ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

reverting b/c symbolic link doesn't work :-|

Browse Source
This commit is contained in:
sean cavanaugh
2022-02-04 09:21:45 -05:00
parent 258d0f4869
commit 6431c64213
25 changed files with 48 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
playbooks/infrastructure/aws_provision_vm.yml Normal file
View File

@@ -0,0 +1,58 @@
- name: Create AWS resources
hosts: localhost
connection: local
gather_facts: False
collections:
- amazon.aws
tasks:
- name: Setting the correct AMI per us-east-1
set_fact:
ami_id: ami-096fda3c22c1c990a
when: aws_region == "us-east-1"
- name: Setting the correct AMI per us-east-1
set_fact:
ami_id: ami-09d9c5cdcfb8fc655
when: aws_region == "us-west-1"
- name: create a new ec2 key pair
ec2_key:
name: "{{ keypair }}"
region: "{{ aws_region }}"
- name: Create VPC
ec2_vpc_net:
name: "{{ vpc_name }}"
cidr_block: 10.10.0.0/16
region: "{{ aws_region }}"
register: my_vpc
- name: Create a security group
ec2_group:
name: ansible
description: "Ansible Security Group"
region: "{{ aws_region }}"
vpc_id: "{{ my_vpc.vpc.id }}"
rules:
- proto: all
cidr_ip: 10.10.0.0/16
- proto: all
group_name: ansible
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: firewall
- name: Create an EC2 instance
ec2_instance:
key_name: "{{ keypair }}"
region: "{{ aws_region }}"
security_group: "{{ firewall.group_id }}"
instance_type: "{{ instance_type }}"
image_id: "{{ ami_id }}"
wait: yes
name: "{{ instance_name }}"
register: ec2

44
playbooks/infrastructure/azure_mysql_server.yml Normal file
View File

@@ -0,0 +1,44 @@
---
- hosts: localhost
tasks:
- name: Prepare random postfix
set_fact:
rpfx: "{{ 1000 | random }}"
run_once: yes
- hosts: localhost
vars:
resource_group: "{{ resource_group_name }}"
location: "{{ azure_region }}"
mysqlserver_name: mysql{{ rpfx }}
mysqldb_name: "{{ sqlserver_name }}"
admin_username: "{{ admin_user }}"
admin_password: "{{ admin_pw }}"
collections:
- azure.azcollection
tasks:
- name: Create a resource group
azure_rm_resourcegroup:
name: "{{ resource_group }}"
location: "{{ location }}"
- name: Create MySQL Server
azure_rm_mysqlserver:
resource_group: "{{ resource_group }}"
name: "{{ mysqlserver_name }}"
location: "{{ location }}"
version: 5.6
enforce_ssl: True
admin_username: "{{ admin_username }}"
admin_password: "{{ admin_password }}"
storage_mb: 51200
- name: Create instance of MySQL Database
azure_rm_mysqldatabase:
resource_group: "{{ resource_group }}"
server_name: "{{ mysqlserver_name }}"
name: "{{ mysqldb_name }}"

68
playbooks/infrastructure/azure_provision_vm.yml Normal file
View File

@@ -0,0 +1,68 @@
# Description
# ===========
# This playbook create an Azure VM with public IP, and open 22 port for SSH
---
- name: Create Azure VM
hosts: localhost
connection: local
vars:
resource_group: vmdemo
vm_name: testvm
location: eastus
collections:
- azure.azcollection
tasks:
- name: Create a resource group
azure_rm_resourcegroup:
name: "{{ resource_group }}"
location: "{{ location }}"
- name: Create virtual network
azure_rm_virtualnetwork:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
address_prefixes: "10.0.0.0/16"
- name: Add subnet
azure_rm_subnet:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
address_prefix: "10.0.1.0/24"
virtual_network: "{{ vm_name }}"
- name: Create public IP address
azure_rm_publicipaddress:
resource_group: "{{ resource_group }}"
allocation_method: Static
name: "{{ vm_name }}"
- name: Create Network Security Group that allows SSH
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
rules:
- name: SSH
protocol: Tcp
destination_port_range: 22
access: Allow
priority: 1001
direction: Inbound
- name: Create virtual network inteface card
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
virtual_network: "{{ vm_name }}"
subnet: "{{ vm_name }}"
public_ip_name: "{{ vm_name }}"
security_group: "{{ vm_name }}"
- name: Create VM
azure_rm_virtualmachine:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
vm_size: Standard_DS1_v2
admin_username: azureuser
admin_password: Password@123
network_interfaces: "{{ vm_name }}"
image:
offer: RHEL
publisher: RedHat
sku: 7-LVM
version: latest

17
playbooks/infrastructure/chocolatey_app_install.yml Normal file
View File

@@ -0,0 +1,17 @@
---
- name: install chocolatey package on Windows host
hosts: windows
vars:
choco_packages: git
app_state: present
collections:
- chocolatey.chocolatey
tasks:
- name: Install multiple packages
win_chocolatey:
name: "{{ choco_packages }}"
state: "{{ app_state }}"

18
playbooks/infrastructure/chocolatey_config.yml Normal file
View File

@@ -0,0 +1,18 @@
---
- name: configuring Chocolatey
hosts: windows
vars:
config_item: cacheLocation
state: present
value: C:\chocolatey_temp2
collections:
- chocolatey.chocolatey
tasks:
- name: set configuration parameter
win_chocolatey_config:
name: "{{ config_item }}"
state: "{{ state }}"
value: "{{ value }}"

17
playbooks/infrastructure/chocolatey_features.yml Normal file
View File

@@ -0,0 +1,17 @@
---
- name: enabling or disabling chocolatey features
hosts: windows
vars:
feature: stopOnFirstPackageFailure
state: enabled
collections:
- chocolatey.chocolatey
tasks:
- name: enable or disable Chocolatey features
win_chocolatey_feature:
name: "{{ feature }}"
state: "{{ state }}"

30
playbooks/infrastructure/debug_info.yml Normal file
View File

@@ -0,0 +1,30 @@
---
- name: gather debug info
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
tasks:
- name: Gather recent vmstat info
command: /bin/vmstat 1 5
register: vmstat
- name: Gather top CPU hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu
register: pscpu
- name: Gather top memory hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-size
register: pssize
- name: Swap + wait states
debug:
var: vmstat.stdout_lines
- name: Top 3 CPU hogs
debug:
var: pscpu.stdout_lines[:4]
- name: Top 3 memory hogs
debug:
var: pssize.stdout_lines[:4]

30
playbooks/infrastructure/deploy_application.yml Normal file
View File

@@ -0,0 +1,30 @@
---
- name: application deployment
hosts: web
gather_facts: false
become: true
tasks:
- name: make sure application is not empty
assert:
that:
- "application != ''"
- name: printing to terminal application information
debug:
msg: "This Ansible Playbook will install {{application}}"
- name: install application
dnf:
name: "{{application}}"
allow_downgrade: true
register: result
- name: printing to terminal application information
debug:
msg: "The application: {{application}} has been installed"
when: result.changed|bool
- name: printing to terminal application information
debug:
msg: "The application: {{application}} was already installed"
when: not result.changed|bool

38
playbooks/infrastructure/grant_sudo.yml Normal file
View File

@@ -0,0 +1,38 @@
---
- name: grant sudo
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
vars:
sudo_cleanup: true
tasks:
- name: Check if sudo user exists on system
getent:
database: passwd
key: "{{ sudo_user }}"
- name: create sudo rule
copy:
dest: "/etc/sudoers.d/{{ sudo_user }}"
owner: root
group: root
mode: 0640
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
- name: install package
yum:
name: at
state: latest
- name: start service
service:
name: atd
state: started
- name: time based cleanup
at:
command: "rm /etc/sudoers.d/{{ sudo_user }}"
count: "{{ sudo_count | default('10') }}"
units: "{{ sudo_units | default('minutes') }}"
when: sudo_cleanup|bool

15
playbooks/infrastructure/insights.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: install and configure insights agent on all specified nodes
hosts: "{{ HOSTS | default('web') }}"
tasks:
- include_role:
name: RedHatInsights.insights-client
vars:
redhat_portal_username: "{{ insights_user }}"
redhat_portal_password: "{{ insights_password }}"
insights_display_name: "{{ inventory_hostname }}"
when: ansible_os_family == 'RedHat'
- name: print info to terminal window
debug:
msg: "Red Hat Insights is installed and configured for {{ inventory_hostname }}"

21
playbooks/infrastructure/patching.yml Normal file
View File

@@ -0,0 +1,21 @@
---
- name: apply non-kernel updates
hosts: "{{ HOSTS | default('web') }}"
become: true
gather_facts: false
tasks:
- name: upgrade all packages except kernel
yum:
name: '*'
state: latest
exclude: kernel*
tags: all
- name: upgrade all packages security related except kernel
yum:
name: '*'
state: latest
security: true
exclude: kernel*
tags: security

11
playbooks/infrastructure/turn_off_community_grid.yml Normal file
View File

@@ -0,0 +1,11 @@
---
- name: turn off community-grid
hosts: "{{ HOSTS | default('web') }}"
gather_facts: false
become: yes
tasks:
- name: enable and start boinc-client
systemd:
name: boinc-client
state: stopped
enabled: false

23
playbooks/infrastructure/windows_iis.yml Normal file
View File

@@ -0,0 +1,23 @@
---
- name: install the iis web service
hosts: windows
tasks:
- name: install iis
win_feature:
name: Web-Server
state: present
- name: start iis service
win_service:
name: W3Svc
state: started
- name: Create website index.html
win_copy:
content: "{{ iis_test_message }}"
dest: C:\Inetpub\wwwroot\index.html
- name: Show website address
debug:
msg: http://{{ ansible_host }}

17
playbooks/infrastructure/windows_regedit_legal_notice.yml Normal file
View File

@@ -0,0 +1,17 @@
---
- name: Edit legal notice on start up message
hosts: windows
gather_facts: False
tasks:
- name: Updating Legal Notice Title
win_regedit:
path: HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System
name: legalnoticecaption
data: "{{ title_legal_notice }}"
- name: Updating Legal Notice Text
win_regedit:
path: HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System
name: legalnoticetext
data: "{{ text_legal_notice }}"