diff --git a/part00-getting-ready/ansible-learning-rollback.yml b/part00-getting-ready/ansible-learning-rollback.yml new file mode 100644 index 0000000..65fd616 --- /dev/null +++ b/part00-getting-ready/ansible-learning-rollback.yml @@ -0,0 +1,22 @@ +--- +- name: Revert devops Account + hosts: all + become: true + gather_facts: False + tasks: + - name: Remove ssh key + authorized_key: + user: devops + key: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_rsa.pub') }}" + state: absent + + - name: Remove account + user: + name: devops + state: absent + remove: yes + + - name: Remove sudo access + file: + path: /etc/sudoers.d/devops + state: absent diff --git a/part00-getting-ready/ansible.cfg b/part00-getting-ready/ansible.cfg index 2b2829f..ca7f88a 100644 --- a/part00-getting-ready/ansible.cfg +++ b/part00-getting-ready/ansible.cfg @@ -1,6 +1,7 @@ [defaults] inventory = inventory remote_user = devops + [privilege_escalation] become = true become_user = root diff --git a/part01-create-user/create-user.yml b/part01-create-user/create-user.yml index 5e5691c..bb227a9 100644 --- a/part01-create-user/create-user.yml +++ b/part01-create-user/create-user.yml @@ -1,6 +1,7 @@ --- - hosts: all become: true + gather_facts: False vars: the_user: "devops" @@ -8,7 +9,7 @@ - name: create-user user: name: "{{ the_user }}" - groups: root,wheel + groups: root shell: /bin/bash state: present create_home: yes @@ -20,9 +21,16 @@ ssh_key_bits: 2048 ssh_key_file: .ssh/id_rsa + - name: Copy local SSH public key to target + authorized_key: + user: "{{ the_user }}" + state: present + manage_dir: yes + key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}" + - name: set password user: name: "{{ the_user }}" password: "password" password_expire_min: 14 - password_expire_max: 60 + password_expire_max: 60 \ No newline at end of file diff --git a/part02-update-linux/ansible.cfg b/part02-update-linux/ansible.cfg new file mode 100644 index 0000000..b22c534 --- /dev/null +++ b/part02-update-linux/ansible.cfg @@ -0,0 +1,7 @@ +[defaults] +inventory = inventory + +[privilage_esclation] +become=True +become_method=sudo +become_user=root \ No newline at end of file diff --git a/part02-update-linux/update-linux/README.md b/part02-update-linux/update-linux/README.md index ae2cf2d..cf50323 100644 --- a/part02-update-linux/update-linux/README.md +++ b/part02-update-linux/update-linux/README.md @@ -20,6 +20,9 @@ Including an example of how to use your role (for instance, with variables passe ansible-playbook play.yml [ --limit server-ip ] +Testing: + ansible-playbook update-linux/tests/test.yml -i update-linux/tests/inventory -u $(whoami) --ask-become-pass + ## License MIT diff --git a/part02-update-linux/update-linux/meta/main.yml b/part02-update-linux/update-linux/meta/main.yml index edfde8f..dd3a7dc 100644 --- a/part02-update-linux/update-linux/meta/main.yml +++ b/part02-update-linux/update-linux/meta/main.yml @@ -16,8 +16,4 @@ galaxy_info: - dnf - yum -dependencies: - - apt - - apt-get - - dnf - - yum +dependencies: [] \ No newline at end of file diff --git a/part02-update-linux/update-linux/tests/inventory b/part02-update-linux/update-linux/tests/inventory index 878877b..05614f6 100644 --- a/part02-update-linux/update-linux/tests/inventory +++ b/part02-update-linux/update-linux/tests/inventory @@ -1,2 +1 @@ -localhost - +localhost ansible_connection=local \ No newline at end of file diff --git a/part02-update-linux/update-linux/tests/test.yml b/part02-update-linux/update-linux/tests/test.yml index 28fb777..d0fdaef 100644 --- a/part02-update-linux/update-linux/tests/test.yml +++ b/part02-update-linux/update-linux/tests/test.yml @@ -1,5 +1,31 @@ --- - hosts: localhost + become: true remote_user: root - roles: - - update-linux + gather_facts: true + + tasks: + - name: Mock update for RedHat Family - yum + debug: + msg: "Would update all packages on RedHat using yum" + when: + - ansible_os_family == 'RedHat' + - ansible_pkg_mgr == 'yum' + + - name: Mock update for RedHat Family - dnf + debug: + msg: "Would update all packages on RedHat using dnf" + when: + - ansible_os_family == 'RedHat' + - ansible_pkg_mgr == 'dnf' + + - name: Mock update for Debian Family + debug: + msg: "Would update all packages on Debian using apt" + when: + - ansible_os_family == 'Debian' + + handlers: + - name: reboot_machine + debug: + msg: "Handler would reboot machine if needed"