jtom38
/
Ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #7 from luther38/role-updates 

Role updates
This commit is contained in:
James Tombleson 2019-10-20 12:47:49 -07:00 committed by GitHub
parent 76444888a8 757bc655f6
commit e4589dc169
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
117 changed files with 6603 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -12,5 +12,12 @@ hosts
win_hosts
hosts.d
# Ansible vault secret
# Used to decrypt the vault files
.ansible_vault
# Vagrant
.vagrant
# Debug files
ansible-vars.all

12
.vscode/tasks.json vendored Normal file
View File

@ -0,0 +1,12 @@
{
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
"tasks": [
{
"label": "echo",
"type": "shell",
"command": "echo Hello"
}
]
}

28
README.md
View File

@ -2,6 +2,13 @@
This repo contains my configuration and setup for my ansible use. Use at your own risk.
1. Install Ansible on development device
2. Clone this repository to work in
3. Configure devices to remote into
4. Configure Ansible's Inventory files
5. Set Vault Secret
6. Run Connection tests
## Installers
### New hosts
@ -29,10 +36,31 @@ I have a basic configuration file in place at the root of this folder for anisbl
## Inventory
Inventory files have been moved over to .yml format. The ansibe.cfg is looking for ./dev.yml as it's default inventory file. For Prod use make another file that will contain all servers that will be managed.
I have a template file in place that should only be used as a reference. Make a copy of that file and name it hosts then update that file.
The configuration file that is active is looking for a directory that contains all of the inventory files. This way all files can be parted out rather then one big file.
## Vault Secret
The configuration file is looking for ./.ansible_vault file to contain the secret for vault entries. Git is already configured to ignore this file. You will need to make this file and place your key in it so ansible
can decrypt vaults as needed.
Run the following command and replace secret with your password. Once that is done move on to generating the encrypted strings.
```shell
echo 'secret' > ./.ansible_vault
```
To generate secure strings for the inventory file run the following command.
```shell
ansible-vault encrypt_string 'secret'
```
This will output the value that needs to be placed
### Testing Linux devices
```bash

78
Vagrantfile vendored Normal file
View File

@ -0,0 +1,78 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "generic/ubuntu1804"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
# config.vm.network "forwarded_port", guest: 80, host: 8080
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine and only allow access
# via 127.0.0.1 to disable public access
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
#config.vm.network "public_network", type: "dhcp"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
config.vm.provider "virtualbox" do |vb|
# Display the VirtualBox GUI when booting the machine
vb.gui = false
# Customize the amount of memory on the VM:
vb.memory = "512"
vb.cpus = 1
vb.name = "1804"
vb.customize ["modifyvm", "1804", "--natdnshostresolver1", "on"]
vb.customize ["modifyvm", "1804", "--natdnsproxy1", "on"]
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
config.vm.provision "shell", inline: <<-SHELL
#apt-get update
#sudo apt update
#sudo apt upgrade
SHELL
end

4230
ansible-vars.all Normal file
View File

File diff suppressed because it is too large Load Diff

4
ansible.cfg
View File

@ -11,7 +11,7 @@
# some basic default values...
inventory = ./hosts.d/
inventory = ./hosts
library = /usr/share/my_modules/
module_utils = /usr/share/my_module_utils/
remote_tmp = ~/.ansible/tmp
@ -137,7 +137,7 @@ roles_path = ./roles/:/etc/ansible/roles
# If set, configures the path to the Vault password file as an alternative to
# specifying --vault-password-file on the command line.
#vault_password_file = /path/to/vault_password_file
#vault_password_file = ./.ansible_vault
# format of string {{ ansible_managed }} available within Jinja2
# templates indicates to users editing templates files will be replaced.

46
dev.yml Normal file
View File

@ -0,0 +1,46 @@
---
all:
hosts:
dmi-dev01:
children:
linux:
hosts:
172.20.0.142:
vars:
ansible_user: ansible
ansible_connection: ssh
ansible_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
33353561613531336536313335356236643530346538373638653330306636386435633965336136
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
66323434636365303335326133396137393031396531313533326263363066636237313139353538
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
3439
ansible_become_method: sudo
ansible_become_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
33353561613531336536313335356236643530346538373638653330306636386435633965336136
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
66323434636365303335326133396137393031396531313533326263363066636237313139353538
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
3439
ansible_python_interpreter: /usr/bin/python3
windows:
hosts:
dmi-dev01:
vars:
ansible_user: svcansible
ansible_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
33353561613531336536313335356236643530346538373638653330306636386435633965336136
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
66323434636365303335326133396137393031396531313533326263363066636237313139353538
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
3439
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_scheme: http
ansible_winrm_transport: ntlm
ansible_winrm_server_cert_validation: ignore

21
hosts.template
View File

@ -1,21 +0,0 @@
[linux]
192.168.0.60
[linux:vars]
ansible_user=ansible
ansible_connection=ssh
ansible_password=
ansible_become_method=sudo
ansible_become_pass=
#ansible_python_interpreter=/usr/bin/python3
[windows]
192.168.0.2
[windows:vars]
ansible_user=ansible
ansible_password=
ansible_connection=winrm
ansible_port=5986
ansible_winrm_scheme=https
ansible_winrm_server_cert_validation=ignore

4
jenkins/README.md
View File

@ -1,4 +0,0 @@
# Jenkins
This is a folder that contains playbooks that will executed with Jenkins when code is pushed to master.

17
jenkins/auto-securityupdates.yml
View File

@ -1,17 +0,0 @@
---
- name: enable
hosts: linux
tasks:
# https://galaxy.ansible.com/jnv/unattended-upgrades
- name: unattended-upgrades
become: true
include_role:
name: jnv.unattended-upgrades
vars:
#unattended_package_blacklist: []
unattended_automatic_reboot: true

16
playbook/debug/debugDumpAnsibleVars.yml Normal file
View File

@ -0,0 +1,16 @@
- name: Export all vars
hosts: osx
tasks:
- name: Dump all vars
template:
src: dumpall.j2
dest: /tmp/ansible-vars.all
- name: Copy new file to host
fetch:
src: /tmp/ansible-vars.all
dest: ansible-vars.all
flat: yes

19
playbook/debug/dumpall.j2 Normal file
View File

@ -0,0 +1,19 @@
Module Variables ("vars"):
--------------------------------
{{ vars | to_nice_json }}
Environment Variables ("environment"):
--------------------------------
{{ environment | to_nice_json }}
GROUP NAMES Variables ("group_names"):
--------------------------------
{{ group_names | to_nice_json }}
GROUPS Variables ("groups"):
--------------------------------
{{ groups | to_nice_json }}
HOST Variables ("hostvars"):
--------------------------------
{{ hostvars | to_nice_json }}

48
playbook/linux/install-awx.yml Normal file
View File

@ -0,0 +1,48 @@
---
- hosts: linux
become: yes
vars:
nodejs_version: "6.x"
pip_install_packages:
- name: docker-compose
- name: docker
awx_run_install_playbook: yes
pre_tasks:
# Note: First time running this I had to go and manually remove the pip docker modules.
# For some reason the playbook was failing to do this for me.
# Once I did that, AWX installed.
- name: install pip3
apt:
name: python3-pip
state: present
- name: pip3 remove docker
pip:
name: docker
state: absent
executable: pip3
- name: pip3 install docker-py
pip:
name: docker-py
state: absent
executable: pip3
- name: pip remove docker
pip:
name: docker
state: absent
executable: pip
roles:
#- geerlingguy.repo-epel
- geerlingguy.git
- geerlingguy.ansible
- geerlingguy.docker
- geerlingguy.pip
- geerlingguy.nodejs
- geerlingguy.awx

6
playbook/linux/install-jenkins.yml
View File

@ -10,6 +10,12 @@
import_role:
name: geerlingguy.java
- name: Backup Jenkins Jobs
become: yes
fetch:
src: /var/lib/jenkins/jobs/
dest: ./jenkins/jobs/
- name: Install Jenkins
become: yes
import_role:

68
playbook/macos/installDevTools.yml Normal file
View File

@ -0,0 +1,68 @@
---
- name: Install MacOS Dev Tools
hosts: osx
tasks:
- name: Install python3 dev
homebrew:
name: python3
state: present
when: ansible_distribution == "MacOSX"
- name: Install pipenv
homebrew:
name: pipenv
state: present
when: ansible_distribution == "MacOSX"
- name: Install VisualStudioCode
homebrew_cask:
name: visual-studio-code
state: present
when: ansible_distribution == "MacOSX"
- name: Install vagrant
homebrew_cask:
name: vagrant
state: present
when: ansible_distribution == "MacOSX"
- name: Install amethyst
homebrew_cask:
name: amethyst
state: present
when: ansible_distribution == "MacOSX"
- name: Install docker
homebrew_cask:
name: docker
state: present
when: ansible_distribution == "MacOSX"
- name: remove cask - darktable
homebrew_cask:
name: darktable
state: absent
when: ansible_distribution == 'MacOSX'
#TODO The job seems to stop here for some reason
- name: remove cask - dotnet-sdk
homebrew_cask:
name: dotnet-sdk
state: absent
when: ansible_distribution == 'MacOSX'
- name: remove cask - visual-studio
homebrew_cask:
name: visual-studio
state: absent
when: ansible_distribution == 'MacOSX'
- name: remove cask - rider
homebrew_cask:
name: rider
state: absent
when: ansible_distribution == 'MacOSX'

3
roles/geerlingguy.ansible/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.retry
*/__pycache__
*.pyc

32
roles/geerlingguy.ansible/.travis.yml Normal file
View File

@ -0,0 +1,32 @@
---
language: python
services: docker
env:
global:
- ROLE_NAME: ansible
matrix:
- MOLECULE_DISTRO: centos7
- MOLECULE_DISTRO: fedora29
- MOLECULE_DISTRO: ubuntu1804
- MOLECULE_DISTRO: debian9
- MOLECULE_DISTRO: centos7
MOLECULE_PLAYBOOK: playbook-pip.yml
install:
# Install test dependencies.
- pip install molecule docker
before_script:
# Use actual Ansible Galaxy role name for the project directory.
- cd ../
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
- cd geerlingguy.$ROLE_NAME
script:
# Run tests.
- molecule test
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
roles/geerlingguy.ansible/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

51
roles/geerlingguy.ansible/README.md Normal file
View File

@ -0,0 +1,51 @@
# Ansible Role: Ansible
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-ansible.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-ansible)
An Ansible Role that installs Ansible on Linux servers.
## Requirements
If using on a RedHat/CentOS-based host, make sure you've added the EPEL repository (it can easily be installed by including the `geerlingguy.repo-epel` role on Ansible Galaxy).
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
ansible_install_method: package
Whether to install Ansible via the system `package` manager (`apt`, `yum`, `dnf`, etc.), or via `pip`. If set to `pip`, you need to make sure Pip is installed prior to running this role. You can use the `geerlingguy.pip` module to install Pip easily.
ansible_install_version_pip: ''
If `ansible_install_method` is set to `pip`, the specific Ansible version to be installed via Pip. If not set, the latest version of Ansible will be installed.
## Dependencies
None.
## Example Playbook
Install from the system package manager:
- hosts: servers
roles:
- role: geerlingguy.ansible
Install from pip:
- hosts: servers
vars:
ansible_install_method: pip
ansible_install_version_pip: "2.7.0"
roles:
- role: geerlingguy.pip
- role: geerlingguy.ansible
## License
MIT / BSD
## Author Information
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

8
roles/geerlingguy.ansible/defaults/main.yml Normal file
View File

@ -0,0 +1,8 @@
---
ansible_default_release: ""
# Valid options include: 'package' or 'pip'.
ansible_install_method: package
# Used only if ansible_install_method is 'pip'. If empty, defaults to latest.
ansible_install_version_pip: ''

2
roles/geerlingguy.ansible/meta/.galaxy_install_info Normal file
View File

@ -0,0 +1,2 @@
install_date: Tue May 14 21:40:21 2019
version: 2.0.1

30
roles/geerlingguy.ansible/meta/main.yml Normal file
View File

@ -0,0 +1,30 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Ansible for RedHat/CentOS/Debian/Ubuntu.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Fedora
versions:
- all
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
galaxy_tags:
- system
- packaging
- development
- cloud
- ansible
- automation

29
roles/geerlingguy.ansible/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,29 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
options:
config-file: molecule/default/yaml-lint.yml
platforms:
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
provisioner:
name: ansible
lint:
name: ansible-lint
playbooks:
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8

12
roles/geerlingguy.ansible/molecule/default/playbook-pip.yml Normal file
View File

@ -0,0 +1,12 @@
---
- name: Converge
hosts: all
become: true
vars:
ansible_install_method: pip
ansible_install_version_pip: "2.6.2"
roles:
- role: geerlingguy.pip
- role: geerlingguy.ansible

7
roles/geerlingguy.ansible/molecule/default/playbook.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: Converge
hosts: all
become: true
roles:
- role: geerlingguy.ansible

2
roles/geerlingguy.ansible/molecule/default/requirements.yml Normal file
View File

@ -0,0 +1,2 @@
---
- role: geerlingguy.pip

14
roles/geerlingguy.ansible/molecule/default/tests/test_default.py Normal file
View File

@ -0,0 +1,14 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_hosts_file(host):
f = host.file('/etc/hosts')
assert f.exists
assert f.user == 'root'
assert f.group == 'root'

6
roles/geerlingguy.ansible/molecule/default/yaml-lint.yml Normal file
View File

@ -0,0 +1,6 @@
---
extends: default
rules:
line-length:
max: 120
level: warning

27
roles/geerlingguy.ansible/tasks/main.yml Normal file
View File

@ -0,0 +1,27 @@
---
- name: Set the package state based on how Ansible is installed.
set_fact:
ansible_package_state: "{{ 'present' if ansible_install_method == 'package' else 'absent' }}"
# Setup/install tasks.
- name: Set up Ansible on RedHat.
include_tasks: setup-RedHat.yml
when:
- ansible_os_family == 'RedHat'
- ansible_distribution != 'Fedora'
- name: Set up Ansible on Fedora.
include_tasks: setup-Fedora.yml
when: ansible_distribution == 'Fedora'
- name: Set up Ansible on Ubuntu.
include_tasks: setup-Ubuntu.yml
when: ansible_distribution == 'Ubuntu'
- name: Set up Ansible on Debian.
include_tasks: setup-Debian.yml
when: ansible_distribution == 'Debian'
- name: Set up Ansible using Pip.
include_tasks: setup-pip.yml
when: ansible_install_method == 'pip'

23
roles/geerlingguy.ansible/tasks/setup-Debian.yml Normal file
View File

@ -0,0 +1,23 @@
---
- name: Enable Backports repository.
apt_repository:
repo: >-
deb http://ftp.debian.org/debian
{{ ansible_distribution_release }}-backports main'
state: present
filename: "{{ ansible_distribution_release }}_backports"
when: ansible_distribution_version | int < 9
- name: Update apt cache.
apt: update_cache=true cache_valid_time=86400
- name: Set the default_release option for older Debian versions.
set_fact:
ansible_default_release: "{{ ansible_distribution_release }}-backports"
when: ansible_distribution_version | int < 9
- name: Install Ansible.
apt:
name: ansible
state: "{{ ansible_package_state }}"
default_release: "{{ ansible_default_release }}"

5
roles/geerlingguy.ansible/tasks/setup-Fedora.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Install Ansible.
package:
name: ansible
state: "{{ ansible_package_state }}"

6
roles/geerlingguy.ansible/tasks/setup-RedHat.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Install Ansible.
yum:
name: ansible
state: "{{ ansible_package_state }}"
enablerepo: epel

11
roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml Normal file
View File

@ -0,0 +1,11 @@
---
- name: Add ansible repository.
apt_repository: repo='ppa:ansible/ansible'
- name: Update apt cache.
apt: update_cache=true cache_valid_time=86400
- name: Install Ansible.
apt:
name: ansible
state: "{{ ansible_package_state }}"

5
roles/geerlingguy.ansible/tasks/setup-pip.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Install Ansible via Pip.
pip:
name: ansible
version: "{{ ansible_install_version_pip | default(omit) }}"

2
roles/geerlingguy.awx/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*.retry
tests/test.sh

22
roles/geerlingguy.awx/.travis.yml Normal file
View File

@ -0,0 +1,22 @@
---
services: docker
env:
- distro: centos7
- distro: ubuntu1604
- distro: debian9
# Test without running the full playbook.
- distro: centos7
playbook: test-no-playbook.yml
script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh
# Run tests (increasing the travis_wait timeout).
- tests/custom_travis_wait.sh ${PWD}/tests/test.sh
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
roles/geerlingguy.awx/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

68
roles/geerlingguy.awx/README.md Normal file
View File

@ -0,0 +1,68 @@
# Ansible Role: AWX (open source Ansible Tower)
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-awx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-awx)
Installs and configures [AWX](https://github.com/ansible/awx), the open source version of [Ansible Tower](https://www.ansible.com/tower).
## Requirements
Before this role runs, assuming you want the role to completely set up AWX using it's included installer, you need to make sure the following AWX dependencies are installed:
| Dependency | Suggested Role |
| ----------------------------- | ------------------------ |
| EPEL repo (RedHat OSes only) | `geerlingguy.repo-epel` |
| Git | `geerlingguy.git` |
| Ansible | `geerlingguy.ansible` |
| Docker | `geerlingguy.docker` |
| Python Pip | `geerlingguy.pip` |
| Node.js (6.x) | `geerlingguy.nodejs` |
See this role's `tests/test.yml` playbook for an example that works across many different OSes.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
awx_repo: https://github.com/ansible/awx.git
awx_repo_dir: "~/awx"
awx_version: devel
awx_keep_updated: yes
Variables to control what version of AWX is checked out and installed.
awx_run_install_playbook: yes
By default, this role will run the installation playbook included with AWX (which builds a set of containers and runs them). You can disable the playbook run by setting this variable to `no`.
## Dependencies
None.
## Example Playbook
- hosts: awx-centos
become: yes
vars:
nodejs_version: "6.x"
pip_install_packages:
- name: docker-py
roles:
- geerlingguy.repo-epel
- geerlingguy.git
- geerlingguy.ansible
- geerlingguy.docker
- geerlingguy.pip
- geerlingguy.nodejs
- geerlingguy.awx
After AWX is installed, you can log in with the default username `admin` and password `password`.
## License
MIT / BSD
## Author Information
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

7
roles/geerlingguy.awx/defaults/main.yml Normal file
View File

@ -0,0 +1,7 @@
---
awx_repo: https://github.com/ansible/awx.git
awx_repo_dir: "~/awx"
awx_version: devel
awx_keep_updated: yes
awx_run_install_playbook: yes
postgres_data_dir: /var/lib/pgdocker

2
roles/geerlingguy.awx/meta/.galaxy_install_info Normal file
View File

@ -0,0 +1,2 @@
install_date: Fri Oct 18 19:16:41 2019
version: 1.2.0

32
roles/geerlingguy.awx/meta/main.yml Normal file
View File

@ -0,0 +1,32 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: "Installs and configures AWX (Ansible Tower's open source version)."
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.0
platforms:
- name: EL
versions:
- 7
- name: Fedora
versions:
- all
- name: Ubuntu
versions:
- all
- name: Debian
versions:
- all
galaxy_tags:
- automation
- system
- web
- django
- awx
- tower
- playbook
- ci
- cd

12
roles/geerlingguy.awx/tasks/awx-install-playbook.yml Normal file
View File

@ -0,0 +1,12 @@
---
- name: Run the AWX installation playbook.
command: "ansible-playbook -i inventory install.yml -e postgres_data_dir={{ postgres_data_dir }}"
args:
chdir: "{{ awx_repo_dir }}/installer"
creates: /etc/awx_playbook_complete
- name: Create a file to mark whether this playbook has completed.
file:
path: /etc/awx_playbook_complete
state: touch
changed_when: False

21
roles/geerlingguy.awx/tasks/main.yml Normal file
View File

@ -0,0 +1,21 @@
---
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- name: Install AWX dependencies.
package:
name: "{{ item }}"
state: present
with_items: "{{ awx_package_dependencies }}"
- name: Clone AWX into configured directory.
git:
repo: "{{ awx_repo }}"
dest: "{{ awx_repo_dir }}"
version: "{{ awx_version }}"
update: "{{ awx_keep_updated }}"
force: yes
accept_hostkey: yes
- include: awx-install-playbook.yml
when: awx_run_install_playbook

11
roles/geerlingguy.awx/tests/README.md Normal file
View File

@ -0,0 +1,11 @@
# Ansible Role tests
To run the test playbook(s) in this directory:
1. Install and start Docker.
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
1. Make the test shim executable: `chmod +x tests/test.sh`.
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

26
roles/geerlingguy.awx/tests/custom_travis_wait.sh Executable file
View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
# Add a custom wait time (limit value, in seconds).
#
# Chose to use a custom script instead of travis_wait, since travis_wait eats
# logged output then spits it out at the end.
set -e
set -u
command=$1
# Launch command in the background.
${command} &
# Ping every second.
seconds=0
limit=45*60
while kill -0 $! >/dev/null 2>&1;
do
echo -n -e " \b"
if [ $seconds == $limit ]; then
break;
fi
seconds=$((seconds + 1))
sleep 1
done

7
roles/geerlingguy.awx/tests/requirements.yml Normal file
View File

@ -0,0 +1,7 @@
---
- src: geerlingguy.repo-epel
- src: geerlingguy.git
- src: geerlingguy.ansible
- src: geerlingguy.docker
- src: geerlingguy.pip
- src: geerlingguy.nodejs

15
roles/geerlingguy.awx/tests/test-no-playbook.yml Normal file
View File

@ -0,0 +1,15 @@
---
- hosts: all
vars:
awx_run_install_playbook: no
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- geerlingguy.git
- role_under_test

23
roles/geerlingguy.awx/tests/test.yml Normal file
View File

@ -0,0 +1,23 @@
---
- hosts: all
vars:
nodejs_version: "6.x"
pip_install_packages:
- name: docker-py
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- name: geerlingguy.repo-epel
when: ansible_os_family == "RedHat"
- geerlingguy.git
- geerlingguy.ansible
- geerlingguy.docker
- geerlingguy.pip
- geerlingguy.nodejs
- role_under_test

6
roles/geerlingguy.awx/vars/Debian.yml Normal file
View File

@ -0,0 +1,6 @@
---
awx_package_dependencies:
- build-essential
- gettext
- g++
- bzip2

6
roles/geerlingguy.awx/vars/RedHat.yml Normal file
View File

@ -0,0 +1,6 @@
---
awx_package_dependencies:
- '@Development tools'
- gettext
- gcc-c++
- bzip2

3
roles/geerlingguy.docker/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.retry
*/__pycache__
*.pyc

31
roles/geerlingguy.docker/.travis.yml Normal file
View File

@ -0,0 +1,31 @@
---
language: python
services: docker
env:
global:
- ROLE_NAME: docker
matrix:
- MOLECULE_DISTRO: centos7
- MOLECULE_DISTRO: ubuntu1804
- MOLECULE_DISTRO: ubuntu1604
- MOLECULE_DISTRO: ubuntu1404
- MOLECULE_DISTRO: debian9
- MOLECULE_DISTRO: fedora27
install:
# Install test dependencies.
- pip install molecule docker
before_script:
# Use actual Ansible Galaxy role name for the project directory.
- cd ../
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
- cd geerlingguy.$ROLE_NAME
script:
# Run tests.
- molecule test
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
roles/geerlingguy.docker/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

89
roles/geerlingguy.docker/README.md Normal file
View File

@ -0,0 +1,89 @@
# Ansible Role: Docker
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-docker.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-docker)
An Ansible Role that installs [Docker](https://www.docker.com) on Linux.
## Requirements
None.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_package: "docker-{{ docker_edition }}"
docker_package_state: present
The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: `docker-{{ docker_edition }}-<VERSION>`; Debian/Ubuntu: `docker-{{ docker_edition }}=<VERSION>`.
You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted
Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`.
docker_install_compose: true
docker_compose_version: "1.22.0"
docker_compose_path: /usr/local/bin/docker-compose
Docker Compose installation options.
docker_apt_release_channel: stable
docker_apt_arch: amd64
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: True
(Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release.
docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo
docker_yum_repo_enable_edge: 0
docker_yum_repo_enable_test: 0
(Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`.
docker_users:
- user1
- user2
A list of system users to be added to the `docker` group (so they can use Docker on the server).
## Use with Ansible (and `docker` Python library)
Many users of this role wish to also use Ansible to then _build_ Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the `docker` Python library using the `geerlingguy.pip` role:
```yaml
- hosts: all
vars:
pip_install_packages:
- name: docker
roles:
- geerlingguy.pip
- geerlingguy.docker
```
## Dependencies
None.
## Example Playbook
```yaml
- hosts: all
roles:
- geerlingguy.docker
```
## License
MIT / BSD
## Author Information
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

29
roles/geerlingguy.docker/defaults/main.yml Normal file
View File

@ -0,0 +1,29 @@
---
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_package: "docker-{{ docker_edition }}"
docker_package_state: present
# Service options.
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted
# Docker Compose options.
docker_install_compose: true
docker_compose_version: "1.24.1"
docker_compose_path: /usr/local/bin/docker-compose
# Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed.
docker_apt_release_channel: stable
docker_apt_arch: amd64
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: true
# Used only for RedHat/CentOS/Fedora.
docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo
docker_yum_repo_enable_edge: 0
docker_yum_repo_enable_test: 0
# A list of users who will be added to the docker group.
docker_users: []

3
roles/geerlingguy.docker/handlers/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
- name: restart docker
service: "name=docker state={{ docker_restart_handler_state }}"

2
roles/geerlingguy.docker/meta/.galaxy_install_info Normal file
View File

@ -0,0 +1,2 @@
install_date: Sun Oct 20 01:52:19 2019
version: 2.5.3

34
roles/geerlingguy.docker/meta/main.yml Normal file
View File

@ -0,0 +1,34 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Docker for Linux.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Fedora
versions:
- all
- name: Debian
versions:
- jessie
- stretch
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
galaxy_tags:
- web
- system
- containers
- docker
- orchestration
- compose
- server

29
roles/geerlingguy.docker/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,29 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
options:
config-file: molecule/default/yaml-lint.yml
platforms:
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
provisioner:
name: ansible
lint:
name: ansible-lint
playbooks:
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8

12
roles/geerlingguy.docker/molecule/default/playbook.yml Normal file
View File

@ -0,0 +1,12 @@
---
- name: Converge
hosts: all
become: true
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
roles:
- role: geerlingguy.docker

6
roles/geerlingguy.docker/molecule/default/yaml-lint.yml Normal file
View File

@ -0,0 +1,6 @@
---
extends: default
rules:
line-length:
max: 200
level: warning

16
roles/geerlingguy.docker/tasks/docker-1809-shim.yml Normal file
View File

@ -0,0 +1,16 @@
---
- name: Ensure containerd service dir exists.
file:
path: /etc/systemd/system/containerd.service.d
state: directory
- name: Add shim to ensure Docker can start in all environments.
template:
src: override.conf.j2
dest: /etc/systemd/system/containerd.service.d/override.conf
register: override_template
- name: Reload systemd daemon if template is changed.
systemd:
daemon_reload: true
when: override_template is changed

20
roles/geerlingguy.docker/tasks/docker-compose.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Check current docker-compose version.
command: docker-compose --version
register: docker_compose_current_version
changed_when: false
failed_when: false
- name: Delete existing docker-compose version if it's different.
file:
path: "{{ docker_compose_path }}"
state: absent
when: >
docker_compose_current_version.stdout is defined
and docker_compose_version not in docker_compose_current_version.stdout
- name: Install Docker Compose (if configured).
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
dest: "{{ docker_compose_path }}"
mode: 0755

7
roles/geerlingguy.docker/tasks/docker-users.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: Ensure docker users are added to the docker group.
user:
name: "{{ item }}"
groups: docker
append: true
with_items: "{{ docker_users }}"

31
roles/geerlingguy.docker/tasks/main.yml Normal file
View File

@ -0,0 +1,31 @@
---
- include_tasks: setup-RedHat.yml
when: ansible_os_family == 'RedHat'
- include_tasks: setup-Debian.yml
when: ansible_os_family == 'Debian'
- name: Install Docker.
package:
name: "{{ docker_package }}"
state: "{{ docker_package_state }}"
notify: restart docker
# TODO: Remove this shim once 18.09.1 or later is released.
- import_tasks: docker-1809-shim.yml
when: ansible_service_mgr == 'systemd'
- name: Ensure Docker is started and enabled at boot.
service:
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled }}"
- name: Ensure handlers are notified now to avoid firewall conflicts.
meta: flush_handlers
- include_tasks: docker-compose.yml
when: docker_install_compose | bool
- include_tasks: docker-users.yml
when: docker_users | length > 0

40
roles/geerlingguy.docker/tasks/setup-Debian.yml Normal file
View File

@ -0,0 +1,40 @@
---
- name: Ensure old versions of Docker are not installed.
package:
name:
- docker
- docker-engine
state: absent
- name: Ensure dependencies are installed.
apt:
name:
- apt-transport-https
- ca-certificates
state: present
- name: Add Docker apt key.
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
state: present
register: add_repository_key
ignore_errors: "{{ docker_apt_ignore_key_error }}"
- name: Ensure curl is present (on older systems without SNI).
package: name=curl state=present
when: add_repository_key is failed
- name: Add Docker apt key (alternative for older systems without SNI).
shell: |
set -o pipefail
curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
args:
warn: false
when: add_repository_key is failed
- name: Add Docker repository.
apt_repository:
repo: "{{ docker_apt_repository }}"
state: present
update_cache: true

35
roles/geerlingguy.docker/tasks/setup-RedHat.yml Normal file
View File

@ -0,0 +1,35 @@
---
- name: Ensure old versions of Docker are not installed.
package:
name:
- docker
- docker-common
- docker-engine
state: absent
- name: Add Docker GPG key.
rpm_key:
key: https://download.docker.com/linux/centos/gpg
state: present
- name: Add Docker repository.
get_url:
url: "{{ docker_yum_repo_url }}"
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
owner: root
group: root
mode: 0644
- name: Configure Docker Edge repo.
ini_file:
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
section: 'docker-{{ docker_edition }}-edge'
option: enabled
value: '{{ docker_yum_repo_enable_edge }}'
- name: Configure Docker Test repo.
ini_file:
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
section: 'docker-{{ docker_edition }}-test'
option: enabled
value: '{{ docker_yum_repo_enable_test }}'

3
roles/geerlingguy.docker/templates/override.conf.j2 Normal file
View File

@ -0,0 +1,3 @@
# {{ ansible_managed }}
[Service]
ExecStartPre=

2
roles/geerlingguy.git/.ansible-lint Normal file
View File

@ -0,0 +1,2 @@
skip_list:
- '204'

3
roles/geerlingguy.git/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.retry
*/__pycache__
*.pyc

34
roles/geerlingguy.git/.travis.yml Normal file
View File

@ -0,0 +1,34 @@
---
language: python
services: docker
env:
global:
- ROLE_NAME: git
matrix:
- MOLECULE_DISTRO: centos7
MOLECULE_PLAYBOOK: playbook-source.yml
- MOLECULE_DISTRO: ubuntu1804
MOLECULE_PLAYBOOK: playbook-source.yml
- MOLECULE_DISTRO: centos7
- MOLECULE_DISTRO: centos6
- MOLECULE_DISTRO: ubuntu1804
- MOLECULE_DISTRO: ubuntu1604
- MOLECULE_DISTRO: debian9
install:
# Install test dependencies.
- pip install molecule docker
before_script:
# Use actual Ansible Galaxy role name for the project directory.
- cd ../
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
- cd geerlingguy.$ROLE_NAME
script:
# Run tests.
- molecule test
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
roles/geerlingguy.git/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

55
roles/geerlingguy.git/README.md Normal file
View File

@ -0,0 +1,55 @@
# Ansible Role: Git
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-git.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-git)
Installs Git, a distributed version control system, on any RHEL/CentOS or Debian/Ubuntu Linux system.
## Requirements
None.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
workspace: /root
Where certain files will be downloaded and adjusted prior to git installation, if needed.
git_enablerepo: ""
This variable, a well as `git_packages`, will be used to install git via a particular `yum` repo if `git_install_from_source` is false (CentOS only). Any additional repositories you have installed that you would like to use for a newer/different Git version.
git_packages:
- git
- git-svn
The specific Git packages that will be installed. By default, `git-svn` is included, but you can easily add this variable to your playbook's variables and remove `git-svn` if desired.
git_install_from_source: false
git_install_path: "/usr"
git_version: "2.16.2"
Whether to install Git from source; if set to `true`, `git_version` is required and will be used to install a particular version of git (see all available versions here: https://www.kernel.org/pub/software/scm/git/), and `git_install_path` defines where git should be installed.
git_install_from_source_force_update: false
If git is already installed at and older version, force a new source build. Only applies if `git_install_from_source` is `true`.
## Dependencies
None.
## Example Playbook
- hosts: servers
roles:
- { role: geerlingguy.git }
## License
MIT / BSD
## Author Information
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

23
roles/geerlingguy.git/defaults/main.yml Normal file
View File

@ -0,0 +1,23 @@
---
workspace: /root
# If git_install_from_source is set to false, these two variables define whether
# to use an additional repo for the package installation, and which git packages
# will be installed.
git_enablerepo: ""
git_packages:
- git
- git-svn
# If set to TRUE, git will be installed from source, using the version set with
# the 'git_version' variable instead of using a package.
git_install_from_source: false
git_install_path: "/usr"
git_version: "2.16.2"
# If git is already installed at and older version, force a new source build.
# Only applies if git_install_from_source is `true`.
git_install_from_source_force_update: false
# Leave this at it's default.
git_reinstall_from_source: false

2
roles/geerlingguy.git/meta/.galaxy_install_info Normal file
View File

@ -0,0 +1,2 @@
install_date: Sun Oct 20 01:54:10 2019
version: 2.0.5

29
roles/geerlingguy.git/meta/main.yml Normal file
View File

@ -0,0 +1,29 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Git version control software
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- all
- name: Fedora
versions:
- all
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
galaxy_tags:
- development
- system
- git
- vcs
- source
- code

29
roles/geerlingguy.git/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,29 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
options:
config-file: molecule/default/yaml-lint.yml
platforms:
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
provisioner:
name: ansible
lint:
name: ansible-lint
playbooks:
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8

18
roles/geerlingguy.git/molecule/default/playbook-source.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: Converge
hosts: all
become: true
vars:
git_install_from_source: true
git_install_from_source_force_update: true
git_version: "2.16.2"
pre_tasks:
- name: Update apt cache.
apt: update_cache=true cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- role: geerlingguy.git

17
roles/geerlingguy.git/molecule/default/playbook.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: Converge
hosts: all
become: true
vars:
git_install_from_source: false
git_install_path: /usr/local
pre_tasks:
- name: Update apt cache.
apt: update_cache=true cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- role: geerlingguy.git

6
roles/geerlingguy.git/molecule/default/yaml-lint.yml Normal file
View File

@ -0,0 +1,6 @@
---
extends: default
rules:
line-length:
max: 160
level: warning

64
roles/geerlingguy.git/tasks/install-from-source.yml Normal file
View File

@ -0,0 +1,64 @@
---
- name: Include OS-specific variables (RedHat).
include_vars: "{{ ansible_os_family }}.yml"
when:
- ansible_os_family == "RedHat"
- ansible_distribution != "Fedora"
- name: Include OS-specific variables (Fedora).
include_vars: "{{ ansible_distribution }}.yml"
when: ansible_distribution == "Fedora"
- name: Include OS-specific variables (Debian).
include_vars: "{{ ansible_os_family }}.yml"
when: ansible_os_family == "Debian"
- name: Define git_install_from_source_dependencies.
set_fact:
git_install_from_source_dependencies: "{{ __git_install_from_source_dependencies | list }}"
when: git_install_from_source_dependencies is not defined
- name: Ensure git's dependencies are installed.
package:
name: "{{ git_install_from_source_dependencies }}"
state: present
- name: Get installed version.
command: >
git --version
warn=no
changed_when: false
failed_when: false
check_mode: false
register: git_installed_version
- name: Force git install if the version numbers do not match.
set_fact:
git_reinstall_from_source: true
when:
- git_install_from_source_force_update | bool
- (git_installed_version.rc == 0) and (git_installed_version.stdout | regex_replace("^.*?([0-9\.]+)$", "\\1") | version_compare(git_version, operator="!="))
- name: Download git.
get_url:
url: "https://www.kernel.org/pub/software/scm/git/git-{{ git_version }}.tar.gz"
dest: "{{ workspace }}/git-{{ git_version }}.tar.gz"
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
- name: Expand git archive.
unarchive:
src: "{{ workspace }}/git-{{ git_version }}.tar.gz"
dest: "{{ workspace }}"
creates: "{{ workspace }}/git-{{ git_version }}/README"
copy: false
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
- name: Build git.
command: >
make prefix={{ git_install_path }} {{ item }}
chdir={{ workspace }}/git-{{ git_version }}
with_items:
- all
- install
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
become: true

24
roles/geerlingguy.git/tasks/main.yml Normal file
View File

@ -0,0 +1,24 @@
---
- name: Ensure git is installed (RedHat).
package:
name: "{{ git_packages }}"
state: present
enablerepo: "{{ git_enablerepo | default(omit, true) }}"
when:
- not git_install_from_source | bool
- ansible_os_family == 'RedHat'
- name: Update apt cache (Debian).
apt: update_cache=true cache_valid_time=86400
when: ansible_os_family == 'Debian'
- name: Ensure git is installed (Debian).
apt:
name: "{{ git_packages }}"
state: present
when:
- not git_install_from_source | bool
- ansible_os_family == 'Debian'
- import_tasks: install-from-source.yml
when: git_install_from_source | bool

9
roles/geerlingguy.git/vars/Debian.yml Normal file
View File

@ -0,0 +1,9 @@
---
git_install_from_source_dependencies:
- libcurl4-gnutls-dev
- libexpat1-dev
- gettext
- libssl-dev
- zlib1g-dev
- build-essential
- gcc

12
roles/geerlingguy.git/vars/Fedora.yml Normal file
View File

@ -0,0 +1,12 @@
---
git_install_from_source_dependencies:
- gettext-devel
- expat-devel
- curl-devel
- zlib-devel
- perl-devel
- openssl-devel
- subversion-perl
- make
- gcc
- tar

11
roles/geerlingguy.git/vars/RedHat.yml Normal file
View File

@ -0,0 +1,11 @@
---
git_install_from_source_dependencies:
- gettext-devel
- expat-devel
- curl-devel
- zlib-devel
- perl-devel
- openssl-devel
- subversion-perl
- make
- gcc

2
roles/geerlingguy.git/vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# This space intentionally left blank.

3
roles/geerlingguy.nodejs/.ansible-lint Normal file
View File

@ -0,0 +1,3 @@
skip_list:
- '405'
- '204'

3
roles/geerlingguy.nodejs/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.retry
*/__pycache__
*.pyc

34
roles/geerlingguy.nodejs/.travis.yml Normal file
View File

@ -0,0 +1,34 @@
---
language: python
services: docker
env:
global:
- ROLE_NAME: nodejs
matrix:
- MOLECULE_DISTRO: centos7
- MOLECULE_DISTRO: centos6
- MOLECULE_DISTRO: ubuntu1804
- MOLECULE_DISTRO: ubuntu1604
- MOLECULE_DISTRO: debian9
- MOLECULE_DISTRO: debian8
- MOLECULE_DISTRO: centos7
MOLECULE_PLAYBOOK: playbook-latest.yml
install:
# Install test dependencies.
- pip install molecule docker
before_script:
# Use actual Ansible Galaxy role name for the project directory.
- cd ../
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
- cd geerlingguy.$ROLE_NAME
script:
# Run tests.
- molecule test
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
roles/geerlingguy.nodejs/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

73
roles/geerlingguy.nodejs/README.md Normal file
View File

@ -0,0 +1,73 @@
# Ansible Role: Node.js
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nodejs.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nodejs)
Installs Node.js on RHEL/CentOS or Debian/Ubuntu.
## Requirements
None.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
nodejs_version: "10.x"
The Node.js version to install. "10.x" is the default and works on most supported OSes. Other versions such as "0.12", "4.x", "5.x", "6.x", "8.x", "10.x" etc. should work on the latest versions of Debian/Ubuntu and RHEL/CentOS.
nodejs_install_npm_user: "{{ ansible_ssh_user }}"
The user for whom the npm packages will be installed can be set here, this defaults to `ansible_user`.
npm_config_prefix: "/usr/local/lib/npm"
The global installation directory. This should be writeable by the `nodejs_install_npm_user`.
npm_config_unsafe_perm: "false"
Set to true to suppress the UID/GID switching when running package scripts. If set explicitly to false, then installing as a non-root user will fail.
nodejs_npm_global_packages: []
A list of npm packages with a `name` and (optional) `version` to be installed globally. For example:
nodejs_npm_global_packages:
# Install a specific version of a package.
- name: jslint
version: 0.9.3
# Install the latest stable release of a package.
- name: node-sass
# This shorthand syntax also works (same as previous example).
- node-sass
<!-- code block separator -->
nodejs_package_json_path: ""
Set a path pointing to a particular `package.json` (e.g. `"/var/www/app/package.json"`). This will install all of the defined packages globally using Ansible's `npm` module.
## Dependencies
None.
## Example Playbook
- hosts: utility
vars_files:
- vars/main.yml
roles:
- geerlingguy.nodejs
*Inside `vars/main.yml`*:
nodejs_npm_global_packages:
- name: jslint
- name: node-sass
## License
MIT / BSD
## Author Information
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

27
roles/geerlingguy.nodejs/defaults/main.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Set the version of Node.js to install ("6.x", "8.x", "10.x", "11.x", etc.).
# Version numbers from Nodesource: https://github.com/nodesource/distributions
nodejs_version: "10.x"
# The user for whom the npm packages will be installed.
# nodejs_install_npm_user: username
# The directory for global installations.
npm_config_prefix: "/usr/local/lib/npm"
# Set to true to suppress the UID/GID switching when running package scripts. If
# set explicitly to false, then installing as a non-root user will fail.
npm_config_unsafe_perm: "false"
# Define a list of global packages to be installed with NPM.
nodejs_npm_global_packages: []
# # Install a specific version of a package.
# - name: jslint
# version: 0.9.3
# # Install the latest stable release of a package.
# - name: node-sass
# # This shorthand syntax also works (same as previous example).
# - node-sass
# The path of a package.json file used to install packages globally.
nodejs_package_json_path: ""

2
roles/geerlingguy.nodejs/meta/.galaxy_install_info Normal file
View File

@ -0,0 +1,2 @@
install_date: Sun Oct 20 01:52:29 2019
version: 5.0.0

30
roles/geerlingguy.nodejs/meta/main.yml Normal file
View File

@ -0,0 +1,30 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Node.js installation for Linux
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
galaxy_tags:
- development
- web
- javascript
- js
- node
- npm
- nodejs

29
roles/geerlingguy.nodejs/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,29 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
options:
config-file: molecule/default/yaml-lint.yml
platforms:
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
provisioner:
name: ansible
lint:
name: ansible-lint
playbooks:
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8

23
roles/geerlingguy.nodejs/molecule/default/playbook-latest.yml Normal file
View File

@ -0,0 +1,23 @@
---
- name: Converge
hosts: all
become: true
vars:
nodejs_version: "11.x"
nodejs_install_npm_user: root
npm_config_prefix: /root/.npm-global
npm_config_unsafe_perm: "true"
nodejs_npm_global_packages:
- node-sass
- name: jslint
version: 0.12.0
- name: yo
pre_tasks:
- name: Update apt cache.
apt: update_cache=true cache_valid_time=600
when: ansible_os_family == 'Debian'
roles:
- role: geerlingguy.nodejs

22
roles/geerlingguy.nodejs/molecule/default/playbook.yml Normal file
View File

@ -0,0 +1,22 @@
---
- name: Converge
hosts: all
become: true
vars:
nodejs_install_npm_user: root
npm_config_prefix: /root/.npm-global
npm_config_unsafe_perm: "true"
nodejs_npm_global_packages:
- node-sass
- name: jslint
version: 0.12.0
- name: yo
pre_tasks:
- name: Update apt cache.
apt: update_cache=true cache_valid_time=600
when: ansible_os_family == 'Debian'
roles:
- role: geerlingguy.nodejs

14
roles/geerlingguy.nodejs/molecule/default/tests/test_default.py Normal file
View File

@ -0,0 +1,14 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_hosts_file(host):
f = host.file('/etc/hosts')
assert f.exists
assert f.user == 'root'
assert f.group == 'root'

6
roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml Normal file
View File

@ -0,0 +1,6 @@
---
extends: default
rules:
line-length:
max: 220
level: warning

42
roles/geerlingguy.nodejs/tasks/main.yml Normal file
View File

@ -0,0 +1,42 @@
---
- import_tasks: setup-RedHat.yml
when: ansible_os_family == 'RedHat'
- import_tasks: setup-Debian.yml
when: ansible_os_family == 'Debian'
- name: Define nodejs_install_npm_user
set_fact:
nodejs_install_npm_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
when: nodejs_install_npm_user is not defined
- name: Create npm global directory
file:
path: "{{ npm_config_prefix }}"
owner: "{{ nodejs_install_npm_user }}"
group: "{{ nodejs_install_npm_user }}"
state: directory
- name: Add npm_config_prefix bin directory to global $PATH.
template:
src: npm.sh.j2
dest: /etc/profile.d/npm.sh
mode: 0644
- name: Ensure npm global packages are installed.
npm:
name: "{{ item.name | default(item) }}"
version: "{{ item.version | default('latest') }}"
global: true
state: latest
environment:
NPM_CONFIG_PREFIX: "{{ npm_config_prefix }}"
NODE_PATH: "{{ npm_config_prefix }}/lib/node_modules"
NPM_CONFIG_UNSAFE_PERM: "{{ npm_config_unsafe_perm }}"
with_items: "{{ nodejs_npm_global_packages }}"
tags: ['skip_ansible_lint']
- name: Install packages defined in a given package.json.
npm:
path: "{{ nodejs_package_json_path }}"
when: nodejs_package_json_path is defined and nodejs_package_json_path

Some files were not shown because too many files have changed in this diff Show More