dany/ansible-practice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add finished excesile

Browse Source
This commit is contained in:
Dany LE 2025-04-11 07:52:16 +00:00
parent 7f5aa23b3c
commit 5fd628a7d8
23 changed files with 210 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
1-1.practice-k8s.cloud.html
View File

@ -1,12 +0,0 @@
<html>
<head>
<title>Machine 1-1.practice-k8s.cloud</title>
</head>
<body>
<p>Cette machine sappelle 1-1.practice-k8s.cloud</p>
<p>Ci-dessous la liste de ces adresses :</p>
<ul>
IP : 10.75.40.101
</ul>
</body>
</html>

12
1-2.practice-k8s.cloud.html
View File

@ -1,12 +0,0 @@
<html>
<head>
<title>Machine 1-2.practice-k8s.cloud</title>
</head>
<body>
<p>Cette machine sappelle 1-2.practice-k8s.cloud</p>
<p>Ci-dessous la liste de ces adresses :</p>
<ul>
IP : 10.76.132.143
</ul>
</body>
</html>

12
8-1.practice-k8s.cloud.html Normal file
View File

@ -0,0 +1,12 @@
<html>
<head>
<title>Machine 8-1.practice-k8s.cloud</title>
</head>
<body>
<p>Cette machine sappelle 8-1.practice-k8s.cloud</p>
<p>Ci-dessous la liste de ces adresses :</p>
<ul>
IP : 51.68.83.215
</ul>
</body>
</html>

12
8-2.practice-k8s.cloud.html Normal file
View File

@ -0,0 +1,12 @@
<html>
<head>
<title>Machine 8-2.practice-k8s.cloud</title>
</head>
<body>
<p>Cette machine sappelle 8-2.practice-k8s.cloud</p>
<p>Ci-dessous la liste de ces adresses :</p>
<ul>
IP : 217.182.93.152
</ul>
</body>
</html>

5
ansible.cfg
View File

@ -12,10 +12,11 @@
[defaults] [defaults]
inventory = inventory.ini inventory = inventory.ini
#remote_user = user-ansible remote_user = user-ansible
host_key_checking = false host_key_checking = false
#vault_password_file = /root/ansible/vault.key vault_password_file = /root/workspace/ansible-practice/vault.key
#callbacks_enabled = timer, profile_roles, profile_tasks #callbacks_enabled = timer, profile_roles, profile_tasks
log_path=/tmp/ansible_log.txt
[privilege_escalation] [privilege_escalation]
become = True become = True

1
ansible_vault_key_1.txt Normal file
View File

@ -0,0 +1 @@
dany

1
ansible_vault_key_2.txt Normal file
View File

@ -0,0 +1 @@
lxsang

2
apache-inventaire.conf.tag.yml
View File

@ -1,6 +1,6 @@
--- ---
- name: "Apache installation" - name: "Apache installation"
hosts: 1-1.practice-k8s.cloud hosts: 8-1.practice-k8s.cloud
tasks: tasks:
- name: "Apache package installation" - name: "Apache package installation"
yum: yum:

2
apache-inventaire.conf.yml
View File

@ -1,6 +1,6 @@
--- ---
- name: "Apache installation" - name: "Apache installation"
hosts: 1-1.practice-k8s.cloud hosts: 8-1.practice-k8s.cloud
tasks: tasks:
- name: "Apache package installation" - name: "Apache package installation"
yum: yum:

2
apache-when.yml
View File

@ -1,6 +1,6 @@
--- ---
- name: "Apache installation" - name: "Apache installation"
hosts: 1-1.practice-k8s.cloud hosts: 8-1.practice-k8s.cloud
tasks: tasks:
- name: "Apache package installation" - name: "Apache package installation"
yum: yum:

46
block-example.yml Normal file
View File

@ -0,0 +1,46 @@
---
- name: Create user {{ user }}
hosts: labs
vars:
user: webadmin
sshkey: /home/rocky/.ssh/id_rsa.pub
tasks:
- name: Execute block
block:
- name: Create user {{ user }}
ansible.builtin.user:
name: "{{ user }}"
create_home: true
state: present
- name: Set authorized key taken from file
ansible.posix.authorized_key:
user: "{{ user }}"
key: "{{ lookup('file', '{{ sshkey }}') }}"
state: present
- name: Test ssh connexion
ansible.builtin.command: su - rocky -c 'ssh -o StrictHostKeyChecking=no {{ user }}@{{ item }} "exit 0"'
delegate_to: localhost
become: false
register: ssh_out
changed_when: false
with_items:
- "{{ groups['labs'] }}"
rescue:
- name: Delete user {{ user }}
ansible.builtin.user:
name: "{{ user }}"
state: absent
always:
- name: Show user info
ansible.builtin.command: id {{ user }}
changed_when: false
register: info
- name: Write log to file
ansible.builtin.lineinfile:
line: "{{ info }}"
path: /tmp/ansible.log
delegate_to: localhost

25
install-apache.yml
View File

@ -2,23 +2,40 @@
# name : le nom du playbook (apporte de la clarté au code) # name : le nom du playbook (apporte de la clarté au code)
- name: "Apache Installation" - name: "Apache Installation"
# hosts : la liste des machines sur lesquels nous allons travailler # hosts : la liste des machines sur lesquels nous allons travailler
hosts: 1-1.practice-k8s.cloud hosts:
- "{{targethost}}"
vars:
targethost: 8-1.practice-k8s.cloud
# tasks : une liste dinstructions à dérouler # tasks : une liste dinstructions à dérouler
tasks: tasks:
- name: "Install apache package" - name: "Install apache package"
# module pour linstallation du package # module pour linstallation du package
dnf: ansible.builtin.dnf:
# Les differentes options # Les differentes options
name: "httpd" name: "httpd"
state: "present" state: "present"
- name: "Start apache service" - name: "Start apache service"
service: ansible.builtin.service:
name: "httpd" name: "httpd"
state: "started" state: "started"
enabled: yes enabled: yes
- name: "Copy www.html" - name: "Copy www.html"
copy: ansible.builtin.copy:
src: "www.html" src: "www.html"
dest: "/var/www/html" dest: "/var/www/html"
owner: "apache" owner: "apache"
group: "apache" group: "apache"
- name: "Test web server connection"
ansible.builtin.uri:
url: http://{{targethost}}/www.html
status_code: 200
register: response
ignore_errors: true
- name: show response
ansible.builtin.debug:
var: response
- name: Check result code
ansible.builtin.assert:
that: response.status == 200
success_msg: "OK"
fail_msg: "NOK"

11
intranet-pass.yml
View File

@ -1,6 +1,7 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
65376531313239623939643133356639373562356264326464396437313436376562626435333164 30653865313062653836366530316565613438363032333963353433393436613137643662636562
6364363234356264353131366165656564376264306162360a303431616164613666646564663030 3132323239373166663338383066663938386562393933650a633133353862613833323766353238
35646439613736383763663831613130383536353934333331393031316333656666363163383066 37643064316662633261363464356236326465303338363764363161616464613237316239646236
3639623834353531350a363035633661396438643332393331373536623163373265346333623832 3235383438663632340a363534303736613539323432623166376465326239363664343365643237
35613039623163646536646164336139336231643031666364393934316461653163 64376339373835346536666432623238616464643334353238303661303964353432636339383833
3939366431616435626562613365383939663061656464383966

12
inventory.ini
View File

@ -1,17 +1,17 @@
[labs] [labs]
1-1.practice-k8s.cloud 8-1.practice-k8s.cloud
1-2.practice-k8s.cloud 8-2.practice-k8s.cloud
[all:vars] # Prend le dessus sur tout ! [all:vars] # Prend le dessus sur tout !
ansible_ssh_user=rocky # ansible_ssh_user=rocky
ansible_ssh_private_key_file=/home/rocky/.ssh/id_rsa ansible_ssh_private_key_file=/home/rocky/.ssh/id_rsa
[apache] [apache]
1-1.practice-k8s.cloud 8-1.practice-k8s.cloud
[mysql] [mysql]
1-2.practice-k8s.cloud 8-2.practice-k8s.cloud
[dockerhost] [dockerhost]
1-2.practice-k8s.cloud 8-2.practice-k8s.cloud

2
jinja4.yml
View File

@ -3,7 +3,7 @@
hosts: all hosts: all
gather_facts: yes gather_facts: yes
vars: vars:
host_inventory: "1-1.practice-k8s.cloud" host_inventory: "8-1.practice-k8s.cloud"
inventory_dir: "/var/www/html/inventory" inventory_dir: "/var/www/html/inventory"
tasks: tasks:
- name: "Create template directory" - name: "Create template directory"

2
jinja5.yml
View File

@ -3,7 +3,7 @@
hosts: all hosts: all
gather_facts: yes gather_facts: yes
vars: vars:
host_inventory: "1-1.practice-k8s.cloud" host_inventory: "8-1.practice-k8s.cloud"
inventory_dir: "/var/www/html/inventory" inventory_dir: "/var/www/html/inventory"
tasks: tasks:
- name: "Create template directory" - name: "Create template directory"

10
partial-vault.yml
View File

@ -1,8 +1,8 @@
user: "alex" user: "alex"
pass : !vault | pass : !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
31643465373363646639363831636564363362663631653566353139343466653438333830636332 32373038623334303065613963653032333233366339323034303532366638376334313263326266
6137626364373038626663636630363366326631656532320a383761626130343037393762376638 3334386566643937306436623562393030383161626365370a343830376538336166623065613936
31363666616134633533636133663431396565356462633461373935633634643831376430306563 32363637666366396261316135336236323131313836336664636565333161356138386362363465
6334613131626562370a633263366539653439383434303966616432313933313962366335323831 3738373637366430340a313030663733343263356462346137383161383264333330633635346534
6264 6138

6
secret1.yml Normal file
View File

@ -0,0 +1,6 @@
$ANSIBLE_VAULT;1.1;AES256
33313038313931316263346263303766656637376365343031323135613461353364373932373534
3862386434396162333333306239636531393064656437310a343738336239343463316133636230
30616462353066653563316635373363623261626565636161636361333962613432316362376362
3238353362366630650a613261333830383234386230613839313639326462336236303965356363
65613832343538633939373430666134393765323434633234623430336336353631

6
secret2.yml Normal file
View File

@ -0,0 +1,6 @@
$ANSIBLE_VAULT;1.1;AES256
37663262313464386637646565303964663937336464353730633233323161666362393235653432
3933613166633735386531643166616138633234623133370a386638303037326431343532623331
31656230306164306638373934356238663938313536656339326237616433343230333963646262
3835633662653331320a333764646137393865363362343961386536306136393961326166386366
61363439623163386536663934633133656538313966656238643239616136363338

58
setup_user.yml Normal file
View File

@ -0,0 +1,58 @@
---
- name: Create user {{ user }}
hosts: labs
vars:
user: user-ansible
sshkey: /home/rocky/.ssh/id_rsa.pub
sshpriv: /home/rocky/.ssh/id_rsa
tasks:
- name: Create user {{ user }}
ansible.builtin.user:
name: "{{ user }}"
create_home: true
state: present
- name: Add user to sudoer {{ user }}
community.general.sudoers:
name: "{{ user }}"
user: "{{ user }}"
nopassword: true
commands: ALL
state: present
- name: Set authorized key taken from file
ansible.posix.authorized_key:
user: "{{ user }}"
key: "{{ lookup('file', '{{ sshkey }}') }}"
state: present
- name: Test ssh connexion
ansible.builtin.command: ssh -i {{ sshpriv }} {{ user }}@{{ item }} sudo -l
delegate_to: localhost
become: false
register: ssh_out
changed_when: false
ignore_errors: true
with_items:
- "{{ groups['labs'] }}"
- name: Log SSH command result
ansible.builtin.debug:
var: item
when: item.rc == 0
with_items:
- "{{ ssh_out['results'] }}"
- name: Check if user can execute sudo
ansible.builtin.command: sudo -l
become: true
become_user: "{{ user }}"
register: sudo_out
changed_when: false
ignore_errors: true
- name: Log sudo -l command
ansible.builtin.debug:
var: sudo_out
when: sudo_out.rc == 0

20
show-secrets.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Show secrets
hosts: localhost
vars:
secrets:
- secret1.yml
- secret2.yml
tasks:
- name: load secrets
ansible.builtin.include_vars:
file: "{{ item }}"
with_items:
- "{{ secrets }}"
register: clear_secrets
- name: Afficher variables
ansible.builtin.debug:
var: item.ansible_facts
with_items:
- "{{ clear_secrets['results'] }}"

2
vault.key
View File

@ -1 +1 @@
alexandre dany

2
www.html
View File

@ -1 +1 @@
Ansible <> Bonjour ! Ansible <> Bonjour 14:08!