variables - name: "include os specific vars" ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yaml" tags: "always" # set hostname - name: "set hostname" ansible.builtin.include_tasks: "hostname.yaml" when: "ansible_os_family == 'Debian'" tags: "hostname" # set locale - name: "set locale" ansible.builtin.include_tasks: "locale.yaml" when: "ansible_os_family == 'Debian'" tags: "locale" # environment - name: "environment" ansible.builtin.include_tasks: "environment.yaml" tags: "environment-file" # motd - name: "motd" ansible.builtin.include_tasks: "motd.yaml" tags: "motd" # cron jobs - name: "cron jobs" ansible.builtin.include_tasks: "cron.yaml" tags: "cron" # swap - name: "swap" ansible.builtin.include_tasks: "swap.yaml" when: - 'type == "vm"' - "ansible_os_family =='Debian'" tags: "swap" # manage fstab - name: "manage fstab" ansible.builtin.include_tasks: "fstab.yaml" tags: "fstab" # apk - name: "apk" ansible.builtin.include_tasks: "apk/packages.yaml" when: 'ansible_os_family == "Alpine"' tags: "apk" # apt - name: "apt" ansible.builtin.include_tasks: "apt/sources.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" - name: "apt - update" ansible.builtin.include_tasks: "apt/update.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-update" - name: "apt - packages" ansible.builtin.include_tasks: "apt/packages.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - config" ansible.builtin.include_tasks: "apt/config.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - cleanup" ansible.builtin.include_tasks: "apt/cleanup.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-cleanup" # manage profile - name: "manage profile" ansible.builtin.include_tasks: "profile.yaml" tags: "profile" # telemetry - name: "telemetry" ansible.builtin.include_tasks: "telemetry.yaml" when: "ansible_os_family == 'Debian'" tags: "telemetry" # service - name: "service" ansible.builtin.include_tasks: "service.yaml" loop: "{{ service }}" loop_control: loop_var: "__service" when: - "service is defined" - "ansible_os_family == 'Debian'" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # chrony - name: "ntp" ansible.builtin.include_tasks: "ntp.yaml" when: 'type == "vm" or type == "hw"' tags: "ntp" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # snap - name: "snap - daemon" ansible.builtin.include_tasks: "snap/snap_daemon.yaml" when: "ansible_os_family == 'Debian'" tags: "snap" - name: "snap - package" ansible.builtin.include_tasks: "snap/snap_package.yaml" when: - "snap_package is defined" - "ansible_os_family == 'Debian'" tags: "snap" # lxd - name: "lxd" ansible.builtin.include_tasks: "lxd.yaml" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "lxd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # sysctl - name: "sysctl - set sysctl" ansible.builtin.include_tasks: "sysctl.yaml" loop: "{{ sysctl }}" loop_control: loop_var: "__sysctl" when: 'type == "vm" or type == "hw"' tags: "sysctl" # systemctl - name: "sysctl - set systemctl" ansible.builtin.include_tasks: "systemctl.yaml" loop: "{{ systemctl }}" loop_control: loop_var: "__systemctl" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "systemctl" # syslog - name: "syslog - install" ansible.builtin.include_tasks: "syslog/install.yaml" when: "syslog_enable" tags: "syslog" - name: "syslog - config" ansible.builtin.include_tasks: "syslog/config.yaml" when: "syslog_enable" tags: "syslog" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # journald - name: "journald" ansible.builtin.include_tasks: "journald.yaml" when: "ansible_os_family == 'Debian'" tags: "journald" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # timezone - name: "timezone" ansible.builtin.include_tasks: "timezone.yaml" tags: "timezone" # sshd - name: "sshd" ansible.builtin.include_tasks: "sshd.yaml" tags: "sshd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # user - name: "user - create users" ansible.builtin.include_tasks: "user.yaml" tags: "usermanagement" loop: "{{ users }}" loop_control: loop_var: "__user" # firewall - name: "firewall" ansible.builtin.include_tasks: "firewall.yaml" when: "ansible_os_family == 'Debian'" tags: "firewall" Loading
playbook.yaml +15 −222 Original line number Diff line number Diff line --- # execute this role - name: "install and configure common items" hosts: "all" - name: "install and configure the Zabbix Agent" serial: 2 hosts: "all" become: true # import handlers handlers: - import_tasks: "handlers/main.yaml" # include tasks tasks: # load os variables - name: "include os specific vars" ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yaml" tags: "always" # set hostname - name: "set hostname" ansible.builtin.import_tasks: "tasks/hostname.yaml" when: "ansible_os_family == 'Debian'" tags: "hostname" # set locale - name: "set locale" ansible.builtin.import_tasks: "tasks/locale.yaml" when: "ansible_os_family == 'Debian'" tags: "locale" # environment - name: "environment" ansible.builtin.import_tasks: "tasks/environment.yaml" tags: "environment-file" # motd - name: "motd" ansible.builtin.import_tasks: "tasks/motd.yaml" tags: "motd" # cron jobs - name: "cron jobs" ansible.builtin.import_tasks: "tasks/cron.yaml" tags: "cron" # swap - name: "swap" ansible.builtin.import_tasks: "tasks/swap.yaml" when: - 'type == "vm"' - "ansible_os_family =='Debian'" tags: "swap" # manage fstab - name: "manage fstab" ansible.builtin.import_tasks: "tasks/fstab.yaml" tags: "fstab" # apk - name: "apk" ansible.builtin.import_tasks: "tasks/apk/packages.yaml" when: 'ansible_os_family == "Alpine"' tags: "apk" # apt - name: "apt" ansible.builtin.import_tasks: "tasks/apt/sources.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" - name: "apt - update" ansible.builtin.import_tasks: "tasks/apt/update.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-update" - name: "apt - packages" ansible.builtin.import_tasks: "tasks/apt/packages.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - config" ansible.builtin.import_tasks: "tasks/apt/config.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - cleanup" ansible.builtin.import_tasks: "tasks/apt/cleanup.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-cleanup" # manage profile - name: "manage profile" ansible.builtin.import_tasks: "tasks/profile.yaml" tags: "profile" # telemetry - name: "telemetry" ansible.builtin.import_tasks: "tasks/telemetry.yaml" when: "ansible_os_family == 'Debian'" tags: "telemetry" # service - name: "service" ansible.builtin.include_tasks: "tasks/service.yaml" loop: "{{ service }}" loop_control: loop_var: "__service" when: - "service is defined" - "ansible_os_family == 'Debian'" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # chrony - name: "ntp" ansible.builtin.import_tasks: "tasks/ntp.yaml" when: 'type == "vm" or type == "hw"' tags: "ntp" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # snap - name: "snap - daemon" ansible.builtin.import_tasks: "tasks/snap/snap_daemon.yaml" when: "ansible_os_family == 'Debian'" tags: "snap" - name: "snap - package" ansible.builtin.import_tasks: "tasks/snap/snap_package.yaml" when: - "snap_package is defined" - "ansible_os_family == 'Debian'" tags: "snap" # lxd - name: "lxd" ansible.builtin.import_tasks: "tasks/lxd.yaml" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "lxd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # sysctl - name: "sysctl - set sysctl" ansible.builtin.include_tasks: "tasks/sysctl.yaml" loop: "{{ sysctl }}" loop_control: loop_var: "__sysctl" when: 'type == "vm" or type == "hw"' tags: "sysctl" # systemctl - name: "sysctl - set systemctl" ansible.builtin.include_tasks: "tasks/systemctl.yaml" loop: "{{ systemctl }}" loop_control: loop_var: "__systemctl" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "systemctl" # syslog - name: "syslog - install" ansible.builtin.import_tasks: "tasks/syslog/install.yaml" when: "syslog_enable" tags: "syslog" - name: "syslog - config" ansible.builtin.import_tasks: "tasks/syslog/config.yaml" when: "syslog_enable" tags: "syslog" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # journald - name: "journald" ansible.builtin.import_tasks: "tasks/journald.yaml" when: "ansible_os_family == 'Debian'" tags: "journald" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # timezone - name: "timezone" ansible.builtin.import_tasks: "tasks/timezone.yaml" tags: "timezone" # sshd - name: "sshd" ansible.builtin.import_tasks: "tasks/sshd.yaml" tags: "sshd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # user - name: "user - create users" ansible.builtin.include_tasks: "tasks/user.yaml" tags: "usermanagement" loop: "{{ users }}" loop_control: loop_var: "__user" # firewall - name: "firewall" ansible.builtin.import_tasks: "tasks/firewall.yaml" when: "ansible_os_family == 'Debian'" tags: "firewall" # due to semaphore bug we need to do this ourselves - name: "force-update requirements" ansible.builtin.command: cmd: "ansible-galaxy install -f -r roles/requirements.yml" become: false delegate_to: "localhost" changed_when: false failed_when: false # execute the role - name: "execute role: common" ansible.builtin.include_role: name: "common"
roles/requirements.yml 0 → 100644 +6 −0 Original line number Diff line number Diff line --- roles: - name: "common" src: "https://gitlab.simoncor.net/ansible/ans-common" scm: "git"
tasks/main.yaml 0 → 100644 +216 −0 Original line number Diff line number Diff line --- # load os variables - name: "include os specific vars" ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yaml" tags: "always" # set hostname - name: "set hostname" ansible.builtin.include_tasks: "hostname.yaml" when: "ansible_os_family == 'Debian'" tags: "hostname" # set locale - name: "set locale" ansible.builtin.include_tasks: "locale.yaml" when: "ansible_os_family == 'Debian'" tags: "locale" # environment - name: "environment" ansible.builtin.include_tasks: "environment.yaml" tags: "environment-file" # motd - name: "motd" ansible.builtin.include_tasks: "motd.yaml" tags: "motd" # cron jobs - name: "cron jobs" ansible.builtin.include_tasks: "cron.yaml" tags: "cron" # swap - name: "swap" ansible.builtin.include_tasks: "swap.yaml" when: - 'type == "vm"' - "ansible_os_family =='Debian'" tags: "swap" # manage fstab - name: "manage fstab" ansible.builtin.include_tasks: "fstab.yaml" tags: "fstab" # apk - name: "apk" ansible.builtin.include_tasks: "apk/packages.yaml" when: 'ansible_os_family == "Alpine"' tags: "apk" # apt - name: "apt" ansible.builtin.include_tasks: "apt/sources.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" - name: "apt - update" ansible.builtin.include_tasks: "apt/update.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-update" - name: "apt - packages" ansible.builtin.include_tasks: "apt/packages.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - config" ansible.builtin.include_tasks: "apt/config.yaml" when: "ansible_os_family == 'Debian'" tags: "apt" - name: "apt - cleanup" ansible.builtin.include_tasks: "apt/cleanup.yaml" when: "ansible_os_family == 'Debian'" tags: "apt-cleanup" # manage profile - name: "manage profile" ansible.builtin.include_tasks: "profile.yaml" tags: "profile" # telemetry - name: "telemetry" ansible.builtin.include_tasks: "telemetry.yaml" when: "ansible_os_family == 'Debian'" tags: "telemetry" # service - name: "service" ansible.builtin.include_tasks: "service.yaml" loop: "{{ service }}" loop_control: loop_var: "__service" when: - "service is defined" - "ansible_os_family == 'Debian'" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # chrony - name: "ntp" ansible.builtin.include_tasks: "ntp.yaml" when: 'type == "vm" or type == "hw"' tags: "ntp" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # snap - name: "snap - daemon" ansible.builtin.include_tasks: "snap/snap_daemon.yaml" when: "ansible_os_family == 'Debian'" tags: "snap" - name: "snap - package" ansible.builtin.include_tasks: "snap/snap_package.yaml" when: - "snap_package is defined" - "ansible_os_family == 'Debian'" tags: "snap" # lxd - name: "lxd" ansible.builtin.include_tasks: "lxd.yaml" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "lxd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # sysctl - name: "sysctl - set sysctl" ansible.builtin.include_tasks: "sysctl.yaml" loop: "{{ sysctl }}" loop_control: loop_var: "__sysctl" when: 'type == "vm" or type == "hw"' tags: "sysctl" # systemctl - name: "sysctl - set systemctl" ansible.builtin.include_tasks: "systemctl.yaml" loop: "{{ systemctl }}" loop_control: loop_var: "__systemctl" when: - 'type == "vm"' - "ansible_os_family == 'Debian'" tags: "systemctl" # syslog - name: "syslog - install" ansible.builtin.include_tasks: "syslog/install.yaml" when: "syslog_enable" tags: "syslog" - name: "syslog - config" ansible.builtin.include_tasks: "syslog/config.yaml" when: "syslog_enable" tags: "syslog" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # journald - name: "journald" ansible.builtin.include_tasks: "journald.yaml" when: "ansible_os_family == 'Debian'" tags: "journald" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # timezone - name: "timezone" ansible.builtin.include_tasks: "timezone.yaml" tags: "timezone" # sshd - name: "sshd" ansible.builtin.include_tasks: "sshd.yaml" tags: "sshd" # flush handler - name: "flush handlers" ansible.builtin.meta: "flush_handlers" # user - name: "user - create users" ansible.builtin.include_tasks: "user.yaml" tags: "usermanagement" loop: "{{ users }}" loop_control: loop_var: "__user" # firewall - name: "firewall" ansible.builtin.include_tasks: "firewall.yaml" when: "ansible_os_family == 'Debian'" tags: "firewall"
