squelette d'un playbook initial a passer lors de l'installation d'un serveur pour une premiere configuration fonctionnelle, + readme associe

configuration-initiale.yml

@@ -0,0 +1,12 @@
+---
+# Playbook permettant d'appliquer le role common sur un hote lors de l'install (configuration locales, ntp, premiers paquets, etc)
+
+- name: Deployer la configuration basique sur un hote
+  hosts: all
+  user: root
+  gather_facts: yes
+
+  roles:
+    - common
+
+# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:

roles/common/defaults/main.yml

@@ -0,0 +1,4 @@
+---
+
+initialize: False
+# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:

roles/common/files/root-.inputrc

@@ -0,0 +1,8 @@
+### THIS FILE IS DEPLOYED BY ANSIBLE
+
+# alternate mappings for "page up" and "page down" to search the history
+"\e[5~": history-search-backward
+"\e[6~": history-search-forward
+"\e[1;5C": forward-word   # ctrl + right
+"\e[1;5D": backward-word  # ctrl + left
+

roles/common/files/root-.profile

@@ -0,0 +1,12 @@
+if [ "$BASH" ]; then
+  if [ -f ~/.bashrc ]; then
+    . ~/.bashrc
+  fi
+fi
+
+mesg n
+
+echo
+echo "--- dernières modifications:"
+echo
+cat /root/README.localserver

roles/common/files/root-.vim-colors-wombat.vim

@@ -0,0 +1,52 @@
+" Maintainer:	Lars H. Nielsen (dengmao@gmail.com)
+" Cterm addition: Paul deGrandis
+" Last Change:	January 22 2007
+
+set background=dark
+
+hi clear
+
+if exists("syntax_on")
+  syntax reset
+endif
+
+let colors_name = "wombat"
+
+
+" Vim >= 7.0 specific colors
+if version >= 700
+  hi CursorLine guibg=#2d2d2d ctermbg=236	
+  hi CursorColumn guibg=#2d2d2d ctermbg=236
+  hi MatchParen guifg=#f6f3e8 guibg=#857b6f gui=bold ctermfg=230 ctermbg=101 cterm=bold
+  hi Pmenu 		guifg=#f6f3e8 guibg=#444444 ctermfg=230	 ctermbg=238
+  hi PmenuSel 	guifg=#000000 guibg=#cae682 ctermfg=0	 ctermbg=186
+endif
+
+" General colors
+hi Cursor 		guifg=NONE    guibg=#656565 gui=none   ctermfg=NONE ctermbg=241  cterm=none
+hi Normal 		guifg=#f6f3e8 guibg=#242424 gui=none   ctermfg=230  ctermbg=235  cterm=none
+hi NonText 		guifg=#808080 guibg=#303030 gui=none   ctermfg=244  ctermbg=236  cterm=none
+hi LineNr 		guifg=#857b6f guibg=#000000 gui=none   ctermfg=101  ctermbg=0    cterm=none
+hi StatusLine 	guifg=#f6f3e8 guibg=#444444 gui=italic ctermfg=230  ctermbg=238	 cterm=italic
+hi StatusLineNC guifg=#857b6f guibg=#444444 gui=none   ctermfg=101  ctermbg=238  cterm=none
+hi VertSplit 	guifg=#444444 guibg=#444444 gui=none   ctermfg=238  ctermbg=238  cterm=none
+hi Folded 		guibg=#384048 guifg=#a0a8b0 gui=none   ctermbg=237  ctermfg=248  cterm=none
+hi Title		guifg=#f6f3e8 guibg=NONE	gui=bold   ctermfg=230  ctermbg=NONE cterm=bold
+hi Visual		guifg=#f6f3e8 guibg=#444444 gui=none   ctermfg=230  ctermbg=238  cterm=none
+hi SpecialKey	guifg=#808080 guibg=#343434 gui=none   ctermfg=244  ctermbg=236  cterm=none
+
+" Syntax highlighting
+hi Comment 		guifg=#99968b gui=italic ctermfg=246       cterm=none          
+hi Todo 		guifg=#8f8f8f gui=italic ctermfg=245       cterm=none         
+hi Constant 	guifg=#e5786d gui=none   ctermfg=185       cterm=none         
+hi String 		guifg=#95e454 gui=italic ctermfg=154       cterm=none         
+hi Identifier 	guifg=#cae682 gui=none   ctermfg=186       cterm=none         
+hi Function 	guifg=#cae682 gui=none   ctermfg=187       cterm=bold         
+hi Type 		guifg=#cae682 gui=none   ctermfg=186       cterm=none         
+hi Statement 	guifg=#8ac6f2 gui=none   ctermfg=lightblue cterm=bold 
+hi Keyword		guifg=#8ac6f2 gui=none   ctermfg=105       cterm=none         
+hi PreProc 		guifg=#e5786d gui=none   ctermfg=173       cterm=none         
+hi Number		guifg=#e5786d gui=none   ctermfg=185       cterm=none         
+hi Special		guifg=#e7f6da gui=none   ctermfg=7         cterm=none         
+
+

roles/common/files/root-.vimrc

@@ -0,0 +1,25 @@
+syntax on
+set nocp
+color wombat 
+set t_Co=256
+let html_use_css=1
+let html_no_pre=1
+let html_use_xhtml=1
+set ts=2
+set ruler
+set backspace=2
+set wildmode=list:full
+set shiftwidth=4
+set tabstop=4
+set shiftwidth=4
+set expandtab
+filetype on
+filetype plugin on
+autocmd FileType python set omnifunc=pythoncomplete#Complete
+autocmd FileType javascript set omnifunc=javascriptcomplete#CompleteJS
+autocmd FileType html set omnifunc=htmlcomplete#CompleteTags
+autocmd FileType css set omnifunc=csscomplete#CompleteCSS
+autocmd FileType xml set omnifunc=xmlcomplete#CompleteTags
+autocmd FileType php set omnifunc=phpcomplete#CompletePHP
+autocmd FileType c set omnifunc=ccomplete#Complete
+autocmd FileType cpp set omnifunc=ccomplete#Complete

roles/common/files/root-README.root

@@ -0,0 +1 @@
+---- Deploiement du serveur via ansible -----

roles/common/handlers/main.yml

@@ -0,0 +1,44 @@
+---
+# handlers du role common
+
+- name: update aliases
+  command: newaliases
+
+- name: restart munin-node
+  service: name=munin-node state=restarted
+
+- name: restart hobbit-client
+  service: name=hobbit-client state=restarted
+
+- name: restart xymon-client
+  service: name=xymon-client state=restarted
+
+- name: restart gwm
+  service: name=gwm state=restarted
+
+- name: restart xend
+  service: name=xend state=restarted
+
+- name: update-grub
+  command: update-grub
+
+- name: restart collectd
+  service: name=collectd state=restarted
+
+- name: restart ntp
+  service: name=ntp state=restarted
+
+- name: restart xymon
+  service: name=xymon state=restarted
+
+- name: update mysql_relay_domains map
+  shell: postmap /etc/postfix/mysql_relay_domains.cf
+
+- name: restart postfix
+  service: name=postfix state=restarted
+
+- name: apt-update
+  command: apt-get update
+
+# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:
+

roles/common/tasks/main.yml

@@ -0,0 +1,119 @@
+---
+# Role commun à toutes les machines
+# vars: admin_ssh_keys, repositories, default_packages, ntp_server1, ntp_server2, description
+
+# Bootstrap if necessary (install python-apt)
+
+- name: Bootstrap if necessary
+  tags: bootstrap
+  raw: python -c "import apt" || DEBIAN_FRONTEND=noninteractive apt-get --force-yes -y install python-apt
+  when: ansible_distribution == 'Debian'
+  
+# Check mandatory variables
+
+- name: Check vars 
+  fail: msg="Missing variable admin_ssh_keys"
+  when: admin_ssh_keys is not defined
+
+- name: Check vars 
+  fail: msg="Missing variable default_packages_debian"
+  when: default_packages_debian is not defined
+
+- name: Check vars 
+  fail: msg="Missing variable description"
+  when: description is not defined
+
+- name: Check vars 
+  fail: msg="Missing variable ntp_server1"
+  when: ntp_server1 is not defined
+
+- name: Check vars 
+  fail: msg="Missing variable ntp_server2"
+  when: ntp_server2 is not defined
+
+- name: Check vars 
+  fail: msg="Missing variable disable_ipv6"
+  when: disable_ipv6 is not defined
+
+# SSH
+
+- name: Deploy SSH keys
+  tags: ssh_keys
+  authorized_key: user=root key="{{item}}"
+  with_items: "{{admin_ssh_keys}}"
+
+# Packages
+
+- name: Install default packages Debian.
+  apt: pkg={{item}} state=installed
+  with_items: "{{ default_packages_debian }}" 
+  when: ansible_distribution == 'Debian'
+
+# Configure NTP
+
+- name: Configure NTP
+  tags: ntp
+  template: src=etc-ntp.conf.j2 dest=/etc/ntp.conf
+
+
+# Basic Shell & vim configuration
+
+- name: Custom .bashrc
+  tags: custom
+  copy: src=root-.bashrc dest=/root/.bashrc
+- name: Custom .vimrc
+  tags: custom
+  copy: src=root-.vimrc dest=/root/.vimrc
+- name: Custom .inputrc
+  tags: custom
+  copy: src=root-.inputrc dest=/root/.inputrc
+- name: Create .vim/colors
+  tags: custom
+  file: path=/root/.vim/colors state=directory
+- name: Wombat vim colors theme is awesome
+  tags: custom
+  copy: src=root-.vim-colors-wombat.vim dest=/root/.vim/colors/wombat.vim
+
+# Set motd and README.root
+
+- name: Set the motd
+  tags: custom
+  template: src=etc-motd.j2 dest=/etc/motd
+
+- name: Modify /root/.profile
+  tags: custom
+  copy: src=root-.profile dest=/root/.profile
+  when: initialize == True
+- name: Add  basic README.root
+  tags: custom
+  copy: src=root-README.root dest=/root/README.root
+  when: initialize == True
+
+# Env setup
+
+- name: Set the locale
+  tags: environ
+  debconf: name=locales question='default_environment_locale' value='fr_FR.UTF-8' vtype='multiselect'
+  debconf: name=locales question='locales_to_be_generated' value='en_US.UTF-8 UTF-8, fr_FR.UTF-8 UTF-8' vtype='multiselect'
+  debconf: name=locales question='locales/locales_to_be_generated' value='fr_FR.UTF-8, UTF-8' vtype='multiselect'
+  when: ansible_distribution == 'Debian'
+
+- name: Set the timezone
+  tags: environ
+  debconf: name=tzdata question='tzdata/Zones/Etc' value='UTC' vtype='select'
+  debconf: name=tzdata question='tzdata/Areas' value='Europe' vtype='select'
+  debconf: name=tzdata question='tzdata/Zones/Europe' value='Paris' vtype='select'
+  when: ansible_distribution == 'Debian'
+
+- name: Disable IPv6 (need reboot)
+  tags: environ
+  lineinfile: dest=/etc/modprobe.d/blacklist line="blacklist ipv6" state="present" create="yes"
+  when: ansible_distribution == 'Debian' and disable_ipv6 == 'yes'
+
+- name: Enable IPv6 (need reboot)
+  tags: environ
+  lineinfile: dest=/etc/modprobe.d/blacklist line="blacklist ipv6" state="absent" create="yes"
+  when: ansible_distribution == 'Debian' and disable_ipv6 == 'no'
+
+
+# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:

roles/common/templates/etc-motd.j2

@@ -0,0 +1,4 @@
+
+     {{ ansible_fqdn }}  -  {{ description }}
+
+

roles/common/templates/etc-ntp.conf.j2

@@ -0,0 +1,17 @@
+### THIS FILE IS DEPLOYED BY ANSIBLE
+
+
+driftfile /var/lib/ntp/ntp.drift
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+server {{ ntp_server1 }}
+server {{ ntp_server2 }}
+restrict default ignore
+restrict -6 default ignore
+restrict 127.0.0.1
+restrict ::1
+restrict {{ ntp_server1 }} nomodify nopeer
+restrict {{ ntp_server2 }} nomodify nopeer
+