Skip to content

genialis/ansible-common

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ansible-common

Ansible role for common configuration tasks on EL7 servers.

Requirements

Currently, the role only supports CentOS and Red Hat Enterprise Linux (RHEL) EL7 distribution flavors.

It also requires RHEL/CentOS 7.4 or higher since it provides a newer python-virtualenv package (1.10.1-4.el7+) which fixes compatibility with Python 3 (for more details, see: https://bugzilla.redhat.com/show_bug.cgi?id=1411685).

If you need support for other flavors, feel free to submit a pull request.

Role Variables

remote_user variable is automatically set with running whoami command as user who connects to the server.

Name Type Description Mandatory Default
common_additional_admin_users list

List of additional users and SSH public key files with sudo permissions.

- name: username
  ssh_keys: id_rsa.pub
no []
common_aws_cli_enable boolean Set this to install or upgrade AWS CLI. no true
common_aws_cli_version string Select the version of AWS CLI to install. no 2.0.50
common_include_security boolean Specify if part of the role in charge of security is played or not. no true
common_include_guest_additions boolean Specify if part of the role in charge of installing the VirtualBox's guest additions is played or not. no false
common_hostname string Hostname of the server. no "{{ inventory_hostname }}"
common_rhel_repos_for_epel list List of repository ids that need to be enabled on RHEL machines for the EPEL repository. no

- rhel-7-server-optional-rpms

- rhel-7-server-extras-rpms

common_python3_enabled boolean Install Python 3.4 if true. no false
common_python36_enabled boolean Install Python 3.6 if true. no false
common_selinux_permisive boolean Set SELinux to permisive mode if true. no false
common_ssh_allowed_ips list

List of ip addresses from which firewall will allow ssh connection.

Warning

If list is empty, all ssh connections will be allowed.

no []
common_ssh_authorized_keys list List of public ssh keys which will be added to remote_user's authorized_keys file. no []
common_audit_num_logs int Number of log files that auditd will keep before they are removed. no 100
common_audit_max_log_file int Maximum file size of each auditd log file. no 20
vaulted_common_user_password string remote_user's password. It must be hashed and stored in Ansible Vault for security reasons. See Ansible documentation for more details. no  
common_root_ps1 string Value of root's PS1 bash variable if defined. no "${BGREEN}\u@\h${NORMAL}:${BBLUE}\w${NORMAL}\\$"
common_user_ps1 string Value of remote_user's PS1 bash variable if defined. no "${BLUE}(${RED}\w${BLUE}) ${NORMAL}\h ${RED}\\$ ${NORMAL}"
common_virtualbox_dist_dir string Path where VirtualBox guest additions will be downloaded and extracted. no /opt/virtualbox

Dependencies

No dependencies.

Example Playbook

To use this role add this to your playbook:

- hosts: servers
  roles:
     - { role: genialis.common }

License

Licensed under the GPLv3 License. See the COPYING file for details.

Author Information

Domen Blenkuš
Tadej Janež

About

Common ansible role to manage EL7 servers

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Jinja 100.0%