commit 818d34657c3ab013f7db36e8aac047f93ae5ad87 Author: Jack-Benny Persson Date: Sun Jun 26 19:46:33 2022 +0200 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b0a5122 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +env/* diff --git a/README.md b/README.md new file mode 100644 index 0000000..dcff159 --- /dev/null +++ b/README.md @@ -0,0 +1,38 @@ +# Ansible från grunden +Här finner du all exempelkod för boken *Ansible från grunden* +(ISBN: 978-91-983300-9-0). + +Boken kommer att ges ut under sensommaren/hösten 2022. + +Boken kommer att finnas till försäljning hos [CyberInfo Sverige](https://www.cyberinfo.se/bocker/), +[Bokus](https://www.bokus.com/cgi-bin/product_search.cgi?publisher=CyberInfo%20Sverige) och +[Adlibris](https://www.adlibris.com/se/sok?filter=publisher%3ACyberInfo%20Sverige). + + +## Baksidetexten +**Ansible från grunden** lär ut det vi behöver för att komma igång med +Ansible. Boken börjar med en genomgång av vad Ansible är, hur det används och +vad det används till. Vi tittar också på hur man installerar Ansible i en +virtuell Pythonmiljö. + +Därefter lär vi oss hur man kör ad hoc-kommandon för att snabbt +fixa något; hur man skriver egna playbooks för att utföra en lång rad +uppgifter; hur man skriver roller för att på ett enkelt sätt återanvända +Ansible-kod. Vi lär oss också hur man krypterar filer som innehåller lösenord +eller andra känsliga uppgifter. + +Boken är uppbyggd av både enklare, mindre exempel, men också av ett par stora +projekt som vi gång på gång modifierar och förbättrar. I boken finns cirka ett +hundra exempel. Efter varje kapitel finns övningsuppgifter av varierande +svårighetsgrad. + +Bokens huvudfokus är att managera Linuxsystem. Men det finns även ett kort +kapitel som visar hur man kan använda Ansible för att managera Windows. + +För att få ut det mesta av boken bör man vara bekväm med att arbeta med +Linux och kommandon. Man bör också vara van vid att arbeta med SSH. En +generell kännedom om Apache och Postfix underlättar också, även om det inte är +något krav. + +## Framsidan +![Ansible från grunden](framsidan-ansible-fran-grunden.jpg) diff --git a/ankeborg-demo-v2.yml b/ankeborg-demo-v2.yml new file mode 100644 index 0000000..7f7731a --- /dev/null +++ b/ankeborg-demo-v2.yml @@ -0,0 +1,21 @@ +- hosts: ankeborg + become: true + vars: + timezone: Europe/Stockholm + + collections: + - jackbenny.demo + + tasks: + - name: Test my dummy module + dummy: + number: 51 + register: the_num + + - name: Print the return value + debug: + msg: "{{ the_num }}" + + roles: + - base + diff --git a/ankeborg-demo.yml b/ankeborg-demo.yml new file mode 100644 index 0000000..5ce6461 --- /dev/null +++ b/ankeborg-demo.yml @@ -0,0 +1,18 @@ +- hosts: ankeborg + become: true + vars: + timezone: Europe/Stockholm + + tasks: + - name: Test my dummy module + jackbenny.demo.dummy: + number: 51 + register: the_num + + - name: Print the return value + debug: + msg: "{{ the_num }}" + + roles: + - jackbenny.demo.base + diff --git a/ankeborg-jackbenny-postfix.yml b/ankeborg-jackbenny-postfix.yml new file mode 100644 index 0000000..f0044e0 --- /dev/null +++ b/ankeborg-jackbenny-postfix.yml @@ -0,0 +1,13 @@ +- hosts: ankeborg + become: true + vars: + mail_hostname: "{{ inventory_hostname }}" + canonical_name: "{{ inventory_hostname_short }}.mynet.\ + example.com" + relay_user: xxx + relay_password: yyy + external_email_address: me@example.com + + roles: + - jackbenny.postfix + diff --git a/ankeborg-med-postfix-v2.yml b/ankeborg-med-postfix-v2.yml new file mode 100644 index 0000000..431beb8 --- /dev/null +++ b/ankeborg-med-postfix-v2.yml @@ -0,0 +1,21 @@ +- hosts: ankeborg + become: true + vars: + mail_hostname: "{{ inventory_hostname }}" + canonical_name: "{{ inventory_hostname_short }}.nixnet.\ + example.tld" + + pre_tasks: + - name: Update cache on Debian/Ubuntu + apt: + update_cache: yes + when: ansible_os_family == 'Debian' + - name: Update cache on RedHat/CentOS/Fedora + dnf: + update_cache: yes + when: ansible_os_family == 'RedHat' + + roles: + - base + - postfix-v2 + diff --git a/ankeborg-med-postfix-v3.yml b/ankeborg-med-postfix-v3.yml new file mode 100644 index 0000000..ecfb93a --- /dev/null +++ b/ankeborg-med-postfix-v3.yml @@ -0,0 +1,11 @@ +- hosts: ankeborg + become: true + vars: + mail_hostname: "{{ inventory_hostname }}" + canonical_name: "{{ inventory_hostname_short }}.nixnet.\ + example.tld" + + roles: + - base-v2 + - postfix-v3 + diff --git a/ankeborg-med-postfix-v4.yml b/ankeborg-med-postfix-v4.yml new file mode 100644 index 0000000..d8a02ab --- /dev/null +++ b/ankeborg-med-postfix-v4.yml @@ -0,0 +1,11 @@ +- hosts: ankeborg + become: true + vars: + mail_hostname: "{{ inventory_hostname }}" + canonical_name: "{{ inventory_hostname_short }}.nixnet.\ + example.tld" + + roles: + - base-v2 + - postfix-v4 + diff --git a/ankeborg-med-postfix.yml b/ankeborg-med-postfix.yml new file mode 100644 index 0000000..594b7bc --- /dev/null +++ b/ankeborg-med-postfix.yml @@ -0,0 +1,21 @@ +- hosts: ankeborg + become: true + vars: + mail_hostname: "{{ inventory_hostname }}" + canonical_name: "{{ inventory_hostname_short }}.nixnet.\ + example.tld" + + pre_tasks: + - name: Update cache on Debian/Ubuntu + apt: + update_cache: yes + when: ansible_os_family == 'Debian' + - name: Update cache on RedHat/CentOS/Fedora + dnf: + update_cache: yes + when: ansible_os_family == 'RedHat' + + roles: + - base + - postfix + diff --git a/ankeborg.yml b/ankeborg.yml new file mode 100644 index 0000000..9d4d4da --- /dev/null +++ b/ankeborg.yml @@ -0,0 +1,16 @@ +- hosts: ankeborg + become: true + + pre_tasks: + - name: Update cache on Debian/Ubuntu + apt: + update_cache: yes + when: ansible_os_family == 'Debian' + - name: Update cache on RedHat/CentOS/Fedora + dnf: + update_cache: yes + when: ansible_os_family == 'RedHat' + + roles: + - base + diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..a82827a --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,2 @@ +[defaults] +inventory = $HOME/ansible/hosts diff --git a/create-password.py b/create-password.py new file mode 100644 index 0000000..76c522e --- /dev/null +++ b/create-password.py @@ -0,0 +1,6 @@ +import crypt, getpass +password = (crypt.crypt(getpass.getpass(), + crypt.mksalt(crypt.METHOD_SHA512))) +f = open("newuser.pass", "w") +f.write(password) +f.close() diff --git a/create-user.yml b/create-user.yml new file mode 100644 index 0000000..c845648 --- /dev/null +++ b/create-user.yml @@ -0,0 +1,12 @@ +- name: Min första Play + hosts: ankeborg + become: true + tasks: + - name: Skapa användaren Kalle + user: + name: kalle + password: "$6$WAFtsM1BDHKlAGcF$jyMA41xQONrF0y\ + /EuydPutK.CfVCJzfIzdb8qnw.Q75oOMUMrUoNSXJ2r\ + tzwvTjX2xAmz0FxUy51vS2tc8zVs/" + shell: /bin/bash + create_home: yes diff --git a/files/index.php b/files/index.php new file mode 100644 index 0000000..5bc7feb --- /dev/null +++ b/files/index.php @@ -0,0 +1,13 @@ + + + + + Bara ett test + + + + Hejsan!" ?> + + + + diff --git a/framsidan-ansible-fran-grunden.jpg b/framsidan-ansible-fran-grunden.jpg new file mode 100755 index 0000000..114c4fb Binary files /dev/null and b/framsidan-ansible-fran-grunden.jpg differ diff --git a/free-test.yml b/free-test.yml new file mode 100644 index 0000000..4d9c712 --- /dev/null +++ b/free-test.yml @@ -0,0 +1,11 @@ +- hosts: all + strategy: free + tasks: + - name: Run whoami + command: + cmd: whoami + + - name: Run uptime + command: + cmd: uptime + diff --git a/group_vars/ankeborg.yml b/group_vars/ankeborg.yml new file mode 100644 index 0000000..b45fc73 --- /dev/null +++ b/group_vars/ankeborg.yml @@ -0,0 +1,3 @@ +ansible_user: jake +ansible_become_pass: peak-airspeed +ansible_become_method: sudo diff --git a/hanterare-exempel1.yml b/hanterare-exempel1.yml new file mode 100644 index 0000000..2f63abe --- /dev/null +++ b/hanterare-exempel1.yml @@ -0,0 +1,18 @@ +- name: Playbook för att demonstrera hanterare + hosts: tjatte.nixnet.jke + become: yes + tasks: + - name: Installera MariaDB + dnf: + name: mariadb-server + state: present + update_cache: yes + notify: Aktivera MariaDB + + handlers: + - name: Aktivera MariaDB + systemd: + name: mariadb + state: started + enabled: yes + diff --git a/host_vars/joakim.nixnet.jke.yml b/host_vars/joakim.nixnet.jke.yml new file mode 100644 index 0000000..3c0b7ce --- /dev/null +++ b/host_vars/joakim.nixnet.jke.yml @@ -0,0 +1,2 @@ +ansible_become_method: su +ansible_become_pass: speech-fargo diff --git a/host_vars/knatte.nixnet.jke.yml b/host_vars/knatte.nixnet.jke.yml new file mode 100644 index 0000000..3c0b7ce --- /dev/null +++ b/host_vars/knatte.nixnet.jke.yml @@ -0,0 +1,2 @@ +ansible_become_method: su +ansible_become_pass: speech-fargo diff --git a/host_vars/win10-lab.yml b/host_vars/win10-lab.yml new file mode 100644 index 0000000..bde4b8f --- /dev/null +++ b/host_vars/win10-lab.yml @@ -0,0 +1,8 @@ +ansible_user: Jack-Benny +ansible_password: blue-panter +ansible_connection: winrm +ansible_winrm_transport: basic +ansible_winrm_server_cert_validation: ignore +ansible_winrm_scheme: https +ansible_port: 5986 + diff --git a/hosts b/hosts new file mode 100644 index 0000000..26251ab --- /dev/null +++ b/hosts @@ -0,0 +1,8 @@ +[ankeborg] +knatte.nixnet.jke ansible_host=192.168.0.29 +fnatte.nixnet.jke ansible_host=192.168.0.24 +tjatte.nixnet.jke ansible_host=192.168.0.42 +joakim.nixnet.jke ansible_host=192.168.0.47 + +[win10] +win10-lab ansible_host=192.168.0.40 diff --git a/import-include.yml b/import-include.yml new file mode 100644 index 0000000..aa1b664 --- /dev/null +++ b/import-include.yml @@ -0,0 +1,13 @@ +- name: Testa import_tasks och include_tasks + hosts: localhost + tasks: + - include_tasks: x.yml # import_tasks fungerar + with_items: [1, 2, 3] # inte för loopar + +- name: Läsa taggar fungerar bara med import + hosts: localhost + vars: + - testar: hejsan + tasks: + - import_tasks: y.yml + diff --git a/index.php b/index.php new file mode 100644 index 0000000..5bc7feb --- /dev/null +++ b/index.php @@ -0,0 +1,13 @@ + + + + + Bara ett test + + + + Hejsan!" ?> + + + + diff --git a/install-vim.yml b/install-vim.yml new file mode 100644 index 0000000..b97c2b4 --- /dev/null +++ b/install-vim.yml @@ -0,0 +1,8 @@ +- hosts: all + become: yes + tasks: + - name: Install vim + package: + name: vim + state: present + diff --git a/jinja-hostvars.yml b/jinja-hostvars.yml new file mode 100644 index 0000000..f620805 --- /dev/null +++ b/jinja-hostvars.yml @@ -0,0 +1,7 @@ +- hosts: localhost + + tasks: + - name: Lista hela hostvars + debug: + msg: "{{ hostvars }}" + diff --git a/jinja-if.yml b/jinja-if.yml new file mode 100644 index 0000000..810138b --- /dev/null +++ b/jinja-if.yml @@ -0,0 +1,14 @@ +- hosts: localhost + vars: + namn: + - Knatte + - Tjatte + - Fnatte + - Joakim + + tasks: + - name: If-test + template: + src: testfil_if.j2 + dest: testfil_if.txt + diff --git a/jinja-ip-adresser.yml b/jinja-ip-adresser.yml new file mode 100644 index 0000000..9516ba7 --- /dev/null +++ b/jinja-ip-adresser.yml @@ -0,0 +1,9 @@ +- name: Extract test + hosts: localhost + + tasks: + - name: Lista IP + debug: + msg: "{{ groups['ankeborg'] | map('extract', + hostvars, ['ansible_host']) }}" + diff --git a/jinja-knatte-ip.yml b/jinja-knatte-ip.yml new file mode 100644 index 0000000..2c7ff37 --- /dev/null +++ b/jinja-knatte-ip.yml @@ -0,0 +1,9 @@ +- name: Extract test + hosts: localhost + + tasks: + - name: Lista IP + debug: + msg: "{{ ['knatte.nixnet.jke'] | map('extract', + hostvars, ['ansible_host']) }}" + diff --git a/jinja-loop.yml b/jinja-loop.yml new file mode 100644 index 0000000..4c8cabf --- /dev/null +++ b/jinja-loop.yml @@ -0,0 +1,14 @@ +- hosts: localhost + vars: + namn: + - Knatte + - Tjatte + - Fnatte + - Joakim + + tasks: + - name: Loop-test + template: + src: testfil_loop.j2 + dest: testfil_loop.txt + diff --git a/jinja-losen.yml b/jinja-losen.yml new file mode 100644 index 0000000..26ff4cf --- /dev/null +++ b/jinja-losen.yml @@ -0,0 +1,9 @@ +- name: Extract test + hosts: localhost + + tasks: + - name: Lista alla lösenord + debug: + msg: "{{ groups['ankeborg'] | map('extract', + hostvars, ['ansible_become_pass']) }}" + diff --git a/jinja-map.yml b/jinja-map.yml new file mode 100644 index 0000000..d7bb624 --- /dev/null +++ b/jinja-map.yml @@ -0,0 +1,41 @@ +- name: Map test + hosts: localhost + vars: + namn: [ + { + "fornamn": "Knatte", + "efternamn": "Anka", + "tel": 07012345678, + "adress": { + "stad": "Ankeborg", + "gata": "Ankvägen 1" + } + }, + { + "fornamn": "Joakim", + "efternamn": "von Anka", + "tel": 070987654321, + "adress": { + "stad": "Ankeborg", + "gata": "Pengavägen 1" + }, + }, + { + "fornamn": "Oppfinnar-Jocke", + "efternamn": "Johansson", + "tel": 070123123123, + "adress": { + "stad": "Ankeborg", + "gata": "Laboratorievägen 1" + }, + }] + + tasks: + - name: Lista alla gator + debug: + msg="{{ namn | map(attribute='fornamn') }}" + - name: Lista alla städerna + debug: + msg="{{ namn | map(attribute='adress') + | map(attribute='gata') | join(', ') }}" + diff --git a/jinja-testing-numbers.yml b/jinja-testing-numbers.yml new file mode 100644 index 0000000..e0c4357 --- /dev/null +++ b/jinja-testing-numbers.yml @@ -0,0 +1,28 @@ +- hosts: localhost + vars: + num1: 5 + num2: 10 + lista: [2, 2, 9, 1, 5, 2, 1] + namn: ["Knatte", "Fnatte", "Knatte", "Knatte"] + + tasks: + - name: Utföra aritmetik + debug: + msg: "{{ num1 * num2 }}" + + - name: Hitta minsta talet + debug: + msg: "{{ lista|min }}" + + - name: Hitta största talet + debug: + msg: "{{ lista|max }}" + + - name: Lista bara unika tal + debug: + msg: "{{ lista|unique }}" + + - name: Unique fungerar även på strängar + debug: + msg: "{{ namn|unique }}" + diff --git a/jinja-testing.yml b/jinja-testing.yml new file mode 100644 index 0000000..cce742f --- /dev/null +++ b/jinja-testing.yml @@ -0,0 +1,20 @@ +- hosts: localhost + vars: + text: Hej alla glada + num1: 5 + num2: 10 + + tasks: + - name: Skriv ut variablerna + debug: + msg: "Texten är: {{ text }}. Talen är {{ num1 }} + och {{ num2 }}." + + - name: Omvandla till versaler + debug: + msg: "{{ text|upper }}" + + - name: Byt ut text och gör allt till gemener + debug: + msg: "{{ text|replace('glada','utvecklare')|lower }}" + diff --git a/jinja-vardnamn.yml b/jinja-vardnamn.yml new file mode 100644 index 0000000..e7aeb01 --- /dev/null +++ b/jinja-vardnamn.yml @@ -0,0 +1,8 @@ +- name: Extract test + hosts: localhost + + tasks: + - name: Lista värdnamnen + debug: + msg: "{{ groups['ankeborg'] }}" + diff --git a/memtest-v2.yml b/memtest-v2.yml new file mode 100644 index 0000000..2f94264 --- /dev/null +++ b/memtest-v2.yml @@ -0,0 +1,12 @@ +- name: Kör ett kommando om mer än 1500 mb ledigt minne + hosts: ankeborg + tasks: + - name: Kör echo + when: ansible_memfree_mb >= 1500 + command: + cmd: echo "Bara ett test" + register: utdata + + - name: Skriv ut utdata + debug: + var: utdata.stdout_lines diff --git a/memtest.yml b/memtest.yml new file mode 100644 index 0000000..84c4853 --- /dev/null +++ b/memtest.yml @@ -0,0 +1,7 @@ +- name: Kör ett kommando om mer än 1500 mb ledigt minne + hosts: ankeborg + tasks: + - name: Kör echo + when: ansible_memfree_mb >= 1500 + command: + cmd: echo "Bara ett test" diff --git a/minfil.txt b/minfil.txt new file mode 100644 index 0000000..603207f --- /dev/null +++ b/minfil.txt @@ -0,0 +1 @@ +Hejsan diff --git a/newuser.pass b/newuser.pass new file mode 100644 index 0000000..1473f11 --- /dev/null +++ b/newuser.pass @@ -0,0 +1 @@ +$6$WAFtsM1BDHKlAGcF$jyMA41xQONrF0y/EuydPutK.CfVCJzfIzdb8qnw.Q75oOMUMrUoNSXJ2rtzwvTjX2xAmz0FxUy51vS2tc8zVs/ \ No newline at end of file diff --git a/roles/base-v2/meta/main.yml b/roles/base-v2/meta/main.yml new file mode 100644 index 0000000..2f72ad7 --- /dev/null +++ b/roles/base-v2/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - role: update_cache + diff --git a/roles/base-v2/tasks/main.yml b/roles/base-v2/tasks/main.yml new file mode 100644 index 0000000..0a7b8b6 --- /dev/null +++ b/roles/base-v2/tasks/main.yml @@ -0,0 +1,13 @@ +- name: Install common tools + package: + name: "{{ item }}" + with_items: + - curl + - gnupg + - vim + - ca-certificates + +- name: Set the timezone to Stockholm + timezone: + name: Europe/Stockholm + diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml new file mode 100644 index 0000000..0a7b8b6 --- /dev/null +++ b/roles/base/tasks/main.yml @@ -0,0 +1,13 @@ +- name: Install common tools + package: + name: "{{ item }}" + with_items: + - curl + - gnupg + - vim + - ca-certificates + +- name: Set the timezone to Stockholm + timezone: + name: Europe/Stockholm + diff --git a/roles/my_role/defaults/main.yml b/roles/my_role/defaults/main.yml new file mode 100644 index 0000000..40ac6d4 --- /dev/null +++ b/roles/my_role/defaults/main.yml @@ -0,0 +1 @@ +my_number: 10 diff --git a/roles/my_role/library/dummy.py b/roles/my_role/library/dummy.py new file mode 100644 index 0000000..9fa44e0 --- /dev/null +++ b/roles/my_role/library/dummy.py @@ -0,0 +1,35 @@ +#!/usr/bin/python +from ansible.module_utils.basic import AnsibleModule + +def run_module(): + # definiera argument till modulen + module_args = dict( + number=dict(type='int', required=True), + ) + + # skapa en dict för resultatet + result = dict( + changed=False, + number=0, + ) + + # inställningar för modulen + module = AnsibleModule( + argument_spec=module_args, + supports_check_mode=False + ) + + # logiken för modulen + result['number'] = module.params['number'] + if result['number'] > 50: + result['changed']=True + + # returnera resultatet som json + module.exit_json(**result) + +def main(): + run_module() + +if __name__ == '__main__': + main() + diff --git a/roles/my_role/tasks/main.yml b/roles/my_role/tasks/main.yml new file mode 100644 index 0000000..454e6bf --- /dev/null +++ b/roles/my_role/tasks/main.yml @@ -0,0 +1,4 @@ +- name: Testa vår egna modul + dummy: + number: "{{ my_number }}" + diff --git a/roles/postfix-v2/defaults/main.yml b/roles/postfix-v2/defaults/main.yml new file mode 100644 index 0000000..aba4ec8 --- /dev/null +++ b/roles/postfix-v2/defaults/main.yml @@ -0,0 +1,7 @@ +mail_hostname: vm.nixnet.jke +canonical_name: vm.nixnet.example.tld +relay_host: email-smtp.eu-west-1.amazonaws.com +relay_port: 465 +relay_user: +relay_password: + diff --git a/roles/postfix-v2/files/aliases b/roles/postfix-v2/files/aliases new file mode 100644 index 0000000..0f04fbd --- /dev/null +++ b/roles/postfix-v2/files/aliases @@ -0,0 +1,14 @@ +postmaster: root +nobody: root +hostmaster: root +usenet: root +news: root +webmaster: root +www: root +ftp: root +abuse: root +noc: root +security: root +root: jake +jake: vm-mail@cyberinfo.se + diff --git a/roles/postfix-v2/handlers/main.yml b/roles/postfix-v2/handlers/main.yml new file mode 100644 index 0000000..1f63734 --- /dev/null +++ b/roles/postfix-v2/handlers/main.yml @@ -0,0 +1,18 @@ +- name: Activate and restart Postfix + service: + name: postfix + enabled: yes + state: restarted + +- name: Generate SASL + command: + cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd + +- name: Generate aliases + command: + cmd: /usr/sbin/postalias /etc/aliases + +- name: Generate sender_canonical + command: + cmd: /usr/sbin/postmap /etc/postfix/sender_canonical + diff --git a/roles/postfix-v2/tasks/main.yml b/roles/postfix-v2/tasks/main.yml new file mode 100644 index 0000000..aecd1f0 --- /dev/null +++ b/roles/postfix-v2/tasks/main.yml @@ -0,0 +1,43 @@ +- name: Check that a username and password is supplied + assert: + that: + - (relay_user is defined) and (relay_user is not none) + - (relay_password is defined) and + (relay_password is not none) + fail_msg: "'relay_user' and 'relay_password' must be set" + success_msg: "username and password for relay is set" + +- name: Install Postfix and s-nail + package: + state: present + name: "{{ item }}" + with_items: + - postfix + - s-nail + notify: Activate and restart Postfix + +- name: Configure Postfix + template: + src: main.cf.j2 + dest: /etc/postfix/main cf + notify: Activate and restart Postfix + +- name: Copy Postfix authentication + template: + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + mode: 0600 + notify: Generate SASL + +- name: Copy alisases + copy: + src: aliases + dest: /etc/aliases + notify: Generate aliases + +- name: Copy sender_canonical + template: + src: sender_canonical.j2 + dest: /etc/postfix/sender_canonical + notify: Generate sender_canonical + diff --git a/roles/postfix-v2/templates/main.cf.j2 b/roles/postfix-v2/templates/main.cf.j2 new file mode 100644 index 0000000..7f32d19 --- /dev/null +++ b/roles/postfix-v2/templates/main.cf.j2 @@ -0,0 +1,29 @@ +biff = no +append_dot_mydomain = no +compatibility_level = 2 +myhostname = {{ mail_hostname }} +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +myorigin = {{ mail_hostname }} +mydestination = $myhostname, {{ mail_hostname }}, localhost +relayhost = [{{ relay_host }}]:{{ relay_port }} +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = localhost +inet_protocols = all + +# enable SASL authentication +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_sasl_security_options = noanonymous +smtp_sasl_tls_security_options = noanonymous + +# Enable STARTTLS encryption +smtp_use_tls = yes +smtp_tls_wrappermode = yes +smtp_tls_security_level = encrypt + +# Setup sender canonical mapping +sender_canonical_maps = hash:/etc/postfix/sender_canonical + diff --git a/roles/postfix-v2/templates/sasl_passwd.j2 b/roles/postfix-v2/templates/sasl_passwd.j2 new file mode 100644 index 0000000..e2be114 --- /dev/null +++ b/roles/postfix-v2/templates/sasl_passwd.j2 @@ -0,0 +1,2 @@ +[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }} + diff --git a/roles/postfix-v2/templates/sender_canonical.j2 b/roles/postfix-v2/templates/sender_canonical.j2 new file mode 100644 index 0000000..bb0785c --- /dev/null +++ b/roles/postfix-v2/templates/sender_canonical.j2 @@ -0,0 +1,3 @@ +root root@{{ canonical_name }} +jake jake@{{ canonical_name }} + diff --git a/roles/postfix-v3/defaults/main.yml b/roles/postfix-v3/defaults/main.yml new file mode 100644 index 0000000..aba4ec8 --- /dev/null +++ b/roles/postfix-v3/defaults/main.yml @@ -0,0 +1,7 @@ +mail_hostname: vm.nixnet.jke +canonical_name: vm.nixnet.example.tld +relay_host: email-smtp.eu-west-1.amazonaws.com +relay_port: 465 +relay_user: +relay_password: + diff --git a/roles/postfix-v3/files/aliases b/roles/postfix-v3/files/aliases new file mode 100644 index 0000000..0f04fbd --- /dev/null +++ b/roles/postfix-v3/files/aliases @@ -0,0 +1,14 @@ +postmaster: root +nobody: root +hostmaster: root +usenet: root +news: root +webmaster: root +www: root +ftp: root +abuse: root +noc: root +security: root +root: jake +jake: vm-mail@cyberinfo.se + diff --git a/roles/postfix-v3/handlers/main.yml b/roles/postfix-v3/handlers/main.yml new file mode 100644 index 0000000..1f63734 --- /dev/null +++ b/roles/postfix-v3/handlers/main.yml @@ -0,0 +1,18 @@ +- name: Activate and restart Postfix + service: + name: postfix + enabled: yes + state: restarted + +- name: Generate SASL + command: + cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd + +- name: Generate aliases + command: + cmd: /usr/sbin/postalias /etc/aliases + +- name: Generate sender_canonical + command: + cmd: /usr/sbin/postmap /etc/postfix/sender_canonical + diff --git a/roles/postfix-v3/meta/main.yml b/roles/postfix-v3/meta/main.yml new file mode 100644 index 0000000..2f72ad7 --- /dev/null +++ b/roles/postfix-v3/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - role: update_cache + diff --git a/roles/postfix-v3/tasks/main.yml b/roles/postfix-v3/tasks/main.yml new file mode 100644 index 0000000..aecd1f0 --- /dev/null +++ b/roles/postfix-v3/tasks/main.yml @@ -0,0 +1,43 @@ +- name: Check that a username and password is supplied + assert: + that: + - (relay_user is defined) and (relay_user is not none) + - (relay_password is defined) and + (relay_password is not none) + fail_msg: "'relay_user' and 'relay_password' must be set" + success_msg: "username and password for relay is set" + +- name: Install Postfix and s-nail + package: + state: present + name: "{{ item }}" + with_items: + - postfix + - s-nail + notify: Activate and restart Postfix + +- name: Configure Postfix + template: + src: main.cf.j2 + dest: /etc/postfix/main cf + notify: Activate and restart Postfix + +- name: Copy Postfix authentication + template: + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + mode: 0600 + notify: Generate SASL + +- name: Copy alisases + copy: + src: aliases + dest: /etc/aliases + notify: Generate aliases + +- name: Copy sender_canonical + template: + src: sender_canonical.j2 + dest: /etc/postfix/sender_canonical + notify: Generate sender_canonical + diff --git a/roles/postfix-v3/templates/main.cf.j2 b/roles/postfix-v3/templates/main.cf.j2 new file mode 100644 index 0000000..7f32d19 --- /dev/null +++ b/roles/postfix-v3/templates/main.cf.j2 @@ -0,0 +1,29 @@ +biff = no +append_dot_mydomain = no +compatibility_level = 2 +myhostname = {{ mail_hostname }} +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +myorigin = {{ mail_hostname }} +mydestination = $myhostname, {{ mail_hostname }}, localhost +relayhost = [{{ relay_host }}]:{{ relay_port }} +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = localhost +inet_protocols = all + +# enable SASL authentication +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_sasl_security_options = noanonymous +smtp_sasl_tls_security_options = noanonymous + +# Enable STARTTLS encryption +smtp_use_tls = yes +smtp_tls_wrappermode = yes +smtp_tls_security_level = encrypt + +# Setup sender canonical mapping +sender_canonical_maps = hash:/etc/postfix/sender_canonical + diff --git a/roles/postfix-v3/templates/sasl_passwd.j2 b/roles/postfix-v3/templates/sasl_passwd.j2 new file mode 100644 index 0000000..e2be114 --- /dev/null +++ b/roles/postfix-v3/templates/sasl_passwd.j2 @@ -0,0 +1,2 @@ +[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }} + diff --git a/roles/postfix-v3/templates/sender_canonical.j2 b/roles/postfix-v3/templates/sender_canonical.j2 new file mode 100644 index 0000000..bb0785c --- /dev/null +++ b/roles/postfix-v3/templates/sender_canonical.j2 @@ -0,0 +1,3 @@ +root root@{{ canonical_name }} +jake jake@{{ canonical_name }} + diff --git a/roles/postfix-v4/defaults/main.yml b/roles/postfix-v4/defaults/main.yml new file mode 100644 index 0000000..aba4ec8 --- /dev/null +++ b/roles/postfix-v4/defaults/main.yml @@ -0,0 +1,7 @@ +mail_hostname: vm.nixnet.jke +canonical_name: vm.nixnet.example.tld +relay_host: email-smtp.eu-west-1.amazonaws.com +relay_port: 465 +relay_user: +relay_password: + diff --git a/roles/postfix-v4/files/aliases b/roles/postfix-v4/files/aliases new file mode 100644 index 0000000..0f04fbd --- /dev/null +++ b/roles/postfix-v4/files/aliases @@ -0,0 +1,14 @@ +postmaster: root +nobody: root +hostmaster: root +usenet: root +news: root +webmaster: root +www: root +ftp: root +abuse: root +noc: root +security: root +root: jake +jake: vm-mail@cyberinfo.se + diff --git a/roles/postfix-v4/handlers/main.yml b/roles/postfix-v4/handlers/main.yml new file mode 100644 index 0000000..1f63734 --- /dev/null +++ b/roles/postfix-v4/handlers/main.yml @@ -0,0 +1,18 @@ +- name: Activate and restart Postfix + service: + name: postfix + enabled: yes + state: restarted + +- name: Generate SASL + command: + cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd + +- name: Generate aliases + command: + cmd: /usr/sbin/postalias /etc/aliases + +- name: Generate sender_canonical + command: + cmd: /usr/sbin/postmap /etc/postfix/sender_canonical + diff --git a/roles/postfix-v4/meta/main.yml b/roles/postfix-v4/meta/main.yml new file mode 100644 index 0000000..2f72ad7 --- /dev/null +++ b/roles/postfix-v4/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - role: update_cache + diff --git a/roles/postfix-v4/tasks/configure-postfix.yml b/roles/postfix-v4/tasks/configure-postfix.yml new file mode 100644 index 0000000..95b9278 --- /dev/null +++ b/roles/postfix-v4/tasks/configure-postfix.yml @@ -0,0 +1,6 @@ +- name: Configure Postfix + template: + src: main.cf.j2 + dest: /etc/postfix/main.cf + notify: Activate and restart Postfix + diff --git a/roles/postfix-v4/tasks/copy-aliases.yml b/roles/postfix-v4/tasks/copy-aliases.yml new file mode 100644 index 0000000..8473ffa --- /dev/null +++ b/roles/postfix-v4/tasks/copy-aliases.yml @@ -0,0 +1,6 @@ +- name: Copy alisases + copy: + src: aliases + dest: /etc/aliases + notify: Generate aliases + diff --git a/roles/postfix-v4/tasks/copy-postfix-auth.yml b/roles/postfix-v4/tasks/copy-postfix-auth.yml new file mode 100644 index 0000000..6e3e911 --- /dev/null +++ b/roles/postfix-v4/tasks/copy-postfix-auth.yml @@ -0,0 +1,7 @@ +- name: Copy Postfix authentication + template: + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + mode: 0600 + notify: Generate SASL + diff --git a/roles/postfix-v4/tasks/copy-sender-canonical.yml b/roles/postfix-v4/tasks/copy-sender-canonical.yml new file mode 100644 index 0000000..d62f0e7 --- /dev/null +++ b/roles/postfix-v4/tasks/copy-sender-canonical.yml @@ -0,0 +1,6 @@ +- name: Copy sender_canonical + template: + src: sender_canonical.j2 + dest: /etc/postfix/sender_canonical + notify: Generate sender_canonical + diff --git a/roles/postfix-v4/tasks/install-postfix.yml b/roles/postfix-v4/tasks/install-postfix.yml new file mode 100644 index 0000000..3695ea4 --- /dev/null +++ b/roles/postfix-v4/tasks/install-postfix.yml @@ -0,0 +1,9 @@ +- name: Install Postfix and s-nail + package: + state: present + name: "{{ item }}" + with_items: + - postfix + - s-nail + notify: Activate and restart Postfix + diff --git a/roles/postfix-v4/tasks/main.yml b/roles/postfix-v4/tasks/main.yml new file mode 100644 index 0000000..efe5432 --- /dev/null +++ b/roles/postfix-v4/tasks/main.yml @@ -0,0 +1,15 @@ +- name: Check that a username and password is supplied + assert: + that: + - (relay_user is defined) and (relay_user is not none) + - (relay_password is defined) and + (relay_password is not none) + fail_msg: "'relay_user' and 'relay_password' must be set" + success_msg: "username and password for relay is set" + +- import_tasks: install-postfix.yml +- import_tasks: configure-postfix.yml +- import_tasks: copy-postfix-auth.yml +- import_tasks: copy-aliases.yml +- import_tasks: copy-sender-canonical.yml + diff --git a/roles/postfix-v4/templates/main.cf.j2 b/roles/postfix-v4/templates/main.cf.j2 new file mode 100644 index 0000000..7f32d19 --- /dev/null +++ b/roles/postfix-v4/templates/main.cf.j2 @@ -0,0 +1,29 @@ +biff = no +append_dot_mydomain = no +compatibility_level = 2 +myhostname = {{ mail_hostname }} +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +myorigin = {{ mail_hostname }} +mydestination = $myhostname, {{ mail_hostname }}, localhost +relayhost = [{{ relay_host }}]:{{ relay_port }} +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = localhost +inet_protocols = all + +# enable SASL authentication +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_sasl_security_options = noanonymous +smtp_sasl_tls_security_options = noanonymous + +# Enable STARTTLS encryption +smtp_use_tls = yes +smtp_tls_wrappermode = yes +smtp_tls_security_level = encrypt + +# Setup sender canonical mapping +sender_canonical_maps = hash:/etc/postfix/sender_canonical + diff --git a/roles/postfix-v4/templates/sasl_passwd.j2 b/roles/postfix-v4/templates/sasl_passwd.j2 new file mode 100644 index 0000000..e2be114 --- /dev/null +++ b/roles/postfix-v4/templates/sasl_passwd.j2 @@ -0,0 +1,2 @@ +[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }} + diff --git a/roles/postfix-v4/templates/sender_canonical.j2 b/roles/postfix-v4/templates/sender_canonical.j2 new file mode 100644 index 0000000..bb0785c --- /dev/null +++ b/roles/postfix-v4/templates/sender_canonical.j2 @@ -0,0 +1,3 @@ +root root@{{ canonical_name }} +jake jake@{{ canonical_name }} + diff --git a/roles/postfix/defaults/main.yml b/roles/postfix/defaults/main.yml new file mode 100644 index 0000000..6615352 --- /dev/null +++ b/roles/postfix/defaults/main.yml @@ -0,0 +1,14 @@ +$ANSIBLE_VAULT;1.1;AES256 +38326433663334316231393964323861326634316138663137343462303639383539613232633865 +6462656338656163373330366635373431366638353365610a646133313831346534393736323737 +38616533373133383766303538643635326535303232633837653737616362323432313964653837 +6136306639613862340a316165623962356265646434383833303136656633656334343335633032 +33346234633833363936383937623835313130373133626231326361666566636161353361616361 +35323032383266643561636536616533333264613730623064663838346431353030393330336565 +31653864396466303338626535343063633139383731326430356436626530373766353033366237 +32343930373739306139643263306266333235383764656137326165646531646330383663306166 +31376366366465663862383834343233363163383839663263393637353762346333663136633563 +62393730363237666232353439623832623162363330616165653230653866663065613533393833 +62343261356164653835383866343139303136316235323530356136663730613234383563653562 +37346236366538366638633462326161333337316630333239643263303737663531373965386631 +3834 diff --git a/roles/postfix/files/aliases b/roles/postfix/files/aliases new file mode 100644 index 0000000..0f04fbd --- /dev/null +++ b/roles/postfix/files/aliases @@ -0,0 +1,14 @@ +postmaster: root +nobody: root +hostmaster: root +usenet: root +news: root +webmaster: root +www: root +ftp: root +abuse: root +noc: root +security: root +root: jake +jake: vm-mail@cyberinfo.se + diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml new file mode 100644 index 0000000..1f63734 --- /dev/null +++ b/roles/postfix/handlers/main.yml @@ -0,0 +1,18 @@ +- name: Activate and restart Postfix + service: + name: postfix + enabled: yes + state: restarted + +- name: Generate SASL + command: + cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd + +- name: Generate aliases + command: + cmd: /usr/sbin/postalias /etc/aliases + +- name: Generate sender_canonical + command: + cmd: /usr/sbin/postmap /etc/postfix/sender_canonical + diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml new file mode 100644 index 0000000..43d793d --- /dev/null +++ b/roles/postfix/tasks/main.yml @@ -0,0 +1,34 @@ +- name: Install Postfix and s-nail + package: + state: present + name: "{{ item }}" + with_items: + - postfix + - s-nail + notify: Activate and restart Postfix + +- name: Configure Postfix + template: + src: main.cf.j2 + dest: /etc/postfix/main.cf + notify: Activate and restart Postfix + +- name: Copy Postfix authentication + template: + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + mode: 0600 + notify: Generate SASL + +- name: Copy alisases + copy: + src: aliases + dest: /etc/aliases + notify: Generate aliases + +- name: Copy sender_canonical + template: + src: sender_canonical.j2 + dest: /etc/postfix/sender_canonical + notify: Generate sender_canonical + diff --git a/roles/postfix/templates/main.cf.j2 b/roles/postfix/templates/main.cf.j2 new file mode 100644 index 0000000..7f32d19 --- /dev/null +++ b/roles/postfix/templates/main.cf.j2 @@ -0,0 +1,29 @@ +biff = no +append_dot_mydomain = no +compatibility_level = 2 +myhostname = {{ mail_hostname }} +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +myorigin = {{ mail_hostname }} +mydestination = $myhostname, {{ mail_hostname }}, localhost +relayhost = [{{ relay_host }}]:{{ relay_port }} +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = localhost +inet_protocols = all + +# enable SASL authentication +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_sasl_security_options = noanonymous +smtp_sasl_tls_security_options = noanonymous + +# Enable STARTTLS encryption +smtp_use_tls = yes +smtp_tls_wrappermode = yes +smtp_tls_security_level = encrypt + +# Setup sender canonical mapping +sender_canonical_maps = hash:/etc/postfix/sender_canonical + diff --git a/roles/postfix/templates/sasl_passwd.j2 b/roles/postfix/templates/sasl_passwd.j2 new file mode 100644 index 0000000..e2be114 --- /dev/null +++ b/roles/postfix/templates/sasl_passwd.j2 @@ -0,0 +1,2 @@ +[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }} + diff --git a/roles/postfix/templates/sender_canonical.j2 b/roles/postfix/templates/sender_canonical.j2 new file mode 100644 index 0000000..bb0785c --- /dev/null +++ b/roles/postfix/templates/sender_canonical.j2 @@ -0,0 +1,3 @@ +root root@{{ canonical_name }} +jake jake@{{ canonical_name }} + diff --git a/roles/update_cache/tasks/main.yml b/roles/update_cache/tasks/main.yml new file mode 100644 index 0000000..85063f7 --- /dev/null +++ b/roles/update_cache/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Update cache on Debian/Ubuntu + apt: + update_cache: yes + when: ansible_os_family == 'Debian' +- name: Update cache on RedHat/CentOS/Fedora + dnf: + update_cache: yes + when: ansible_os_family == 'RedHat' + diff --git a/roles/update_windows/tasks/main.yml b/roles/update_windows/tasks/main.yml new file mode 100644 index 0000000..f9a304b --- /dev/null +++ b/roles/update_windows/tasks/main.yml @@ -0,0 +1,5 @@ +- name: Update Windows + ansible.windows.win_updates: + category_names: "*" + reboot: yes + diff --git a/skapa-webbservrar-v2.yml b/skapa-webbservrar-v2.yml new file mode 100644 index 0000000..d6e0a3e --- /dev/null +++ b/skapa-webbservrar-v2.yml @@ -0,0 +1,17 @@ +- name: Sätt upp en webbsida med PHP-stöd + become: true + hosts: ankeborg + tasks: + - import_tasks: tasks/installera-apache-php.yml + - import_tasks: tasks/aktivera-apache.yml + - import_tasks: tasks/firewalld-http.yml + - import_tasks: tasks/skapa-webbsida.yml + +- name: Testa webbservrarna + hosts: localhost + tasks: + - name: Anslut till servrarna + import_tasks: tasks/testa-webbservrarna.yml + vars: + min_grupp: ankeborg + diff --git a/skapa-webbservrar-v3.yml b/skapa-webbservrar-v3.yml new file mode 100644 index 0000000..1348639 --- /dev/null +++ b/skapa-webbservrar-v3.yml @@ -0,0 +1,20 @@ +- name: Sätt upp en webbsida med PHP-stöd + become: true + hosts: ankeborg + tasks: + - import_tasks: tasks/installera-apache-php-v3.yml + - import_tasks: tasks/skapa-webbsida-v3.yml + + handlers: + - import_tasks: tasks/aktivera-apache.yml + - import_tasks: tasks/firewalld-http.yml + - import_tasks: tasks/radera-exempelsida-v3.yml + +- name: Testa webbservrarna + hosts: localhost + tasks: + - name: Anslut till servrarna + import_tasks: tasks/testa-webbservrarna.yml + vars: + min_grupp: ankeborg + diff --git a/skapa-webbservrar.yml b/skapa-webbservrar.yml new file mode 100644 index 0000000..5fcbbb8 --- /dev/null +++ b/skapa-webbservrar.yml @@ -0,0 +1,67 @@ +- name: Sätt upp en webbsida med PHP-stöd + become: true + hosts: ankeborg + tasks: + - name: Installera Apache och PHP i Debian + when: ansible_os_family == 'Debian' + apt: + update_cache: yes + name: "{{ item }}" + state: present + install_recommends: yes + with_items: + - apache2 + - libapache2-mod-php + + - name: Installera Apache och PHP i RedHat + when: ansible_os_family == 'RedHat' + dnf: + name: "{{ item }}" + state: present + update_cache: yes + install_weak_deps: yes + with_items: + - httpd + - php + + - name: Aktivera Apache i Debian + when: ansible_os_family == 'Debian' + systemd: + name: apache2 + enabled: yes + state: started + + - name: Aktivera Apache i RedHat + when: ansible_os_family == 'RedHat' + systemd: + name: httpd + enabled: yes + state: started + + - name: Öppna brandväggen i RedHat + when: ansible_os_family == 'RedHat' + firewalld: + service: http + permanent: yes + immediate: yes + state: enabled + + - name: Ta bort eventuell exempelsida + file: + path: /var/www/html/index.html + state: absent + + - name: Kopiera PHP-filen till värdarna + copy: + src: index.php + dest: /var/www/html/index.php + +- name: Testa webbservrarna + hosts: localhost + tasks: + - name: Anslut till webbservrarna + uri: + url: "http://{{ item }}" + with_items: "{{ groups['ankeborg'] | map('extract', \ + hostvars, ['ansible_host']) }}" + diff --git a/tasks/aktivera-apache-v3.yml b/tasks/aktivera-apache-v3.yml new file mode 100644 index 0000000..8bce2cc --- /dev/null +++ b/tasks/aktivera-apache-v3.yml @@ -0,0 +1,18 @@ +- name: Aktivera Apache i Debian + tags: + - apache + - systemd + systemd: + name: apache2 + enabled: yes + state: started + +- name: Aktivera Apache i RedHat + tags: + - apache + - systemd + systemd: + name: httpd + enabled: yes + state: started + diff --git a/tasks/aktivera-apache.yml b/tasks/aktivera-apache.yml new file mode 100644 index 0000000..e9abc4d --- /dev/null +++ b/tasks/aktivera-apache.yml @@ -0,0 +1,20 @@ +- name: Aktivera Apache i Debian + tags: + - apache + - systemd + when: ansible_os_family == 'Debian' + systemd: + name: apache2 + enabled: yes + state: started + +- name: Aktivera Apache i RedHat + tags: + - apache + - systemd + when: ansible_os_family == 'RedHat' + systemd: + name: httpd + enabled: yes + state: started + diff --git a/tasks/firewalld-http.yml b/tasks/firewalld-http.yml new file mode 100644 index 0000000..6d3c590 --- /dev/null +++ b/tasks/firewalld-http.yml @@ -0,0 +1,10 @@ +- name: Öppna brandväggen i RedHat + tags: + - firewall + when: ansible_os_family == 'RedHat' + firewalld: + service: http + permanent: yes + immediate: yes + state: enabled + diff --git a/tasks/firewalld-httpd-v3.yml b/tasks/firewalld-httpd-v3.yml new file mode 100644 index 0000000..cc70861 --- /dev/null +++ b/tasks/firewalld-httpd-v3.yml @@ -0,0 +1,9 @@ +- name: Öppna brandväggen i RedHat + tags: + - firewall + firewalld: + service: http + permanent: yes + immediate: yes + state: enabled + diff --git a/tasks/installera-apache-php-v3.yml b/tasks/installera-apache-php-v3.yml new file mode 100644 index 0000000..0e756bd --- /dev/null +++ b/tasks/installera-apache-php-v3.yml @@ -0,0 +1,34 @@ +- name: Installera Apache och PHP i Debian + tags: + - apache + - package + when: ansible_os_family == 'Debian' + apt: + update_cache: yes + name: "{{ item }}" + state: present + install_recommends: yes + with_items: + - apache2 + - libapache2-mod-php + notify: + - Ta bort eventuell exempelsida + - Aktivera Apache i Debian + +- name: Installera Apache och PHP i RedHat + tags: + - apache + - package + when: ansible_os_family == 'RedHat' + dnf: + name: "{{ item }}" + state: present + update_cache: yes + install_weak_deps: yes + with_items: + - httpd + - php + notify: + - Ta bort eventuell exempelsida + - Aktivera Apache i RedHat + - Öppna brandväggen i RedHat diff --git a/tasks/installera-apache-php.yml b/tasks/installera-apache-php.yml new file mode 100644 index 0000000..aec4ae3 --- /dev/null +++ b/tasks/installera-apache-php.yml @@ -0,0 +1,28 @@ +- name: Installera Apache och PHP i Debian + tags: + - apache + - package + when: ansible_os_family == 'Debian' + apt: + update_cache: yes + name: "{{ item }}" + state: present + install_recommends: yes + with_items: + - apache2 + - libapache2-mod-php + +- name: Installera Apache och PHP i RedHat + tags: + - apache + - package + when: ansible_os_family == 'RedHat' + dnf: + name: "{{ item }}" + state: present + update_cache: yes + install_weak_deps: yes + with_items: + - httpd + - php + diff --git a/tasks/radera-exempelsida-v3.yml b/tasks/radera-exempelsida-v3.yml new file mode 100644 index 0000000..9abcbbd --- /dev/null +++ b/tasks/radera-exempelsida-v3.yml @@ -0,0 +1,8 @@ +- name: Ta bort eventuell exempelsida + tags: + - index + - remove + file: + path: /var/www/html/index.html + state: absent + diff --git a/tasks/skapa-webbsida-v3.yml b/tasks/skapa-webbsida-v3.yml new file mode 100644 index 0000000..e9c6659 --- /dev/null +++ b/tasks/skapa-webbsida-v3.yml @@ -0,0 +1,8 @@ +- name: Kopiera PHP-filen till värdarna + tags: + - index + - copy + copy: + src: ../files/index.php + dest: /var/www/html/index.php + diff --git a/tasks/skapa-webbsida.yml b/tasks/skapa-webbsida.yml new file mode 100644 index 0000000..f4a24ce --- /dev/null +++ b/tasks/skapa-webbsida.yml @@ -0,0 +1,16 @@ +- name: Ta bort eventuell exempelsida + tags: + - index + - remove + file: + path: /var/www/html/index.html + state: absent + +- name: Kopiera PHP-filen till värdarna + tags: + - index + - copy + copy: + src: ../files/index.php + dest: /var/www/html/index.php + diff --git a/tasks/testa-webbservrarna.yml b/tasks/testa-webbservrarna.yml new file mode 100644 index 0000000..12a8764 --- /dev/null +++ b/tasks/testa-webbservrarna.yml @@ -0,0 +1,8 @@ +- name: Anslut till webbservrarna + tags: + - connect + uri: + url: "http://{{ item }}" + with_items: "{{ groups[min_grupp] | map('extract', \ + hostvars, ['ansible_host']) }}" + diff --git a/test_my_role.yml b/test_my_role.yml new file mode 100644 index 0000000..efb90e9 --- /dev/null +++ b/test_my_role.yml @@ -0,0 +1,6 @@ +- hosts: ankeborg + vars: + my_number: 45 + roles: + - my_role + diff --git a/testfil_if.j2 b/testfil_if.j2 new file mode 100644 index 0000000..52de950 --- /dev/null +++ b/testfil_if.j2 @@ -0,0 +1,10 @@ +{% for item in namn %} +{% if item == "Joakim" %} + * {{ item }} är deras farbror +{% elif "tte" in item %} + * {{ item }} bor med {{ "kalle anka"|title }} +{% else %} + * {{ item }} +{% endif %} +{% endfor %} + diff --git a/testfil_if.txt b/testfil_if.txt new file mode 100644 index 0000000..b6ad608 --- /dev/null +++ b/testfil_if.txt @@ -0,0 +1,5 @@ + * Knatte bor med Kalle Anka + * Tjatte bor med Kalle Anka + * Fnatte bor med Kalle Anka + * Joakim är deras farbror + diff --git a/testfil_loop.j2 b/testfil_loop.j2 new file mode 100644 index 0000000..4f299fd --- /dev/null +++ b/testfil_loop.j2 @@ -0,0 +1,4 @@ +{% for item in namn %} + * {{ item }} +{% endfor %} + diff --git a/testfil_loop.txt b/testfil_loop.txt new file mode 100644 index 0000000..95c1b73 --- /dev/null +++ b/testfil_loop.txt @@ -0,0 +1,5 @@ + * Knatte + * Tjatte + * Fnatte + * Joakim + diff --git a/update-systems.yml b/update-systems.yml new file mode 100644 index 0000000..b0cfbb4 --- /dev/null +++ b/update-systems.yml @@ -0,0 +1,17 @@ +- name: Uppdatera systemen + become: true + hosts: all + tasks: + - name: Uppdatera Debian-baserade system + when: ansible_os_family == 'Debian' + apt: + update_cache: yes + upgrade: dist + + - name: Uppdatera RedHat-baserade system + when: ansible_os_family == 'RedHat' + dnf: + name: "*" + state: latest + update_cache: yes + update_only: yes diff --git a/update_win.yml b/update_win.yml new file mode 100644 index 0000000..2925cad --- /dev/null +++ b/update_win.yml @@ -0,0 +1,4 @@ +- hosts: win10 + roles: + - update_windows + diff --git a/uppdatera-och-starta-om.yml b/uppdatera-och-starta-om.yml new file mode 100644 index 0000000..3e7f7b0 --- /dev/null +++ b/uppdatera-och-starta-om.yml @@ -0,0 +1,29 @@ +- name: Uppdatera systemen + become: true + serial: 1 + hosts: ankeborg + tasks: + - name: Uppdatera Debian-baserade system + when: ansible_os_family == 'Debian' + apt: + update_cache: yes + upgrade: dist + notify: Starta om systemet + + - name: Uppdatera RedHat-baserade system + when: ansible_os_family == 'RedHat' + dnf: + name: "*" + state: latest + update_cache: yes + update_only: yes + notify: Starta om systemet + + handlers: + - name: Starta om systemet + reboot: + connect_timeout: 5 + reboot_timeout: 600 + post_reboot_delay: 30 + test_command: whoami + diff --git a/winfil.txt b/winfil.txt new file mode 100644 index 0000000..b8096f9 --- /dev/null +++ b/winfil.txt @@ -0,0 +1 @@ +En fil till Windows diff --git a/x.yml b/x.yml new file mode 100644 index 0000000..573ea8c --- /dev/null +++ b/x.yml @@ -0,0 +1,10 @@ +- name: Test av include_tasks + tags: x_test + command: + cmd: echo {{ item }} + register: utdata + +- name: Skriv ut resultatet + debug: + var: utdata.stdout_lines + diff --git a/y.yml b/y.yml new file mode 100644 index 0000000..84be5d5 --- /dev/null +++ b/y.yml @@ -0,0 +1,9 @@ +- name: En annan uppgift + tags: y_test + command: + cmd: echo "Hej hej" + +- name: Testar variabel + debug: + var: testar +