diff --git a/ansible/make-host.yml b/ansible/make-host.yml index 4c4e55d..cc36ebe 100644 --- a/ansible/make-host.yml +++ b/ansible/make-host.yml @@ -2,7 +2,9 @@ - hosts: dev become: yes roles: - - core - - docker + - shared - nginx + - fail2ban + - postfix + - docker diff --git a/ansible/nginx.yml b/ansible/nginx.yml index 18be294..7b8de16 100644 --- a/ansible/nginx.yml +++ b/ansible/nginx.yml @@ -2,4 +2,5 @@ - hosts: nginx-server become: yes roles: - - nginx + - nginx + diff --git a/ansible/roles/core/README.md b/ansible/roles/core/README.md index 8cb45da..225dd44 100644 --- a/ansible/roles/core/README.md +++ b/ansible/roles/core/README.md @@ -1,76 +1,38 @@ -core +Role Name ========= -A simple role for configuring a set of packages / settings on a new Ubuntu host using Ansible. - -### Packages Added / Configured - -Git - - Configure / set user name and email - -SSH - - MOTD (Template, replacable, displayed on login.) - - PAM (Template, replacable, authusers file to bypass) - - authusers (Add users to file to bypass PAM settings) - -Vim - - Install Vim - - Run https://github.com/shaunrd0/klips/scripts/setup-vim.sh +A brief description of the role goes here. Requirements ------------ -Expects that the host is using apt package manager, and running a Debian / Ubuntu system. +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. Role Variables -------------- -Found in `.../roles/core/defaults/main.yml` -``` ---- -packages: [git, vim, ssh] -ssh_port: 22 -auth_methods: "publickey,keyboard-interactive" -git_email: "user@domain.com" -git_name: "First Last" -hostname: "localhost" -domain_name: "www.localhost.com" -``` +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. -#### Basic package installation variable - +Dependencies +------------ -packages - A list of packages to install when running core configuration. Add package to this list and it will be installed on your new host. Further configuration will need to be done manually, unless the role is modified otherwise. - -#### SSH Configuration Variables - - -ssh_port - The port to configure SSH to listen on - -auth_methods - Authentication methods to allow SSH base configuration to use. Otherwise, specify a match within the sshd_config - -#### MOTD Configuration Variables - - -hostname - The hostname of the box you are using, used in the MOTD for a host-specific greeting, so you know which host you are logged into when glancing between terminals. - -domain_name - The domain name, if available, associated with this host. - -#### Git Configuration Variables - - -git_email - Email address to configure with Git - -git_name - Full name to configure with Git (First Last || Shaun Reed) +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. Example Playbook ---------------- -After configuring the appropriate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file. +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: -``` ---- -- hosts: core - become: yes - roles: - - core -``` + - hosts: servers + roles: + - { role: username.rolename, x: 42 } -Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files. +License +------- +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/ansible/roles/core/defaults/main.yml b/ansible/roles/core/defaults/main.yml index b0f0502..da20db7 100644 --- a/ansible/roles/core/defaults/main.yml +++ b/ansible/roles/core/defaults/main.yml @@ -1,9 +1,8 @@ --- -packages: [git, vim, ssh] +packages: [git, vim, ssh, libpam-yubico] +authusers: [user1, user2] ssh_port: 22 auth_methods: "publickey,keyboard-interactive" -hostname: "localhost" -domain_name: "www.localhost.com" -git_email: "user@domain.com" -git_name: "First Last" +git_email: "email@domain.com" +git_name: "Shaun Reed" diff --git a/ansible/roles/core/files/motd b/ansible/roles/core/files/motd index b14db89..1e8eb1a 100644 --- a/ansible/roles/core/files/motd +++ b/ansible/roles/core/files/motd @@ -2,11 +2,11 @@ * - |.===. + {{ ansible_hostname }} |.===. {{ ansible_fqdn }} {}o o{} ----------------------ooO--(_)--Ooo-------------------------- # # -# username www.web.com # +# # # # # _/\\___ __/\\__ _/\\___ _/\\___ __/\\___ _/\\___ # # (_ __))(_ ____)(_ _ _))(_ _ _))(_ ____))(_ _ )) # @@ -15,6 +15,6 @@ # \___| \\ \ _ //\_ \\ \_ \\ \ _____))\___| // # # \// \// \// \// \// \// \// # # # -# xxx.xxx.xxx.xx/xx # +# # #_____________________________________________________________# diff --git a/ansible/roles/core/tasks/configure-git.yml b/ansible/roles/core/tasks/configure-git.yml index 7cfa64b..a652bf0 100644 --- a/ansible/roles/core/tasks/configure-git.yml +++ b/ansible/roles/core/tasks/configure-git.yml @@ -1,4 +1,4 @@ --- - name: Configure Git - template: src=files/.gitconfig dest=~/.gitconfig + copy: src=files/.gitconfig dest=~/.gitconfig diff --git a/ansible/roles/docker/README.md b/ansible/roles/docker/README.md index 53b4bde..225dd44 100644 --- a/ansible/roles/docker/README.md +++ b/ansible/roles/docker/README.md @@ -1,38 +1,38 @@ -docker +Role Name ========= -A simple role for installing Docker and Docker Compose on a new Ubuntu host using Ansible. +A brief description of the role goes here. Requirements ------------ -Expects that the host is using apt package manager, and running a Debian / Ubuntu system. +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. Role Variables -------------- -Found in `.../roles/docker/defaults/main.yml` -``` ---- -docker_users: [user1, user2] -``` +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. -#### Docker Group Configuration Variable - +Dependencies +------------ -docker_users - A list of users to configure / add to the docker group +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. Example Playbook ---------------- -After setting the users to configure with Docker in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file. +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: -``` ---- -- hosts: docker-host - become: yes - roles: - - docker -``` + - hosts: servers + roles: + - { role: username.rolename, x: 42 } -Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files. +License +------- +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/ansible/roles/nginx/README.md b/ansible/roles/nginx/README.md index a99cdf4..225dd44 100644 --- a/ansible/roles/nginx/README.md +++ b/ansible/roles/nginx/README.md @@ -1,45 +1,38 @@ -nginx +Role Name ========= -A simple role for installing and configuring nginx on a new Ubuntu host using Ansible. Supports templates for index.html and custom nginx.conf +A brief description of the role goes here. Requirements ------------ -Expects that the host is using apt package manager, and running a Debian / Ubuntu system. +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. Role Variables -------------- -Found in `.../roles/nginx/defaults/main.yml` -``` ---- -domain_name: "localhost" -nginx_root_dir: "/var/www/html/" -index_files: "index.html index.htm" -``` +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. -#### NGINX Configuration Variables - +Dependencies +------------ -domain_name - Domain name to be used in nginx.conf, default value is the same as nginx base package default setting (localhost) - -nginx_root_dir - The directory to point the default nginx server to - -index_files - The files / types to be checked for content in our root directory +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. Example Playbook ---------------- -After configuring the approprate variables in `.../defaults/main.yml`, create the following play.yml and run `ansible-playbook play.yml` after setting the correct hosts in your `/etc/ansible/hosts` file. +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: -``` ---- -- hosts: nginx-server - become: yes - roles: - - nginx -``` + - hosts: servers + roles: + - { role: username.rolename, x: 42 } -Feel free to rename play.yml, hosts group name, etc. Just be sure it reflects to your settings in the related files. +License +------- +BSD +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/ansible/roles/nginx/defaults/main.yml b/ansible/roles/nginx/defaults/main.yml index b27f51d..bf35e67 100644 --- a/ansible/roles/nginx/defaults/main.yml +++ b/ansible/roles/nginx/defaults/main.yml @@ -1,4 +1,7 @@ --- +# defaults file for /etc/ansible/roles/nginx +# +packages: [nginx] domain_name: "localhost" nginx_root_dir: "/var/www/html/" index_files: "index.html index.htm" diff --git a/ansible/roles/nginx/files/index.html b/ansible/roles/nginx/files/index.html deleted file mode 100644 index b0d878e..0000000 --- a/ansible/roles/nginx/files/index.html +++ /dev/null @@ -1,25 +0,0 @@ - - - -Welcome to nginx! - - - -

Klips!

-

If you see this page, the nginx web server is successfully installed and -working. Further configuration is required.

- -

For online documentation and support please refer to -nginx.org.
-Commercial support is available at -nginx.com.

- -

Thank you for using nginx.

- - diff --git a/ansible/roles/nginx/files/nginx.conf b/ansible/roles/nginx/files/nginx.conf deleted file mode 100644 index a9c5a2b..0000000 --- a/ansible/roles/nginx/files/nginx.conf +++ /dev/null @@ -1,55 +0,0 @@ -user www-data; -worker_processes auto; -pid /run/nginx.pid; - -events { } - -http { - include mime.types; - - # Basic Server Configuration - server { - listen 80; - server_tokens off; - server_name {{ domain_name }}; - - location / { - root {{ nginx_root_dir }}; - index {{ index_files }}; - } - - # Uncomment to pass for SSL - #return 301 https://$host$request_uri; - } -} - - # Terminate SSL and route traffic -# server { -# server_name localhost; -# server_tokens off; -# - # SSL Settings -# listen 443 ssl; -# ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem; -# ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem; -# include /etc/letsencrypt/options-ssl-nginx.conf; -# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - -# location / { -# include proxy_params; -# proxy_pass http://0.0.0.0:8080/; -# } -# } - -# Private subdomain for routing custom ssh port -# server { -# server_name sub.domain.com; -# server_tokens off; -# -# location / { -# include proxy_params; -# proxy_pass http://0.0.0.0:3333; -# } -# -#} - diff --git a/ansible/roles/nginx/tasks/configure.yml b/ansible/roles/nginx/tasks/configure.yml index fbcc88e..1468f8f 100644 --- a/ansible/roles/nginx/tasks/configure.yml +++ b/ansible/roles/nginx/tasks/configure.yml @@ -1,7 +1,9 @@ --- - name: Copy nginx configuration file - template: src=files/nginx.conf dest=/etc/nginx/nginx.conf + template: src=files/nginx/nginx.conf dest=/etc/nginx/nginx.conf + - name: Copy index.html file - template: src=files/index.html dest=/var/www/html + template: src=files/nginx/index.html dest=/var/www/html notify: - restart nginx + diff --git a/ansible/roles/nginx/tasks/install.yml b/ansible/roles/nginx/tasks/install.yml index 5ee5a69..4233fc2 100644 --- a/ansible/roles/nginx/tasks/install.yml +++ b/ansible/roles/nginx/tasks/install.yml @@ -1,4 +1,4 @@ --- -- name: Install nginx Package - apt: name=nginx state=latest - +- name: Install packages + apt: name="{{ item }}" state=latest + with_items: "{{ packages }}" diff --git a/ansible/roles/nginx/tests/inventory b/ansible/roles/nginx/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/ansible/roles/nginx/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/ansible/roles/nginx/tests/test.yml b/ansible/roles/nginx/tests/test.yml deleted file mode 100644 index f53f9a6..0000000 --- a/ansible/roles/nginx/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - /etc/ansible/roles/nginx \ No newline at end of file