Initial commit
This commit is contained in:
commit
0de89ad423
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
*.swp
|
||||
21
README.ad-hoc
Normal file
21
README.ad-hoc
Normal file
@ -0,0 +1,21 @@
|
||||
# ----
|
||||
# Execute 'ad-hoc' command through ansible with extended privileges
|
||||
# ---
|
||||
|
||||
ansibl all --become --become-method sudo --ask-become-pass -a 'whoami'
|
||||
|
||||
ansible all --become --become-method sudo --ask-become-pass -a 'uptime'
|
||||
|
||||
# - Note:
|
||||
# - alternatively, you can out the following entrie into your 'ansible-cfg' file:
|
||||
# -
|
||||
# - [privilege_escalation]
|
||||
# - become=True
|
||||
# - become_method=sudo
|
||||
# - become_ask_pass=True
|
||||
# -
|
||||
# - Now you can omit the the 'becom' flags:
|
||||
# -
|
||||
ansible all -a 'whoami'
|
||||
ansible all -a 'uptime'
|
||||
|
||||
35
ansible.cfg
Normal file
35
ansible.cfg
Normal file
@ -0,0 +1,35 @@
|
||||
# config file for ansible -- http://ansible.com/
|
||||
# ==============================================
|
||||
# exmaple:https://raw.github.com/ansible/ansible/devel/examples/ansible.cfg
|
||||
#
|
||||
# nearly all parameters can be overridden in ansible-playbook
|
||||
# or with command line flags. ansible will read ANSIBLE_CONFIG,
|
||||
# ansible.cfg in the current working directory, .ansible.cfg in
|
||||
# the home directory or /etc/ansible/ansible.cfg, whichever it
|
||||
# finds first
|
||||
|
||||
[defaults]
|
||||
ansible_managed = Ansible managed file, do not edit directly
|
||||
#gathering = smart
|
||||
#fact_caching = jsonfile
|
||||
#fact_caching_connection = ~/.cache/
|
||||
#fact_caching_timeout = 86400
|
||||
#forks = 20
|
||||
inventory = ./hosts
|
||||
#remote_user = ansible
|
||||
#roles_path = ./roles
|
||||
#vault_password_file = open_the_vault.sh
|
||||
#retry_files_enabled = False
|
||||
#allow_world_readable_tmpfiles = True
|
||||
|
||||
[privilege_escalation]
|
||||
become=True
|
||||
become_method=sudo
|
||||
become_ask_pass=True
|
||||
|
||||
[ssh_connection]
|
||||
|
||||
# By default, this option is disabled to preserve compatibility with
|
||||
# sudoers configurations that have requiretty (the default on many distros).
|
||||
#
|
||||
#pipelining = True
|
||||
46
hosts
Normal file
46
hosts
Normal file
@ -0,0 +1,46 @@
|
||||
|
||||
[lxc-hosts]
|
||||
server16.warenform.de
|
||||
server18.warenform.de
|
||||
server20.warenform.de
|
||||
server22.warenform.de
|
||||
server23.warenform.de
|
||||
server24.warenform.de
|
||||
server25.warenform.de
|
||||
server26.warenform.de
|
||||
|
||||
[lxc-guest]
|
||||
|
||||
# - server16.warenform.de
|
||||
helden.warenform.de
|
||||
|
||||
# - server18.warenform.de
|
||||
piwik.warenform.de
|
||||
|
||||
# - server20.warenform.de
|
||||
cloud-giz.warenform.de
|
||||
|
||||
# - server22.warenform.de
|
||||
nd.warenform.de
|
||||
nd-archiv.warenform.de
|
||||
nd-live.warenform.de
|
||||
|
||||
# - server23.warenform.de
|
||||
dns0.warenform.de
|
||||
vvn-www.warenform.de
|
||||
vvn-shop.warenform.de
|
||||
|
||||
# - server24.warenform.de
|
||||
lists.mx.warenform.de
|
||||
mx.warenform.de
|
||||
|
||||
# - server25.warenform.de
|
||||
web0.warenform.de
|
||||
web1.warenform.de
|
||||
|
||||
# - server26.warenform.de
|
||||
backup.warenform.de
|
||||
git.warenform.de
|
||||
|
||||
# - Vserver von Sinma
|
||||
dns1.warenform.de
|
||||
3
update-git-repositories.retry
Normal file
3
update-git-repositories.retry
Normal file
@ -0,0 +1,3 @@
|
||||
backup.warenform.de
|
||||
git.warenform.de
|
||||
server26.warenform.de
|
||||
7
update-git-repositories.yml
Normal file
7
update-git-repositories.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
|
||||
- hosts: all
|
||||
|
||||
tasks:
|
||||
- name: Update git repositories
|
||||
shell: /root/bin/admin-stuff/update_git_repositories.sh
|
||||
53
upgrade.yml
Normal file
53
upgrade.yml
Normal file
@ -0,0 +1,53 @@
|
||||
---
|
||||
- hosts: debian
|
||||
become: yes
|
||||
|
||||
tasks:
|
||||
|
||||
- name: Update packages list
|
||||
apt: update_cache=yes
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: List packages to upgrade (1/2)
|
||||
shell: aptitude -q -F%p --disable-columns search "~U"
|
||||
register: updates
|
||||
changed_when: False
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: List packages to upgrade (2/2)
|
||||
debug: msg="{{ updates.stdout_lines | count }} packages to upgrade ({{ updates.stdout_lines | join(', ') }})"
|
||||
when: (ansible_os_family == 'Debian' and updates.stdout_lines)
|
||||
|
||||
- name: Upgrade packages
|
||||
apt: upgrade=safe
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Check what the new version is
|
||||
shell: lsb_release -r | awk '{print $2}'
|
||||
changed_when: False
|
||||
register: new_release
|
||||
|
||||
- name: /jessie/ install the needrestart package if it is missing
|
||||
apt: name=needrestart state=present default_release=jessie-backports
|
||||
when: ansible_distribution_release == 'jessie'
|
||||
|
||||
- name: /jessie/ list services to restart (1/3)
|
||||
shell: needrestart -blrl | awk '/^NEEDRESTART-SVC/{print $2}'
|
||||
register: services
|
||||
changed_when: False
|
||||
when: ansible_distribution_release == 'jessie'
|
||||
|
||||
# - name: /jessie/ merge services list (2/3)
|
||||
# set_fact:
|
||||
# services: "{{ services }}"
|
||||
|
||||
# - name: list services to restart (3/3)
|
||||
# debug: msg="{{ services.stdout_lines | count }} services to restart ({{ services.stdout_lines | join (", ") }})"
|
||||
# when: (ansible_os_family == 'Debian' and services.stdout_lines)
|
||||
|
||||
# - name: list services to restart (2/3)
|
||||
# debug: msg="{{ services.stdout_lines | count }} services to restart ({{ services.stdout_lines | join (", ") }})"
|
||||
# when: (ansible_os_family == 'Debian' and services.stdout_lines)
|
||||
|
||||
- name: cache cleanup
|
||||
shell: apt-get autoclean
|
||||
Loading…
Reference in New Issue
Block a user