|
|||||||||
ansible の変更点
#author("2018-09-06T07:26:23+00:00","default:pentacle","pentacle")
* install [#ic0cb202]
''cent7''
yum -y install epel-release
yum -y install ansible
''cygwin''
[[apt-cyg]]
apt-cyg install python-setuptools
apt-cyg install gcc-core python-devel openssl-devel libffi-devel python-crypto
easy_install-2.7 pip
pip install --upgrade pip setuptools
pip install ansible
mkdir /etc/ansible
cat > /etc/ansible/ansible.cfg
[ssh_connection]
ssh_args = -o ControlMaster=no
実行するときは下記環境で。
eval `ssh-agent`
ssh-add ~/.ssh/id_rsa
*setup [#oa7784b9]
ちょっと使い方変かもしれんけど・・cent入れた直後って su しか使えないんだもの
''user.yml''
---
- hosts: all
become: yes
tasks:
- name: create group
group: name=wheel
- name: add users that join to group (wheel and usergroup)
user: name=【user】 shell=/bin/bash state=present groups=wheel
- name: authorized_key
authorized_key: user=【user】 state=present key="{{lookup('file', '~/.ssh/authorized_keys') }}"
- name: add sudoers
lineinfile:
dest="/etc/sudoers.d/【user】"
line="【user】 ALL=(ALL:ALL) NOPASSWD:ALL"
create=yes
ansible-playbook --become-method=su --ask-become-pass -i 【host名】, user.yml
''cent.yml''
#pre{{
---
- hosts: all
become: yes
tasks:
- name: upgrade all packages
yum: name=* state=latest
- name: isntall basic pack
yum: name=emacs,epel-release,nmap,lrzsz,yum-utils,zip,unzip,wget,bind-utils,telnet,curl,bash-completion,net-tools,samba-client,samba-winbind,cifs-utils disable_gpg_check=no state=installed
- name: sshd
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^PasswordAuthentication"
insertafter: "^#PasswordAuthentication"
line: "PasswordAuthentication no"
- name:
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^PermitRootLogin"
insertafter: "^#PermitRootLogin"
line: "PermitRootLogin no"
- name: set sshd ChallengeResponseAuthentication
lineinfile: dest=/etc/ssh/sshd_config
regexp="^ChallengeResponseAuthentication "
insertafter="^#ChallengeResponseAuthentication "
line="ChallengeResponseAuthentication no"
state=present
- name: set sshd PermitEmptyPasswords
lineinfile: dest=/etc/ssh/sshd_config
regexp="^PermitEmptyPasswords "
insertafter="^#PermitEmptyPasswords "
line="PermitEmptyPasswords no"
state=present
- name: reboot sshd
service:
name: sshd
state: restarted
- name: set timezone
timezone:
name: Asia/Tokyo
- name: download Oracle JDK 8
get_url: url=http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.rpm dest=/root/jdk-8u131-linux-x64.rpm headers="Cookie:' gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie'" validate_certs=no owner=root group=root mode=744
- name: install JDK 8 from a local file
yum: name=/root/jdk-8u131-linux-x64.rpm state=present
}}
''personal.yml''
#pre{{
---
- hosts: all
tasks:
- name: bashrc
blockinfile:
dest: ~/.bashrc
content: |
alias ls='ls -F'
alias .='cd `/bin/pwd`'
alias ..='cd `/bin/pwd`; cd ..'
alias rm='rm -f'
alias mv='mv -i'
alias pwd='/bin/pwd'
alias cut='cut -d,'
alias sort='sort -t,'
alias join='join -t,'
alias emacs='emacs -no-splash'
alias emasc='emacs -no-splash'
complete -d cd
function date2unix(){
date +%s --date "$1 $2"
}
function unix2date(){
date -d @$1 +'%Y/%m/%d %H:%M:%S'
}
export _JAVA_OPTIONS="-Djava.net.preferIPv4Stack=true -Dfile.encoding=UTF-8"
export PS1="\n<\u@\h>\n[\w]: "
- name: emacs
copy: src=~/.emacs dest=~/.emacs
}}
''cent-pg.yml''
#pre{{
---
- hosts: all
become: yes
tasks:
- name: postgres
yum: name=https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm
- name: postgres
yum: enablerepo=epel name=postgresql96,postgresql96-server,postgresql96-libs,postgresql96-contrib,postgresql96-devel,postgis24_96-client,postgis24_96-utils
}}
----
* ubuntu [#u00ccd7d]
ansible-playbook --ask-pass --ask-become-pass -i 【hostname】, -e 'ansible_python_interpreter=/usr/bin/python3' ubuntu.yml
|
|||||||||