commit
e4589dc169
7
.gitignore
vendored
7
.gitignore
vendored
@ -12,5 +12,12 @@ hosts
|
||||
win_hosts
|
||||
hosts.d
|
||||
|
||||
# Ansible vault secret
|
||||
# Used to decrypt the vault files
|
||||
.ansible_vault
|
||||
|
||||
# Vagrant
|
||||
.vagrant
|
||||
|
||||
# Debug files
|
||||
ansible-vars.all
|
12
.vscode/tasks.json
vendored
Normal file
12
.vscode/tasks.json
vendored
Normal file
@ -0,0 +1,12 @@
|
||||
{
|
||||
// See https://go.microsoft.com/fwlink/?LinkId=733558
|
||||
// for the documentation about the tasks.json format
|
||||
"version": "2.0.0",
|
||||
"tasks": [
|
||||
{
|
||||
"label": "echo",
|
||||
"type": "shell",
|
||||
"command": "echo Hello"
|
||||
}
|
||||
]
|
||||
}
|
28
README.md
28
README.md
@ -2,6 +2,13 @@
|
||||
|
||||
This repo contains my configuration and setup for my ansible use. Use at your own risk.
|
||||
|
||||
1. Install Ansible on development device
|
||||
2. Clone this repository to work in
|
||||
3. Configure devices to remote into
|
||||
4. Configure Ansible's Inventory files
|
||||
5. Set Vault Secret
|
||||
6. Run Connection tests
|
||||
|
||||
## Installers
|
||||
|
||||
### New hosts
|
||||
@ -29,10 +36,31 @@ I have a basic configuration file in place at the root of this folder for anisbl
|
||||
|
||||
## Inventory
|
||||
|
||||
Inventory files have been moved over to .yml format. The ansibe.cfg is looking for ./dev.yml as it's default inventory file. For Prod use make another file that will contain all servers that will be managed.
|
||||
|
||||
I have a template file in place that should only be used as a reference. Make a copy of that file and name it hosts then update that file.
|
||||
|
||||
The configuration file that is active is looking for a directory that contains all of the inventory files. This way all files can be parted out rather then one big file.
|
||||
|
||||
## Vault Secret
|
||||
|
||||
The configuration file is looking for ./.ansible_vault file to contain the secret for vault entries. Git is already configured to ignore this file. You will need to make this file and place your key in it so ansible
|
||||
can decrypt vaults as needed.
|
||||
|
||||
Run the following command and replace secret with your password. Once that is done move on to generating the encrypted strings.
|
||||
|
||||
```shell
|
||||
echo 'secret' > ./.ansible_vault
|
||||
```
|
||||
|
||||
To generate secure strings for the inventory file run the following command.
|
||||
|
||||
```shell
|
||||
ansible-vault encrypt_string 'secret'
|
||||
```
|
||||
|
||||
This will output the value that needs to be placed
|
||||
|
||||
### Testing Linux devices
|
||||
|
||||
```bash
|
||||
|
78
Vagrantfile
vendored
Normal file
78
Vagrantfile
vendored
Normal file
@ -0,0 +1,78 @@
|
||||
# -*- mode: ruby -*-
|
||||
# vi: set ft=ruby :
|
||||
|
||||
# All Vagrant configuration is done below. The "2" in Vagrant.configure
|
||||
# configures the configuration version (we support older styles for
|
||||
# backwards compatibility). Please don't change it unless you know what
|
||||
# you're doing.
|
||||
Vagrant.configure("2") do |config|
|
||||
# The most common configuration options are documented and commented below.
|
||||
# For a complete reference, please see the online documentation at
|
||||
# https://docs.vagrantup.com.
|
||||
|
||||
# Every Vagrant development environment requires a box. You can search for
|
||||
# boxes at https://vagrantcloud.com/search.
|
||||
config.vm.box = "generic/ubuntu1804"
|
||||
|
||||
# Disable automatic box update checking. If you disable this, then
|
||||
# boxes will only be checked for updates when the user runs
|
||||
# `vagrant box outdated`. This is not recommended.
|
||||
# config.vm.box_check_update = false
|
||||
|
||||
# Create a forwarded port mapping which allows access to a specific port
|
||||
# within the machine from a port on the host machine. In the example below,
|
||||
# accessing "localhost:8080" will access port 80 on the guest machine.
|
||||
# NOTE: This will enable public access to the opened port
|
||||
# config.vm.network "forwarded_port", guest: 80, host: 8080
|
||||
|
||||
# Create a forwarded port mapping which allows access to a specific port
|
||||
# within the machine from a port on the host machine and only allow access
|
||||
# via 127.0.0.1 to disable public access
|
||||
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
|
||||
|
||||
# Create a private network, which allows host-only access to the machine
|
||||
# using a specific IP.
|
||||
# config.vm.network "private_network", ip: "192.168.33.10"
|
||||
|
||||
# Create a public network, which generally matched to bridged network.
|
||||
# Bridged networks make the machine appear as another physical device on
|
||||
# your network.
|
||||
#config.vm.network "public_network", type: "dhcp"
|
||||
|
||||
# Share an additional folder to the guest VM. The first argument is
|
||||
# the path on the host to the actual folder. The second argument is
|
||||
# the path on the guest to mount the folder. And the optional third
|
||||
# argument is a set of non-required options.
|
||||
# config.vm.synced_folder "../data", "/vagrant_data"
|
||||
|
||||
# Provider-specific configuration so you can fine-tune various
|
||||
# backing providers for Vagrant. These expose provider-specific options.
|
||||
# Example for VirtualBox:
|
||||
#
|
||||
config.vm.provider "virtualbox" do |vb|
|
||||
# Display the VirtualBox GUI when booting the machine
|
||||
vb.gui = false
|
||||
|
||||
# Customize the amount of memory on the VM:
|
||||
vb.memory = "512"
|
||||
vb.cpus = 1
|
||||
|
||||
vb.name = "1804"
|
||||
|
||||
vb.customize ["modifyvm", "1804", "--natdnshostresolver1", "on"]
|
||||
vb.customize ["modifyvm", "1804", "--natdnsproxy1", "on"]
|
||||
end
|
||||
#
|
||||
# View the documentation for the provider you are using for more
|
||||
# information on available options.
|
||||
|
||||
# Enable provisioning with a shell script. Additional provisioners such as
|
||||
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
|
||||
# documentation for more information about their specific syntax and use.
|
||||
config.vm.provision "shell", inline: <<-SHELL
|
||||
#apt-get update
|
||||
#sudo apt update
|
||||
#sudo apt upgrade
|
||||
|
||||
SHELL
|
||||
end
|
4230
ansible-vars.all
Normal file
4230
ansible-vars.all
Normal file
File diff suppressed because it is too large
Load Diff
@ -11,7 +11,7 @@
|
||||
|
||||
# some basic default values...
|
||||
|
||||
inventory = ./hosts.d/
|
||||
inventory = ./hosts
|
||||
library = /usr/share/my_modules/
|
||||
module_utils = /usr/share/my_module_utils/
|
||||
remote_tmp = ~/.ansible/tmp
|
||||
@ -137,7 +137,7 @@ roles_path = ./roles/:/etc/ansible/roles
|
||||
|
||||
# If set, configures the path to the Vault password file as an alternative to
|
||||
# specifying --vault-password-file on the command line.
|
||||
#vault_password_file = /path/to/vault_password_file
|
||||
#vault_password_file = ./.ansible_vault
|
||||
|
||||
# format of string {{ ansible_managed }} available within Jinja2
|
||||
# templates indicates to users editing templates files will be replaced.
|
||||
|
46
dev.yml
Normal file
46
dev.yml
Normal file
@ -0,0 +1,46 @@
|
||||
---
|
||||
all:
|
||||
hosts:
|
||||
dmi-dev01:
|
||||
children:
|
||||
linux:
|
||||
hosts:
|
||||
172.20.0.142:
|
||||
vars:
|
||||
ansible_user: ansible
|
||||
ansible_connection: ssh
|
||||
ansible_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33353561613531336536313335356236643530346538373638653330306636386435633965336136
|
||||
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
|
||||
66323434636365303335326133396137393031396531313533326263363066636237313139353538
|
||||
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
|
||||
3439
|
||||
ansible_become_method: sudo
|
||||
ansible_become_pass: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33353561613531336536313335356236643530346538373638653330306636386435633965336136
|
||||
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
|
||||
66323434636365303335326133396137393031396531313533326263363066636237313139353538
|
||||
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
|
||||
3439
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
windows:
|
||||
hosts:
|
||||
dmi-dev01:
|
||||
vars:
|
||||
ansible_user: svcansible
|
||||
ansible_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33353561613531336536313335356236643530346538373638653330306636386435633965336136
|
||||
3464366635373661383466333464663238663565343839310a376666386237313566386235633739
|
||||
66323434636365303335326133396137393031396531313533326263363066636237313139353538
|
||||
6134616232336365610a363033343639616563316330363966326330646162613034633532366230
|
||||
3439
|
||||
ansible_connection: winrm
|
||||
ansible_port: 5985
|
||||
ansible_winrm_scheme: http
|
||||
ansible_winrm_transport: ntlm
|
||||
ansible_winrm_server_cert_validation: ignore
|
||||
|
||||
|
@ -1,21 +0,0 @@
|
||||
[linux]
|
||||
192.168.0.60
|
||||
|
||||
[linux:vars]
|
||||
ansible_user=ansible
|
||||
ansible_connection=ssh
|
||||
ansible_password=
|
||||
ansible_become_method=sudo
|
||||
ansible_become_pass=
|
||||
#ansible_python_interpreter=/usr/bin/python3
|
||||
|
||||
[windows]
|
||||
192.168.0.2
|
||||
|
||||
[windows:vars]
|
||||
ansible_user=ansible
|
||||
ansible_password=
|
||||
ansible_connection=winrm
|
||||
ansible_port=5986
|
||||
ansible_winrm_scheme=https
|
||||
ansible_winrm_server_cert_validation=ignore
|
@ -1,4 +0,0 @@
|
||||
# Jenkins
|
||||
|
||||
This is a folder that contains playbooks that will executed with Jenkins when code is pushed to master.
|
||||
|
@ -1,17 +0,0 @@
|
||||
|
||||
---
|
||||
|
||||
- name: enable
|
||||
hosts: linux
|
||||
|
||||
tasks:
|
||||
# https://galaxy.ansible.com/jnv/unattended-upgrades
|
||||
- name: unattended-upgrades
|
||||
become: true
|
||||
include_role:
|
||||
name: jnv.unattended-upgrades
|
||||
vars:
|
||||
#unattended_package_blacklist: []
|
||||
unattended_automatic_reboot: true
|
||||
|
||||
|
16
playbook/debug/debugDumpAnsibleVars.yml
Normal file
16
playbook/debug/debugDumpAnsibleVars.yml
Normal file
@ -0,0 +1,16 @@
|
||||
|
||||
- name: Export all vars
|
||||
hosts: osx
|
||||
|
||||
tasks:
|
||||
- name: Dump all vars
|
||||
template:
|
||||
src: dumpall.j2
|
||||
dest: /tmp/ansible-vars.all
|
||||
|
||||
- name: Copy new file to host
|
||||
fetch:
|
||||
src: /tmp/ansible-vars.all
|
||||
dest: ansible-vars.all
|
||||
flat: yes
|
||||
|
19
playbook/debug/dumpall.j2
Normal file
19
playbook/debug/dumpall.j2
Normal file
@ -0,0 +1,19 @@
|
||||
Module Variables ("vars"):
|
||||
--------------------------------
|
||||
{{ vars | to_nice_json }}
|
||||
|
||||
Environment Variables ("environment"):
|
||||
--------------------------------
|
||||
{{ environment | to_nice_json }}
|
||||
|
||||
GROUP NAMES Variables ("group_names"):
|
||||
--------------------------------
|
||||
{{ group_names | to_nice_json }}
|
||||
|
||||
GROUPS Variables ("groups"):
|
||||
--------------------------------
|
||||
{{ groups | to_nice_json }}
|
||||
|
||||
HOST Variables ("hostvars"):
|
||||
--------------------------------
|
||||
{{ hostvars | to_nice_json }}
|
48
playbook/linux/install-awx.yml
Normal file
48
playbook/linux/install-awx.yml
Normal file
@ -0,0 +1,48 @@
|
||||
---
|
||||
- hosts: linux
|
||||
become: yes
|
||||
|
||||
vars:
|
||||
nodejs_version: "6.x"
|
||||
pip_install_packages:
|
||||
- name: docker-compose
|
||||
- name: docker
|
||||
awx_run_install_playbook: yes
|
||||
|
||||
pre_tasks:
|
||||
# Note: First time running this I had to go and manually remove the pip docker modules.
|
||||
# For some reason the playbook was failing to do this for me.
|
||||
# Once I did that, AWX installed.
|
||||
- name: install pip3
|
||||
apt:
|
||||
name: python3-pip
|
||||
state: present
|
||||
|
||||
- name: pip3 remove docker
|
||||
pip:
|
||||
name: docker
|
||||
state: absent
|
||||
executable: pip3
|
||||
|
||||
- name: pip3 install docker-py
|
||||
pip:
|
||||
name: docker-py
|
||||
state: absent
|
||||
executable: pip3
|
||||
|
||||
- name: pip remove docker
|
||||
pip:
|
||||
name: docker
|
||||
state: absent
|
||||
executable: pip
|
||||
|
||||
|
||||
|
||||
roles:
|
||||
#- geerlingguy.repo-epel
|
||||
- geerlingguy.git
|
||||
- geerlingguy.ansible
|
||||
- geerlingguy.docker
|
||||
- geerlingguy.pip
|
||||
- geerlingguy.nodejs
|
||||
- geerlingguy.awx
|
@ -10,6 +10,12 @@
|
||||
import_role:
|
||||
name: geerlingguy.java
|
||||
|
||||
- name: Backup Jenkins Jobs
|
||||
become: yes
|
||||
fetch:
|
||||
src: /var/lib/jenkins/jobs/
|
||||
dest: ./jenkins/jobs/
|
||||
|
||||
- name: Install Jenkins
|
||||
become: yes
|
||||
import_role:
|
||||
|
68
playbook/macos/installDevTools.yml
Normal file
68
playbook/macos/installDevTools.yml
Normal file
@ -0,0 +1,68 @@
|
||||
---
|
||||
|
||||
- name: Install MacOS Dev Tools
|
||||
hosts: osx
|
||||
|
||||
tasks:
|
||||
- name: Install python3 dev
|
||||
homebrew:
|
||||
name: python3
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: Install pipenv
|
||||
homebrew:
|
||||
name: pipenv
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: Install VisualStudioCode
|
||||
homebrew_cask:
|
||||
name: visual-studio-code
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: Install vagrant
|
||||
homebrew_cask:
|
||||
name: vagrant
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: Install amethyst
|
||||
homebrew_cask:
|
||||
name: amethyst
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: Install docker
|
||||
homebrew_cask:
|
||||
name: docker
|
||||
state: present
|
||||
when: ansible_distribution == "MacOSX"
|
||||
|
||||
- name: remove cask - darktable
|
||||
homebrew_cask:
|
||||
name: darktable
|
||||
state: absent
|
||||
when: ansible_distribution == 'MacOSX'
|
||||
|
||||
#TODO The job seems to stop here for some reason
|
||||
- name: remove cask - dotnet-sdk
|
||||
homebrew_cask:
|
||||
name: dotnet-sdk
|
||||
state: absent
|
||||
when: ansible_distribution == 'MacOSX'
|
||||
|
||||
- name: remove cask - visual-studio
|
||||
homebrew_cask:
|
||||
name: visual-studio
|
||||
state: absent
|
||||
when: ansible_distribution == 'MacOSX'
|
||||
|
||||
- name: remove cask - rider
|
||||
homebrew_cask:
|
||||
name: rider
|
||||
state: absent
|
||||
when: ansible_distribution == 'MacOSX'
|
||||
|
||||
|
3
roles/geerlingguy.ansible/.gitignore
vendored
Normal file
3
roles/geerlingguy.ansible/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*.retry
|
||||
*/__pycache__
|
||||
*.pyc
|
32
roles/geerlingguy.ansible/.travis.yml
Normal file
32
roles/geerlingguy.ansible/.travis.yml
Normal file
@ -0,0 +1,32 @@
|
||||
---
|
||||
language: python
|
||||
services: docker
|
||||
|
||||
env:
|
||||
global:
|
||||
- ROLE_NAME: ansible
|
||||
matrix:
|
||||
- MOLECULE_DISTRO: centos7
|
||||
- MOLECULE_DISTRO: fedora29
|
||||
- MOLECULE_DISTRO: ubuntu1804
|
||||
- MOLECULE_DISTRO: debian9
|
||||
|
||||
- MOLECULE_DISTRO: centos7
|
||||
MOLECULE_PLAYBOOK: playbook-pip.yml
|
||||
|
||||
install:
|
||||
# Install test dependencies.
|
||||
- pip install molecule docker
|
||||
|
||||
before_script:
|
||||
# Use actual Ansible Galaxy role name for the project directory.
|
||||
- cd ../
|
||||
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
|
||||
- cd geerlingguy.$ROLE_NAME
|
||||
|
||||
script:
|
||||
# Run tests.
|
||||
- molecule test
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
20
roles/geerlingguy.ansible/LICENSE
Normal file
20
roles/geerlingguy.ansible/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Jeff Geerling
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
51
roles/geerlingguy.ansible/README.md
Normal file
51
roles/geerlingguy.ansible/README.md
Normal file
@ -0,0 +1,51 @@
|
||||
# Ansible Role: Ansible
|
||||
|
||||
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-ansible.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-ansible)
|
||||
|
||||
An Ansible Role that installs Ansible on Linux servers.
|
||||
|
||||
## Requirements
|
||||
|
||||
If using on a RedHat/CentOS-based host, make sure you've added the EPEL repository (it can easily be installed by including the `geerlingguy.repo-epel` role on Ansible Galaxy).
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`):
|
||||
|
||||
ansible_install_method: package
|
||||
|
||||
Whether to install Ansible via the system `package` manager (`apt`, `yum`, `dnf`, etc.), or via `pip`. If set to `pip`, you need to make sure Pip is installed prior to running this role. You can use the `geerlingguy.pip` module to install Pip easily.
|
||||
|
||||
ansible_install_version_pip: ''
|
||||
|
||||
If `ansible_install_method` is set to `pip`, the specific Ansible version to be installed via Pip. If not set, the latest version of Ansible will be installed.
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
Install from the system package manager:
|
||||
|
||||
- hosts: servers
|
||||
roles:
|
||||
- role: geerlingguy.ansible
|
||||
|
||||
Install from pip:
|
||||
|
||||
- hosts: servers
|
||||
vars:
|
||||
ansible_install_method: pip
|
||||
ansible_install_version_pip: "2.7.0"
|
||||
roles:
|
||||
- role: geerlingguy.pip
|
||||
- role: geerlingguy.ansible
|
||||
|
||||
## License
|
||||
|
||||
MIT / BSD
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
|
8
roles/geerlingguy.ansible/defaults/main.yml
Normal file
8
roles/geerlingguy.ansible/defaults/main.yml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
ansible_default_release: ""
|
||||
|
||||
# Valid options include: 'package' or 'pip'.
|
||||
ansible_install_method: package
|
||||
|
||||
# Used only if ansible_install_method is 'pip'. If empty, defaults to latest.
|
||||
ansible_install_version_pip: ''
|
2
roles/geerlingguy.ansible/meta/.galaxy_install_info
Normal file
2
roles/geerlingguy.ansible/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: Tue May 14 21:40:21 2019
|
||||
version: 2.0.1
|
30
roles/geerlingguy.ansible/meta/main.yml
Normal file
30
roles/geerlingguy.ansible/meta/main.yml
Normal file
@ -0,0 +1,30 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author: geerlingguy
|
||||
description: Ansible for RedHat/CentOS/Debian/Ubuntu.
|
||||
company: "Midwestern Mac, LLC"
|
||||
license: "license (BSD, MIT)"
|
||||
min_ansible_version: 2.4
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 6
|
||||
- 7
|
||||
- name: Fedora
|
||||
versions:
|
||||
- all
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- system
|
||||
- packaging
|
||||
- development
|
||||
- cloud
|
||||
- ansible
|
||||
- automation
|
29
roles/geerlingguy.ansible/molecule/default/molecule.yml
Normal file
29
roles/geerlingguy.ansible/molecule/default/molecule.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
lint:
|
||||
name: yamllint
|
||||
options:
|
||||
config-file: molecule/default/yaml-lint.yml
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
lint:
|
||||
name: ansible-lint
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
|
||||
scenario:
|
||||
name: default
|
||||
verifier:
|
||||
name: testinfra
|
||||
lint:
|
||||
name: flake8
|
12
roles/geerlingguy.ansible/molecule/default/playbook-pip.yml
Normal file
12
roles/geerlingguy.ansible/molecule/default/playbook-pip.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
vars:
|
||||
ansible_install_method: pip
|
||||
ansible_install_version_pip: "2.6.2"
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.pip
|
||||
- role: geerlingguy.ansible
|
7
roles/geerlingguy.ansible/molecule/default/playbook.yml
Normal file
7
roles/geerlingguy.ansible/molecule/default/playbook.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.ansible
|
@ -0,0 +1,2 @@
|
||||
---
|
||||
- role: geerlingguy.pip
|
@ -0,0 +1,14 @@
|
||||
import os
|
||||
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
||||
|
||||
|
||||
def test_hosts_file(host):
|
||||
f = host.file('/etc/hosts')
|
||||
|
||||
assert f.exists
|
||||
assert f.user == 'root'
|
||||
assert f.group == 'root'
|
6
roles/geerlingguy.ansible/molecule/default/yaml-lint.yml
Normal file
6
roles/geerlingguy.ansible/molecule/default/yaml-lint.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
extends: default
|
||||
rules:
|
||||
line-length:
|
||||
max: 120
|
||||
level: warning
|
27
roles/geerlingguy.ansible/tasks/main.yml
Normal file
27
roles/geerlingguy.ansible/tasks/main.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
- name: Set the package state based on how Ansible is installed.
|
||||
set_fact:
|
||||
ansible_package_state: "{{ 'present' if ansible_install_method == 'package' else 'absent' }}"
|
||||
|
||||
# Setup/install tasks.
|
||||
- name: Set up Ansible on RedHat.
|
||||
include_tasks: setup-RedHat.yml
|
||||
when:
|
||||
- ansible_os_family == 'RedHat'
|
||||
- ansible_distribution != 'Fedora'
|
||||
|
||||
- name: Set up Ansible on Fedora.
|
||||
include_tasks: setup-Fedora.yml
|
||||
when: ansible_distribution == 'Fedora'
|
||||
|
||||
- name: Set up Ansible on Ubuntu.
|
||||
include_tasks: setup-Ubuntu.yml
|
||||
when: ansible_distribution == 'Ubuntu'
|
||||
|
||||
- name: Set up Ansible on Debian.
|
||||
include_tasks: setup-Debian.yml
|
||||
when: ansible_distribution == 'Debian'
|
||||
|
||||
- name: Set up Ansible using Pip.
|
||||
include_tasks: setup-pip.yml
|
||||
when: ansible_install_method == 'pip'
|
23
roles/geerlingguy.ansible/tasks/setup-Debian.yml
Normal file
23
roles/geerlingguy.ansible/tasks/setup-Debian.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
- name: Enable Backports repository.
|
||||
apt_repository:
|
||||
repo: >-
|
||||
deb http://ftp.debian.org/debian
|
||||
{{ ansible_distribution_release }}-backports main'
|
||||
state: present
|
||||
filename: "{{ ansible_distribution_release }}_backports"
|
||||
when: ansible_distribution_version | int < 9
|
||||
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=86400
|
||||
|
||||
- name: Set the default_release option for older Debian versions.
|
||||
set_fact:
|
||||
ansible_default_release: "{{ ansible_distribution_release }}-backports"
|
||||
when: ansible_distribution_version | int < 9
|
||||
|
||||
- name: Install Ansible.
|
||||
apt:
|
||||
name: ansible
|
||||
state: "{{ ansible_package_state }}"
|
||||
default_release: "{{ ansible_default_release }}"
|
5
roles/geerlingguy.ansible/tasks/setup-Fedora.yml
Normal file
5
roles/geerlingguy.ansible/tasks/setup-Fedora.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Install Ansible.
|
||||
package:
|
||||
name: ansible
|
||||
state: "{{ ansible_package_state }}"
|
6
roles/geerlingguy.ansible/tasks/setup-RedHat.yml
Normal file
6
roles/geerlingguy.ansible/tasks/setup-RedHat.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: Install Ansible.
|
||||
yum:
|
||||
name: ansible
|
||||
state: "{{ ansible_package_state }}"
|
||||
enablerepo: epel
|
11
roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml
Normal file
11
roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
- name: Add ansible repository.
|
||||
apt_repository: repo='ppa:ansible/ansible'
|
||||
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=86400
|
||||
|
||||
- name: Install Ansible.
|
||||
apt:
|
||||
name: ansible
|
||||
state: "{{ ansible_package_state }}"
|
5
roles/geerlingguy.ansible/tasks/setup-pip.yml
Normal file
5
roles/geerlingguy.ansible/tasks/setup-pip.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Install Ansible via Pip.
|
||||
pip:
|
||||
name: ansible
|
||||
version: "{{ ansible_install_version_pip | default(omit) }}"
|
2
roles/geerlingguy.awx/.gitignore
vendored
Normal file
2
roles/geerlingguy.awx/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
*.retry
|
||||
tests/test.sh
|
22
roles/geerlingguy.awx/.travis.yml
Normal file
22
roles/geerlingguy.awx/.travis.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
services: docker
|
||||
|
||||
env:
|
||||
- distro: centos7
|
||||
- distro: ubuntu1604
|
||||
- distro: debian9
|
||||
|
||||
# Test without running the full playbook.
|
||||
- distro: centos7
|
||||
playbook: test-no-playbook.yml
|
||||
|
||||
script:
|
||||
# Download test shim.
|
||||
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
|
||||
- chmod +x ${PWD}/tests/test.sh
|
||||
|
||||
# Run tests (increasing the travis_wait timeout).
|
||||
- tests/custom_travis_wait.sh ${PWD}/tests/test.sh
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
20
roles/geerlingguy.awx/LICENSE
Normal file
20
roles/geerlingguy.awx/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Jeff Geerling
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
68
roles/geerlingguy.awx/README.md
Normal file
68
roles/geerlingguy.awx/README.md
Normal file
@ -0,0 +1,68 @@
|
||||
# Ansible Role: AWX (open source Ansible Tower)
|
||||
|
||||
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-awx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-awx)
|
||||
|
||||
Installs and configures [AWX](https://github.com/ansible/awx), the open source version of [Ansible Tower](https://www.ansible.com/tower).
|
||||
|
||||
## Requirements
|
||||
|
||||
Before this role runs, assuming you want the role to completely set up AWX using it's included installer, you need to make sure the following AWX dependencies are installed:
|
||||
|
||||
| Dependency | Suggested Role |
|
||||
| ----------------------------- | ------------------------ |
|
||||
| EPEL repo (RedHat OSes only) | `geerlingguy.repo-epel` |
|
||||
| Git | `geerlingguy.git` |
|
||||
| Ansible | `geerlingguy.ansible` |
|
||||
| Docker | `geerlingguy.docker` |
|
||||
| Python Pip | `geerlingguy.pip` |
|
||||
| Node.js (6.x) | `geerlingguy.nodejs` |
|
||||
|
||||
See this role's `tests/test.yml` playbook for an example that works across many different OSes.
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`):
|
||||
|
||||
awx_repo: https://github.com/ansible/awx.git
|
||||
awx_repo_dir: "~/awx"
|
||||
awx_version: devel
|
||||
awx_keep_updated: yes
|
||||
|
||||
Variables to control what version of AWX is checked out and installed.
|
||||
|
||||
awx_run_install_playbook: yes
|
||||
|
||||
By default, this role will run the installation playbook included with AWX (which builds a set of containers and runs them). You can disable the playbook run by setting this variable to `no`.
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
- hosts: awx-centos
|
||||
become: yes
|
||||
|
||||
vars:
|
||||
nodejs_version: "6.x"
|
||||
pip_install_packages:
|
||||
- name: docker-py
|
||||
|
||||
roles:
|
||||
- geerlingguy.repo-epel
|
||||
- geerlingguy.git
|
||||
- geerlingguy.ansible
|
||||
- geerlingguy.docker
|
||||
- geerlingguy.pip
|
||||
- geerlingguy.nodejs
|
||||
- geerlingguy.awx
|
||||
|
||||
After AWX is installed, you can log in with the default username `admin` and password `password`.
|
||||
|
||||
## License
|
||||
|
||||
MIT / BSD
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
|
7
roles/geerlingguy.awx/defaults/main.yml
Normal file
7
roles/geerlingguy.awx/defaults/main.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
awx_repo: https://github.com/ansible/awx.git
|
||||
awx_repo_dir: "~/awx"
|
||||
awx_version: devel
|
||||
awx_keep_updated: yes
|
||||
awx_run_install_playbook: yes
|
||||
postgres_data_dir: /var/lib/pgdocker
|
2
roles/geerlingguy.awx/meta/.galaxy_install_info
Normal file
2
roles/geerlingguy.awx/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: Fri Oct 18 19:16:41 2019
|
||||
version: 1.2.0
|
32
roles/geerlingguy.awx/meta/main.yml
Normal file
32
roles/geerlingguy.awx/meta/main.yml
Normal file
@ -0,0 +1,32 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author: geerlingguy
|
||||
description: "Installs and configures AWX (Ansible Tower's open source version)."
|
||||
company: "Midwestern Mac, LLC"
|
||||
license: "license (BSD, MIT)"
|
||||
min_ansible_version: 2.0
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
- name: Fedora
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- automation
|
||||
- system
|
||||
- web
|
||||
- django
|
||||
- awx
|
||||
- tower
|
||||
- playbook
|
||||
- ci
|
||||
- cd
|
12
roles/geerlingguy.awx/tasks/awx-install-playbook.yml
Normal file
12
roles/geerlingguy.awx/tasks/awx-install-playbook.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Run the AWX installation playbook.
|
||||
command: "ansible-playbook -i inventory install.yml -e postgres_data_dir={{ postgres_data_dir }}"
|
||||
args:
|
||||
chdir: "{{ awx_repo_dir }}/installer"
|
||||
creates: /etc/awx_playbook_complete
|
||||
|
||||
- name: Create a file to mark whether this playbook has completed.
|
||||
file:
|
||||
path: /etc/awx_playbook_complete
|
||||
state: touch
|
||||
changed_when: False
|
21
roles/geerlingguy.awx/tasks/main.yml
Normal file
21
roles/geerlingguy.awx/tasks/main.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
- name: Include OS-specific variables.
|
||||
include_vars: "{{ ansible_os_family }}.yml"
|
||||
|
||||
- name: Install AWX dependencies.
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ awx_package_dependencies }}"
|
||||
|
||||
- name: Clone AWX into configured directory.
|
||||
git:
|
||||
repo: "{{ awx_repo }}"
|
||||
dest: "{{ awx_repo_dir }}"
|
||||
version: "{{ awx_version }}"
|
||||
update: "{{ awx_keep_updated }}"
|
||||
force: yes
|
||||
accept_hostkey: yes
|
||||
|
||||
- include: awx-install-playbook.yml
|
||||
when: awx_run_install_playbook
|
11
roles/geerlingguy.awx/tests/README.md
Normal file
11
roles/geerlingguy.awx/tests/README.md
Normal file
@ -0,0 +1,11 @@
|
||||
# Ansible Role tests
|
||||
|
||||
To run the test playbook(s) in this directory:
|
||||
|
||||
1. Install and start Docker.
|
||||
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
|
||||
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
|
||||
1. Make the test shim executable: `chmod +x tests/test.sh`.
|
||||
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
|
||||
|
||||
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`
|
26
roles/geerlingguy.awx/tests/custom_travis_wait.sh
Executable file
26
roles/geerlingguy.awx/tests/custom_travis_wait.sh
Executable file
@ -0,0 +1,26 @@
|
||||
#!/usr/bin/env bash
|
||||
# Add a custom wait time (limit value, in seconds).
|
||||
#
|
||||
# Chose to use a custom script instead of travis_wait, since travis_wait eats
|
||||
# logged output then spits it out at the end.
|
||||
|
||||
set -e
|
||||
set -u
|
||||
|
||||
command=$1
|
||||
|
||||
# Launch command in the background.
|
||||
${command} &
|
||||
|
||||
# Ping every second.
|
||||
seconds=0
|
||||
limit=45*60
|
||||
while kill -0 $! >/dev/null 2>&1;
|
||||
do
|
||||
echo -n -e " \b"
|
||||
if [ $seconds == $limit ]; then
|
||||
break;
|
||||
fi
|
||||
seconds=$((seconds + 1))
|
||||
sleep 1
|
||||
done
|
7
roles/geerlingguy.awx/tests/requirements.yml
Normal file
7
roles/geerlingguy.awx/tests/requirements.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- src: geerlingguy.repo-epel
|
||||
- src: geerlingguy.git
|
||||
- src: geerlingguy.ansible
|
||||
- src: geerlingguy.docker
|
||||
- src: geerlingguy.pip
|
||||
- src: geerlingguy.nodejs
|
15
roles/geerlingguy.awx/tests/test-no-playbook.yml
Normal file
15
roles/geerlingguy.awx/tests/test-no-playbook.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
- hosts: all
|
||||
|
||||
vars:
|
||||
awx_run_install_playbook: no
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=yes cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
changed_when: false
|
||||
|
||||
roles:
|
||||
- geerlingguy.git
|
||||
- role_under_test
|
23
roles/geerlingguy.awx/tests/test.yml
Normal file
23
roles/geerlingguy.awx/tests/test.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
- hosts: all
|
||||
|
||||
vars:
|
||||
nodejs_version: "6.x"
|
||||
pip_install_packages:
|
||||
- name: docker-py
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=yes cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
changed_when: false
|
||||
|
||||
roles:
|
||||
- name: geerlingguy.repo-epel
|
||||
when: ansible_os_family == "RedHat"
|
||||
- geerlingguy.git
|
||||
- geerlingguy.ansible
|
||||
- geerlingguy.docker
|
||||
- geerlingguy.pip
|
||||
- geerlingguy.nodejs
|
||||
- role_under_test
|
6
roles/geerlingguy.awx/vars/Debian.yml
Normal file
6
roles/geerlingguy.awx/vars/Debian.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
awx_package_dependencies:
|
||||
- build-essential
|
||||
- gettext
|
||||
- g++
|
||||
- bzip2
|
6
roles/geerlingguy.awx/vars/RedHat.yml
Normal file
6
roles/geerlingguy.awx/vars/RedHat.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
awx_package_dependencies:
|
||||
- '@Development tools'
|
||||
- gettext
|
||||
- gcc-c++
|
||||
- bzip2
|
3
roles/geerlingguy.docker/.gitignore
vendored
Normal file
3
roles/geerlingguy.docker/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*.retry
|
||||
*/__pycache__
|
||||
*.pyc
|
31
roles/geerlingguy.docker/.travis.yml
Normal file
31
roles/geerlingguy.docker/.travis.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
language: python
|
||||
services: docker
|
||||
|
||||
env:
|
||||
global:
|
||||
- ROLE_NAME: docker
|
||||
matrix:
|
||||
- MOLECULE_DISTRO: centos7
|
||||
- MOLECULE_DISTRO: ubuntu1804
|
||||
- MOLECULE_DISTRO: ubuntu1604
|
||||
- MOLECULE_DISTRO: ubuntu1404
|
||||
- MOLECULE_DISTRO: debian9
|
||||
- MOLECULE_DISTRO: fedora27
|
||||
|
||||
install:
|
||||
# Install test dependencies.
|
||||
- pip install molecule docker
|
||||
|
||||
before_script:
|
||||
# Use actual Ansible Galaxy role name for the project directory.
|
||||
- cd ../
|
||||
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
|
||||
- cd geerlingguy.$ROLE_NAME
|
||||
|
||||
script:
|
||||
# Run tests.
|
||||
- molecule test
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
20
roles/geerlingguy.docker/LICENSE
Normal file
20
roles/geerlingguy.docker/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Jeff Geerling
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
89
roles/geerlingguy.docker/README.md
Normal file
89
roles/geerlingguy.docker/README.md
Normal file
@ -0,0 +1,89 @@
|
||||
# Ansible Role: Docker
|
||||
|
||||
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-docker.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-docker)
|
||||
|
||||
An Ansible Role that installs [Docker](https://www.docker.com) on Linux.
|
||||
|
||||
## Requirements
|
||||
|
||||
None.
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`):
|
||||
|
||||
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
|
||||
docker_edition: 'ce'
|
||||
docker_package: "docker-{{ docker_edition }}"
|
||||
docker_package_state: present
|
||||
|
||||
The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: `docker-{{ docker_edition }}-<VERSION>`; Debian/Ubuntu: `docker-{{ docker_edition }}=<VERSION>`.
|
||||
|
||||
You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).
|
||||
|
||||
docker_service_state: started
|
||||
docker_service_enabled: true
|
||||
docker_restart_handler_state: restarted
|
||||
|
||||
Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`.
|
||||
|
||||
docker_install_compose: true
|
||||
docker_compose_version: "1.22.0"
|
||||
docker_compose_path: /usr/local/bin/docker-compose
|
||||
|
||||
Docker Compose installation options.
|
||||
|
||||
docker_apt_release_channel: stable
|
||||
docker_apt_arch: amd64
|
||||
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
|
||||
docker_apt_ignore_key_error: True
|
||||
|
||||
(Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release.
|
||||
|
||||
docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo
|
||||
docker_yum_repo_enable_edge: 0
|
||||
docker_yum_repo_enable_test: 0
|
||||
|
||||
(Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`.
|
||||
|
||||
docker_users:
|
||||
- user1
|
||||
- user2
|
||||
|
||||
A list of system users to be added to the `docker` group (so they can use Docker on the server).
|
||||
|
||||
## Use with Ansible (and `docker` Python library)
|
||||
|
||||
Many users of this role wish to also use Ansible to then _build_ Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the `docker` Python library using the `geerlingguy.pip` role:
|
||||
|
||||
```yaml
|
||||
- hosts: all
|
||||
|
||||
vars:
|
||||
pip_install_packages:
|
||||
- name: docker
|
||||
|
||||
roles:
|
||||
- geerlingguy.pip
|
||||
- geerlingguy.docker
|
||||
```
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```yaml
|
||||
- hosts: all
|
||||
roles:
|
||||
- geerlingguy.docker
|
||||
```
|
||||
|
||||
## License
|
||||
|
||||
MIT / BSD
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
|
29
roles/geerlingguy.docker/defaults/main.yml
Normal file
29
roles/geerlingguy.docker/defaults/main.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
|
||||
docker_edition: 'ce'
|
||||
docker_package: "docker-{{ docker_edition }}"
|
||||
docker_package_state: present
|
||||
|
||||
# Service options.
|
||||
docker_service_state: started
|
||||
docker_service_enabled: true
|
||||
docker_restart_handler_state: restarted
|
||||
|
||||
# Docker Compose options.
|
||||
docker_install_compose: true
|
||||
docker_compose_version: "1.24.1"
|
||||
docker_compose_path: /usr/local/bin/docker-compose
|
||||
|
||||
# Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed.
|
||||
docker_apt_release_channel: stable
|
||||
docker_apt_arch: amd64
|
||||
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
|
||||
docker_apt_ignore_key_error: true
|
||||
|
||||
# Used only for RedHat/CentOS/Fedora.
|
||||
docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo
|
||||
docker_yum_repo_enable_edge: 0
|
||||
docker_yum_repo_enable_test: 0
|
||||
|
||||
# A list of users who will be added to the docker group.
|
||||
docker_users: []
|
3
roles/geerlingguy.docker/handlers/main.yml
Normal file
3
roles/geerlingguy.docker/handlers/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
- name: restart docker
|
||||
service: "name=docker state={{ docker_restart_handler_state }}"
|
2
roles/geerlingguy.docker/meta/.galaxy_install_info
Normal file
2
roles/geerlingguy.docker/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: Sun Oct 20 01:52:19 2019
|
||||
version: 2.5.3
|
34
roles/geerlingguy.docker/meta/main.yml
Normal file
34
roles/geerlingguy.docker/meta/main.yml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author: geerlingguy
|
||||
description: Docker for Linux.
|
||||
company: "Midwestern Mac, LLC"
|
||||
license: "license (BSD, MIT)"
|
||||
min_ansible_version: 2.4
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 6
|
||||
- 7
|
||||
- name: Fedora
|
||||
versions:
|
||||
- all
|
||||
- name: Debian
|
||||
versions:
|
||||
- jessie
|
||||
- stretch
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- trusty
|
||||
- xenial
|
||||
- bionic
|
||||
galaxy_tags:
|
||||
- web
|
||||
- system
|
||||
- containers
|
||||
- docker
|
||||
- orchestration
|
||||
- compose
|
||||
- server
|
29
roles/geerlingguy.docker/molecule/default/molecule.yml
Normal file
29
roles/geerlingguy.docker/molecule/default/molecule.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
lint:
|
||||
name: yamllint
|
||||
options:
|
||||
config-file: molecule/default/yaml-lint.yml
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
lint:
|
||||
name: ansible-lint
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
|
||||
scenario:
|
||||
name: default
|
||||
verifier:
|
||||
name: testinfra
|
||||
lint:
|
||||
name: flake8
|
12
roles/geerlingguy.docker/molecule/default/playbook.yml
Normal file
12
roles/geerlingguy.docker/molecule/default/playbook.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=yes cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.docker
|
6
roles/geerlingguy.docker/molecule/default/yaml-lint.yml
Normal file
6
roles/geerlingguy.docker/molecule/default/yaml-lint.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
extends: default
|
||||
rules:
|
||||
line-length:
|
||||
max: 200
|
||||
level: warning
|
16
roles/geerlingguy.docker/tasks/docker-1809-shim.yml
Normal file
16
roles/geerlingguy.docker/tasks/docker-1809-shim.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
- name: Ensure containerd service dir exists.
|
||||
file:
|
||||
path: /etc/systemd/system/containerd.service.d
|
||||
state: directory
|
||||
|
||||
- name: Add shim to ensure Docker can start in all environments.
|
||||
template:
|
||||
src: override.conf.j2
|
||||
dest: /etc/systemd/system/containerd.service.d/override.conf
|
||||
register: override_template
|
||||
|
||||
- name: Reload systemd daemon if template is changed.
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
when: override_template is changed
|
20
roles/geerlingguy.docker/tasks/docker-compose.yml
Normal file
20
roles/geerlingguy.docker/tasks/docker-compose.yml
Normal file
@ -0,0 +1,20 @@
|
||||
---
|
||||
- name: Check current docker-compose version.
|
||||
command: docker-compose --version
|
||||
register: docker_compose_current_version
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: Delete existing docker-compose version if it's different.
|
||||
file:
|
||||
path: "{{ docker_compose_path }}"
|
||||
state: absent
|
||||
when: >
|
||||
docker_compose_current_version.stdout is defined
|
||||
and docker_compose_version not in docker_compose_current_version.stdout
|
||||
|
||||
- name: Install Docker Compose (if configured).
|
||||
get_url:
|
||||
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
|
||||
dest: "{{ docker_compose_path }}"
|
||||
mode: 0755
|
7
roles/geerlingguy.docker/tasks/docker-users.yml
Normal file
7
roles/geerlingguy.docker/tasks/docker-users.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Ensure docker users are added to the docker group.
|
||||
user:
|
||||
name: "{{ item }}"
|
||||
groups: docker
|
||||
append: true
|
||||
with_items: "{{ docker_users }}"
|
31
roles/geerlingguy.docker/tasks/main.yml
Normal file
31
roles/geerlingguy.docker/tasks/main.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
- include_tasks: setup-RedHat.yml
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- include_tasks: setup-Debian.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Install Docker.
|
||||
package:
|
||||
name: "{{ docker_package }}"
|
||||
state: "{{ docker_package_state }}"
|
||||
notify: restart docker
|
||||
|
||||
# TODO: Remove this shim once 18.09.1 or later is released.
|
||||
- import_tasks: docker-1809-shim.yml
|
||||
when: ansible_service_mgr == 'systemd'
|
||||
|
||||
- name: Ensure Docker is started and enabled at boot.
|
||||
service:
|
||||
name: docker
|
||||
state: "{{ docker_service_state }}"
|
||||
enabled: "{{ docker_service_enabled }}"
|
||||
|
||||
- name: Ensure handlers are notified now to avoid firewall conflicts.
|
||||
meta: flush_handlers
|
||||
|
||||
- include_tasks: docker-compose.yml
|
||||
when: docker_install_compose | bool
|
||||
|
||||
- include_tasks: docker-users.yml
|
||||
when: docker_users | length > 0
|
40
roles/geerlingguy.docker/tasks/setup-Debian.yml
Normal file
40
roles/geerlingguy.docker/tasks/setup-Debian.yml
Normal file
@ -0,0 +1,40 @@
|
||||
---
|
||||
- name: Ensure old versions of Docker are not installed.
|
||||
package:
|
||||
name:
|
||||
- docker
|
||||
- docker-engine
|
||||
state: absent
|
||||
|
||||
- name: Ensure dependencies are installed.
|
||||
apt:
|
||||
name:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
state: present
|
||||
|
||||
- name: Add Docker apt key.
|
||||
apt_key:
|
||||
url: https://download.docker.com/linux/ubuntu/gpg
|
||||
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
||||
state: present
|
||||
register: add_repository_key
|
||||
ignore_errors: "{{ docker_apt_ignore_key_error }}"
|
||||
|
||||
- name: Ensure curl is present (on older systems without SNI).
|
||||
package: name=curl state=present
|
||||
when: add_repository_key is failed
|
||||
|
||||
- name: Add Docker apt key (alternative for older systems without SNI).
|
||||
shell: |
|
||||
set -o pipefail
|
||||
curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
|
||||
args:
|
||||
warn: false
|
||||
when: add_repository_key is failed
|
||||
|
||||
- name: Add Docker repository.
|
||||
apt_repository:
|
||||
repo: "{{ docker_apt_repository }}"
|
||||
state: present
|
||||
update_cache: true
|
35
roles/geerlingguy.docker/tasks/setup-RedHat.yml
Normal file
35
roles/geerlingguy.docker/tasks/setup-RedHat.yml
Normal file
@ -0,0 +1,35 @@
|
||||
---
|
||||
- name: Ensure old versions of Docker are not installed.
|
||||
package:
|
||||
name:
|
||||
- docker
|
||||
- docker-common
|
||||
- docker-engine
|
||||
state: absent
|
||||
|
||||
- name: Add Docker GPG key.
|
||||
rpm_key:
|
||||
key: https://download.docker.com/linux/centos/gpg
|
||||
state: present
|
||||
|
||||
- name: Add Docker repository.
|
||||
get_url:
|
||||
url: "{{ docker_yum_repo_url }}"
|
||||
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Configure Docker Edge repo.
|
||||
ini_file:
|
||||
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
|
||||
section: 'docker-{{ docker_edition }}-edge'
|
||||
option: enabled
|
||||
value: '{{ docker_yum_repo_enable_edge }}'
|
||||
|
||||
- name: Configure Docker Test repo.
|
||||
ini_file:
|
||||
dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
|
||||
section: 'docker-{{ docker_edition }}-test'
|
||||
option: enabled
|
||||
value: '{{ docker_yum_repo_enable_test }}'
|
3
roles/geerlingguy.docker/templates/override.conf.j2
Normal file
3
roles/geerlingguy.docker/templates/override.conf.j2
Normal file
@ -0,0 +1,3 @@
|
||||
# {{ ansible_managed }}
|
||||
[Service]
|
||||
ExecStartPre=
|
2
roles/geerlingguy.git/.ansible-lint
Normal file
2
roles/geerlingguy.git/.ansible-lint
Normal file
@ -0,0 +1,2 @@
|
||||
skip_list:
|
||||
- '204'
|
3
roles/geerlingguy.git/.gitignore
vendored
Normal file
3
roles/geerlingguy.git/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*.retry
|
||||
*/__pycache__
|
||||
*.pyc
|
34
roles/geerlingguy.git/.travis.yml
Normal file
34
roles/geerlingguy.git/.travis.yml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
language: python
|
||||
services: docker
|
||||
|
||||
env:
|
||||
global:
|
||||
- ROLE_NAME: git
|
||||
matrix:
|
||||
- MOLECULE_DISTRO: centos7
|
||||
MOLECULE_PLAYBOOK: playbook-source.yml
|
||||
- MOLECULE_DISTRO: ubuntu1804
|
||||
MOLECULE_PLAYBOOK: playbook-source.yml
|
||||
- MOLECULE_DISTRO: centos7
|
||||
- MOLECULE_DISTRO: centos6
|
||||
- MOLECULE_DISTRO: ubuntu1804
|
||||
- MOLECULE_DISTRO: ubuntu1604
|
||||
- MOLECULE_DISTRO: debian9
|
||||
|
||||
install:
|
||||
# Install test dependencies.
|
||||
- pip install molecule docker
|
||||
|
||||
before_script:
|
||||
# Use actual Ansible Galaxy role name for the project directory.
|
||||
- cd ../
|
||||
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
|
||||
- cd geerlingguy.$ROLE_NAME
|
||||
|
||||
script:
|
||||
# Run tests.
|
||||
- molecule test
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
20
roles/geerlingguy.git/LICENSE
Normal file
20
roles/geerlingguy.git/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Jeff Geerling
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
55
roles/geerlingguy.git/README.md
Normal file
55
roles/geerlingguy.git/README.md
Normal file
@ -0,0 +1,55 @@
|
||||
# Ansible Role: Git
|
||||
|
||||
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-git.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-git)
|
||||
|
||||
Installs Git, a distributed version control system, on any RHEL/CentOS or Debian/Ubuntu Linux system.
|
||||
|
||||
## Requirements
|
||||
|
||||
None.
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`):
|
||||
|
||||
workspace: /root
|
||||
|
||||
Where certain files will be downloaded and adjusted prior to git installation, if needed.
|
||||
|
||||
git_enablerepo: ""
|
||||
|
||||
This variable, a well as `git_packages`, will be used to install git via a particular `yum` repo if `git_install_from_source` is false (CentOS only). Any additional repositories you have installed that you would like to use for a newer/different Git version.
|
||||
|
||||
git_packages:
|
||||
- git
|
||||
- git-svn
|
||||
|
||||
The specific Git packages that will be installed. By default, `git-svn` is included, but you can easily add this variable to your playbook's variables and remove `git-svn` if desired.
|
||||
|
||||
git_install_from_source: false
|
||||
git_install_path: "/usr"
|
||||
git_version: "2.16.2"
|
||||
|
||||
Whether to install Git from source; if set to `true`, `git_version` is required and will be used to install a particular version of git (see all available versions here: https://www.kernel.org/pub/software/scm/git/), and `git_install_path` defines where git should be installed.
|
||||
|
||||
git_install_from_source_force_update: false
|
||||
|
||||
If git is already installed at and older version, force a new source build. Only applies if `git_install_from_source` is `true`.
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
- hosts: servers
|
||||
roles:
|
||||
- { role: geerlingguy.git }
|
||||
|
||||
## License
|
||||
|
||||
MIT / BSD
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
|
23
roles/geerlingguy.git/defaults/main.yml
Normal file
23
roles/geerlingguy.git/defaults/main.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
workspace: /root
|
||||
|
||||
# If git_install_from_source is set to false, these two variables define whether
|
||||
# to use an additional repo for the package installation, and which git packages
|
||||
# will be installed.
|
||||
git_enablerepo: ""
|
||||
git_packages:
|
||||
- git
|
||||
- git-svn
|
||||
|
||||
# If set to TRUE, git will be installed from source, using the version set with
|
||||
# the 'git_version' variable instead of using a package.
|
||||
git_install_from_source: false
|
||||
git_install_path: "/usr"
|
||||
git_version: "2.16.2"
|
||||
|
||||
# If git is already installed at and older version, force a new source build.
|
||||
# Only applies if git_install_from_source is `true`.
|
||||
git_install_from_source_force_update: false
|
||||
|
||||
# Leave this at it's default.
|
||||
git_reinstall_from_source: false
|
2
roles/geerlingguy.git/meta/.galaxy_install_info
Normal file
2
roles/geerlingguy.git/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: Sun Oct 20 01:54:10 2019
|
||||
version: 2.0.5
|
29
roles/geerlingguy.git/meta/main.yml
Normal file
29
roles/geerlingguy.git/meta/main.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author: geerlingguy
|
||||
description: Git version control software
|
||||
company: "Midwestern Mac, LLC"
|
||||
license: "license (BSD, MIT)"
|
||||
min_ansible_version: 2.4
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- all
|
||||
- name: Fedora
|
||||
versions:
|
||||
- all
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- development
|
||||
- system
|
||||
- git
|
||||
- vcs
|
||||
- source
|
||||
- code
|
29
roles/geerlingguy.git/molecule/default/molecule.yml
Normal file
29
roles/geerlingguy.git/molecule/default/molecule.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
lint:
|
||||
name: yamllint
|
||||
options:
|
||||
config-file: molecule/default/yaml-lint.yml
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
lint:
|
||||
name: ansible-lint
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
|
||||
scenario:
|
||||
name: default
|
||||
verifier:
|
||||
name: testinfra
|
||||
lint:
|
||||
name: flake8
|
18
roles/geerlingguy.git/molecule/default/playbook-source.yml
Normal file
18
roles/geerlingguy.git/molecule/default/playbook-source.yml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
vars:
|
||||
git_install_from_source: true
|
||||
git_install_from_source_force_update: true
|
||||
git_version: "2.16.2"
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
changed_when: false
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.git
|
17
roles/geerlingguy.git/molecule/default/playbook.yml
Normal file
17
roles/geerlingguy.git/molecule/default/playbook.yml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
vars:
|
||||
git_install_from_source: false
|
||||
git_install_path: /usr/local
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
changed_when: false
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.git
|
6
roles/geerlingguy.git/molecule/default/yaml-lint.yml
Normal file
6
roles/geerlingguy.git/molecule/default/yaml-lint.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
extends: default
|
||||
rules:
|
||||
line-length:
|
||||
max: 160
|
||||
level: warning
|
64
roles/geerlingguy.git/tasks/install-from-source.yml
Normal file
64
roles/geerlingguy.git/tasks/install-from-source.yml
Normal file
@ -0,0 +1,64 @@
|
||||
---
|
||||
- name: Include OS-specific variables (RedHat).
|
||||
include_vars: "{{ ansible_os_family }}.yml"
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution != "Fedora"
|
||||
|
||||
- name: Include OS-specific variables (Fedora).
|
||||
include_vars: "{{ ansible_distribution }}.yml"
|
||||
when: ansible_distribution == "Fedora"
|
||||
|
||||
- name: Include OS-specific variables (Debian).
|
||||
include_vars: "{{ ansible_os_family }}.yml"
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Define git_install_from_source_dependencies.
|
||||
set_fact:
|
||||
git_install_from_source_dependencies: "{{ __git_install_from_source_dependencies | list }}"
|
||||
when: git_install_from_source_dependencies is not defined
|
||||
|
||||
- name: Ensure git's dependencies are installed.
|
||||
package:
|
||||
name: "{{ git_install_from_source_dependencies }}"
|
||||
state: present
|
||||
|
||||
- name: Get installed version.
|
||||
command: >
|
||||
git --version
|
||||
warn=no
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
check_mode: false
|
||||
register: git_installed_version
|
||||
|
||||
- name: Force git install if the version numbers do not match.
|
||||
set_fact:
|
||||
git_reinstall_from_source: true
|
||||
when:
|
||||
- git_install_from_source_force_update | bool
|
||||
- (git_installed_version.rc == 0) and (git_installed_version.stdout | regex_replace("^.*?([0-9\.]+)$", "\\1") | version_compare(git_version, operator="!="))
|
||||
|
||||
- name: Download git.
|
||||
get_url:
|
||||
url: "https://www.kernel.org/pub/software/scm/git/git-{{ git_version }}.tar.gz"
|
||||
dest: "{{ workspace }}/git-{{ git_version }}.tar.gz"
|
||||
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
|
||||
|
||||
- name: Expand git archive.
|
||||
unarchive:
|
||||
src: "{{ workspace }}/git-{{ git_version }}.tar.gz"
|
||||
dest: "{{ workspace }}"
|
||||
creates: "{{ workspace }}/git-{{ git_version }}/README"
|
||||
copy: false
|
||||
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
|
||||
|
||||
- name: Build git.
|
||||
command: >
|
||||
make prefix={{ git_install_path }} {{ item }}
|
||||
chdir={{ workspace }}/git-{{ git_version }}
|
||||
with_items:
|
||||
- all
|
||||
- install
|
||||
when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool)
|
||||
become: true
|
24
roles/geerlingguy.git/tasks/main.yml
Normal file
24
roles/geerlingguy.git/tasks/main.yml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
- name: Ensure git is installed (RedHat).
|
||||
package:
|
||||
name: "{{ git_packages }}"
|
||||
state: present
|
||||
enablerepo: "{{ git_enablerepo | default(omit, true) }}"
|
||||
when:
|
||||
- not git_install_from_source | bool
|
||||
- ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Update apt cache (Debian).
|
||||
apt: update_cache=true cache_valid_time=86400
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure git is installed (Debian).
|
||||
apt:
|
||||
name: "{{ git_packages }}"
|
||||
state: present
|
||||
when:
|
||||
- not git_install_from_source | bool
|
||||
- ansible_os_family == 'Debian'
|
||||
|
||||
- import_tasks: install-from-source.yml
|
||||
when: git_install_from_source | bool
|
9
roles/geerlingguy.git/vars/Debian.yml
Normal file
9
roles/geerlingguy.git/vars/Debian.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
git_install_from_source_dependencies:
|
||||
- libcurl4-gnutls-dev
|
||||
- libexpat1-dev
|
||||
- gettext
|
||||
- libssl-dev
|
||||
- zlib1g-dev
|
||||
- build-essential
|
||||
- gcc
|
12
roles/geerlingguy.git/vars/Fedora.yml
Normal file
12
roles/geerlingguy.git/vars/Fedora.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
git_install_from_source_dependencies:
|
||||
- gettext-devel
|
||||
- expat-devel
|
||||
- curl-devel
|
||||
- zlib-devel
|
||||
- perl-devel
|
||||
- openssl-devel
|
||||
- subversion-perl
|
||||
- make
|
||||
- gcc
|
||||
- tar
|
11
roles/geerlingguy.git/vars/RedHat.yml
Normal file
11
roles/geerlingguy.git/vars/RedHat.yml
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
git_install_from_source_dependencies:
|
||||
- gettext-devel
|
||||
- expat-devel
|
||||
- curl-devel
|
||||
- zlib-devel
|
||||
- perl-devel
|
||||
- openssl-devel
|
||||
- subversion-perl
|
||||
- make
|
||||
- gcc
|
2
roles/geerlingguy.git/vars/main.yml
Normal file
2
roles/geerlingguy.git/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
---
|
||||
# This space intentionally left blank.
|
3
roles/geerlingguy.nodejs/.ansible-lint
Normal file
3
roles/geerlingguy.nodejs/.ansible-lint
Normal file
@ -0,0 +1,3 @@
|
||||
skip_list:
|
||||
- '405'
|
||||
- '204'
|
3
roles/geerlingguy.nodejs/.gitignore
vendored
Normal file
3
roles/geerlingguy.nodejs/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*.retry
|
||||
*/__pycache__
|
||||
*.pyc
|
34
roles/geerlingguy.nodejs/.travis.yml
Normal file
34
roles/geerlingguy.nodejs/.travis.yml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
language: python
|
||||
services: docker
|
||||
|
||||
env:
|
||||
global:
|
||||
- ROLE_NAME: nodejs
|
||||
matrix:
|
||||
- MOLECULE_DISTRO: centos7
|
||||
- MOLECULE_DISTRO: centos6
|
||||
- MOLECULE_DISTRO: ubuntu1804
|
||||
- MOLECULE_DISTRO: ubuntu1604
|
||||
- MOLECULE_DISTRO: debian9
|
||||
- MOLECULE_DISTRO: debian8
|
||||
|
||||
- MOLECULE_DISTRO: centos7
|
||||
MOLECULE_PLAYBOOK: playbook-latest.yml
|
||||
|
||||
install:
|
||||
# Install test dependencies.
|
||||
- pip install molecule docker
|
||||
|
||||
before_script:
|
||||
# Use actual Ansible Galaxy role name for the project directory.
|
||||
- cd ../
|
||||
- mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
|
||||
- cd geerlingguy.$ROLE_NAME
|
||||
|
||||
script:
|
||||
# Run tests.
|
||||
- molecule test
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
20
roles/geerlingguy.nodejs/LICENSE
Normal file
20
roles/geerlingguy.nodejs/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Jeff Geerling
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
73
roles/geerlingguy.nodejs/README.md
Normal file
73
roles/geerlingguy.nodejs/README.md
Normal file
@ -0,0 +1,73 @@
|
||||
# Ansible Role: Node.js
|
||||
|
||||
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nodejs.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nodejs)
|
||||
|
||||
Installs Node.js on RHEL/CentOS or Debian/Ubuntu.
|
||||
|
||||
## Requirements
|
||||
|
||||
None.
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`):
|
||||
|
||||
nodejs_version: "10.x"
|
||||
|
||||
The Node.js version to install. "10.x" is the default and works on most supported OSes. Other versions such as "0.12", "4.x", "5.x", "6.x", "8.x", "10.x" etc. should work on the latest versions of Debian/Ubuntu and RHEL/CentOS.
|
||||
|
||||
nodejs_install_npm_user: "{{ ansible_ssh_user }}"
|
||||
|
||||
The user for whom the npm packages will be installed can be set here, this defaults to `ansible_user`.
|
||||
|
||||
npm_config_prefix: "/usr/local/lib/npm"
|
||||
|
||||
The global installation directory. This should be writeable by the `nodejs_install_npm_user`.
|
||||
|
||||
npm_config_unsafe_perm: "false"
|
||||
|
||||
Set to true to suppress the UID/GID switching when running package scripts. If set explicitly to false, then installing as a non-root user will fail.
|
||||
|
||||
nodejs_npm_global_packages: []
|
||||
|
||||
A list of npm packages with a `name` and (optional) `version` to be installed globally. For example:
|
||||
|
||||
nodejs_npm_global_packages:
|
||||
# Install a specific version of a package.
|
||||
- name: jslint
|
||||
version: 0.9.3
|
||||
# Install the latest stable release of a package.
|
||||
- name: node-sass
|
||||
# This shorthand syntax also works (same as previous example).
|
||||
- node-sass
|
||||
<!-- code block separator -->
|
||||
|
||||
nodejs_package_json_path: ""
|
||||
|
||||
Set a path pointing to a particular `package.json` (e.g. `"/var/www/app/package.json"`). This will install all of the defined packages globally using Ansible's `npm` module.
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
- hosts: utility
|
||||
vars_files:
|
||||
- vars/main.yml
|
||||
roles:
|
||||
- geerlingguy.nodejs
|
||||
|
||||
*Inside `vars/main.yml`*:
|
||||
|
||||
nodejs_npm_global_packages:
|
||||
- name: jslint
|
||||
- name: node-sass
|
||||
|
||||
## License
|
||||
|
||||
MIT / BSD
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
|
27
roles/geerlingguy.nodejs/defaults/main.yml
Normal file
27
roles/geerlingguy.nodejs/defaults/main.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
# Set the version of Node.js to install ("6.x", "8.x", "10.x", "11.x", etc.).
|
||||
# Version numbers from Nodesource: https://github.com/nodesource/distributions
|
||||
nodejs_version: "10.x"
|
||||
|
||||
# The user for whom the npm packages will be installed.
|
||||
# nodejs_install_npm_user: username
|
||||
|
||||
# The directory for global installations.
|
||||
npm_config_prefix: "/usr/local/lib/npm"
|
||||
|
||||
# Set to true to suppress the UID/GID switching when running package scripts. If
|
||||
# set explicitly to false, then installing as a non-root user will fail.
|
||||
npm_config_unsafe_perm: "false"
|
||||
|
||||
# Define a list of global packages to be installed with NPM.
|
||||
nodejs_npm_global_packages: []
|
||||
# # Install a specific version of a package.
|
||||
# - name: jslint
|
||||
# version: 0.9.3
|
||||
# # Install the latest stable release of a package.
|
||||
# - name: node-sass
|
||||
# # This shorthand syntax also works (same as previous example).
|
||||
# - node-sass
|
||||
|
||||
# The path of a package.json file used to install packages globally.
|
||||
nodejs_package_json_path: ""
|
2
roles/geerlingguy.nodejs/meta/.galaxy_install_info
Normal file
2
roles/geerlingguy.nodejs/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: Sun Oct 20 01:52:29 2019
|
||||
version: 5.0.0
|
30
roles/geerlingguy.nodejs/meta/main.yml
Normal file
30
roles/geerlingguy.nodejs/meta/main.yml
Normal file
@ -0,0 +1,30 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author: geerlingguy
|
||||
description: Node.js installation for Linux
|
||||
company: "Midwestern Mac, LLC"
|
||||
license: "license (BSD, MIT)"
|
||||
min_ansible_version: 2.4
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 6
|
||||
- 7
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- trusty
|
||||
- xenial
|
||||
- bionic
|
||||
galaxy_tags:
|
||||
- development
|
||||
- web
|
||||
- javascript
|
||||
- js
|
||||
- node
|
||||
- npm
|
||||
- nodejs
|
29
roles/geerlingguy.nodejs/molecule/default/molecule.yml
Normal file
29
roles/geerlingguy.nodejs/molecule/default/molecule.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
lint:
|
||||
name: yamllint
|
||||
options:
|
||||
config-file: molecule/default/yaml-lint.yml
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
lint:
|
||||
name: ansible-lint
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
|
||||
scenario:
|
||||
name: default
|
||||
verifier:
|
||||
name: testinfra
|
||||
lint:
|
||||
name: flake8
|
@ -0,0 +1,23 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
vars:
|
||||
nodejs_version: "11.x"
|
||||
nodejs_install_npm_user: root
|
||||
npm_config_prefix: /root/.npm-global
|
||||
npm_config_unsafe_perm: "true"
|
||||
nodejs_npm_global_packages:
|
||||
- node-sass
|
||||
- name: jslint
|
||||
version: 0.12.0
|
||||
- name: yo
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.nodejs
|
22
roles/geerlingguy.nodejs/molecule/default/playbook.yml
Normal file
22
roles/geerlingguy.nodejs/molecule/default/playbook.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
vars:
|
||||
nodejs_install_npm_user: root
|
||||
npm_config_prefix: /root/.npm-global
|
||||
npm_config_unsafe_perm: "true"
|
||||
nodejs_npm_global_packages:
|
||||
- node-sass
|
||||
- name: jslint
|
||||
version: 0.12.0
|
||||
- name: yo
|
||||
|
||||
pre_tasks:
|
||||
- name: Update apt cache.
|
||||
apt: update_cache=true cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.nodejs
|
@ -0,0 +1,14 @@
|
||||
import os
|
||||
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
||||
|
||||
|
||||
def test_hosts_file(host):
|
||||
f = host.file('/etc/hosts')
|
||||
|
||||
assert f.exists
|
||||
assert f.user == 'root'
|
||||
assert f.group == 'root'
|
6
roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml
Normal file
6
roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
extends: default
|
||||
rules:
|
||||
line-length:
|
||||
max: 220
|
||||
level: warning
|
42
roles/geerlingguy.nodejs/tasks/main.yml
Normal file
42
roles/geerlingguy.nodejs/tasks/main.yml
Normal file
@ -0,0 +1,42 @@
|
||||
---
|
||||
- import_tasks: setup-RedHat.yml
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- import_tasks: setup-Debian.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Define nodejs_install_npm_user
|
||||
set_fact:
|
||||
nodejs_install_npm_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
|
||||
when: nodejs_install_npm_user is not defined
|
||||
|
||||
- name: Create npm global directory
|
||||
file:
|
||||
path: "{{ npm_config_prefix }}"
|
||||
owner: "{{ nodejs_install_npm_user }}"
|
||||
group: "{{ nodejs_install_npm_user }}"
|
||||
state: directory
|
||||
|
||||
- name: Add npm_config_prefix bin directory to global $PATH.
|
||||
template:
|
||||
src: npm.sh.j2
|
||||
dest: /etc/profile.d/npm.sh
|
||||
mode: 0644
|
||||
|
||||
- name: Ensure npm global packages are installed.
|
||||
npm:
|
||||
name: "{{ item.name | default(item) }}"
|
||||
version: "{{ item.version | default('latest') }}"
|
||||
global: true
|
||||
state: latest
|
||||
environment:
|
||||
NPM_CONFIG_PREFIX: "{{ npm_config_prefix }}"
|
||||
NODE_PATH: "{{ npm_config_prefix }}/lib/node_modules"
|
||||
NPM_CONFIG_UNSAFE_PERM: "{{ npm_config_unsafe_perm }}"
|
||||
with_items: "{{ nodejs_npm_global_packages }}"
|
||||
tags: ['skip_ansible_lint']
|
||||
|
||||
- name: Install packages defined in a given package.json.
|
||||
npm:
|
||||
path: "{{ nodejs_package_json_path }}"
|
||||
when: nodejs_package_json_path is defined and nodejs_package_json_path
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user