Ansible

Ansible playbook repository
https://github.com/panticz/ansible

Install Ansible Server
http://www.panticz.de/install-ansible

Ansible syntax (YAML)
http://docs.ansible.com/ansible/YAMLSyntax.html

Configuration files
http://docs.ansible.com/ansible/intro_configuration.html#host-key-checking
/etc/ansible/ansible.cfg - global default configuration
~/.ansible.cfg - local global configuration
/etc/ansible/hosts - default inventory file

Ignore host key
# inventory
[all:vars]
#host_key_checking=false
ansible_ssh_common_args='-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'

sed -i 's|#host_key_checking = False|host_key_checking = False|g' /etc/ansible/ansible.cfg

# /etc/ansible/ansible.cfg or ~/.ansible.cfg file:
[defaults]
host_key_checking = False

# variable:
export ANSIBLE_HOST_KEY_CHECKING=False

# command line:
ansible-playbook -e 'host_key_checking=False' yourplaybook.yml

Copy SSH key to clients and install required applications
for HOST in $(cat /etc/ansible/hosts | grep -v "[\[|#]" | grep -v '^$' | sort -u); do
ssh-copy-id -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa.pub root@${HOST}
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${HOST} apt-get install -y sudo python
done

Run command for specific host
ansible-playbook /etc/ansible/playbooks/example.yml --limit www.example.com

Structure
site.yml
webservers.yml
fooservers.yml
roles/
common/
files/
templates/
tasks/
handlers/
vars/
defaults/
meta/
webservers/
files/
templates/
tasks/
handlers/
vars/
defaults/
meta/

Documentation
ansible-doc -l
ansible-doc apt -s
http://docs.ansible.com/ansible/test_strategies.html
http://docs.ansible.com/ansible/intro_adhoc.html
http://docs.ansible.com/ansible/playbooks_conditionals.html
http://docs.ansible.com/ansible/playbooks_roles.html

Modules
http://docs.ansible.com/ansible/lxc_container_module.html
http://docs.ansible.com/ansible/git_module.html
http://docs.ansible.com/ansible/apt_module.html
http://docs.ansible.com/ansible/cron_module.html
http://docs.ansible.com/ansible/list_of_database_modules.html

Variables
http://docs.ansible.com/ansible/playbooks_variables.html

Ansible galaxy
ansible-galaxy install
https://galaxy.ansible.com/bennojoy/network_interface/ - Network configuration
https://github.com/Oefenweb/ansible-postfix
https://galaxy.ansible.com/geerlingguy/gitlab/

# ssh
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null
ssh_args = -o ForwardAgent=yes

# install python manual
ansible host_name -i inventory_name -m raw -a "apt-get update && apt-get install -y python-minimal"

# configure valut
apg -a1 -m32 -n1 > ~/.ansible/.vault_pass.txt
echo "export ANSIBLE_VAULT_PASSWORD_FILE=~/.ansible/.vault_pass.txt" >> ~/.bashrc

# find encrypted values
find -name *.enc.* -exec ansible-vault view {} \; | grep foo

ansible-vault encrypt ~/ansible/host_vars/www.example.com.yml.enc
# https://dantehranian.wordpress.com/2015/07/24/managing-secrets-with-ansible-vault-the-missing-guide-part-1-of-2/

manage OpenWRT with Ansible
opkg install python-light openssh-sftp-server
opkg install python-light python-codecs python-logging python-openssl
opkg install python

Ansible command line options
https://liquidat.wordpress.com/2016/02/29/useful-options-ansible-cli/
ansible-playbook --syntax-check www.example.com.yml
ansible-playbook --list-hosts www.example.com.yml
ansible-playbook --list-tasks www.example.com.yml

Create customized module
http://blog.toast38coza.me/custom-ansible-module-hello-world/

nmcli module - NetworkManager command line tool
https://github.com/alcamie101/ansible-nmcli#examplesnmcli

Links
https://galaxy.ansible.com/list#/roles
https://serversforhackers.com/an-ansible-tutorial
https://sysadmincasts.com/episodes/43-19-minutes-with-ansible-part-1-4