From 3239f2ee6aa39899465c95b9df554161857e73dc Mon Sep 17 00:00:00 2001 From: ipvsean Date: Tue, 21 Apr 2020 20:16:09 -0400 Subject: [PATCH] syncing source to git --- choose_demo.yml | 6 +- galaxy.yml | 23 +++++ ipvsean-product_demos-1.0.1.tar.gz | Bin 0 -> 12781 bytes ipvsean-product_demos-1.0.2.tar.gz | Bin 0 -> 12638 bytes playbooks/01_deploy_application.yml | 4 +- playbooks/02_patching.yml | 8 +- playbooks/03_hardening.yml | 46 ++++----- playbooks/05_grant_sudo.yml | 6 +- playbooks/06_debug_info.yml | 6 +- playbooks/10_openscap.yml | 15 +-- playbooks/11_developer_report.yml | 2 +- playbooks/generate_readme.yml | 5 - playbooks/group_vars/all/03_hardening.yml | 56 ----------- roles/developer_report/meta/main.yml | 15 +++ roles/developer_report/tasks/main.yml | 5 +- roles/generate_readme/meta/main.yml | 15 +++ roles/install_demo/README.md | 23 +++++ roles/install_demo/meta/main.yml | 15 +++ roles/install_demo/tasks/job_template.yml | 83 ++++++++-------- .../install_demo/tasks/job_template_loop.yml | 89 ++++++++++-------- roles/install_demo/tasks/main.yml | 25 ++++- roles/install_demo/tasks/workflow.yml | 24 ++--- roles/install_demo/tasks/workflow_loop.yml | 22 ++--- .../vars/main}/01_deploy_application.yml | 3 +- .../install_demo/vars/main}/02_patching.yml | 11 ++- roles/install_demo/vars/main/03_hardening.yml | 57 +++++++++++ .../install_demo/vars/main}/04_scan_facts.yml | 7 +- .../install_demo/vars/main}/05_grant_sudo.yml | 47 ++++----- .../install_demo/vars/main}/06_debug_info.yml | 11 ++- .../vars/main}/07_security_patching.yml | 11 ++- .../install_demo/vars/main}/10_openscap.yml | 3 +- .../vars/main}/11_developer_report.yml | 7 +- .../vars/main}/20_f5_bigip_workflow.yml | 16 ++-- .../vars/main}/30_windows_iss.yml | 2 +- 34 files changed, 394 insertions(+), 274 deletions(-) create mode 100644 galaxy.yml create mode 100644 ipvsean-product_demos-1.0.1.tar.gz create mode 100644 ipvsean-product_demos-1.0.2.tar.gz delete mode 100644 playbooks/group_vars/all/03_hardening.yml create mode 100644 roles/developer_report/meta/main.yml create mode 100644 roles/generate_readme/meta/main.yml create mode 100644 roles/install_demo/README.md create mode 100644 roles/install_demo/meta/main.yml rename {playbooks/group_vars/all => roles/install_demo/vars/main}/01_deploy_application.yml (96%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/02_patching.yml (79%) create mode 100644 roles/install_demo/vars/main/03_hardening.yml rename {playbooks/group_vars/all => roles/install_demo/vars/main}/04_scan_facts.yml (76%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/05_grant_sudo.yml (51%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/06_debug_info.yml (80%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/07_security_patching.yml (80%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/10_openscap.yml (93%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/11_developer_report.yml (68%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/20_f5_bigip_workflow.yml (89%) rename {playbooks/group_vars/all => roles/install_demo/vars/main}/30_windows_iss.yml (95%) diff --git a/choose_demo.yml b/choose_demo.yml index 9038f67..0769ac3 100644 --- a/choose_demo.yml +++ b/choose_demo.yml @@ -2,14 +2,14 @@ ## example file for how to choose a demo ## chose specific demo or choose all -#SPECIFIC - example that installs just the deploy_application job template +# SPECIFIC - example that installs just the deploy_application job template demo: developer_report -#ALL - example that installs all demos +# ALL - example that installs all demos # demo: all ## Ansible Tower login infomation my_tower_username: colin my_tower_password: mahalo my_tower_host: test.rhdemo.io -workshop_type: f5 +workshop_type: rhel diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 0000000..f3906d5 --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,23 @@ +--- +namespace: ipvsean +name: product_demos +version: 1.0.2 +readme: README.md + +authors: + - Sean Cavanaugh @IPvSean + +description: repository of demos to showcase Ansible features. + +license: + - GPL-2.0-or-later + +license_file: '' + +tags: [] +dependencies: {} + +repository: http://github.com/ansible/product-demos +documentation: http://github.com/ansible/product-demos +homepage: http://github.com/ansible/product-demos +issues: https://github.com/ansible/product-demos/issues diff --git a/ipvsean-product_demos-1.0.1.tar.gz b/ipvsean-product_demos-1.0.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..f942977b07a846060d3b504fcc4fbc2fffbdf159 GIT binary patch literal 12781 zcmYkCWl+^&x5YUiT`Jv(bayvW0@B?|3(_5j2I+1&Akrn>CEX$&(%sEDa5(?#yziYm zcV>UwGtbQau%5Mkd(*^XV5H^enIQxAE?(}|mR~qr+?=gEKY5s2SvxtqbMSC-bMkO{ zSh^vd1+IFn4rLU$?~C8Mm`&}7>y5iBWDL{0_V|dL3pb~>uGTfNL#)1e`Oiei%Dlrt zc0@|6^6Fgh&AG@?&+V#oVPetbl^4O>#2%IX`+2c@zNQNtaJ#+it)6I>7&Mv!UAPm+ z63?)VR`+R#RFqe===|k%)NK;Ly)Lh)acGHl`;0zKH*WuaL=SD5a?N=cCQR$k{*`X( zn)@r0B_+N81Lltu35YE_?m-rwvOf!i$uNuQh)fxI`^GROS^Uj1zlb&e&aP%&gxP>{ zuYI?Yui#3D;?JCR$_3uZ8`$#|RCuBk+j$^mIcv;q$2SLxoq;buDZiXYZL4uSX$+e^ zaHoC}w|O(Xn+UPuHQk-1CnDQoS{B>pXG}c8j6d4;c~5P1nH!ku27d4Ec>M;pzr2OH zzY+$Q|7)4S@vi!N>@r#)C5gNhENeWr$1VDXeUme3XZshX;85A(^Dz%AJ`XB z1pOlBqdsWNyB}90y{F67W^8{wrS5V#SV@p?BmeDKiL8A7TEqMvK0m9d9uy#&13NQQ z59R*#a77oh8*9(I4VED##s?27&+W|^lM6Js)jI|l@!Soomwh*X0uL>bAsTM`kP3!ssfC4+NaxWhb>YJVPN(()3f zY-Tc~Pu4+K)StU-@V*Lg3s=?D)8L&iG+1HM_CiV{@OyVgCi z_S&6x(F7{)hd-5qUsJ5QD`!N4GaMb5^S`XTw>aT1K=K38axONaOy8rZ7f+xz?o%K| zsCp7H{3aUTudpt!@GUN0J;Es5$SC>T{=xFugySbA&4RKJZmeO<(MtE8*0>Pvm!qE< z6_qHtXk3JlT-Hl3$DLPGcBIa(8j$!|8}ZV`_&-R-JhM3Bi=Y<;%Q>HNaww2yKmRhR z46zo;$0j&+U)<`x&>Zv%)vK~inSg|_u8J5~#NeIXMISJ0W;Vf)9N zZtOLzPtD`f%rjI1E~e(6+EH`mwm>8NjGGdsp!NnoaTZ`&KFf`exPc<_@e}n8;mrFt zs_QsXGe?7846p`oaF=Wo2xxWZ)uu56UP^;R#7c^mLdFCC;uF4AI)zIrTTaHi-N3>W1pDMZgTpjkn-LMPzB!_5-Ih3 zNT7||u#PINV0TN)l~VTr8K?4nlU#ivthstsnn4wdc@gyf%&w*yv{T5ZScr!m-0Lzw z;}HRJ)g-j2N0KMYaLSV8d*Bqxt5YR?{{DB<>IojMIGR^VFsD@l!?mpWBIFg;9)PO1 zI47X^Ann2}Zc|?4d;^%aV75b}FE*Eq)G~tPjz#&$l6`^?SNsXBfI>IISwq zKSTCi265L_$jSuBFsj~2sG*!%`;eCgSBP)MS|X^ZcwrS|j`GDd#eE1~4lx&1Z|9rB zfMoYhzFX9Qw2RM#C1eKXNdg*z{EiUb;b0M5_EnJbxVPyne~2MY>lT~n4bm!E1@`s# z7VpukIO|_(TU>_&*_rfXK;Gi==^ZLgs=IP(gP4of68x;!KPyV?OB{SF z#!-%u@B~mMJ#o@uk%cQ*a7@wz$_zto5Re_%pe~tGYtC8D$NdGYQ&CG@>Z&(bV3sQc=H}*9leOdf z49}wsw&0E-i5Zskz?eBmi(7<=_vJdszhR}BZqRGCq`kN-(NKE>hNq<)ItPsngU{0dpl(VpEvma+C*c#{Wv`VjO z+O&|pd^KG>hlWs_m)Lj6uU%TR7!&!_iJ4PcMtw&#ey0PGGxuC{Vb4fI#^6_Avy1-Pl-nadyC}Ef{ z@P9{D8c4t5pVGB~(#F%FdA2!~$9Uo;`o4X)%7YA{K)Vs>*KFH)QDfWQ99zm2;?TEq zOna$GA0XYFE`30(G^NTTPJjRC%dTvU*~)h>>;n2ii1bEZQ-=o1qF)DURqYS4<|Wki z1buQbkm^ScC_GLWwvY+Lx6At|dSC(DH~dqhK!9}f;$v(fdWe(jhw}X;M)Z%nN9+Zl z-og_W6ZH1T^0j%K#r+U#Qd%VYV8m2N^Ivze-`>XVI%=qRa!nFRZ37i{#CJ13=vlG` zuM|ATuaIsj&F7s6T+EP`648fze;g^Wa9(1_SSjifm##p7M6NDGp@#^(wawHRKIQl?pTShIP0?|Bj$%qG`1zr=-%PjEOH*4rp6Xipw*#d!U#dh<>7>5DM*NC8X5}nfIQai*v}SqKpr? zi^%LJs5w(=8>sK?j;VjzmlSQe;*7|vlwtgHfy#NMg)Jkn1ibok^iy67f+?ceg>qXt zK%9?TrWMm|t*M@JGLL>K> zIUkUXXFU3wk#kprz4&QEGSGBh{vg+mI4wEy!~6a4Ca7qO8(RTwX;3KeuT^jIi~!D76h_6aFhY> zyaVgoK9_E9{JANu=Y-)OUw&b@Jb12VzZ5z{hd*7k?6-V3zFjbE2p9^skM3@tmwKN4 z-&)-RVLc+G9?K6Qh$9FQG=vbcK?nhoAm&6DfKC9SO>>`XkcmaIheZ;2Bh|xt{ag-( zyI;Z72M^3+)U^VFv;z=wLBvWYm9kK1g&nL?Ru*>5HE8>0E$~jQC*j{amH7ap6e9E% zIP!z_fFDc2LDL?HY4wEs0AuVID$@`wg-z4s17Ln2h~e!eQ#m&rf?HBxi}tVaUv&p7 znz^^H3toy(2u^w;fB|oDKpR(EQu?jllhSs?bMVDR66j@k%4@Ki|V6WDBKZcwi2xAe(IzmGG)39{Kx5os^wCgeU3A0bG@42rDNgzXnQ{ zPrzPNz=edr>+R{N_BDKOTyBX%U-PCw%lgHtSKnf#yPhbW^RYX5x?@R;;ol2gqrCLz zRaN7L`a@oMC#%(Wq4rii(&K+dmf5r)Z8IMs(?38YN8n4-2!P`$BlMi$5$Y^93{Z2+ zTqq~~a1z-~Sem=~`7R0l=Z*YA3aW9fghN4I37S2Xnd#t^dGM#{8Di6L=jqv397kXE z(oP&A+gAz&5~IgsOXL7k6)@@sqv#i|j`(b(_qA zc}|rX!{+9sm61;R3@`av+=3Q{B*7c+cfZ{Se=D@9VCA!gPb*lDZ|{>QH;e{V5%Tr~ zSY%u{Y`MlGEt4MAk1T23ReejXJkJf9g@c6D^u-!X%E}XAZ=D+Mo+_(Rj&&HqySdrC zS*lz~`yEis8#Q6=(A1cB;D`oOn9@d*e+I z%XcF6d;FkDA02BgRGD8mgZFDv!iQy$m`M&g%hcK)G*%jUHih{5gb#UZ$`ywce~@`sfYwx&fWf5??2QM<}xhHNr3Qy_FRv(tHHt4Kw@Sf zJ)*@!E)O8jnZE$OiMJU0n>a4@S;YEhCeiqeC0nDU^+{=Lx{4?x*Gr?N>{`n`poe*1 ztmEeV!N53<6-n;yRPN6dVo7@C=JQjYtsl28`-Vk{itfE;b-aZ#CCVo*udb2!Co{Kl zCka#cyfCd{hHRtd;e_*Q5qJOZKv;jYw)8s|d<$xg@EkYZA~Ged;2-srchtO?-JRuv zE30DYMKh!bJr?w$zD+?ES@`3Ntksu9G|Lv34^}cZNR5N15KK+1ld9{q_|7BY;Xr>y z!9U89%$e46H$z|@L=T0EUx$;)0AOEY_7{lg83A&=5&`crU{otICN9--XqkDuq@Pt# z753VP8Jv%FPSWS9aFnKapA=yTqy9OUwy*p$oc%{~fK+ya%eJjnx`6nS z0>%}BLSJ>pi6 zyxb`ejtQYW#t;jjd_+n@g4XB*`c%d%&vaE|mt($|%qeg`F7)pdJW^nlRRkNqh+9SdU^ zo|XA8nKH@bObm3GAhiz91mIS3M&2hV%ygjeP<)nF&5!lkimk$zSBuOGn9Zj274*&Z z=&h@3v6lT5rJg!6&FSJV__{gC8?X7J8H|nGVZCn=Ii{QQh7vxOBA*9-q)&t>eyrC! zOYcMB8O66Wq~1M}1O3LoK9b`(B+-};49``BwY_jM=aY9(zx!YB7#)>|h2< z+5;~SI^qgJy62Np^fXm%>VWv}Q*vL)z!f&VJ73ZsFn5UoZlc8o;*P*V2>FjX>DT!9 zBc4r0pBb`VIzNM|FTSIoMX$jobawIx?hIa{s9?-0@86Z;x^2=*C~>j=Z7Ysjrc> zTxZq(5g#f~Xo-1frp5ArS^eajc!?kU;LbvT&RxGtI4{ATJt;lZt&x9LM#py5BvsL+ z@a!Cs#8`%-baO@?Y&wM)Cw}N@M8F>y7r~Wi78Er-HlLfFSPy|!!h@dY$BoNJ=TYR% z?>Au6*~%O6B(D`5ze@^ed-GIFV+KI;l!T?#%_*6MIwxiajdHmsR_ZWO@Lm#Kr;4Bs zecwag9BnA-KS)G;$d~fJa^AgDxjr3KS2ynrf*oJ<%29R)-1(*FhHM*6*14!~|7Tgy zy07*lGoYd~arw)}`TCCG3cSjXvGTm3?aUSf=Q;sz(Lp7S0_C*lBmso#1fR^%u>SXD>KY-8$~S-wGZ`h z91H6)-){XfUqii-=u2ySta$5kbnQFK!2HYiNH06Jx8gIQw)hmb*s{6i{0xxyJElyk zGzg8d;}f~y{nbqOIZ`?qk=G=O`Uj!`w~tZt&WQL@p2USTQ4}|lR0zF{VQN(U!);b7 zO$agdjfW@WvcUC=uUjV?IK?8zuEmEmLX5jIoJ>_3fw8M~slu-$SE5_L=5{TYYBmCT zIi^+LWOdH<6=^*MoHtH|BA8t-FPqD6dQ@?PvXs9GsS+;8a%vaQFY7z!4>LVo5@f=T z(>qBDT<)&jL7Wh&EZEb|=&A5?+#s_jT$l-3R8xWCQJtDd*S1tL&odI{noTz&$0Y=q z$i$)GA* z!^53i+?qK!HqGJn9Q7CzGNUB-K6*IhcQj6vHOaeedgVmL-|voocNx?uC)*=`iwVqm z)WD1EjJ~cC7lsBaob)5F{8~DoQNW=8vHEGbD2*oSQ2iumx#ers7mdfzs3G`QkI9Y} zfL|@ugQjiI>s&MANnA~A_R`=(7)=Q`a${5!1BUxHQ>Po_lvKFkvfhE+j~6f^ZS%A6 zj16y0knZQR?uirv&I&g1e=Cuwo^H#GiRt6W!L|uI_P|l_;~Wk~lDC-7UWI?gwIT9p zQCaa!y#lWS<{+Sg~$@A<=?mrP92T`iMXUjl&H z1p!@>e?ffp6xKsw3@!lgP#AzW0Viz&1dUGR0pRTQ+`^1!LJDZtsUSAE|2Z4uqcbV5 zVIcD)pvSedWl?fNZoPotT4Av&ko2!vMX#jos^i!c=Hsrlb?;i=4~qXCku0`d*3;$Da54*1>4^kt@uZgNrxAf_; zA_~^x_7@7UpPt6cdXy>~=tQ5VQ6Gnuwtpep0`_rJ{hCAaTbT^5FRA;(FBbb&25@%a za_iCKjHV$QOj4cVet~mIC&f}%`Js1&r?PNoRgGen`3?vZ$mE|NP6vdbQTLGM^&6n0 zAD|Otp0XVg$I$Pn z-5VHTe`fLJW^#{*jJ-Hzt9e0V)5Pw+cwslJAILP!uy&gHaz6JLv$ac#X0-aFR2dB* z(#BU+Fnbu_wdxhLNRV=*_CxrhRy7u2oWuCfJ4+xoh!C|4z69`|s;6>p0N+|-Jgdjy zdkB;-|NFN&JtA?_vcFGnd2ZNN155;EyV*WE!Bt9|$daO6s9gosWQX({*=#+u29Je% z(8EV!>hEP>hz;N7jSs%br{-&)8`C=-5@!%jBwgvj>In%!tq$r9j_t7t)RI98-Nj^y zzo28OqPANZ9V^&{LQLT`rNI8Ka4`=C8n#rM9!z~!wOSIG(R~AuJwMlen*sd3wa_62 zCC>jF*q3blmujyZvF_b`kQS=_e%BK>>BoiX1?0a}uD|un3&TA@olu zZ8*?2U6I|8VaZ+6*h%7Fg?3Qho1Qn=D()&pL&qJZ$?PA}{I#%yImgCA>ytc`njFf%%YsO*5%vR~{EU?=v&UL1%;r_7$z0eln)2o5}fT4rt?;p}}+ z^VhT6{FLXaYapD#ddb;1@}gx#?iFU?ckCyro`5^&4GA!e?{xe^_4=&gB5E4%q2q@o zaPXZ+hP)!+*JH>*tVlFSs&86MD#E@S3FrRwGWZ?l-B-o8-xl+v&9>~mS9BWe&Ckx5eF`ug z_oplBTwV&r4sg)3pfL#HZR*22JKmy;GX#Dl7Ue+w87Cot{Byl)65fUoqA3iOTskhVGK zQz6-M!Vpr^=rBv-VND_vPW)2m62TgZVjSPt6#>W-_;?#Q&8Si*=E3ryQaY^-b|*+gf_~ zZBGR|UqU0q#~8yEI#C$uE*y8_JoLw7zf347Qnawbs+?ry<~mKoqc=$bk6!Z=th zA1z0ShPr!1ijw+6<5G~vb$*bGnN(o?;)%6?*Qs+7!kAzyR=G8zXZ;Brsr47&bJ_w{ z&;MolG(_e}C)Jbs7RgIys=1itcKxi7so2(wrIO#UP{%mLLeitSB%H#~>QKGSiMYL~ zBLsJQBjW0$5cX_osh$?(4mFn_YNaCDtkBu~_>?#XL{)!;3#sv_75#&`{lJ;$y1`>5 z7N_sSX<8~LrX*o6eUW+C*e%;$%eIqkzAA*`kE<6ECR0uB9+p)b&O@;Sf9bS*|Z>UgJl!G{$c)j19CZo^=qI-9~UJUAu z`b#k|DHmmVQ-3~2Vkl^uEop1ne+I?E-yGM6jE5m@QMJ#qkP#sQ z+YJjud%9hbx*MH~(tM@-T$me5t?|R;j6n+&)!vuDb#*k=7I<)h;|S0nKqkJDx+2&3 z2an=_ad%RkO%#j*fe7LI3|n+mGUnQVDup&{B8|?q&Nl@H7S|wbFYkltHHxuuNeX%S z-iR^z;o}eK9E2)QBQ29KoLke>!yU{sXe(l@tLkSgg)+fC1wmQLGOU9 z_q<0bSJ$~zH$XG}F@Kt59h{e+U!t4>42zn>6lZrEkFo9ov*J%F0cg5nz#osV_@<;L zHh}ZhFMt6i)sO+;Y9E3l$Xt2=?@r)k9HxKpsD~P1e;s=5<~?BFnMD$@!0l{}L%79` z#NbcnFPDdRg}^los)=Tj?FdcqmI_GrDRMdn|2 zalTVSSp?PX@GGss^!Rc6xU2Uros@sAH8e#|X$R z&1u^GAzSuXKz&%w629ud9IVg+)ddhAvK5HTLpuz=cP?(QGiJ{+8UUvrKA@&o6>`>GX> z?;cSDEH!84-B#D__%o8fifJsPKeRPJo3qcn$h0ecl#a$SV`acnPkRrlb68;*+JA`aF!QbLP)sb@o>0&p0dLL$3jxLY2pGH!`V9+|vixj=`i6%#Aw=79Ri;jMA z!3cB!<#s@m1eu|dM8n%n^eT1MV6%=ms2pXVIK-{iKE?>!uSe{S)qB2RJnBVI#wvLl z9Vb`rA86K-R+Jl`ghWLCAB?@p2G4Ku2Bz~{8~i|vMA(JOHhA*)XLv0JLS4uY=KSyo zwr}MqkUlLr`2;_9GBt=T%`22x9>sx`)L&(sd!I&JwffY)cE{`()eqB6Kd_VXh6<5R zxGq$C0qM!}5O<$OHw)qHScR0l58X_cSGzNFvhDJ;nF;8$zy#6QTt$vg_iZdCpW* za=Um3$GBfC_x0zn%U@X?H6W?EyYNCuTD)J;MRX2Wq%>MrjQgY<^h5PSuB$d5QDs0? z?G-e+C&V2co8Hyt?@}MH1X}7W;og%v{PToY0HLnXBlJSd7~IIKBj7y^mMuD20d2Um^=W?4O$^d0ebBI3}0$<}2C;yKEHU z1VLHfdhf?Fzka|HDS)D+{OH|!%+vWDE=j2n9{qmH*%XtAM3_7BO`~Vrg46as)BAZs zs#g=KFC{2dx1w(4XwwzMr^1CoDZ!q`B5}fli@mn8#F|KAEaK8#ET`L%aFlP8py8e_ zce8>15Bn&MvJQ`?BPF9O{X^}ng*XS&D^~buA8piqSUrf_Q^RHlO(>_Kf zW1}vpK4ZnAI4g3f;oQTHgMRdhco0jevdbH$^~`m0?Ai$7c##kPK8LoOw`$92b}=QC zbA0L7(n_q~#lM5<(3B)1P@?`N7UGB~XM zyV6AvjNh-k*JtAC>oBvI;00-HFbRiW5VKrsxb4b>R!FI$4dEhbFf&*lYEw^!$ASXL4t=&G&9O#Q#KqVD$M(PE2$Ihz?9S7feSgq^ z2&$48Xw~Bs3+@#hc4NE^6)I?W>5L-xe`LQ2?l7_(h3w=_agF6zG>3iU(l%x$Y+*L$ ztwU{-NjBcFSDbe@f5!Wn;ib^E>`;ztxVV5Ni+PWd8>e451if|a?&Gi8)m>gTCj1ky zDx6!Gfbis7fT3Y!7eNflC?8!13qzp!wK@Y5_DW1KiTqrH|Buc*M)G$LiPz1jZ74~P zyMxIZc$BnO$V6(ZKa4z%>Q0L`3tj4Xz-q38P4)qq*hmk;*UScbBFVIY(bSIPdBT1>wqN#6>gHaEIKYel@481x9DS5aOh2v327jAhX z(0y5*@1#ab@#VF-EO@Eow)E5CO07h8r5y2_;R>-I+L-Q8@9twEzgPqh~7!8uu`^`eKc596_iTVc!rq*?ewmm%g?ZpCn(p-lPvbZyf%tVg_0D>R^% z^_s40@kTEf6mS${$f=Lp{%* z^f9|%LAHJYzxIA#W;d@_fAI)gYL{*@% zg!(h{?UdkH=O>HtUaUt9z1CX54lj4OGdof;!D*6gXHLlAob#+|{mve9>i}nyY8@ab z3|j5}dr@+4o@2HQ9HR|^H9QB;FTkf0h|gYv$>`a|Mz@k7XGBAHv05sAJ-6K2J+l2Z zPw!~Thm`mxl8=po-RV80E9kqndc!GZ%duPqQK{?a9y1Mgq@50+s-}`ac6J56G-> zIR4#z!y2=u?W<>;r>*6Sflc-X6hzYQ&NwZ8a--^6{U|6R8t@2R_MWCrwbZQ>&q{yo zq7Y7y#(CR{kq!(umZp~&mDXX=< xt1O>rvF0D^a19NrV(mJ}uOH*{xB2By|2bFs@6poZfei$}e_h}MMoI!9{SP}Yu+snl literal 0 HcmV?d00001 diff --git a/ipvsean-product_demos-1.0.2.tar.gz b/ipvsean-product_demos-1.0.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..2c07033a231b37d2d6331396037ec4b6feb3a9ed GIT binary patch literal 12638 zcma*NRZyH=ur7?d1h?Q$aCeskcL`2{y9XT{f(K`C8{Az7LU4jxf(3VXoA-Qs|Npr^ zRqLWJR;}u;>aNv~P{*O6W#H$VAprJnKAzT=E*x$iu3x>sc$t5-c6RmT;Nj%vNO$CUtQ2Ir1AJe_Fh4>L4!i6)9AvX315I8jb~*O2tZ(Wzidj`{Z#kcJp^t@;pkHGX(K8^DAe%DCpge{NdJl>9NTUqGa zFUS`>NK4lJi5lrWUA87uH@@nW`=Q@lXH063dTX^;tA`)Uv_I_naCYY+vFnT3h4&_| zViuLUQVF{yX~Iwh&M)t-cDY@vGb`&i9&AK&279g6HJ4z*Bzp|#LJg5rZ|*45R|tC| z_H@coM*&u)&F8FrkBOo#dzLn9mZ%cZu+^$hLG#u>ce{X%JGSoDA>DFgiLTCr`J<2V$k2*6j#4n8_5C33=CmtB0#j-^7$3Y z@tOpuZ!ztQFC$>lh!8Ix<9pM=#GQd=g`%;pxY0vAi9SpA9BklffpUh~zdj=Xc{aJj z4i}^HMJ@qbdoKQ?DxuQj7`djEDd)WFXz<3N7~fssc3$MEC_WW@d3bCAVU&JiKevUy z7-E?05BhXaFC^y9&o(+zOx87~A0UJF63n0S^_bvL_9Az9tb8tMBMW5WkpR$^bTLJmUj%>~M>3r#ICf0Su z0pvT+cf;i?Z}JWH?@Ke^(AEBMqoJ;nS5#vt7?9O`x9GDMA%8F#vI4uduCcK4_}*z>`>d$Vndb`EvhTGQO( z4i#;CyuYth7u)qL9VO#8t|fjKwb|#?6=5cPZs@;Max2W8^saA@=$eC~$x@jz1ikyw zCLq7s=(Jw}F6WhITO){agkLj4DT_M)ur}wUAcTdfPc##UFoQv=ABm@<(P%+p?uyr1 zyF(_2ylYi0jq^UwFQfP+UoM-&gdiCcQTSH%@rdlFzA&mJI2)|VZ%JViNM zFpDtzd)fwU)(u^0^jbaYcxm?#cHJbSHk_lYmDV{ii$eU&+oqtAX}#bo_ld^AUnxTl$; zC*@Y+GQZcBvaIvqx%Qr8tq?d+GGrG+^GfU7ScF258$)$a8sN5;@KFkVlon-fTPZm^ ztUJ=o0~Vi4SpI@pED*Wr(;UI|ArW6l>vlp6r<{|t4LM2N+Q+;mX0fB;ap1k+7=D- zOk!)>;i*ExN^Hz_dXTzOEJyr2aI@BpZGGv1}>9x9#fw8$;_ca^F%~5 znXaK&dkA6Nx&=n>g*~gpHpss?RNT1wh=VaqDytDE5 zCkhtz!mjBhweW7i<W;0xZqEt!L42!Vo?kI3peb>aXkTtxDId zQ*JU%u7S)HG_+x_@VW>e`D4iI_Qk-MypX{k@Fh4mq5Wu!GKyp|am8-ysD##rZI&K3 z=Vq?Lz3jy=aXxXW>uE7A=$-=Ijf@M{pWDifLSm)+BD@vAaspdA79WCe?eUXYBN1C< zc$?o7h5UY(d(0w~1;fvq*=`KPNETRbcBbK471AqwSSZBdwIqMw$8N~nvJXS3y7t0m z2*4!`P}r*)cTy;;D}xUl*nUhrI)Rov5ugp%Z!L?kph7SuI z)D?M1b>Cp=*XN*H^7^NL8kW^WI?&69# z_#EQrJZ~-uKK`NB&`MA7TL*g`k!Qd?1gcHsA`Ctwuc~Ct-*Pkff-@h=x8F4q62+&o z(uV71Ux}gVG;h)<+U`Dz@)CtPXko$^k_zWHcBi`Rqt*7HhZ%l5cG1#;WFhM#N?0?T?%D<+Vw$1W6kR3w6PObSKkqly+U z@nMPRfDBa4gPA?VDhIYUAL6a_) zD?Rodg`QT32-c98^JJ}xWu@OvrWeN-Yl4c~j1MBOh3j`3&4GD6t@hI1S`>id#=@2w08IPi+mM zrS{SY9M}~!r&jN_9c2OUl>=re-7Qn4s99qaV=mXCHCsPU+%etJZLdTNCOG+gjX z$fGG+oXsIK=mqlCM8Dwci-z`bsPw`zme{P#!n_)Fv% z>7`=B0rn7n|8b?Lw}b`%dz*pL2nWy96DAs!k>v%Oi$C14_*Xn$-6& z^p8}E$!j*OvlcCSOJ0!@LQHrwI6IzUN}(CBc>=Y-c+;3c*Rl-P<=% ztIlkcV2dSuFwN7!^3wsdd7A6`R%*8ZRFn4P3Hx+CU4JtTvMn&*eS#%}U_8L94(#dR zHFdYZ{Gb4slJqRSQ{W5?{L%iZz*!V{b@0kZa^CmYWjgZTn_7?5e?|&^z^FMgfz_EP z!N4gmSW=P(HHeP@ZT}~=hvL5j@o69j?Q||1aCSYkl7jqKb(=j) z?c21VZ29~j)}=>_=;X=FYnl1)y#6dU{6yg_ed08c^%61iVzQ$_q?jKWxvs&Z6Q^~o zUn{=-$lnWiKJK<al82|soJPJ-gglUoul-JMmOEYf0}HCB@TMg*6jPAAXl9or*X;t^aHpt z8cN^$1-B1L2DEeAJ(w_rR(@QdVvVb4{85-P&2E-tOzn8|(-1%Lp^&~%)>EM{alGl%E zW&P}$3b{Z&03Ua#;=1*MO{~_?`=GfWm{@agAq6PF5`#chu+nTYyxkShb_uMJFQW~d zSn$);7dKYShtS-90hjVv#M-mlr2V@++{0Dk`s5llsd4@JpmM;AH-?qQf5m^-LzIbN zds>KB0E`}`rSgWtD#*e>G`I^ zNdH$60FITH97@g= zan&i6ml4)V=p^yFc`Fzw_X@3@zJwOT!wd-J9RH^VDb9M6!-Rit%$gJ;)_-=`yyZik z-*sj)M1hDS=G!Bpa(kxE^HXzbZ)yEJ35-jJ+n{2YM-4=9sF{Qt@eurP3oIAGy960 zfidmveZam!LImq)Oa-ZtwLKX7pV2I8 z!j%;g6b<>Y=ND`LVX5#3N$Xl4J;Dt!Q!tLVQn536efj4)FJdJW4{_&9oS#tE70K@j z%MfhC_`6yP+~E4H$HNR7+3u+Y=Rl^;XHsp7z=wP(N34EJBoBnALkOys#DyDRCgD!$?c9RH`MQigs6ZIu2kAowU2T>F!VK)cW zoA@2{??_fqO#!m&E_=!S&=g{kRk|7;o`)tt z;(qtr0&qJ7sezua&IgZQ>pzj-n;j&4n$z4*UBacyQCz`QFgHmiZUe{ILLDdN%ly=e~aKFUa>HL@ZVxPWv~+#WZ)pjYt98wJ}D? zaQ+kM=rqmwe-}k(QgPZgQ@hQA6>9W#wf2bbiQO=p7tPq;jl1ZgyIU7ySefYNB&V|5 z>Y*FvwWc_jr!g|{Onm?o8TSp{Y)s8=kiV@P%YY^zaes;7)Dln*#E^xKni90vfr5R> z**(dD;QbdQXxqzf)cq$ZC7bGd6@snWPS+~qGn@8!EthQdjm7aL*5bb$UWmqr;#usg zA~!A0!H4YK8BwYz;F1gq9G~g!ZK3WY)y|~r3^AjLC-o|&wg7vbfXZ}$_z1|5KyER5 z!CkC71lU^uO^(`DUFz9E?`*^9zGEcCv zW;AoXTqk)w*N;DBDan&Qe4Tp}+p#$p+sc`Y6k;4!x>`!f4P7Ie}h>ff_^Y;D|o>Y4@<+MMjp zzLAov-T<1LUqH1m-?&?-;m+?Bkai&)kEUn^5laKKAB&J1)ykyiLyD+*azc>@YanHQ zpaulpqAAMgaQGah?i<0ija_hn;R=4)CIig;dh~GrOo|OA#jlnR*w+F{9NWM%c|FHl zI`YAL83|7948JgcmQWYhY$=xP=a3Xj_Sbr4w-F`dZjr*}5VL&kGKm(|3)~rB-Fo@! zHw0RybxTpIbqPqHtnv9u@2GLK0z3= zg5rO&f&9Z?&dWK2nJ+eNb<-0dCb!m^IG56O=B*#ctXs7R)e5Cf7R{RNp3+g-7ZFMy znueYR(u26hO+fEhMQvCUs%)Z!^tJ=flyiRh_hPVFkNcBH`1i(EMUI0#bSk}1Mw>Fr zn(e{+BzVoAhcn;&z33kzn9x<(U3WQ)DLNYw6LPgHI6d;_wfZfspH+X^YrE+{U7t6R z+H(ehC@bAds7>J;w5}ZnZHodh*P?B3@kKGV3V&I~{lW-gLO&o=JrJqu*TuxBiOwb_ zGzt5T0srMwC7oQYJW~ie7u->Scw1F1UF;0amEQMeak&J@(P;-yb(al(S76Yx*|Nfk z(GT!Rc3cFntsc0}mP04DW+>mpky-!irQ*4G(PZb!ALEjRV%6Q{?S|`(e3O*kx28Gp zNAr4z4F1&=?5#en;{4Y!SJmXDXgYRREPY1bU6K!o)n$86gDj?!_msMhxM2)L?!)v` zmrH~YFWoo>89K)sdrd;M9cgK)-*+M9k-5`^9#tcPDzO%S53ubfLTmI=-l(1cZ6^iV zmmQ>#4{uVWk${pKkETY&U&!JysBH?kppuf32o99b@BQYEK)MyaAYP$;gb)mlB|6S! z+hcz)P%F@>w8`Fp)U_F{-9;+r4w;(h7&UiXBK$NP>&TDMVRb7@DN7NGGn2`wQvfeP zRBP$>d`p3+kK}H9Z{{2$Kvb23!#*%FXZ#9ve!WPb^I@v3b7;cll$35)<>;7r-#uv` zPh4`pzJ_5R%4^T+W6Bb55@~P1nqK#->jRO>&3G9y<3XB=CkBKuvI+xo5=XjB!nZ^s zp#PoXT3wCRgB?$djlM39@6LbokoR?8E3x%MjdOv!HM(uW%^&@(aVY5N4Du^!$hE0T755AE{(Gw zGws1-(;Cou#0(b zzXxGOS_aLLY)CDQ&y|XoIY18S?=!t0(?jgan_q2z?y!9?Y%j<--~OO$Vs;#4n+^Yn z;sjkv2KZ~g0SfI-3OW}oRrakg^L8$Pk&eUcK-SZIjr`gW?kquptzcesG~INkB59eL zv8yLqv@;+}%i$n}MIDrYyiE;;T=hy=Ur7F;*g;l))fN_ASp@{Txxm)ijDEkcM8q%7 zE)3FwUZ9CbyHqyVJ@#yUf5iwgH4*QNAgDE_?8;m9F(WcD!DyxB+V+v>YN&s>hsP{@ z9w7X$s41~Yn|+*(|^Q=@SMa~WHu&Olx29#v{Y_IDa-D^#vu2Bul$ zSFbv0)2-iFC&5nG1->_z8%u=BKYMCj=OmOQ_S2@QixoD04o|j+mFkpAPI!L#?AFlZ zuZtN|=(NqX7tg}iiuBv^m{#-{aLP5bZLnCucK;aB#Q+X){swd#j%$LVZ*ynIx5!fnQ8&W-PJ z!vy4JRD`}WKALy}7+Giphc>XtwU_(dKb<}W@2PzHo~|VESXV~^`{C~~j}xh6thrk2 z;_RPRbVT8P-tRNtM$*f2$}%Z@jd^_A0y347s6f68ls9VIfZjbd+=U3N-D_~>5|(Mx zdI?Q;Ye(6^xA655MC*!?1!YE{U1N3(oA1&u4D(EwJqpA&#VNxWPZRc8Pe2Pp_?RuHIpnc(%@UT^flB z>k{?sZUV%Z>1E*YhJHr-Nk4hANbkxem@?6Zx@9N~WC}4BzInMqSI-7Ed2OKG&7SSI ze>6qCKl=Ct$3wCUGk(L$($X5Hcr|86DFow-Zm6GD-hwgU$=sT0YqD@XhP zKs2&=CFC5$X-NvMHWh~YK&h-Gq zOWI%-q&Khp0-Be8Z0GO216mZG3()yHNp78R3*&X0C&$LbA>N=_j1pgQgc=OaZjNji z)*)b%1Xm{qU@IuS*01`<0j_>;LOw`tWiWF-l~>mfhrob#{C_oK16<31(EZR~B{)80 zD=oyoB45)-F;OZC#%mCWjgg#m_JHpB|27?fNS~yaV;f{D;6#Z8=LfTGc?FmoVT^;m zUmnf%1a$I&W3Z*;BXL9VUxzrLo!~r$B+__h``rP9+^^k6`Cm_#$yxFdYCDDzM~5k@ z@TSAx8d9F%M|8;eiRC6J#g_&OV#30CbOWf;+T6*Gm8h4K?RgWJwZfFheaAk4MOcQ| zbaZ7W!n3)?a>~E?3enBWzj|Gqb9Wt@qCf!#}#-htdpcA}!x#l#=O zrlBU!*?m~mV?#Za?6!PzB8|Ba6SG)Oj|%x}Bf_eYJo3-z*%;>C^=`fM*RDB)>kXJ< zJR3;iX0j^MHQyF6AXXc^eS0~5?EJv&h*xteo}3z=SVmpyzHk04BO1tp`u4uceK_5`t^j3T*`P22q$A%%)Faqi1n<)il!BQ>Ur>71 zm8!|cH29Zu_fU3y8OeFCW9wq$45-GC^LqK=j_4omW^az^mOnrhHF+@4+gY6bY=Iva z-9c^_gf$<2MB3Vs7>mZcJZb*vpRMO=y6c-RyC(45=f%(I44n|a*u2=Uer89To*;+Sw;RJ~_H+f4p@M&Q$4x9^a8y6YCw>)Q(#R6a;m;FFn! zQgan&aH>e@SCfVG50j48*BzW@_k;K|y%oCW1fnMgZ`+NUA|jIU>|N5{8nBMT^lK+M zBBR*)Gp#f1V^EF;p7Ro%)7g!=p3o&H+y;bfJ|Msxj1XPI+N4o$>nl4&>CV*$>g z-oL`-aAJ&ohKI44xSMtq<0e?+B~%Ns!SN61Q04gm$f zo-^0h6ShEVjWuGAXu>nWI;js*&V|Svuua8pmzg76IOcEPJmfFEPou?fV{v8p&JJ17 zrY~Eg>wQvh@$bhqW4we6ZkiY}@wO&736HJIsIV5Jf1~!(sznlVZD-VB6p+X3)#oy z{*Y0|yqcbVbBEM8?(*Od8ic-A_Fm}Kp53fg9S!HtX)w9ta2>fH{3zN%f6e4_ZIhI! z7$9YBL!wgtF8yT>Z?pznuyLwq&Ej`?siSuQ$|L`l{8iL7i=`&gq+D92Nvg*WFaKgd z!(<<~epl5c5|>Nr$Lih=DxV0&?MV0|J#op*)lTleBqO~9H3PAy(GpK?jwBhX+t@5D zi58EW1AH4)E}`Y&uGaz^!wilKP&Ihz8f0t+(mO)z#UW5+rtpFHAOgxsE}(~9R;+VC zs#VK1uyhCA;3sw0b_$c#RT`&R_nQplG(~g$-d;vYC*fz)wWTf_65HCJ!B)2VcQu($2t5Hp zIo6d)^@1ImH(b=Hqv~fxfea77jE6fkeu+^2P%l3Wi$7JmD#TPHtf$?6a@Yr_Gjw<<2uG)zP4Y4Q}170V6BClCH*2ICn|)mtFb zBip21hBum(3X+xTQz@tQ@mo+Q2hB6k{2%u8el>rDDh>v%AXMzrevg?(WMbP z%n1#*C#l>M;lpYAj>ZiJJC9#y@9B{M%TO1r5Xdss04W zLWvy@lL)REQ||XyMuR`-Mti(!6;Ay5iNw{*9s-{=N^7D;koy{za;iH5yLGIUwx3_mYh>xw^j|$FCm%hc@t z{z{p9wxva>`?ATHl?e&t==qRsZo;8{ZTf?xx~jqU^Witur9AJkAblovSlzjmo_$Y* z7p z5(E9-+G`$-YOn6z$o!+vd$5E7&`lR?=@t}Qm&FIu*Z_F37M->LAvnM|*u7F7^R7Je zGxtUW%zO~hQgE%~8Bl&~$Ev0SShL?W0szmGON}xF!T6u*HYh3(f_$mo9vS^iNj2o1KZjU|-b*B`=k6O zVh@8RIs)SaQtY|+vv?O8BSJN8Ms}Hr3$3r5j;`@c_tTr#*n^xK`LmKSti_bL8ufxN|_`f^cUg$P&D_Q zZ(}^X4duF*vM1&HPXX?Sw9)AO=Jr6&V%C{-RbPf)sUmzhkbv>nMNC=0tt_z-oEYoH zR4?l*c3iucIN4USyd7WWe~#2Y^bw{OzbB&6a1OsyL{*84q3Lgg!vpYZ?y{=<0^-&7j|& zl9;E>dL++=Ke4SlPMg?Y`0m9Eh)I)T%h08tH;qJ=pHA*&-L7zS&v5P6m6GyH5?a%JZfAl>t=>&5 zG6^lT1+~J#w9~*q?7QMuzHZl7d&NGo-HM$*$ooC@tLC zUyLY!nrcM!dOAbX3G1nqp=Uyqz<*qz*2J0A?n@Fl0Y*(YDERpqO8LCm2dw!5TGk!*psQc2*3?;LNH_Uv7% zR&Db}C4V)wZ_)2**Wp$qAt5nc2|QYu_*RR_fB3xmWRQB12ax9m^GQ6v41p3u?1AH5 zvI4fHIH;0R-@ckC^YnZ>Gjk9}3w2(>Z2MGo$;fZ!fc?##0b8Fy9m%?I^D7VQ`!6u> zykXq}s@~VFL&l>|BhX#KjywOe`XAqei1hLp1er+gqTl3+a|?9hr}?u|{(YT~xqK7t z?$%#(uFI@~%6lbj{e-@1uX#ro6c9^fpt``B&U%+y`dD<^QF$mcUse70!M#T*N0|04 z4P+!p`EC(P4cE7Jx?u8!ZFjw7o)vokev-46104P*kEw-Tm>NA1VtU7;LQA%i7RlWf z*;ue^letX!RLb6Nady*!fy8iKwRfM{_EkdCD;K$X&RpPM6*@KD{9L?7-JP;dpY!jJ zp}~ns8lQYFTFqW8k>*6@_#u&T%<^;+CN(Cv{Z;l&JUU-DihOeUeaFSq%Pjx z{W>Bnt=ma`Q|;cJ#lt46=|G(bu`z5Q-QAlnv28xP!eiNrEdv70jGb$Of=yo)wmvkv zdAz|_n?G_Gw;V=$20wWS>}x|qj7QGP;(nZ1-EGzUd+ne2#W7bueJ8OnWbC^k^MX1i zd{=Vqc(x^Sw8y5`7&xcx@I9dHH4bN@G>lb;eDnWPna~8||4|YSdS;4zQo=y##>JE| zhUJpDxqLN$TQVb1vmhayj@~}fQkoU3YJ2U}tUdAheeXQ8sol?bu5!1!e-^yl3e0)+ zegi%UvG)L#AI@H=SDOKH^ZVxTNm&kmX}F#+w+v0YPq-Mke9a8}r=m3e1_E7ROCP;u zgxpju)Sj<;fdv7ds)|PbR7z~ei@RekuA=>~5s5o?$T<(#LUt1i0MJe0$6hw8{^kSD z%%|)$aANBtRzME`tsL}MaYEJam z-OSMs=42a2KgFdflJX^tKL>4T(^WRot-N*BE}pK4KqWdt2&^j7On;##93>|fGtozc rIS5fHf5RwdG6=V_iqrWY!_fclRQmh>91e~|0=O%tK@V^p@NoYJE!Is3 literal 0 HcmV?d00001 diff --git a/playbooks/01_deploy_application.yml b/playbooks/01_deploy_application.yml index 0d07bf2..5a9c42a 100644 --- a/playbooks/01_deploy_application.yml +++ b/playbooks/01_deploy_application.yml @@ -1,8 +1,8 @@ --- - name: application deployment - hosts: webservers + hosts: web gather_facts: false - become: yes + become: true tasks: - name: make sure application is not empty assert: diff --git a/playbooks/02_patching.yml b/playbooks/02_patching.yml index 67d6e15..556cfec 100644 --- a/playbooks/02_patching.yml +++ b/playbooks/02_patching.yml @@ -1,8 +1,8 @@ --- - name: apply non-kernel updates - hosts: "{{ HOSTS | default('all') }}" - become: yes - gather_facts: no + hosts: "{{ HOSTS | default('web') }}" + become: true + gather_facts: false tasks: - name: upgrade all packages except kernel @@ -16,6 +16,6 @@ yum: name: '*' state: latest - security: yes + security: true exclude: kernel* tags: security diff --git a/playbooks/03_hardening.yml b/playbooks/03_hardening.yml index 381aea3..538ca6f 100644 --- a/playbooks/03_hardening.yml +++ b/playbooks/03_hardening.yml @@ -1,31 +1,31 @@ --- - name: harden linux systems - hosts: "{{ HOSTS | default('all') }}" - become: yes + hosts: "{{ HOSTS | default('web') }}" + become: true vars: - - harden_firewall: False - - harden_time: False - - harden_ssh: False - - harden_pci: False + - harden_firewall: false + - harden_time: false + - harden_ssh: false + - harden_pci: false tasks: - - name: Configure Firewall - when: harden_firewall | bool - include_role: - name: linux-system-roles.firewall + - name: Configure Firewall + when: harden_firewall | bool + include_role: + name: linux-system-roles.firewall - - name: Configure Timesync - when: harden_time | bool - include_role: - name: linux-system-roles.timesync + - name: Configure Timesync + when: harden_time | bool + include_role: + name: linux-system-roles.timesync - - name: SSH Hardening - when: harden_ssh | bool - include_role: - name: dev-sec.ssh-hardening + - name: SSH Hardening + when: harden_ssh | bool + include_role: + name: dev-sec.ssh-hardening - # run with --skip-tags accounts_passwords_pam_faillock_deny - - name: Apply PCI Baseline - when: harden_pci | bool - include_role: - name: redhatofficial.rhel7_pci_dss + # run with --skip-tags accounts_passwords_pam_faillock_deny + - name: Apply PCI Baseline + when: harden_pci | bool + include_role: + name: redhatofficial.rhel7_pci_dss diff --git a/playbooks/05_grant_sudo.yml b/playbooks/05_grant_sudo.yml index 41b6eaa..24ebb02 100644 --- a/playbooks/05_grant_sudo.yml +++ b/playbooks/05_grant_sudo.yml @@ -1,8 +1,8 @@ --- - name: grant sudo - hosts: "{{ HOSTS | default('all') }}" - become: yes - gather_facts: no + hosts: "{{ HOSTS | default('web') }}" + become: true + gather_facts: false vars: sudo_cleanup: true diff --git a/playbooks/06_debug_info.yml b/playbooks/06_debug_info.yml index d00dd01..c76ee31 100644 --- a/playbooks/06_debug_info.yml +++ b/playbooks/06_debug_info.yml @@ -1,8 +1,8 @@ --- - name: gather debug info - hosts: "{{ HOSTS | default('all') }}" - become: yes - gather_facts: no + hosts: "{{ HOSTS | default('web') }}" + become: true + gather_facts: false tasks: - name: Gather recent vmstat info diff --git a/playbooks/10_openscap.yml b/playbooks/10_openscap.yml index 2bda80b..f061f39 100644 --- a/playbooks/10_openscap.yml +++ b/playbooks/10_openscap.yml @@ -1,6 +1,6 @@ --- - name: build openscap report for rhel7 - hosts: all + hosts: web gather_facts: false vars: @@ -19,28 +19,23 @@ stat: path: "{{ssg_schema}}" - # - name: create HTML report - # command: "oscap xccdf eval --fetch-remote-resources --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}" - # register: command_result - # failed_when: "'Error' in command_result.stderr" - - name: create HTML report command: "oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}" register: command_result failed_when: "'Error' in command_result.stderr" - - name: Create directory if it does not exist - become: yes + - name: Create directory if it does falset exist + become: true file: path: "{{file_path}}" state: directory - name: move files into httpd - become: yes + become: true copy: src: ./{{item}} dest: "{{file_path}}/{{item}}" - remote_src: yes + remote_src: true loop: - report.xml - index.html diff --git a/playbooks/11_developer_report.yml b/playbooks/11_developer_report.yml index 25bb354..2997b41 100644 --- a/playbooks/11_developer_report.yml +++ b/playbooks/11_developer_report.yml @@ -1,6 +1,6 @@ --- - name: grab linux facts - hosts: all + hosts: web gather_facts: true - name: build developer report diff --git a/playbooks/generate_readme.yml b/playbooks/generate_readme.yml index 0a6983c..5df6f79 100644 --- a/playbooks/generate_readme.yml +++ b/playbooks/generate_readme.yml @@ -4,11 +4,6 @@ connection: local tasks: - # - name: install demo - # debug: - # msg: "{{item}}" - # loop: "{{dict(hostvars[inventory_hostname]|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items}}" - - name: install demo include_role: name: "../roles/generate_readme" diff --git a/playbooks/group_vars/all/03_hardening.yml b/playbooks/group_vars/all/03_hardening.yml deleted file mode 100644 index ee9fad5..0000000 --- a/playbooks/group_vars/all/03_hardening.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -hardening: - author: "Will Tome" - category: security - name: "SERVER / Hardening" - description: "hardening for Linux servers" - job_type: "run" - inventory: "Workshop Inventory" - playbook: "playbooks/03_hardening.yml" - credential: "Workshop Credential" - survey_enabled: yes - survey_spec: - name: '' - description: '' - spec: - - question_name: 'Enter host to configure' - type: text - variable: HOSTS - required: false - - question_name: Configure Firewall? - type: multiplechoice - variable: harden_firewall - required: false - choices: - - 'Yes' - - 'No' - - question_name: Configure Time? - type: multiplechoice - variable: harden_time - required: false - choices: - - 'Yes' - - 'No' - - question_name: Harden SSH? - type: multiplechoice - variable: harden_ssh - required: false - choices: - - 'Yes' - - 'No' - - question_name: PCI Baseline? - type: multiplechoice - variable: harden_pci - required: false - choices: - - 'Yes' - - 'No' - project: - name: "Ansible official demo project" - description: "prescriptive demos from Red Hat Management Buisness Unit" - organization: "Default" - scm_type: git - scm_url: "https://github.com/ansible/product-demos" - workshop_type: - - f5 - - rhel diff --git a/roles/developer_report/meta/main.yml b/roles/developer_report/meta/main.yml new file mode 100644 index 0000000..71dd66b --- /dev/null +++ b/roles/developer_report/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + role_name: developer_report + author: Sean Cavanaugh + description: This role create an HTML report using Ansible Facts + company: Red Hat + + + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 2.9 + + galaxy_tags: [] + +dependencies: [] diff --git a/roles/developer_report/tasks/main.yml b/roles/developer_report/tasks/main.yml index 22ed75b..10903f4 100644 --- a/roles/developer_report/tasks/main.yml +++ b/roles/developer_report/tasks/main.yml @@ -1,9 +1,10 @@ +--- - name: create HTML report - become: yes + become: true template: src: report.j2 dest: "{{ file_path }}" - name: DISPLAY LINK TO INVENTORY REPORT debug: - msg: "Please go to http://{{ansible_host}}/report" + msg: "Please go to http://{{ ansible_host }}/report" diff --git a/roles/generate_readme/meta/main.yml b/roles/generate_readme/meta/main.yml new file mode 100644 index 0000000..b803c2f --- /dev/null +++ b/roles/generate_readme/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + role_name: generate_readme + author: Sean Cavanaugh + description: This role generates a readme for the github/ansible/product-demos + company: Red Hat + + + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 2.9 + + galaxy_tags: [] + +dependencies: [] diff --git a/roles/install_demo/README.md b/roles/install_demo/README.md new file mode 100644 index 0000000..3645b8b --- /dev/null +++ b/roles/install_demo/README.md @@ -0,0 +1,23 @@ +# install_demo role + +This role will install demos into your specified Ansible Tower environment. Here is an example of using this role: + +``` +--- +- name: setup deploy application demo + hosts: localhost + gather_facts: false + connection: local + + tasks: + + - name: install demo + include_role: + name: "install_demo" +``` + +Please refer to the master list in the main [README.md]()../../README.md). + +# required variables + +You must specify all the variables in the [choose_demo.yml](../../choose_demo.yml) example. diff --git a/roles/install_demo/meta/main.yml b/roles/install_demo/meta/main.yml new file mode 100644 index 0000000..fb286dd --- /dev/null +++ b/roles/install_demo/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + role_name: install_demo + author: Sean Cavanaugh + description: | + This role will install demos into your specified Ansible Tower environment. + company: Red Hat + + + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 2.9 + + galaxy_tags: [] +dependencies: [] diff --git a/roles/install_demo/tasks/job_template.yml b/roles/install_demo/tasks/job_template.yml index 81f55d0..809a784 100644 --- a/roles/install_demo/tasks/job_template.yml +++ b/roles/install_demo/tasks/job_template.yml @@ -1,51 +1,54 @@ --- - name: add tower project tower_project: - name: "{{hostvars.localhost[demo].project.name}}" - description: "{{hostvars.localhost[demo].project.description}}" - organization: "{{hostvars.localhost[demo].project.organization}}" - scm_type: "{{hostvars.localhost[demo].project.scm_type}}" - scm_url: "{{hostvars.localhost[demo].project.scm_url}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ vars[demo].project.name }}" + description: "{{ vars[demo].project.description }}" + organization: "{{ vars[demo].project.organization }}" + scm_type: "{{ vars[demo].project.scm_type }}" + scm_url: "{{ vars[demo].project.scm_url }}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false - name: add single job template without survey tower_job_template: - name: "{{hostvars.localhost[demo].name}}" - description: "{{hostvars.localhost[demo].description}}" - job_type: "{{hostvars.localhost[demo].job_type}}" - inventory: "{{hostvars.localhost[demo].inventory}}" - project: "{{hostvars.localhost[demo].project.name}}" - playbook: "{{hostvars.localhost[demo].playbook}}" - fact_caching_enabled: "{{hostvars.localhost[demo].fact_caching_enabled | default('no')}}" - credential: "{{hostvars.localhost[demo].credential}}" - survey_enabled: "{{hostvars.localhost[demo].survey_enabled}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ vars[demo].name }}" + description: "{{ vars[demo].description }}" + job_type: "{{ vars[demo].job_type }}" + inventory: "{{ vars[demo].inventory}}" + project: "{{ vars[demo].project.name }}" + playbook: "{{ vars[demo].playbook }}" + fact_caching_enabled: "{{ vars[demo].fact_caching_enabled | default('false') }}" + credential: "{{ vars[demo].credential }}" + survey_enabled: "{{ vars[demo].survey_enabled }}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false when: - - workshop_type in hostvars.localhost[demo].workshop_type - - not hostvars.localhost[demo].survey_enabled + - workshop_type in vars[demo].workshop_type + - not vars[demo].survey_enabled + register: add_project + until: add_project is not failed + retries: 5 - name: add single job template with survey tower_job_template: - name: "{{hostvars.localhost[demo].name}}" - description: "{{hostvars.localhost[demo].description}}" - job_type: "{{hostvars.localhost[demo].job_type}}" - inventory: "{{hostvars.localhost[demo].inventory}}" - project: "{{hostvars.localhost[demo].project.name}}" - playbook: "{{hostvars.localhost[demo].playbook}}" - fact_caching_enabled: "{{hostvars.localhost[demo].fact_caching_enabled | default('no')}}" - credential: "{{hostvars.localhost[demo].credential}}" - survey_enabled: "{{hostvars.localhost[demo].survey_enabled}}" - survey_spec: "{{hostvars.localhost[demo].survey_spec}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ vars[demo].name }}" + description: "{{ vars[demo].description }}" + job_type: "{{ vars[demo].job_type }}" + inventory: "{{ vars[demo].inventory}}" + project: "{{ vars[demo].project.name }}" + playbook: "{{ vars[demo].playbook }}" + fact_caching_enabled: "{{ vars[demo].fact_caching_enabled | default('false') }}" + credential: "{{ vars[demo].credential }}" + survey_enabled: "{{ vars[demo].survey_enabled }}" + survey_spec: "{{ vars[demo].survey_spec}}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false when: - - workshop_type in hostvars.localhost[demo].workshop_type - - hostvars.localhost[demo].survey_enabled + - workshop_type in vars[demo].workshop_type + - vars[demo].survey_enabled diff --git a/roles/install_demo/tasks/job_template_loop.yml b/roles/install_demo/tasks/job_template_loop.yml index 6b046dc..11837e6 100644 --- a/roles/install_demo/tasks/job_template_loop.yml +++ b/roles/install_demo/tasks/job_template_loop.yml @@ -1,56 +1,64 @@ --- -- name: block for job template (non-workflow) +- name: block for job template loop block: - - name: add tower project + - name: "add tower project job_template_loop.yml" tower_project: - name: "{{item.value.project.name}}" - description: "{{item.value.project.description}}" - organization: "{{item.value.project.organization}}" - scm_type: "{{item.value.project.scm_type}}" - scm_url: "{{item.value.project.scm_url}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ item.value.project.name }}" + description: "{{ item.value.project.description }}" + organization: "{{ item.value.project.organization }}" + scm_type: "{{ item.value.project.scm_type }}" + scm_url: "{{ item.value.project.scm_url }}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false + when: + - workshop_type in item.value.workshop_type - - name: "add job template {{item.value.name}} without survey" + - name: "add job template {{ item.value.name }} without survey job_template_loop.yml" tower_job_template: - name: "{{item.value.name}}" - description: "{{item.value.description}}" - job_type: "{{item.value.job_type}}" - inventory: "{{item.value.inventory}}" - project: "{{item.value.project.name}}" - playbook: "{{item.value.playbook}}" - fact_caching_enabled: "{{item.value.fact_caching_enabled | default('no')}}" - credential: "{{item.value.credential}}" - survey_enabled: "{{item.value.survey_enabled}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ item.value.name }}" + description: "{{ item.value.description }}" + job_type: "{{ item.value.job_type }}" + inventory: "{{ item.value.inventory}}" + project: "{{ item.value.project.name }}" + playbook: "{{ item.value.playbook}}" + fact_caching_enabled: "{{ item.value.fact_caching_enabled | default('false')}}" + credential: "{{ item.value.credential }}" + survey_enabled: "{{ item.value.survey_enabled }}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false when: - workshop_type in item.value.workshop_type - not item.value.survey_enabled + register: add_project + until: add_project is not failed + retries: 5 - - name: "add job template {{item.value.name}} with survey" + - name: "add job template {{ item.value.name }} with survey" tower_job_template: - name: "{{item.value.name}}" - description: "{{item.value.description}}" - job_type: "{{item.value.job_type}}" - inventory: "{{item.value.inventory}}" - project: "{{item.value.project.name}}" - playbook: "{{item.value.playbook}}" - fact_caching_enabled: "{{item.value.fact_caching_enabled | default('no')}}" - credential: "{{item.value.credential}}" - survey_enabled: "{{item.value.survey_enabled}}" - survey_spec: "{{item.value.survey_spec}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ item.value.name }}" + description: "{{ item.value.description }}" + job_type: "{{ item.value.job_type }}" + inventory: "{{ item.value.inventory}}" + project: "{{ item.value.project.name }}" + playbook: "{{ item.value.playbook}}" + fact_caching_enabled: "{{ item.value.fact_caching_enabled | default('false') }}" + credential: "{{ item.value.credential }}" + survey_enabled: "{{ item.value.survey_enabled }}" + survey_spec: "{{ item.value.survey_spec}}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false when: - workshop_type in item.value.workshop_type - item.value.survey_enabled + register: add_project + until: add_project is not failed + retries: 5 when: - item.value.workflow is not defined or not item.value.workflow @@ -59,3 +67,4 @@ when: - item.value.workflow is defined - item.value.workflow + - workshop_type in item.value.workshop_type diff --git a/roles/install_demo/tasks/main.yml b/roles/install_demo/tasks/main.yml index 0b3ac41..5e27537 100644 --- a/roles/install_demo/tasks/main.yml +++ b/roles/install_demo/tasks/main.yml @@ -1,22 +1,37 @@ --- +- name: set facts from role vars + set_fact: + demo_list: "{{(dict(vars|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items)|map(attribute='key')|list}}" + - name: provide info to terminal window debug: - msg: "install {{demo}} on {{my_tower_host}}" + msg: + - "install {{ vars.demo }} on {{ my_tower_host }}" + - "available demos are: {{demo_list}}" + +- name: make sure demo is a valid demo + assert: + that: + - vars.demo is defined + - vars.demo in demo_list or vars.demo == "all" + msg: + - "demo must be defined and be one of: {{demo_list}}" + - "full list can be found on https://github.com/ansible/product-demos" - name: install all job templates include_tasks: job_template_loop.yml - loop: "{{dict(hostvars[inventory_hostname]|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items}}" + loop: "{{ dict(vars|dictsort|rejectattr('0', 'match', 'ansible_')|selectattr('1.name', 'defined'))|dict2items }}" when: demo == "all" - name: install single job template include_tasks: job_template.yml when: - demo != "all" - - hostvars[inventory_hostname][demo].workflow is not defined or not hostvars[inventory_hostname][demo].workflow + - vars[demo].workflow is not defined or not vars[demo].workflow - name: install single workflow include_tasks: workflow.yml when: - demo != "all" - - hostvars[inventory_hostname][demo].workflow is defined - - hostvars[inventory_hostname][demo].workflow + - vars[demo].workflow is defined + - vars[demo].workflow diff --git a/roles/install_demo/tasks/workflow.yml b/roles/install_demo/tasks/workflow.yml index 44f09ec..ebdda33 100644 --- a/roles/install_demo/tasks/workflow.yml +++ b/roles/install_demo/tasks/workflow.yml @@ -1,17 +1,17 @@ --- -#these tasks will install a workflow +# these tasks will install a workflow -- name: "install all job templates in relation to workflow {{hostvars[inventory_hostname][demo].name}}" +- name: "install all job templates in relation to workflow {{ hostvars[inventory_hostname][demo].name }}" include_tasks: add_job_template.yml - loop: "{{hostvars[inventory_hostname][demo].job_templates|dict2items}}" + loop: "{{ hostvars[inventory_hostname][demo].job_templates|dict2items }}" -- name: "install workflow template {{hostvars[inventory_hostname][demo].name}}" +- name: "install workflow template {{ hostvars[inventory_hostname][demo].name }}" tower_workflow_template: - name: "{{hostvars[inventory_hostname][demo].name}}" - description: "{{hostvars[inventory_hostname][demo].description}}" - organization: "{{hostvars[inventory_hostname][demo].organization}}" - schema: "{{ hostvars[inventory_hostname][demo].schema}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ hostvars[inventory_hostname][demo].name }}" + description: "{{ hostvars[inventory_hostname][demo].description }}" + organization: "{{ hostvars[inventory_hostname][demo].organization }}" + schema: "{{ hostvars[inventory_hostname][demo].schema }}" + tower_username: "{{ my_tower_username }}" + tower_password: "{{ my_tower_password }}" + tower_host: "{{ my_tower_host }}" + validate_certs: false diff --git a/roles/install_demo/tasks/workflow_loop.yml b/roles/install_demo/tasks/workflow_loop.yml index 628cff8..9df42f5 100644 --- a/roles/install_demo/tasks/workflow_loop.yml +++ b/roles/install_demo/tasks/workflow_loop.yml @@ -1,15 +1,15 @@ --- -- name: "INSIDE LOOP - install all job templates in relation to workflow {{item.value.name}}" +- name: "INSIDE LOOP - install all job templates in relation to workflow {{ item.value.name }}" include_tasks: job_template_loop.yml - loop: "{{item.value.job_templates|dict2items}}" + loop: "{{ item.value.job_templates|dict2items}}" -- name: "INSIDE LOOP - install workflow template {{item.value.name}}" +- name: "INSIDE LOOP - install workflow template {{ item.value.name }}" tower_workflow_template: - name: "{{item.value.name}}" - description: "{{item.value.description}}" - organization: "{{item.value.organization}}" - schema: "{{item.value.schema}}" - tower_username: "{{my_tower_username}}" - tower_password: "{{my_tower_password}}" - tower_host: "{{my_tower_host}}" - validate_certs: no + name: "{{ item.value.name }}" + description: "{{ item.value.description }}" + organization: "{{ item.value.organization }}" + schema: "{{ item.value.schema}}" + tower_username: "{{my_tower_username }}" + tower_password: "{{my_tower_password }}" + tower_host: "{{my_tower_host }}" + validate_certs: false diff --git a/playbooks/group_vars/all/01_deploy_application.yml b/roles/install_demo/vars/main/01_deploy_application.yml similarity index 96% rename from playbooks/group_vars/all/01_deploy_application.yml rename to roles/install_demo/vars/main/01_deploy_application.yml index 2ae84ab..a1d8ff7 100644 --- a/playbooks/group_vars/all/01_deploy_application.yml +++ b/roles/install_demo/vars/main/01_deploy_application.yml @@ -8,7 +8,7 @@ deploy_application: inventory: "Workshop Inventory" playbook: "playbooks/01_deploy_application.yml" credential: "Workshop Credential" - survey_enabled: yes + survey_enabled: false survey_spec: name: Deploy application survey description: Which application do you want to install? @@ -34,3 +34,4 @@ deploy_application: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/02_patching.yml b/roles/install_demo/vars/main/02_patching.yml similarity index 79% rename from playbooks/group_vars/all/02_patching.yml rename to roles/install_demo/vars/main/02_patching.yml index c1c1cd5..12948d3 100644 --- a/playbooks/group_vars/all/02_patching.yml +++ b/roles/install_demo/vars/main/02_patching.yml @@ -8,15 +8,15 @@ patching: inventory: "Workshop Inventory" playbook: "playbooks/02_patching.yml" credential: "Workshop Credential" - survey_enabled: yes + survey_enabled: true survey_spec: name: '' description: '' spec: - - question_name: 'Enter host to configure' - type: text - variable: HOSTS - required: false + - question_name: 'Enter host to configure' + type: text + variable: HOSTS + required: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -26,3 +26,4 @@ patching: workshop_type: - f5 - rhel + - rhel_90 diff --git a/roles/install_demo/vars/main/03_hardening.yml b/roles/install_demo/vars/main/03_hardening.yml new file mode 100644 index 0000000..06db684 --- /dev/null +++ b/roles/install_demo/vars/main/03_hardening.yml @@ -0,0 +1,57 @@ +--- +hardening: + author: "Will Tome" + category: security + name: "SERVER / Hardening" + description: "hardening for Linux servers" + job_type: "run" + inventory: "Workshop Inventory" + playbook: "playbooks/03_hardening.yml" + credential: "Workshop Credential" + survey_enabled: true + survey_spec: + name: '' + description: '' + spec: + - question_name: 'Enter host to configure' + type: text + variable: HOSTS + required: false + - question_name: Configure Firewall? + type: multiplechoice + variable: harden_firewall + required: false + choices: + - 'Yes' + - 'No' + - question_name: Configure Time? + type: multiplechoice + variable: harden_time + required: false + choices: + - 'Yes' + - 'No' + - question_name: Harden SSH? + type: multiplechoice + variable: harden_ssh + required: false + choices: + - 'Yes' + - 'No' + - question_name: PCI Baseline? + type: multiplechoice + variable: harden_pci + required: false + choices: + - 'Yes' + - 'No' + project: + name: "Ansible official demo project" + description: "prescriptive demos from Red Hat Management Buisness Unit" + organization: "Default" + scm_type: git + scm_url: "https://github.com/ansible/product-demos" + workshop_type: + - f5 + - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/04_scan_facts.yml b/roles/install_demo/vars/main/04_scan_facts.yml similarity index 76% rename from playbooks/group_vars/all/04_scan_facts.yml rename to roles/install_demo/vars/main/04_scan_facts.yml index 1fbdd8a..64e0dad 100644 --- a/playbooks/group_vars/all/04_scan_facts.yml +++ b/roles/install_demo/vars/main/04_scan_facts.yml @@ -8,11 +8,11 @@ fact_scan: inventory: "Workshop Inventory" playbook: scan_facts.yml credential: "Workshop Credential" - survey_enabled: no - fact_caching_enabled: yes + survey_enabled: false + fact_caching_enabled: true project: name: "Ansible official awx-facts-playbooks project" - description: "Repository containing playbooks to support fact scanning in Ansible Tower and AWX" + description: "playbooks to support fact scanning in Ansible Tower" organization: "Default" scm_type: git scm_url: "https://github.com/ansible/awx-facts-playbooks.git" @@ -20,3 +20,4 @@ fact_scan: - f5 - rhel - windows + - rhel_90 diff --git a/playbooks/group_vars/all/05_grant_sudo.yml b/roles/install_demo/vars/main/05_grant_sudo.yml similarity index 51% rename from playbooks/group_vars/all/05_grant_sudo.yml rename to roles/install_demo/vars/main/05_grant_sudo.yml index 993d193..851cece 100644 --- a/playbooks/group_vars/all/05_grant_sudo.yml +++ b/roles/install_demo/vars/main/05_grant_sudo.yml @@ -8,33 +8,33 @@ grant_sudo: inventory: "Workshop Inventory" playbook: playbooks/05_grant_sudo.yml credential: "Workshop Credential" - survey_enabled: yes + survey_enabled: true survey_spec: name: '' description: '' spec: - - question_name: 'Enter host to configure' - type: text - variable: HOSTS - required: false - - question_name: Username - type: text - variable: sudo_user - required: true - - question_name: Time - type: integer - variable: sudo_count - required: true - default: 10 - - question_name: Units - type: multiplechoice - variable: harden_ssh - required: true - choices: - - 'minutes' - - 'hours' - - 'days' - default: minutes + - question_name: 'Enter host to configure' + type: text + variable: HOSTS + required: false + - question_name: Username + type: text + variable: sudo_user + required: true + - question_name: Time + type: integer + variable: sudo_count + required: true + default: 10 + - question_name: Units + type: multiplechoice + variable: harden_ssh + required: true + choices: + - 'minutes' + - 'hours' + - 'days' + default: minutes project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -44,3 +44,4 @@ grant_sudo: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/06_debug_info.yml b/roles/install_demo/vars/main/06_debug_info.yml similarity index 80% rename from playbooks/group_vars/all/06_debug_info.yml rename to roles/install_demo/vars/main/06_debug_info.yml index a791451..1231bf0 100644 --- a/playbooks/group_vars/all/06_debug_info.yml +++ b/roles/install_demo/vars/main/06_debug_info.yml @@ -8,15 +8,15 @@ debug_info: inventory: "Workshop Inventory" playbook: playbooks/06_debug_info.yml credential: "Workshop Credential" - survey_enabled: yes + survey_enabled: false survey_spec: name: '' description: '' spec: - - question_name: 'Enter host to configure' - type: text - variable: HOSTS - required: false + - question_name: 'Enter host to configure' + type: text + variable: HOSTS + required: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -26,3 +26,4 @@ debug_info: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/07_security_patching.yml b/roles/install_demo/vars/main/07_security_patching.yml similarity index 80% rename from playbooks/group_vars/all/07_security_patching.yml rename to roles/install_demo/vars/main/07_security_patching.yml index 3eae71f..806ee42 100644 --- a/playbooks/group_vars/all/07_security_patching.yml +++ b/roles/install_demo/vars/main/07_security_patching.yml @@ -8,15 +8,15 @@ security_patching: inventory: "Workshop Inventory" playbook: playbooks/02_patching.yml credential: "Workshop Credential" - survey_enabled: yes + survey_enabled: true survey_spec: name: '' description: '' spec: - - question_name: 'Enter host to configure' - type: text - variable: HOSTS - required: false + - question_name: 'Enter host to configure' + type: text + variable: HOSTS + required: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -26,3 +26,4 @@ security_patching: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/10_openscap.yml b/roles/install_demo/vars/main/10_openscap.yml similarity index 93% rename from playbooks/group_vars/all/10_openscap.yml rename to roles/install_demo/vars/main/10_openscap.yml index ed154de..ad56f51 100644 --- a/playbooks/group_vars/all/10_openscap.yml +++ b/roles/install_demo/vars/main/10_openscap.yml @@ -8,7 +8,7 @@ openscap: inventory: "Workshop Inventory" playbook: "playbooks/10_openscap.yml" credential: "Workshop Credential" - survey_enabled: no + survey_enabled: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -18,3 +18,4 @@ openscap: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/11_developer_report.yml b/roles/install_demo/vars/main/11_developer_report.yml similarity index 68% rename from playbooks/group_vars/all/11_developer_report.yml rename to roles/install_demo/vars/main/11_developer_report.yml index 7e55192..2506214 100644 --- a/playbooks/group_vars/all/11_developer_report.yml +++ b/roles/install_demo/vars/main/11_developer_report.yml @@ -3,12 +3,14 @@ developer_report: author: "Sean Cavanaugh" category: developer name: "Create Developer Report" - description: 'Create HTML report using Ansible facts' + description: > + 'Create HTML report using + Ansible facts' job_type: "run" inventory: "Workshop Inventory" playbook: "playbooks/11_developer_report.yml" credential: "Workshop Credential" - survey_enabled: no + survey_enabled: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit" @@ -18,3 +20,4 @@ developer_report: workshop_type: - f5 - rhel + - rhel_90 diff --git a/playbooks/group_vars/all/20_f5_bigip_workflow.yml b/roles/install_demo/vars/main/20_f5_bigip_workflow.yml similarity index 89% rename from playbooks/group_vars/all/20_f5_bigip_workflow.yml rename to roles/install_demo/vars/main/20_f5_bigip_workflow.yml index 1892c17..d72381f 100644 --- a/playbooks/group_vars/all/20_f5_bigip_workflow.yml +++ b/roles/install_demo/vars/main/20_f5_bigip_workflow.yml @@ -11,11 +11,11 @@ f5_bigip_workflow: schema: - job_template: 'F5 - add nodes' success: - - job_template: 'F5 - add pool' - success: - - job_template: 'F5 - add pool members' + - job_template: 'F5 - add pool' success: - - job_template: 'F5 - add virtual server' + - job_template: 'F5 - add pool members' + success: + - job_template: 'F5 - add virtual server' job_templates: f5_add_nodes: name: 'F5 - add nodes' @@ -24,7 +24,7 @@ f5_bigip_workflow: inventory: 'Workshop Inventory' playbook: 'exercises/ansible_f5/1.2-add-node/bigip-node.yml' credential: 'Workshop Credential' - survey_enabled: no + survey_enabled: false project: name: 'Ansible Workshops Project' description: 'official workshops from Ansible' @@ -40,7 +40,7 @@ f5_bigip_workflow: inventory: 'Workshop Inventory' playbook: 'exercises/ansible_f5/1.3-add-pool/bigip-pool.yml' credential: 'Workshop Credential' - survey_enabled: no + survey_enabled: false project: name: 'Ansible Workshops Project' description: 'official workshops from Ansible' @@ -56,7 +56,7 @@ f5_bigip_workflow: inventory: 'Workshop Inventory' playbook: 'exercises/ansible_f5/1.4-add-pool-members/bigip-pool-members.yml' credential: 'Workshop Credential' - survey_enabled: no + survey_enabled: false project: name: 'Ansible Workshops Project' description: 'official workshops from Ansible' @@ -72,7 +72,7 @@ f5_bigip_workflow: inventory: 'Workshop Inventory' playbook: 'exercises/ansible_f5/1.5-add-virtual-server/bigip-virtual-server.yml' credential: 'Workshop Credential' - survey_enabled: no + survey_enabled: false project: name: 'Ansible Workshops Project' description: 'official workshops from Ansible' diff --git a/playbooks/group_vars/all/30_windows_iss.yml b/roles/install_demo/vars/main/30_windows_iss.yml similarity index 95% rename from playbooks/group_vars/all/30_windows_iss.yml rename to roles/install_demo/vars/main/30_windows_iss.yml index e1a8a27..56ab51d 100644 --- a/playbooks/group_vars/all/30_windows_iss.yml +++ b/roles/install_demo/vars/main/30_windows_iss.yml @@ -8,7 +8,7 @@ windows_iis: inventory: "Workshop Inventory" playbook: "playbooks/30_windows_iis.yml" credential: "Demo Credential" - survey_enabled: no + survey_enabled: false project: name: "Ansible official demo project" description: "prescriptive demos from Red Hat Management Buisness Unit"