vincent/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
242 Commits 1 Branch 0 Tags 463 KiB
Makefile 100%
3b564799b6
Go to file
vincent 3b564799b6
Some checks failed
continuous-integration/drone/push Build is failing
Details
add .markdownlint.yaml
2021-04-22 10:44:36 +02:00
group_vars add shell to drone-depoy 2021-04-20 11:45:44 +02:00
host_vars review variable for virtual machine 2020-10-08 17:51:52 +02:00
library uodate library aur 2020-01-18 11:40:47 +01:00
roles linting 2021-04-22 09:44:46 +02:00
test-role linting 2021-04-22 09:44:46 +02:00
.ansible-lint linting 2021-04-22 09:44:46 +02:00
.drone.yml add .drone.yml 2021-04-22 10:28:30 +02:00
.gitignore add vault file 2019-04-09 17:39:04 +02:00
.gitmodules add git module aur 2019-04-11 18:50:53 +02:00
.markdownlint.yaml add .markdownlint.yaml 2021-04-22 10:44:36 +02:00
.yamllint linting 2021-04-22 09:44:46 +02:00
ansible-vault-pass.sh add recovery vault password from bitwarden 2021-03-14 20:31:12 +01:00
ansible.cfg add roles to ansible roles path 2021-04-19 13:15:49 +02:00
bootstrap.yml linting 2021-04-22 09:44:46 +02:00
build.yml linting 2021-04-22 09:44:46 +02:00
debian.yml linting 2021-04-22 09:44:46 +02:00
global.yml move chisel from glbal to specific playbook 2021-03-21 19:12:30 +01:00
music-player.yml linting 2021-04-22 09:44:46 +02:00
production review inventory 2021-03-22 21:29:09 +01:00
provisionning.yml linting 2021-04-22 09:44:46 +02:00
README.md add recovery vault password from bitwarden 2021-03-14 20:31:12 +01:00
server.yml linting 2021-04-22 09:44:46 +02:00
site.yml review inventory 2021-03-22 21:29:09 +01:00
staging review inventory 2021-03-22 21:29:09 +01:00
workstation.yml linting 2021-04-22 09:44:46 +02:00

README.md

ansible

commande ansible

launch playbook on staging `ansible-playbook -i staging site.yml --vault-password-file=./ansible-vault-pass.sh

init new role architecture ansible-galaxy user_config init

launch ansible bootstrap ansible-playbook -i nas, bootstrap.yml -u root --ask-pass

encrypt string ansible-vault encrypt_string

avant de lancer le playbook

  • vérifier que l'identité SSH et bien enregistrer dans l'agent
  • si la machine a déja une partie des logiciel instalé forcé l'upgrade (il vaut mieux partir d'une machien from scratch que d'une machine a moitier passé par le playbook)
  • si le role userconfig est déja descendu s'assurer que le repo local de la machine n'a pas de modification a pushé

Prerequis

  • python
  • sudo

TODO

Global Roles

  • system role:

    • install ansible aur module
    • soft install (zsh,vim,)

  • user profil config

  • ansible bootstrap

    • install python
    • install sudo
    • create user
    • copy clé RSA

  • samba automount role

    • géré les credential en fichier
    • initialisé les variable pour les diferent périphérique

  • davfs mount

  • VM server

  • syncthing role

Workstation roles

  • mpd role

  • ansible manager

    • install ansible
    • install ansible aur module
    • clone ansible repo

  • workstation role

  • -need to check for nvidia drver

  • cups

  • bluetooth et tlp pour laptop

  • grubtheme

Server Roles

  • terminfo

  • server role

    • cron
    • msmtp

  • rsyncd role

  • failtoban role

  • nginx/php role

    • install
    • config

  • dns role -slave/primary

  • mariadb role

    • install
    • config
    • (voir pouquoi l'init de mysql ne fonctionne pas dans ansible)

  • tt-rss role

    • depend nginx & madiadb role
    • fail2ban jail

  • gitea role

    • depend of mariadb role

  • backup role?

    • controle du reboot

global improvment

  • voir pour compatibiliser debian
  • variabiliser