Ansible inventory and collection for testing ivansible roles.
ansible-playbook playbooks/run-role.yml -e role=ivansible.role_name -l vag2 -e param1=value1...
./bin/role [ivansible].role1[,role2...] host1,host2 -e param1=value1...
Note that role allows you to abbreviate long role names
like ivansible.role_name as .role-name (with a leading dot). However,
if role owner is not ivansible, you cannot omit it. Also you should use
the full role name with ansible-playbook.
Also, role allows to:
- use dashes instead of underscores in role names;
- list multiple roles as well as multiple hosts separated by commas.
Tasks tagged with ip4only are expected to fail on ipv6-only hosts.
Please provide the --skip-tags ip4only switch as a workaround.
This type of operations is called enter in ivansible parlance. Example operations follow below.
Enter a Vultr box by root password, probing for custom SSH port and then switching to this port, create a new user (trying to make uid=1000), and finally install python2 and authorize my default private key. You can try IPv4 address, IPv6 address or DNS hostname after comma.
ivantory-lin-enter 172.1.2.3 -v -u myuser -p 8822 -k files/keys/ssh.key -r secret
Enter a box already added to repository:
ivantory-lin-enter vag2 -K default
Enter a new Vultr box initialized with root password and enable UFW:
ivantory-lin-enter 172.1.2.3 --rootpass secret --ufw
Enter a new Vultr box initialized with SSH key:
ivantory-lin-enter 172.1.2.3 --keyfile files/secret/keys/newbox.key
Enter a new virtobox vagrant box:
ivantory-lin-enter vag3.dev --port 8822 --new-keyfile files/secret/keys/newbox.key
Full syntax:
ivantory-lin-enter 172.1.2.3 -e linen_pass='secret' -e linen_user=myuser -e linen_port=8822 -e linen_keyfile=default -e linen_login_methods=4 [-e linen_ufw=true]
./bin/lin-refresh host1,host2
Instantly updates time, packages and kernel on a linux machine.
Hosts in the vagrant group will have their apt packet sources
switched to presumably faster mirror.yandex.ru.
If you list multiple targets, the script will switch to the free
play strategy, allowing for faster parallel upgrades.
Otherwise, the script will fall back to the linear strategy.
ansible-playbook plays-all/workspace.yml -l host1,host2
Available parameters:
refresh(default:no) -- upgrade packages and kernelivantory(default:no) -- deployivantoryroles and playbooks
There is so called revssh host entry in the vagrant group.
This entry allows to perform ansible operations on hosts behind NAT
(aka. poor man's ansible pull).
The ansible_port setting in this entry defines reverse port
forwarding.
First, login to ansible controller while reverse-forwarding local SSH port, e.g.:
ssh -R 8822:localhost:22 controller.host.name
Now you can run playbooks on the controller host against the
virtual revssh entry:
cd <ansible_directory>
ansible revssh -m ping
ansible revssh -m shell -a "hostname && uname -a"
There is only one entry, so you cannot control multiple hosts this way.
Download deex1.key into ~\.ssh\deex1.key on windows.
Powershell terminal on windows:
> cat ~\.ssh\deex1.key # print key to windows terminal
> cd C:\abyss\vagrant\vag1
> vg up
> vg ssh # or login from mobassh teminalBash terminal on vagrant box:
$ cat > vakey
-----BEGIN RSA PRIVATE KEY-----
... paste the key here ...
-----END RSA PRIVATE KEY-----
^D
$ chmod 600 vakey
$ port=2022
$ ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
-R 8822:localhost:$port -i ~/vakey -p $port -l deex zeus.You are logged into zeus:
$ cd devel/ivantory
$ ansible -m ping revssh # should reply "pong"
$ ./bin/play ivantory revssh -e real_ssh_port=2022 [-e ivantory=yes]Notes:
- without explicit
real_ssh_port, the play will incorrectly detect the value ofansible_portas 8822 and configure firewall incorrectly - you must log into
vag1anew for changes to take effect - remove
vakeywhen done
OpenVZ resets /etc/hosts on every boot.
These playbooks contain a special tag etc_hosts for all tasks that update hosts.
- vag1 - enter-bionic controller 1Gb RAM
- vag2 - enter-xenial
- vag3 - enter-bionic
- vag4 - enter-xenial python2 only
- vag5 - enter-xenial python3 only
- vag6 - enter-bionic python2 only
- vag7 - enter-bionic python3 only
- vag8 - bento/xenial port 22 user vagrant
- vag9 - bento/bionic port 22 user vagrant
python2 boxes lack:
- python3
- snapd
- ufw
- lsb-release
- lxd
- apparmor
- ubuntu-minimal
- software-properties-common
- ssh-import-id
python3 boxes lack:
- python2
- samba-libs
- samba-common-bin
GPL v3
Copyright (c) 2018-2020, IvanDeex