Tyler/Ansible-Linux_Base
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity
Ansible-Linux_Base/README.md

64 lines
4.5 KiB
Markdown
Raw Blame History

# Ansible-Linux_Base
Configures a Linux machine to the corporate base image from default install media
## Requirements
If the "base_core_hostname" variable is defined, it is recommended to set the ansible_ssh_common_args variable for the host to the following setting so the regeneration of the SSH host keys will not cause an error.
| Variable | Value |
| ----------------------- | ------------------------------------------------------------- |
| ansible_ssh_common_args | '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' |
## Role Variables
### Core Variables
| Variable | Required | Default | Choices | Comments |
| -------------------------------------------- | -------- | ------------ | ----------- | ---------------------------------------------------------------------- |
| base_core_management_user | No | ansible_user | | Defines the account that ansible will use for management in the future |
| base_core_install_updates | Yes | True | True, False | Install all available updates for the distro at runtime |
| base_core_hostname | No | "" | | Defines the computer hostname |
| base_core_motd_banner | No | "" | | Banner to be added to MOTD if desired |
| base_core_ssh_permit_root_login | Yes | False | True, False | Permits the use of root logins for ssh |
| base_core_ssh_permit_password_authentication | Yes | False | True, False | Permits the use of passwords for ssh |
| base_core_cert_common_name | No | nodename | | Common name for created self-signed cert |
| base_core_root_ca_basename | No | "" | | Basename of the cert for local system reference |
| base_core_root_ca_convert | Yes | False | True, False | Converts the defined certificate from DER to PEM type |
| base_core_root_ca_url | No | "" | | URL of a Root CA to install |
| base_core_web_management | Yes | False | True, False | Enables installation of the Cockpit web management package(s) |
## Example
Execute playbook with needed variables
`ansible-playbook -i hosts site.yml --ask-pass --ask-become-pass`
Inventory File:
```yaml
---
# file: hosts.yml
prod:
hosts:
prod-svr01:
ansible_host: 192.168.0.10
base_core_hostname: "prod-svr01"
prod-svr02:
ansible_host: 192.168.0.11
vars:
ansible_ssh_common_args: '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
base_core_ssh_permit_password_authentication: true
ansible_user: ansible
"#########################################################################################\n ___ _ _____ __ \n / |_ _____ ____ ____ _(_)___ ____ _ / ___/__ _______/ /____ ____ ___ _____\n / /| | | / / _ \\/ __ \\/ __ `/ / __ \\/ __ `/ \\__ \\/ / / / ___/ __/ _ \\/ __ `__ \\/ ___/\n / ___ | |/ / __/ / / / /_/ / / / / / /_/ / ___/ / /_/ (__ ) /_/ __/ / / / / (__ ) \n/_/ |_|___/\\___/_/ /_/\\__, /_/_/ /_/\\__, / /____/\\__, /____/\\__/\\___/_/ /_/ /_/____/ \n /____/ /____/ /____/ \n \n#########################################################################################"
```
### Tags
Available tags for the role:
| Role | Tags |
| ---- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
| Base | all, authorized_key, automatic_updates, cert, firewall, hostname, kernel, motd, password_auth, root_ca, root_login, ssh, time_sync, web_management |
Reference in a new issue View git blame Copy permalink