ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

syncing source to git

Browse Source
This commit is contained in:
ipvsean
2020-04-21 20:16:09 -04:00
parent cc30a3d5b0
commit 3239f2ee6a
34 changed files with 394 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
choose_demo.yml
View File

@@ -2,14 +2,14 @@
## example file for how to choose a demo
## chose specific demo or choose all
#SPECIFIC - example that installs just the deploy_application job template
# SPECIFIC - example that installs just the deploy_application job template
demo: developer_report
#ALL - example that installs all demos
# ALL - example that installs all demos
# demo: all
## Ansible Tower login infomation
my_tower_username: colin
my_tower_password: mahalo
my_tower_host: test.rhdemo.io
workshop_type: f5
workshop_type: rhel

23
galaxy.yml Normal file
View File

@@ -0,0 +1,23 @@
---
namespace: ipvsean
name: product_demos
version: 1.0.2
readme: README.md
authors:
- Sean Cavanaugh <seanc@redhat.com> @IPvSean
description: repository of demos to showcase Ansible features.
license:
- GPL-2.0-or-later
license_file: ''
tags: []
dependencies: {}
repository: http://github.com/ansible/product-demos
documentation: http://github.com/ansible/product-demos
homepage: http://github.com/ansible/product-demos
issues: https://github.com/ansible/product-demos/issues

BIN
ipvsean-product_demos-1.0.1.tar.gz Normal file
View File

Binary file not shown.

BIN
ipvsean-product_demos-1.0.2.tar.gz Normal file
View File

Binary file not shown.

4
playbooks/01_deploy_application.yml
View File

@@ -1,8 +1,8 @@
---
- name: application deployment
hosts: webservers
hosts: web
gather_facts: false
become: yes
become: true
tasks:
- name: make sure application is not empty
assert:

8
playbooks/02_patching.yml
View File

@@ -1,8 +1,8 @@
---
- name: apply non-kernel updates
hosts: "{{ HOSTS | default('all') }}"
become: yes
gather_facts: no
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
tasks:
- name: upgrade all packages except kernel
@@ -16,6 +16,6 @@
yum:
name: '*'
state: latest
security: yes
security: true
exclude: kernel*
tags: security

46
playbooks/03_hardening.yml
View File

@@ -1,31 +1,31 @@
---
- name: harden linux systems
hosts: "{{ HOSTS | default('all') }}"
become: yes
hosts: "{{ HOSTS | default('web') }}"
become: true
vars:
- harden_firewall: False
- harden_time: False
- harden_ssh: False
- harden_pci: False
- harden_firewall: false
- harden_time: false
- harden_ssh: false
- harden_pci: false
tasks:
- name: Configure Firewall
when: harden_firewall | bool
include_role:
name: linux-system-roles.firewall
- name: Configure Firewall
when: harden_firewall | bool
include_role:
name: linux-system-roles.firewall
- name: Configure Timesync
when: harden_time | bool
include_role:
name: linux-system-roles.timesync
- name: Configure Timesync
when: harden_time | bool
include_role:
name: linux-system-roles.timesync
- name: SSH Hardening
when: harden_ssh | bool
include_role:
name: dev-sec.ssh-hardening
- name: SSH Hardening
when: harden_ssh | bool
include_role:
name: dev-sec.ssh-hardening
# run with --skip-tags accounts_passwords_pam_faillock_deny
- name: Apply PCI Baseline
when: harden_pci | bool
include_role:
name: redhatofficial.rhel7_pci_dss
# run with --skip-tags accounts_passwords_pam_faillock_deny
- name: Apply PCI Baseline
when: harden_pci | bool
include_role:
name: redhatofficial.rhel7_pci_dss

6
playbooks/05_grant_sudo.yml
View File

@@ -1,8 +1,8 @@
---
- name: grant sudo
hosts: "{{ HOSTS | default('all') }}"
become: yes
gather_facts: no
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
vars:
sudo_cleanup: true

6
playbooks/06_debug_info.yml
View File

@@ -1,8 +1,8 @@
---
- name: gather debug info
hosts: "{{ HOSTS | default('all') }}"
become: yes
gather_facts: no
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
tasks:
- name: Gather recent vmstat info

15
playbooks/10_openscap.yml
View File

@@ -1,6 +1,6 @@
---
- name: build openscap report for rhel7
hosts: all
hosts: web
gather_facts: false
vars:
@@ -19,28 +19,23 @@
stat:
path: "{{ssg_schema}}"
# - name: create HTML report
# command: "oscap xccdf eval --fetch-remote-resources --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}"
# register: command_result
# failed_when: "'Error' in command_result.stderr"
- name: create HTML report
command: "oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}"
register: command_result
failed_when: "'Error' in command_result.stderr"
- name: Create directory if it does not exist
become: yes
- name: Create directory if it does falset exist
become: true
file:
path: "{{file_path}}"
state: directory
- name: move files into httpd
become: yes
become: true
copy:
src: ./{{item}}
dest: "{{file_path}}/{{item}}"
remote_src: yes
remote_src: true
loop:
- report.xml
- index.html

2
playbooks/11_developer_report.yml
View File

@@ -1,6 +1,6 @@
---
- name: grab linux facts
hosts: all
hosts: web
gather_facts: true
- name: build developer report

5
playbooks/generate_readme.yml
View File

@@ -4,11 +4,6 @@
connection: local
tasks:
# - name: install demo
# debug:
# msg: "{{item}}"
# loop: "{{dict(hostvars[inventory_hostname]|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items}}"
- name: install demo
include_role:
name: "../roles/generate_readme"

56
playbooks/group_vars/all/03_hardening.yml
View File

@@ -1,56 +0,0 @@
---
hardening:
author: "Will Tome"
category: security
name: "SERVER / Hardening"
description: "hardening for Linux servers"
job_type: "run"
inventory: "Workshop Inventory"
playbook: "playbooks/03_hardening.yml"
credential: "Workshop Credential"
survey_enabled: yes
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: Configure Firewall?
type: multiplechoice
variable: harden_firewall
required: false
choices:
- 'Yes'
- 'No'
- question_name: Configure Time?
type: multiplechoice
variable: harden_time
required: false
choices:
- 'Yes'
- 'No'
- question_name: Harden SSH?
type: multiplechoice
variable: harden_ssh
required: false
choices:
- 'Yes'
- 'No'
- question_name: PCI Baseline?
type: multiplechoice
variable: harden_pci
required: false
choices:
- 'Yes'
- 'No'
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
organization: "Default"
scm_type: git
scm_url: "https://github.com/ansible/product-demos"
workshop_type:
- f5
- rhel

15
roles/developer_report/meta/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
galaxy_info:
role_name: developer_report
author: Sean Cavanaugh
description: This role create an HTML report using Ansible Facts
company: Red Hat
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 2.9
galaxy_tags: []
dependencies: []

5
roles/developer_report/tasks/main.yml
View File

@@ -1,9 +1,10 @@
---
- name: create HTML report
become: yes
become: true
template:
src: report.j2
dest: "{{ file_path }}"
- name: DISPLAY LINK TO INVENTORY REPORT
debug:
msg: "Please go to http://{{ansible_host}}/report"
msg: "Please go to http://{{ ansible_host }}/report"

15
roles/generate_readme/meta/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
galaxy_info:
role_name: generate_readme
author: Sean Cavanaugh
description: This role generates a readme for the github/ansible/product-demos
company: Red Hat
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 2.9
galaxy_tags: []
dependencies: []

23
roles/install_demo/README.md Normal file
View File

@@ -0,0 +1,23 @@
# install_demo role
This role will install demos into your specified Ansible Tower environment. Here is an example of using this role:
```
---
- name: setup deploy application demo
hosts: localhost
gather_facts: false
connection: local
tasks:
- name: install demo
include_role:
name: "install_demo"
```
Please refer to the master list in the main [README.md]()../../README.md).
# required variables
You must specify all the variables in the [choose_demo.yml](../../choose_demo.yml) example.

15
roles/install_demo/meta/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
galaxy_info:
role_name: install_demo
author: Sean Cavanaugh
description: |
This role will install demos into your specified Ansible Tower environment.
company: Red Hat
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 2.9
galaxy_tags: []
dependencies: []

83
roles/install_demo/tasks/job_template.yml
View File

@@ -1,51 +1,54 @@
---
- name: add tower project
tower_project:
name: "{{hostvars.localhost[demo].project.name}}"
description: "{{hostvars.localhost[demo].project.description}}"
organization: "{{hostvars.localhost[demo].project.organization}}"
scm_type: "{{hostvars.localhost[demo].project.scm_type}}"
scm_url: "{{hostvars.localhost[demo].project.scm_url}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ vars[demo].project.name }}"
description: "{{ vars[demo].project.description }}"
organization: "{{ vars[demo].project.organization }}"
scm_type: "{{ vars[demo].project.scm_type }}"
scm_url: "{{ vars[demo].project.scm_url }}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
- name: add single job template without survey
tower_job_template:
name: "{{hostvars.localhost[demo].name}}"
description: "{{hostvars.localhost[demo].description}}"
job_type: "{{hostvars.localhost[demo].job_type}}"
inventory: "{{hostvars.localhost[demo].inventory}}"
project: "{{hostvars.localhost[demo].project.name}}"
playbook: "{{hostvars.localhost[demo].playbook}}"
fact_caching_enabled: "{{hostvars.localhost[demo].fact_caching_enabled | default('no')}}"
credential: "{{hostvars.localhost[demo].credential}}"
survey_enabled: "{{hostvars.localhost[demo].survey_enabled}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ vars[demo].name }}"
description: "{{ vars[demo].description }}"
job_type: "{{ vars[demo].job_type }}"
inventory: "{{ vars[demo].inventory}}"
project: "{{ vars[demo].project.name }}"
playbook: "{{ vars[demo].playbook }}"
fact_caching_enabled: "{{ vars[demo].fact_caching_enabled | default('false') }}"
credential: "{{ vars[demo].credential }}"
survey_enabled: "{{ vars[demo].survey_enabled }}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
when:
- workshop_type in hostvars.localhost[demo].workshop_type
- not hostvars.localhost[demo].survey_enabled
- workshop_type in vars[demo].workshop_type
- not vars[demo].survey_enabled
register: add_project
until: add_project is not failed
retries: 5
- name: add single job template with survey
tower_job_template:
name: "{{hostvars.localhost[demo].name}}"
description: "{{hostvars.localhost[demo].description}}"
job_type: "{{hostvars.localhost[demo].job_type}}"
inventory: "{{hostvars.localhost[demo].inventory}}"
project: "{{hostvars.localhost[demo].project.name}}"
playbook: "{{hostvars.localhost[demo].playbook}}"
fact_caching_enabled: "{{hostvars.localhost[demo].fact_caching_enabled | default('no')}}"
credential: "{{hostvars.localhost[demo].credential}}"
survey_enabled: "{{hostvars.localhost[demo].survey_enabled}}"
survey_spec: "{{hostvars.localhost[demo].survey_spec}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ vars[demo].name }}"
description: "{{ vars[demo].description }}"
job_type: "{{ vars[demo].job_type }}"
inventory: "{{ vars[demo].inventory}}"
project: "{{ vars[demo].project.name }}"
playbook: "{{ vars[demo].playbook }}"
fact_caching_enabled: "{{ vars[demo].fact_caching_enabled | default('false') }}"
credential: "{{ vars[demo].credential }}"
survey_enabled: "{{ vars[demo].survey_enabled }}"
survey_spec: "{{ vars[demo].survey_spec}}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
when:
- workshop_type in hostvars.localhost[demo].workshop_type
- hostvars.localhost[demo].survey_enabled
- workshop_type in vars[demo].workshop_type
- vars[demo].survey_enabled

89
roles/install_demo/tasks/job_template_loop.yml
View File

@@ -1,56 +1,64 @@
---
- name: block for job template (non-workflow)
- name: block for job template loop
block:
- name: add tower project
- name: "add tower project job_template_loop.yml"
tower_project:
name: "{{item.value.project.name}}"
description: "{{item.value.project.description}}"
organization: "{{item.value.project.organization}}"
scm_type: "{{item.value.project.scm_type}}"
scm_url: "{{item.value.project.scm_url}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ item.value.project.name }}"
description: "{{ item.value.project.description }}"
organization: "{{ item.value.project.organization }}"
scm_type: "{{ item.value.project.scm_type }}"
scm_url: "{{ item.value.project.scm_url }}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
when:
- workshop_type in item.value.workshop_type
- name: "add job template {{item.value.name}} without survey"
- name: "add job template {{ item.value.name }} without survey job_template_loop.yml"
tower_job_template:
name: "{{item.value.name}}"
description: "{{item.value.description}}"
job_type: "{{item.value.job_type}}"
inventory: "{{item.value.inventory}}"
project: "{{item.value.project.name}}"
playbook: "{{item.value.playbook}}"
fact_caching_enabled: "{{item.value.fact_caching_enabled | default('no')}}"
credential: "{{item.value.credential}}"
survey_enabled: "{{item.value.survey_enabled}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ item.value.name }}"
description: "{{ item.value.description }}"
job_type: "{{ item.value.job_type }}"
inventory: "{{ item.value.inventory}}"
project: "{{ item.value.project.name }}"
playbook: "{{ item.value.playbook}}"
fact_caching_enabled: "{{ item.value.fact_caching_enabled | default('false')}}"
credential: "{{ item.value.credential }}"
survey_enabled: "{{ item.value.survey_enabled }}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
when:
- workshop_type in item.value.workshop_type
- not item.value.survey_enabled
register: add_project
until: add_project is not failed
retries: 5
- name: "add job template {{item.value.name}} with survey"
- name: "add job template {{ item.value.name }} with survey"
tower_job_template:
name: "{{item.value.name}}"
description: "{{item.value.description}}"
job_type: "{{item.value.job_type}}"
inventory: "{{item.value.inventory}}"
project: "{{item.value.project.name}}"
playbook: "{{item.value.playbook}}"
fact_caching_enabled: "{{item.value.fact_caching_enabled | default('no')}}"
credential: "{{item.value.credential}}"
survey_enabled: "{{item.value.survey_enabled}}"
survey_spec: "{{item.value.survey_spec}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ item.value.name }}"
description: "{{ item.value.description }}"
job_type: "{{ item.value.job_type }}"
inventory: "{{ item.value.inventory}}"
project: "{{ item.value.project.name }}"
playbook: "{{ item.value.playbook}}"
fact_caching_enabled: "{{ item.value.fact_caching_enabled | default('false') }}"
credential: "{{ item.value.credential }}"
survey_enabled: "{{ item.value.survey_enabled }}"
survey_spec: "{{ item.value.survey_spec}}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false
when:
- workshop_type in item.value.workshop_type
- item.value.survey_enabled
register: add_project
until: add_project is not failed
retries: 5
when:
- item.value.workflow is not defined or not item.value.workflow
@@ -59,3 +67,4 @@
when:
- item.value.workflow is defined
- item.value.workflow
- workshop_type in item.value.workshop_type

25
roles/install_demo/tasks/main.yml
View File

@@ -1,22 +1,37 @@
---
- name: set facts from role vars
set_fact:
demo_list: "{{(dict(vars|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items)|map(attribute='key')|list}}"
- name: provide info to terminal window
debug:
msg: "install {{demo}} on {{my_tower_host}}"
msg:
- "install {{ vars.demo }} on {{ my_tower_host }}"
- "available demos are: {{demo_list}}"
- name: make sure demo is a valid demo
assert:
that:
- vars.demo is defined
- vars.demo in demo_list or vars.demo == "all"
msg:
- "demo must be defined and be one of: {{demo_list}}"
- "full list can be found on https://github.com/ansible/product-demos"
- name: install all job templates
include_tasks: job_template_loop.yml
loop: "{{dict(hostvars[inventory_hostname]|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items}}"
loop: "{{ dict(vars|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items }}"
when: demo == "all"
- name: install single job template
include_tasks: job_template.yml
when:
- demo != "all"
- hostvars[inventory_hostname][demo].workflow is not defined or not hostvars[inventory_hostname][demo].workflow
- vars[demo].workflow is not defined or not vars[demo].workflow
- name: install single workflow
include_tasks: workflow.yml
when:
- demo != "all"
- hostvars[inventory_hostname][demo].workflow is defined
- hostvars[inventory_hostname][demo].workflow
- vars[demo].workflow is defined
- vars[demo].workflow

24
roles/install_demo/tasks/workflow.yml
View File

@@ -1,17 +1,17 @@
---
#these tasks will install a workflow
# these tasks will install a workflow
- name: "install all job templates in relation to workflow {{hostvars[inventory_hostname][demo].name}}"
- name: "install all job templates in relation to workflow {{ hostvars[inventory_hostname][demo].name }}"
include_tasks: add_job_template.yml
loop: "{{hostvars[inventory_hostname][demo].job_templates|dict2items}}"
loop: "{{ hostvars[inventory_hostname][demo].job_templates|dict2items }}"
- name: "install workflow template {{hostvars[inventory_hostname][demo].name}}"
- name: "install workflow template {{ hostvars[inventory_hostname][demo].name }}"
tower_workflow_template:
name: "{{hostvars[inventory_hostname][demo].name}}"
description: "{{hostvars[inventory_hostname][demo].description}}"
organization: "{{hostvars[inventory_hostname][demo].organization}}"
schema: "{{ hostvars[inventory_hostname][demo].schema}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ hostvars[inventory_hostname][demo].name }}"
description: "{{ hostvars[inventory_hostname][demo].description }}"
organization: "{{ hostvars[inventory_hostname][demo].organization }}"
schema: "{{ hostvars[inventory_hostname][demo].schema }}"
tower_username: "{{ my_tower_username }}"
tower_password: "{{ my_tower_password }}"
tower_host: "{{ my_tower_host }}"
validate_certs: false

22
roles/install_demo/tasks/workflow_loop.yml
View File

@@ -1,15 +1,15 @@
---
- name: "INSIDE LOOP - install all job templates in relation to workflow {{item.value.name}}"
- name: "INSIDE LOOP - install all job templates in relation to workflow {{ item.value.name }}"
include_tasks: job_template_loop.yml
loop: "{{item.value.job_templates|dict2items}}"
loop: "{{ item.value.job_templates|dict2items}}"
- name: "INSIDE LOOP - install workflow template {{item.value.name}}"
- name: "INSIDE LOOP - install workflow template {{ item.value.name }}"
tower_workflow_template:
name: "{{item.value.name}}"
description: "{{item.value.description}}"
organization: "{{item.value.organization}}"
schema: "{{item.value.schema}}"
tower_username: "{{my_tower_username}}"
tower_password: "{{my_tower_password}}"
tower_host: "{{my_tower_host}}"
validate_certs: no
name: "{{ item.value.name }}"
description: "{{ item.value.description }}"
organization: "{{ item.value.organization }}"
schema: "{{ item.value.schema}}"
tower_username: "{{my_tower_username }}"
tower_password: "{{my_tower_password }}"
tower_host: "{{my_tower_host }}"
validate_certs: false

3
playbooks/group_vars/all/01_deploy_application.yml → roles/install_demo/vars/main/01_deploy_application.yml
View File

@@ -8,7 +8,7 @@ deploy_application:
inventory: "Workshop Inventory"
playbook: "playbooks/01_deploy_application.yml"
credential: "Workshop Credential"
survey_enabled: yes
survey_enabled: false
survey_spec:
name: Deploy application survey
description: Which application do you want to install?
@@ -34,3 +34,4 @@ deploy_application:
workshop_type:
- f5
- rhel
- rhel_90

11
playbooks/group_vars/all/02_patching.yml → roles/install_demo/vars/main/02_patching.yml
View File

@@ -8,15 +8,15 @@ patching:
inventory: "Workshop Inventory"
playbook: "playbooks/02_patching.yml"
credential: "Workshop Credential"
survey_enabled: yes
survey_enabled: true
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -26,3 +26,4 @@ patching:
workshop_type:
- f5
- rhel
- rhel_90

57
roles/install_demo/vars/main/03_hardening.yml Normal file
View File

@@ -0,0 +1,57 @@
---
hardening:
author: "Will Tome"
category: security
name: "SERVER / Hardening"
description: "hardening for Linux servers"
job_type: "run"
inventory: "Workshop Inventory"
playbook: "playbooks/03_hardening.yml"
credential: "Workshop Credential"
survey_enabled: true
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: Configure Firewall?
type: multiplechoice
variable: harden_firewall
required: false
choices:
- 'Yes'
- 'No'
- question_name: Configure Time?
type: multiplechoice
variable: harden_time
required: false
choices:
- 'Yes'
- 'No'
- question_name: Harden SSH?
type: multiplechoice
variable: harden_ssh
required: false
choices:
- 'Yes'
- 'No'
- question_name: PCI Baseline?
type: multiplechoice
variable: harden_pci
required: false
choices:
- 'Yes'
- 'No'
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
organization: "Default"
scm_type: git
scm_url: "https://github.com/ansible/product-demos"
workshop_type:
- f5
- rhel
- rhel_90

7
playbooks/group_vars/all/04_scan_facts.yml → roles/install_demo/vars/main/04_scan_facts.yml
View File

@@ -8,11 +8,11 @@ fact_scan:
inventory: "Workshop Inventory"
playbook: scan_facts.yml
credential: "Workshop Credential"
survey_enabled: no
fact_caching_enabled: yes
survey_enabled: false
fact_caching_enabled: true
project:
name: "Ansible official awx-facts-playbooks project"
description: "Repository containing playbooks to support fact scanning in Ansible Tower and AWX"
description: "playbooks to support fact scanning in Ansible Tower"
organization: "Default"
scm_type: git
scm_url: "https://github.com/ansible/awx-facts-playbooks.git"
@@ -20,3 +20,4 @@ fact_scan:
- f5
- rhel
- windows
- rhel_90

47
playbooks/group_vars/all/05_grant_sudo.yml → roles/install_demo/vars/main/05_grant_sudo.yml
View File

@@ -8,33 +8,33 @@ grant_sudo:
inventory: "Workshop Inventory"
playbook: playbooks/05_grant_sudo.yml
credential: "Workshop Credential"
survey_enabled: yes
survey_enabled: true
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: Username
type: text
variable: sudo_user
required: true
- question_name: Time
type: integer
variable: sudo_count
required: true
default: 10
- question_name: Units
type: multiplechoice
variable: harden_ssh
required: true
choices:
- 'minutes'
- 'hours'
- 'days'
default: minutes
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: Username
type: text
variable: sudo_user
required: true
- question_name: Time
type: integer
variable: sudo_count
required: true
default: 10
- question_name: Units
type: multiplechoice
variable: harden_ssh
required: true
choices:
- 'minutes'
- 'hours'
- 'days'
default: minutes
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -44,3 +44,4 @@ grant_sudo:
workshop_type:
- f5
- rhel
- rhel_90

11
playbooks/group_vars/all/06_debug_info.yml → roles/install_demo/vars/main/06_debug_info.yml
View File

@@ -8,15 +8,15 @@ debug_info:
inventory: "Workshop Inventory"
playbook: playbooks/06_debug_info.yml
credential: "Workshop Credential"
survey_enabled: yes
survey_enabled: false
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -26,3 +26,4 @@ debug_info:
workshop_type:
- f5
- rhel
- rhel_90

11
playbooks/group_vars/all/07_security_patching.yml → roles/install_demo/vars/main/07_security_patching.yml
View File

@@ -8,15 +8,15 @@ security_patching:
inventory: "Workshop Inventory"
playbook: playbooks/02_patching.yml
credential: "Workshop Credential"
survey_enabled: yes
survey_enabled: true
survey_spec:
name: ''
description: ''
spec:
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
- question_name: 'Enter host to configure'
type: text
variable: HOSTS
required: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -26,3 +26,4 @@ security_patching:
workshop_type:
- f5
- rhel
- rhel_90

3
playbooks/group_vars/all/10_openscap.yml → roles/install_demo/vars/main/10_openscap.yml
View File

@@ -8,7 +8,7 @@ openscap:
inventory: "Workshop Inventory"
playbook: "playbooks/10_openscap.yml"
credential: "Workshop Credential"
survey_enabled: no
survey_enabled: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -18,3 +18,4 @@ openscap:
workshop_type:
- f5
- rhel
- rhel_90

7
playbooks/group_vars/all/11_developer_report.yml → roles/install_demo/vars/main/11_developer_report.yml
View File

@@ -3,12 +3,14 @@ developer_report:
author: "Sean Cavanaugh"
category: developer
name: "Create Developer Report"
description: 'Create HTML report using <a href="https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts">Ansible facts</a>'
description: >
'Create HTML report using
<a href="https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts">Ansible facts</a>'
job_type: "run"
inventory: "Workshop Inventory"
playbook: "playbooks/11_developer_report.yml"
credential: "Workshop Credential"
survey_enabled: no
survey_enabled: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"
@@ -18,3 +20,4 @@ developer_report:
workshop_type:
- f5
- rhel
- rhel_90

16
playbooks/group_vars/all/20_f5_bigip_workflow.yml → roles/install_demo/vars/main/20_f5_bigip_workflow.yml
View File

@@ -11,11 +11,11 @@ f5_bigip_workflow:
schema:
- job_template: 'F5 - add nodes'
success:
- job_template: 'F5 - add pool'
success:
- job_template: 'F5 - add pool members'
- job_template: 'F5 - add pool'
success:
- job_template: 'F5 - add virtual server'
- job_template: 'F5 - add pool members'
success:
- job_template: 'F5 - add virtual server'
job_templates:
f5_add_nodes:
name: 'F5 - add nodes'
@@ -24,7 +24,7 @@ f5_bigip_workflow:
inventory: 'Workshop Inventory'
playbook: 'exercises/ansible_f5/1.2-add-node/bigip-node.yml'
credential: 'Workshop Credential'
survey_enabled: no
survey_enabled: false
project:
name: 'Ansible Workshops Project'
description: 'official workshops from Ansible'
@@ -40,7 +40,7 @@ f5_bigip_workflow:
inventory: 'Workshop Inventory'
playbook: 'exercises/ansible_f5/1.3-add-pool/bigip-pool.yml'
credential: 'Workshop Credential'
survey_enabled: no
survey_enabled: false
project:
name: 'Ansible Workshops Project'
description: 'official workshops from Ansible'
@@ -56,7 +56,7 @@ f5_bigip_workflow:
inventory: 'Workshop Inventory'
playbook: 'exercises/ansible_f5/1.4-add-pool-members/bigip-pool-members.yml'
credential: 'Workshop Credential'
survey_enabled: no
survey_enabled: false
project:
name: 'Ansible Workshops Project'
description: 'official workshops from Ansible'
@@ -72,7 +72,7 @@ f5_bigip_workflow:
inventory: 'Workshop Inventory'
playbook: 'exercises/ansible_f5/1.5-add-virtual-server/bigip-virtual-server.yml'
credential: 'Workshop Credential'
survey_enabled: no
survey_enabled: false
project:
name: 'Ansible Workshops Project'
description: 'official workshops from Ansible'

2
playbooks/group_vars/all/30_windows_iss.yml → roles/install_demo/vars/main/30_windows_iss.yml
View File

@@ -8,7 +8,7 @@ windows_iis:
inventory: "Workshop Inventory"
playbook: "playbooks/30_windows_iis.yml"
credential: "Demo Credential"
survey_enabled: no
survey_enabled: false
project:
name: "Ansible official demo project"
description: "prescriptive demos from Red Hat Management Buisness Unit"