Ansible

Installing on Mac

brew install ansible
brew install cowsay

 Commands

  • ansible-doc service Module documentation: eg ansible-doc mysql_user or ansible-doc firewalld
  • ansible-doc -l List all modules

Notes

  • Playbooks Are YAML

Remove cowsay

cowsay

Howto

  • vagrant ssh-config
  • test ssh ssh User@Hostname -p Port IdentifyFile
  • save to hosts file
  • test connection ansible testserver -i hosts -m ping
  • test uptime ansible testserver -m command -a uptime
  • view log ansible testserver -m command -a "tail /var/log/dmesg"
  • install nginx ansible testserver -s -m apt -a name=nginx
  • restart nginx ansible testserver -s -m service -a "name=nginx \ state=restarted"

Run playbook yml files directly

  • Add #!/usr/bin/env ansible-playbook to top of file
  • Make executable chmod 700 ./file.yml

Running a playbook

ansible-playbook web-notls.yml

Ansbile directories

files - config files templates - jinja2 templates

Ansible Prompts

 vars_prompt: 
        - name: "githubuser" 
            prompt: "Enter your github username" 
            private: no 
        - name: "githubpassword" 
            prompt: "Enter your github password" 
            private: yes 

Interactive/step by step mode in vagrant config

config.vm.provision "ansible" do |ansible|
    ansible.playbook = "ansible/playbook.yml"
            ansible.raw_arguments = "--step"

Ansible roles

Gotchas

Permissions unreadbable for apache

/sbin/setenforce 0

Check status: sestatus and check Current mode: permissive. In permissive mode, SELinux will not block anything, but merely warns you. The line will show enforcing when it's actually blocking.

 Ansible ini files

Command:

https://{{ lookup('ini', 'user section=bitbucket file=users.ini') }}:{{ lookup('ini', 'pass section=bitbucket file=users.ini') }}@bitbucket.org/username/repository.git

And users.ini

[bitbucket]
# My bitbucket login
user=joebloggs
pass=1234