vincent
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
318 Commits
1 Branch
0 Tags
661 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
vincent 8ff8c6945c
add allow privilieged 		2 weeks ago
group_vars add allow privilieged 2 weeks ago
host_vars change corwin interface name 3 weeks ago
library uodate library aur 2 years ago
playbooks remove gitea 3 weeks ago
roles change repo port 3 weeks ago
test-role remove pihole & drone 3 weeks ago
.ansible-lint linting 1 year ago
.drone.yml add .drone.yml 1 year ago
.gitignore add vault file 3 years ago
.gitmodules add git module aur 3 years ago
.markdownlint.yaml add .markdownlint.yaml 1 year ago
.yamllint linting 1 year ago
README.md fix readme 1 year ago
ansible-vault-pass.sh add recovery vault password from bitwarden 1 year ago
ansible.cfg merge dict 3 weeks ago
makefile add vault edit to makefile 2 months ago
production create hashicorpstack group 2 months ago
provisionning.yml move provissionning playbook on root 3 months ago
site.yml create hashicorpstack group 2 months ago
staging add nomad to vmas-hml 1 month ago

README.md

ansible

commande ansible

launch playbook on staging `ansible-playbook -i staging site.yml --vault-password-file=./ansible-vault-pass.sh

init new role architecture ansible-galaxy user_config init

launch ansible bootstrap ansible-playbook -i nas, bootstrap.yml -u root --ask-pass

encrypt string ansible-vault encrypt_string

avant de lancer le playbook

  • vérifier que l'identité SSH et bien enregistrer dans l'agent
  • si la machine a déja une partie des logiciel instalé forcé l'upgrade (il vaut mieux partir d'une machien from scratch que d'une machine a moitier passé par le playbook)
  • si le role userconfig est déja descendu s'assurer que le repo local de la machine n'a pas de modification a pushé

Prerequis

  • python
  • sudo

TODO

Global Roles

  • system role:

    • install ansible aur module
    • soft install (zsh,vim,)

  • user profil config

  • ansible bootstrap

    • install python
    • install sudo
    • create user
    • copy clé RSA

  • samba automount role

    • géré les credential en fichier
    • initialisé les variable pour les diferent périphérique

  • davfs mount

  • VM server

  • syncthing role

Workstation roles

  • mpd role

  • ansible manager

    • install ansible
    • install ansible aur module
    • clone ansible repo

  • workstation role

  • -need to check for nvidia drver

  • cups

  • bluetooth et tlp pour laptop

  • grubtheme

Server Roles

  • terminfo

  • server role

    • cron
    • msmtp

  • rsyncd role

  • failtoban role

  • nginx/php role

    • install
    • config

  • dns role -slave/primary

  • mariadb role

    • install
    • config
    • (voir pouquoi l'init de mysql ne fonctionne pas dans ansible)

  • tt-rss role

    • depend nginx & madiadb role
    • fail2ban jail

  • gitea role

    • depend of mariadb role

  • backup role?

    • controle du reboot

global improvment

  • voir pour compatibiliser debian
  • variabiliser