Ansible: Difference between revisions
From DWIKI
mNo edit summary |
m (→FAQ) |
||
| Line 78: | Line 78: | ||
==Show all host variables== | ==Show all host variables== | ||
ansible -m setup <hostname> | ansible -m setup <hostname> | ||
==Show all OS/versions== | |||
ansible all -m setup -a "filter=ansible_distribution*" | |||
==Syntax highlighting for ansible== | ==Syntax highlighting for ansible== | ||
Revision as of 12:53, 15 August 2017
Configuration management
Links
Alternatives
Quickstart
On server as root create key:
ssh-keygen
(go for defaults) and then get content of ~/.ssh/id_rsa.pub in your copypastebuffer
On 'clients' edit /etc/ssh/sshd_config to
PermitRootLogin without-password
and restart sshd
Edit/create ~root/.ssh/authorized_keys and add:
from="ip.of.ansible.server" <paste public key here>
Scripts/playbooks
Maintain useraccounts
---
- name: remove users
user: name=exuser state=absent force=yes groups=''
with_dict: accounts
tags:
- delusers
- name: sync group
group:
name: sync
gid: 999
state: "present"
- name: fix homedir rights
lineinfile: dest=/etc/login.defs regexp=^UMASK line="UMASK 007"
- name: useraccounts
user:
name: "{{ item.key }}"
comment: "{{ item.value.name }}"
uid: "{{ item.value.uid }}"
state: "present"
shell: "/bin/bash"
groups: sudo
with_dict: accounts
tags:
- accounts
- name: userpasswords
user:
name: "{{ item.key }}"
password: "{{ lookup('csvfile',item.key + ' file=/etc/shadow delimiter=: col=1' ) }}"
with_dict: accounts
#ssh keys
- name: userkeys
authorized_key: user={{ item.key }} key="{{ lookup('file','/home/' + item.key + '/.ssh/authorized_keys' ) }}" exclusive=yes
with_dict: accounts
tags:
- keys
- name: nofoobar
user: name=foobar state=absent remove=yes
tags:
- foobar
FAQ
Show all host variables
ansible -m setup <hostname>
Show all OS/versions
ansible all -m setup -a "filter=ansible_distribution*"
Syntax highlighting for ansible
Drop the files in ~/vim/bundle and in .vimrc:
call pathogen#infect() call pathogen#helptags()
