-
Notifications
You must be signed in to change notification settings - Fork 0
/
playbook_before_roles.yml
134 lines (109 loc) · 3.17 KB
/
playbook_before_roles.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
- hosts: all
become: true # for actions that require sudo privileges
pre_tasks:
- name: update repo cache (CentOS)
tags: always # this task will always run
dnf:
update_cache: yes
changed_when: false # status won't be 'changed' when the cache will be updated
when: ansible_distribution == "CentOS"
- name: update repo cache (Ubuntu)
tags: always
apt:
update_cache: yes
changed_when: false
when: ansible_distribution == "Ubuntu"
- hosts: all
become: true
tasks:
- name: add ssh key for simone
tags: always
authorized_key:
user: simone
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPOX78vvRseCZU/6Y9R80pomI3t2WQdJOTKrc6ZU4P6h ansible"
- hosts: workstations
become: true
tasks:
- name: install unzip
package: # this module is a generic package manager
name: unzip
- name: install terraform
unarchive: # this module requires unzip
src: https://releases.hashicorp.com/terraform/1.4.6/terraform_1.4.6_linux_amd64.zip
dest: /usr/local/bin
remote_src: yes
mode: 0755
owner: root
group: root
- hosts: web_servers
become: true
tasks:
- name: install Apache and PHP for Ubuntu servers
tags: apache,apache2,ubuntu
apt:
name:
- apache2
- libapache2-mod-php
state: latest
when: ansible_distribution == "Ubuntu"
- name: install Apache and PHP for CentOS servers
tags: apache,httpd,centos
dnf:
name:
- httpd
- php
state: latest
when: ansible_distribution == "CentOS"
- name: start httpd (CentOS)
tags: apache,centos,httpd
service:
name: httpd
state: started
enabled: yes
when: ansible_distribution == "CentOS"
- name: change email address for admin
tags: apache,centos,httpd
lineinfile: # this module allows us to change a line in a file
path: /etc/httpd/conf/httpd.conf
regexp: '^ServerAdmin' # this regex looks for a line that begins with 'ServerAdmin'
line: ServerAdmin [email protected] # replace the entire line that matches the regex with this
when: ansible_distribution == "CentOS"
register: httpd # allows Ansible to capture the state in a variable that is used in the next play conditional
- name: restart httpd (CentOS)
tags: apache, centos, httpd
service:
name: httpd
state: restarted
when: httpd.changed # execute this play when the variable httpd includes a state of 'changed'
- name: copy default index.html
tags: apache,apache2,httpd
copy:
src: index.html
dest: /var/www/html/index.html
owner: root
group: root
mode: 0644
- hosts: db_servers
become: true
tasks:
- name: install mariadb package (CentOS)
tags: centos,db,mariadb
dnf:
name: mariadb
state: latest
when: ansible_distribution == "CentOS"
- name: install mariadb package (Ubuntu)
tags: ubuntu,db,mariadb
apt:
name: mariadb-server
state: latest
when: ansible_distribution == "Ubuntu"
- hosts: file_servers
become: true
tasks:
- name: install samba package
tags: samba
package:
name: samba
state: latest