ansible-pull looks good

2026-01-24 21:40:17 +00:00 · 2018-12-21 21:14:32 -05:00
parent f8ed6970e4
commit d56f93997d
6 changed files with 77 additions and 62 deletions
--- a/roles/common/tasks/ansible-pull.yml
+++ b/roles/common/tasks/ansible-pull.yml
@@ -1,16 +1,13 @@
 - name: Add ansible cron job
  copy:
-    content: |
-    #!/bin/bash
-    cd /var/thunix/ansible
-    git pull
-    ansible-playbook -i ./hosts ./site.yml -u root
+    src: ../files/ansible-pull
    dest: /etc/cron.hourly/ansible-pull
    owner: root
+    mode: 744
    
 - name: Adding ansible git repo locally
-  git: https://tildegit.org/thunix/ansible.git
-    repo: 'https://tildegit.org/thunix/www.git'
+  git:
+    repo: 'https://tildegit.org/thunix/ansibe.git'
    dest: /var/thunix/ansible
    
 - name: adding deploy key
@@ -19,8 +16,8 @@
    state: present
    key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2ZFqUDHL4KTkjqaNdWLGVPyHfz7uBh7j48uab1ywbOScDIvW/6Lhnxg41J48o0IGASyT0ijwBX6Se/IkKM6vHVJ5H7wEIZ1YL1351ytacZ7/zsh/LWvGi3YkMblboN6SesXwXnvih9dWWMpW/ifz10IeOw7cB5OjIomIYTre3J5f4WmqYCB4NxDHAVSszv62wZrnpb6QrQOG4YvbxvhynHEJN2OmvMPufIjICZap/fGd3BtFafWSjCL4ZbBnNK9TlwGw6LFeJrHHoL77prwl/tIFr+XQg1FnzNAbhT0QEgF/7LasrjrgjK06yHWEOw0eWDKRAAHvXJ9ESwP6NWi9CBkV2gVBDzJUyKREPQNg+LZ5xNQoP9x4bSglhnPSoE8YYLIkgApaUVhTuWbBB+vtsEgK5HI9X63jCfYUpRwOXw+S6YMI8wo+ZFMLY1uQi66/3w+nyg0jp/+3VVUK6wEv5f+7iO5KVaLM1KY9GYwZmixJgOukJzC9MT3vHF60+fZFAZMB5iTjhBGYdHpGPDpOyICYuo7uKpmSPa72GfuSE6oZ6ighJyQEONWIKF+fr0ngb1/N7f6yns1qyJ1rd9PyQ08moSsbBeVCmR963rmv+RrYA756KXxLrsH4UOtVQFO/8vwjTkigXf2Xc+85YTrXJV+w5xS6RQUwuoc+GrerJsw=="
    
- - name: adding deploy key
-   authorized_key:
-     user: root
-     state: present
-     key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWGH2FhPe/TB1zhF4vQPn0xg4e0RI6baNJrINPROcGg8oHDnhHx7WtBY5SIT9dYhUR07SWFooxygKNYiUaZ02oTZfWsAo1zv50cP6G0GqYGDuETp7s9pzgpRFgHfPAEo4fbe6gSGK1FsgxSQOjE7Us5IE6GIQK5kqIV9N5AZIuKgwur7XiB6hIcMQHJ/UV0YQezvWcprxPFOYPTy8VszF+BenjqkHXcD3OK8CsoxKPd3UFV1Ah4JTgf+WnQGz5T4wffWVwDAP/+6SImkyqMH7sa9h+2gjKaWvrgTu+2K73JxyFBbpgIlJVOZpyTVP89STz5ZIGJa3Ul3bJiYOQ4yooaE4BhtSjaH3neaAF5mD/h7QftooifixkLYzZQf3jGJuX2OqpnWu+C0CySNR2FtyuQcU5xsqGgUhQ9SP3SjxkVk79ixbtH5UDeRabNrx1mX35LJVLBgUbsm+ailYGQYM55n7UPAEEVaWmNEZg9FwLVdX5BAf4Rc3NC5mNRIj5FL1Vu9nYqybiO50nf+UozfxmFyy5GLYSHIVs6U4ICpwAd9h7T/8pO5cgRAhANe7Umqtubkdi+jmRx57i0qlnC2cPYa/4Zp/dCIg5WyIMkO9SIIhIznkwLMQULdS7SsunTZfSp1YxPwAmLlnpobuneHTR7iQ4l/dIrJHIXyIA9ZxYFw=="
+- name: adding deploy key
+  authorized_key:
+    user: root
+    state: present
+    key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWGH2FhPe/TB1zhF4vQPn0xg4e0RI6baNJrINPROcGg8oHDnhHx7WtBY5SIT9dYhUR07SWFooxygKNYiUaZ02oTZfWsAo1zv50cP6G0GqYGDuETp7s9pzgpRFgHfPAEo4fbe6gSGK1FsgxSQOjE7Us5IE6GIQK5kqIV9N5AZIuKgwur7XiB6hIcMQHJ/UV0YQezvWcprxPFOYPTy8VszF+BenjqkHXcD3OK8CsoxKPd3UFV1Ah4JTgf+WnQGz5T4wffWVwDAP/+6SImkyqMH7sa9h+2gjKaWvrgTu+2K73JxyFBbpgIlJVOZpyTVP89STz5ZIGJa3Ul3bJiYOQ4yooaE4BhtSjaH3neaAF5mD/h7QftooifixkLYzZQf3jGJuX2OqpnWu+C0CySNR2FtyuQcU5xsqGgUhQ9SP3SjxkVk79ixbtH5UDeRabNrx1mX35LJVLBgUbsm+ailYGQYM55n7UPAEEVaWmNEZg9FwLVdX5BAf4Rc3NC5mNRIj5FL1Vu9nYqybiO50nf+UozfxmFyy5GLYSHIVs6U4ICpwAd9h7T/8pO5cgRAhANe7Umqtubkdi+jmRx57i0qlnC2cPYa/4Zp/dCIg5WyIMkO9SIIhIznkwLMQULdS7SsunTZfSp1YxPwAmLlnpobuneHTR7iQ4l/dIrJHIXyIA9ZxYFw=="
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -6,3 +6,4 @@
 - include: resolv.yml
 - include: sshd.yml
 - include: motd.yml
+- include: ansible-pull.yml
--- a/roles/common/tasks/packages.yml
+++ b/roles/common/tasks/packages.yml
@@ -1,9 +1,14 @@
 # Install our baseline packages for all machines, irrespective of what role they might have
 ---
 - name: Install baseline packages
-  apt: name={{ item }} state=present
-  with_items:
-    - aptitude
-    - git
-    - python
-    - man
+  apt: 
+    name: "{{ packages }}"
+    state: present
+    update_cache: yes
+  vars:
+    packages:
+      - aptitude
+      - git
+      - python
+      - man
+
--- a/roles/common/tasks/users.yml
+++ b/roles/common/tasks/users.yml
@@ -4,10 +4,10 @@
    name: sudo
    state: present

-    - name: Allow 'sudo' group to have passwordless sudo
-      lineinfile:
-        dest: /etc/sudoers
-        state: present
-        regexp: '^%sudo'
-        line: '%sudo ALL=(ALL) NOPASSWD: ALL'
-        validate: visudo -cf %s
+- name: Allow 'sudo' group to have passwordless sudo
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^%sudo'
+    line: '%sudo ALL=(ALL) NOPASSWD: ALL'
+    validate: visudo -cf %s