├── README.md ├── chap10 ├── ansible.cfg ├── app.yml ├── db.yml ├── environments │ └── prod ├── galaxy-roles │ ├── geerlingguy.haproxy │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ ├── .galaxy_install_info │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── haproxy.cfg.j2 │ │ └── tests │ │ │ ├── README.md │ │ │ └── test.yml │ └── geerlingguy.mysql │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ ├── .galaxy_install_info │ │ └── main.yml │ │ ├── tasks │ │ ├── configure.yml │ │ ├── databases.yml │ │ ├── main.yml │ │ ├── replication.yml │ │ ├── secure-installation.yml │ │ ├── setup-Archlinux.yml │ │ ├── setup-Debian.yml │ │ ├── setup-RedHat.yml │ │ ├── users.yml │ │ └── variables.yml │ │ ├── templates │ │ ├── my.cnf.j2 │ │ ├── root-my.cnf.j2 │ │ └── user-my.cnf.j2 │ │ ├── tests │ │ ├── README.md │ │ ├── centos-7-test.yml │ │ ├── initctl_faker │ │ └── test.yml │ │ └── vars │ │ ├── Archlinux.yml │ │ ├── Debian.yml │ │ ├── RedHat-6.yml │ │ └── RedHat-7.yml ├── group_vars │ └── prod.yml ├── lb.yml ├── roles │ ├── apache │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── files │ │ │ └── httpd.conf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── config.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── service.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── RedHat.yml │ │ │ └── main.yml │ ├── frontend │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── config.ini.j2 │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── RedHat.yml │ │ │ └── main.yml │ ├── php │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ └── systems │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ └── vars │ │ └── main.yml ├── site.yml └── systems.yml ├── chap11 ├── ansible.cfg ├── app.yml ├── cleanup.yml ├── db.yml ├── environments │ ├── prod │ └── staging ├── galaxy-roles │ ├── geerlingguy.haproxy │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ ├── .galaxy_install_info │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── haproxy.cfg.j2 │ │ └── tests │ │ │ ├── README.md │ │ │ └── test.yml │ └── geerlingguy.mysql │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ ├── .galaxy_install_info │ │ └── main.yml │ │ ├── tasks │ │ ├── configure.yml │ │ ├── databases.yml │ │ ├── main.yml │ │ ├── replication.yml │ │ ├── secure-installation.yml │ │ ├── setup-Archlinux.yml │ │ ├── setup-Debian.yml │ │ ├── setup-RedHat.yml │ │ ├── users.yml │ │ └── variables.yml │ │ ├── templates │ │ ├── my.cnf.j2 │ │ ├── root-my.cnf.j2 │ │ └── user-my.cnf.j2 │ │ ├── tests │ │ ├── README.md │ │ ├── centos-7-test.yml │ │ ├── initctl_faker │ │ └── test.yml │ │ └── vars │ │ ├── Archlinux.yml │ │ ├── Debian.yml │ │ ├── RedHat-6.yml │ │ └── RedHat-7.yml ├── group_vars │ ├── all.yml │ ├── prod.yml │ └── staging.yml ├── lb.yml ├── roles │ ├── apache │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── files │ │ │ └── httpd.conf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── config.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── service.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── RedHat.yml │ │ │ └── main.yml │ ├── frontend │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── config.ini.j2 │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── RedHat.yml │ │ │ ├── Redhat.yml │ │ │ └── main.yml │ ├── php │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ └── systems │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ └── vars │ │ └── main.yml ├── site.yml └── systems.yml ├── chap12 ├── ansible.cfg ├── app.yml ├── cleanup.yml ├── db.yml ├── environments │ ├── prod │ └── staging ├── galaxy-roles │ ├── geerlingguy.haproxy │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ ├── .galaxy_install_info │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── haproxy.cfg.j2 │ │ └── tests │ │ │ ├── README.md │ │ │ └── test.yml │ └── geerlingguy.mysql │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ ├── .galaxy_install_info │ │ └── main.yml │ │ ├── tasks │ │ ├── configure.yml │ │ ├── databases.yml │ │ ├── main.yml │ │ ├── replication.yml │ │ ├── secure-installation.yml │ │ ├── setup-Archlinux.yml │ │ ├── setup-Debian.yml │ │ ├── setup-RedHat.yml │ │ ├── users.yml │ │ └── variables.yml │ │ ├── templates │ │ ├── my.cnf.j2 │ │ ├── root-my.cnf.j2 │ │ └── user-my.cnf.j2 │ │ ├── tests │ │ ├── README.md │ │ ├── centos-7-test.yml │ │ ├── initctl_faker │ │ └── test.yml │ │ └── vars │ │ ├── Archlinux.yml │ │ ├── Debian.yml │ │ ├── RedHat-6.yml │ │ └── RedHat-7.yml ├── group_vars │ ├── all.yml │ ├── prod.yml │ └── staging.yml ├── lb.yml ├── roles │ ├── apache │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── files │ │ │ └── httpd.conf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── config.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── service.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── RedHat.yml │ │ │ └── main.yml │ ├── frontend │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── config.ini.j2 │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ ├── Debian.yml │ │ │ ├── Redhat.yml │ │ │ └── main.yml │ ├── php │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ └── systems │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ └── vars │ │ └── main.yml ├── site.yml ├── systems.yml ├── test_vault.yml ├── tmp └── vault │ ├── api_keys │ ├── creds │ ├── dev │ ├── prod │ └── staging ├── chap4 └── README.md ├── chap5 ├── ansible.cfg └── environments │ └── prod ├── chap6 ├── ansible.cfg ├── environments │ └── prod ├── helper │ └── httpd.conf └── systems.yml ├── chap7 ├── ansible.cfg ├── app.yml ├── environments │ └── prod ├── helper │ └── httpd.conf ├── roles │ ├── apache │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── files │ │ │ └── httpd.conf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── config.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── service.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ ├── frontend │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ ├── php │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ └── systems │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ └── vars │ │ └── main.yml ├── site.yml └── systems.yml ├── chap8 ├── ansible.cfg ├── app.yml ├── environments │ └── prod ├── group_vars │ └── prod.yml ├── roles │ ├── apache │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── service.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ ├── frontend │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── config.ini.j2 │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ ├── php │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ └── vars │ │ │ └── main.yml │ └── systems │ │ ├── .travis.yml │ │ ├── README.md │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ └── vars │ │ └── main.yml ├── site.yml └── systems.yml └── chap9 ├── ansible.cfg ├── app.yml ├── db.yml ├── environments └── prod ├── galaxy-roles ├── geerlingguy.haproxy │ ├── .gitignore │ ├── .travis.yml │ ├── LICENSE │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ ├── .galaxy_install_info │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ └── haproxy.cfg.j2 │ └── tests │ │ ├── README.md │ │ └── test.yml └── geerlingguy.mysql │ ├── .gitignore │ ├── .travis.yml │ ├── LICENSE │ ├── README.md │ ├── defaults │ └── main.yml │ ├── handlers │ └── main.yml │ ├── meta │ ├── .galaxy_install_info │ └── main.yml │ ├── tasks │ ├── configure.yml │ ├── databases.yml │ ├── main.yml │ ├── replication.yml │ ├── secure-installation.yml │ ├── setup-Archlinux.yml │ ├── setup-Debian.yml │ ├── setup-RedHat.yml │ ├── users.yml │ └── variables.yml │ ├── templates │ ├── my.cnf.j2 │ ├── root-my.cnf.j2 │ └── user-my.cnf.j2 │ ├── tests │ ├── README.md │ ├── centos-7-test.yml │ ├── initctl_faker │ └── test.yml │ └── vars │ ├── Archlinux.yml │ ├── Debian.yml │ ├── RedHat-6.yml │ └── RedHat-7.yml ├── group_vars └── prod.yml ├── lb.yml ├── roles ├── apache │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── install.yml │ │ ├── main.yml │ │ └── service.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── frontend │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ └── config.ini.j2 │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── php │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml └── systems │ ├── .travis.yml │ ├── README.md │ ├── defaults │ └── main.yml │ ├── handlers │ └── main.yml │ ├── meta │ └── main.yml │ ├── tasks │ └── main.yml │ ├── tests │ ├── inventory │ └── test.yml │ └── vars │ └── main.yml ├── site.yml └── systems.yml /README.md: -------------------------------------------------------------------------------- 1 | # ansible-bootcamp-code 2 | Code Repository for Ultimate Ansible Bootcamp 3 | -------------------------------------------------------------------------------- /chap10/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | hash_behaviour = merge 9 | roles_path = roles:galaxy-roles 10 | -------------------------------------------------------------------------------- /chap10/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | vars: 5 | fav: 6 | fruit: mango 7 | roles: 8 | - { role: apache, tags: www } 9 | - { role: php, tags: [ 'www', 'php' ] } 10 | - { role: frontend, tags: devopsdemo } 11 | tags: 12 | - frontend 13 | -------------------------------------------------------------------------------- /chap10/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: playbook to configure db servers 3 | hosts: db 4 | become: yes 5 | roles: 6 | - { role: geerlingguy.mysql } 7 | -------------------------------------------------------------------------------- /chap10/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | app3 ansible_user=devops ansible_ssh_pass=codespaces 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | services: docker 3 | 4 | env: 5 | - distro: centos7 6 | - distro: centos6 7 | - distro: ubuntu1604 8 | - distro: ubuntu1404 9 | - distro: ubuntu1204 10 | 11 | script: 12 | # Configure test script so we can run extra tests after playbook is run. 13 | - export container_id=$(date +%s) 14 | - export cleanup=false 15 | 16 | # Download test shim. 17 | - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ 18 | - chmod +x ${PWD}/tests/test.sh 19 | 20 | # Run tests. 21 | - ${PWD}/tests/test.sh 22 | 23 | # Make sure haproxy is installed. 24 | - 'docker exec --tty ${container_id} env TERM=xterm haproxy -v' 25 | 26 | notifications: 27 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 28 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | haproxy_socket: /var/lib/haproxy/stats 3 | haproxy_chroot: /var/lib/haproxy 4 | haproxy_user: haproxy 5 | haproxy_group: haproxy 6 | 7 | # Frontend settings. 8 | haproxy_frontend_name: 'hafrontend' 9 | haproxy_frontend_bind_address: '*' 10 | haproxy_frontend_port: 80 11 | haproxy_frontend_mode: 'http' 12 | 13 | # Backend settings. 14 | haproxy_backend_name: 'habackend' 15 | haproxy_backend_mode: 'http' 16 | haproxy_backend_balance_method: 'roundrobin' 17 | haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' 18 | 19 | # List of backend servers. 20 | haproxy_backend_servers: [] 21 | # - name: app1 22 | # address: 192.168.0.1:80 23 | # - name: app2 24 | # address: 192.168.0.2:80 25 | 26 | # Extra global vars (see README for example usage). 27 | haproxy_global_vars: [] 28 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart haproxy 3 | service: name=haproxy state=restarted 4 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:20 2018', version: 1.1.1} 2 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: HAProxy installation and configuration. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - precise 18 | - trusty 19 | - xenial 20 | galaxy_tags: 21 | - web 22 | - networking 23 | - cloud 24 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure HAProxy is installed (Debian). 3 | apt: name=haproxy state=installed 4 | when: ansible_os_family == 'Debian' 5 | 6 | - name: Ensure HAProxy is enabled (so init script will start it on Debian). 7 | lineinfile: 8 | dest: /etc/default/haproxy 9 | regexp: "^ENABLED.+$" 10 | line: "ENABLED=1" 11 | state: present 12 | when: ansible_os_family == 'Debian' 13 | 14 | - name: Ensure HAProxy is installed (RedHat). 15 | yum: name=haproxy state=installed 16 | when: ansible_os_family == 'RedHat' 17 | 18 | - name: Get HAProxy version. 19 | command: haproxy -v 20 | register: haproxy_version_result 21 | changed_when: false 22 | check_mode: no 23 | 24 | - name: Set HAProxy version. 25 | set_fact: 26 | haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.4' }}" 27 | 28 | - name: Copy HAProxy configuration in place. 29 | template: 30 | src: haproxy.cfg.j2 31 | dest: /etc/haproxy/haproxy.cfg 32 | mode: 0644 33 | validate: haproxy -f %s -c -q 34 | notify: restart haproxy 35 | 36 | - name: Ensure HAProxy is started and enabled on boot. 37 | service: name=haproxy state=started enabled=yes 38 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.haproxy/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | vars: 5 | haproxy_socket: '' 6 | haproxy_chroot: '' 7 | haproxy_user: root 8 | haproxy_group: root 9 | 10 | haproxy_backend_servers: 11 | - name: app1 12 | address: 127.0.0.1:8080 13 | 14 | pre_tasks: 15 | - name: Update apt cache. 16 | apt: update_cache=yes cache_valid_time=600 17 | when: ansible_os_family == 'Debian' 18 | 19 | roles: 20 | - role_under_test 21 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mysql 3 | service: "name={{ mysql_daemon }} state=restarted sleep=5" 4 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:01 2018', version: 2.8.1} 2 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: MySQL server for RHEL/CentOS and Debian/Ubuntu. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - all 18 | - name: Debian 19 | versions: 20 | - all 21 | - name: Archlinux 22 | versions: 23 | - all 24 | galaxy_tags: 25 | - database 26 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/databases.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL databases are present. 3 | mysql_db: 4 | name: "{{ item.name }}" 5 | collation: "{{ item.collation | default('utf8_general_ci') }}" 6 | encoding: "{{ item.encoding | default('utf8') }}" 7 | state: "{{ item.state | default('present') }}" 8 | with_items: "{{ mysql_databases }}" 9 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Variable configuration. 3 | - include: variables.yml 4 | 5 | # Setup/install tasks. 6 | - include: setup-RedHat.yml 7 | when: ansible_os_family == 'RedHat' 8 | static: no 9 | 10 | - include: setup-Debian.yml 11 | when: ansible_os_family == 'Debian' 12 | static: no 13 | 14 | - include: setup-Archlinux.yml 15 | when: ansible_os_family == 'Archlinux' 16 | static: no 17 | 18 | - name: Check if MySQL packages were installed. 19 | set_fact: 20 | mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) 21 | or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) 22 | or (arch_mysql_install_packages is defined and arch_mysql_install_packages.changed) }}" 23 | 24 | # Configure MySQL. 25 | - include: configure.yml 26 | - include: secure-installation.yml 27 | - include: databases.yml 28 | - include: users.yml 29 | - include: replication.yml 30 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/setup-Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL Python libraries are installed. 3 | pacman: "name=mysql-python state=present" 4 | 5 | - name: Ensure MySQL packages are installed. 6 | pacman: "name={{ item }} state=present" 7 | with_items: "{{ mysql_packages }}" 8 | register: arch_mysql_install_packages 9 | 10 | # Init the database if mysql is newly installed 11 | - command: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql 12 | when: arch_mysql_install_packages.changed 13 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/setup-Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if MySQL is already installed. 3 | stat: path=/etc/init.d/mysql 4 | register: mysql_installed 5 | 6 | - name: Update apt cache if MySQL is not yet installed. 7 | apt: update_cache=yes 8 | when: mysql_installed.stat.exists == false 9 | 10 | - name: Ensure MySQL Python libraries are installed. 11 | apt: "name=python-mysqldb state=installed" 12 | 13 | - name: Ensure MySQL packages are installed. 14 | apt: "name={{ item }} state=installed" 15 | with_items: "{{ mysql_packages }}" 16 | register: deb_mysql_install_packages 17 | 18 | # Because Ubuntu starts MySQL as part of the install process, we need to stop 19 | # mysql and remove the logfiles in case the user set a custom log file size. 20 | - name: Ensure MySQL is stopped after initial install. 21 | service: "name={{ mysql_daemon }} state=stopped" 22 | when: mysql_installed.stat.exists == false 23 | 24 | - name: Delete innodb log files created by apt package after initial install. 25 | file: path={{ mysql_datadir }}/{{item}} state=absent 26 | with_items: 27 | - "ib_logfile0" 28 | - "ib_logfile1" 29 | when: mysql_installed.stat.exists == false 30 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/setup-RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL packages are installed. 3 | yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" 4 | with_items: "{{ mysql_packages }}" 5 | register: rh_mysql_install_packages 6 | 7 | - name: Ensure MySQL Python libraries are installed. 8 | yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" 9 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tasks/users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL users are present. 3 | mysql_user: 4 | name: "{{ item.name }}" 5 | host: "{{ item.host | default('localhost') }}" 6 | password: "{{ item.password }}" 7 | priv: "{{ item.priv | default('*.*:USAGE') }}" 8 | state: "{{ item.state | default('present') }}" 9 | append_privs: "{{ item.append_privs | default('no') }}" 10 | encrypted: "{{ item.encrypted | default('no') }}" 11 | with_items: "{{ mysql_users }}" 12 | no_log: true 13 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/templates/root-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_root_username }}" 5 | password="{{ mysql_root_password }}" 6 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/templates/user-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_user_name }}" 5 | password="{{ mysql_user_password }}" 6 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tests/centos-7-test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | vars: 4 | mysql_packages: 5 | - mariadb 6 | - mariadb-server 7 | - mariadb-libs 8 | - MySQL-python 9 | - perl-DBD-MySQL 10 | mysql_daemon: mariadb 11 | mysql_log_error: /var/log/mariadb/mariadb.log 12 | mysql_syslog_tag: mariadb 13 | mysql_pid_file: /var/run/mariadb/mariadb.pid 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tests/initctl_faker: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" 3 | 4 | case "$ALIAS_CMD" in 5 | start|stop|restart|reload|status) 6 | exec service $1 $ALIAS_CMD 7 | ;; 8 | esac 9 | 10 | case "$1" in 11 | list ) 12 | exec service --status-all 13 | ;; 14 | reload-configuration ) 15 | exec service $2 restart 16 | ;; 17 | start|stop|restart|reload|status) 18 | exec service $2 $1 19 | ;; 20 | \?) 21 | exit 0 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | pre_tasks: 5 | - name: Copy initctl_faker into place for Ubuntu 14.04. 6 | copy: 7 | src: initctl_faker 8 | dest: /sbin/initctl 9 | mode: 0755 10 | force: yes 11 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' 12 | changed_when: false 13 | 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/vars/Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 6 | __mysql_log_error: /var/log/mysql.err 7 | __mysql_syslog_tag: mysql 8 | __mysql_pid_file: /run/mysqld/mysqld.pid 9 | __mysql_config_file: /etc/mysql/my.cnf 10 | __mysql_config_include_dir: /etc/mysql/conf.d 11 | __mysql_socket: /run/mysqld/mysqld.sock 12 | __mysql_supports_innodb_large_prefix: true 13 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysql 3 | __mysql_packages: 4 | - mysql-common 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/mysql/my.cnf 11 | __mysql_config_include_dir: /etc/mysql/conf.d 12 | __mysql_socket: /var/run/mysqld/mysqld.sock 13 | __mysql_supports_innodb_large_prefix: true 14 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/vars/RedHat-6.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysqld 3 | __mysql_packages: 4 | - mysql 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/my.cnf 11 | __mysql_config_include_dir: /etc/my.cnf.d 12 | __mysql_socket: /var/lib/mysql/mysql.sock 13 | __mysql_supports_innodb_large_prefix: false 14 | -------------------------------------------------------------------------------- /chap10/galaxy-roles/geerlingguy.mysql/vars/RedHat-7.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | - mariadb-server 6 | - mariadb-libs 7 | - MySQL-python 8 | - perl-DBD-MySQL 9 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 10 | __mysql_log_error: /var/log/mariadb/mariadb.log 11 | __mysql_syslog_tag: mariadb 12 | __mysql_pid_file: /var/run/mariadb/mariadb.pid 13 | __mysql_config_file: /etc/my.cnf 14 | __mysql_config_include_dir: /etc/my.cnf.d 15 | __mysql_socket: /var/lib/mysql/mysql.sock 16 | __mysql_supports_innodb_large_prefix: true 17 | -------------------------------------------------------------------------------- /chap10/group_vars/prod.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | users: 4 | admin: 5 | uid: 5001 6 | shell: /bin/bash 7 | home: /home/admin 8 | state: present 9 | dojo: 10 | state: absent 11 | 12 | systems: 13 | packages: 14 | - ntp 15 | - tree 16 | - vim 17 | 18 | fav: 19 | color: yellow 20 | fruit: guava 21 | 22 | dbconn: 23 | host: 192.168.61.14 24 | user: devops 25 | pass: GKkdw72Jil0ld 26 | db: devopsdemo 27 | 28 | haproxy_backend_servers: 29 | - name: app1 30 | address: 192.168.61.12:80 31 | - name: app2 32 | address: 192.168.61.13:80 33 | - name: app3 34 | address: 192.168.61.15:80 35 | haproxy_backend_httpchk: '' 36 | haproxy_socket: /var/run/haproxy.sock 37 | 38 | 39 | mysql_root_password: wxCb3snfSdG 40 | mysql_databases: 41 | - name: devopsdemo 42 | encoding: latin1 43 | collation: latin1_general_ci 44 | mysql_users: 45 | - name: devops 46 | host: "%" 47 | password: GKkdw72Jil0ld 48 | priv: "devopsdemo.*:ALL" 49 | mysql_bind_address: '0.0.0.0' 50 | -------------------------------------------------------------------------------- /chap10/lb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: setting up load balancer 3 | hosts: lb 4 | become: true 5 | roles: 6 | - { role: geerlingguy.haproxy } 7 | -------------------------------------------------------------------------------- /chap10/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap10/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap10/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap10/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: 5 | name: "{{ apache.service.name }}" 6 | state: restarted 7 | -------------------------------------------------------------------------------- /chap10/roles/apache/tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: copy apache config 3 | copy: 4 | src: httpd.conf 5 | dest: /etc/httpd.conf 6 | owner: root 7 | group: root 8 | mode: 0644 9 | notify: Restart apache service 10 | tags: 11 | - apache 12 | - config -------------------------------------------------------------------------------- /chap10/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | package: 4 | name: "{{ apache.package }}" 5 | state: latest 6 | 7 | tags: 8 | - apache 9 | - install -------------------------------------------------------------------------------- /chap10/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | 4 | - include_vars: "{{ ansible_os_family }}.yml" 5 | 6 | - import_tasks: install.yml 7 | 8 | - import_tasks: service.yml 9 | 10 | - import_tasks: config.yml 11 | when: ansible_os_family == 'RedHat' 12 | -------------------------------------------------------------------------------- /chap10/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: 4 | name: "{{ apache.service.name }}" 5 | state: "{{ apache.service.state }}" 6 | 7 | tags: 8 | - apache 9 | - service -------------------------------------------------------------------------------- /chap10/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap10/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap10/roles/apache/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: apache2 4 | service: 5 | name: apache2 6 | state: started -------------------------------------------------------------------------------- /chap10/roles/apache/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: httpd 4 | service: 5 | name: httpd 6 | state: started -------------------------------------------------------------------------------- /chap10/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap10/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap10/roles/frontend/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap10/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | app: 4 | version: 1.5 5 | env: LOCALDEV 6 | 7 | fav: 8 | color: magenta 9 | fruit: orange 10 | car: chevy 11 | laptop: toshiba 12 | 13 | dbconn: 14 | host: localhost 15 | user: root 16 | pass: changeme 17 | db: devopsdemo 18 | -------------------------------------------------------------------------------- /chap10/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap10/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend 3 | - include_vars: "{{ ansible_os_family }}.yml" 4 | - name: create app directory 5 | file: 6 | path: /opt/app 7 | owner: "{{ apache.user }}" 8 | group: "{{ apache.group }}" 9 | mode: 0755 10 | state: directory 11 | 12 | - name: create release path 13 | file: 14 | path: /opt/app/release 15 | owner: "{{ apache.user }}" 16 | group: "{{ apache.group }}" 17 | mode: 0755 18 | state: directory 19 | 20 | 21 | - name: Download and extract the release 22 | unarchive: 23 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/{{ app.version }}.tar.gz 24 | dest: /opt/app/release 25 | owner: "{{ apache.user }}" 26 | group: "{{ apache.group }}" 27 | creates: /opt/app/release/devops-demo-app-{{ app.version }} 28 | remote_src: yes 29 | 30 | - name: create a symlink 31 | file: 32 | src: /opt/app/release/devops-demo-app-{{ app.version }} 33 | dest: /var/www/html/app 34 | owner: "{{ apache.user }}" 35 | group: "{{ apache.group }}" 36 | state: link 37 | 38 | - name: add application configs 39 | template: 40 | src: config.ini.j2 41 | dest: /var/www/html/app/config.ini 42 | owner: "{{ apache.user }}" 43 | group: "{{ apache.group }}" 44 | mode: 0644 45 | -------------------------------------------------------------------------------- /chap10/roles/frontend/templates/config.ini.j2: -------------------------------------------------------------------------------- 1 | 2 | [database] 3 | hostname = {{ dbconn['host'] }} 4 | username = {{ dbconn['user'] }} 5 | password = {{ dbconn['pass'] }} 6 | dbname = {{ dbconn['db'] }} 7 | 8 | [environment] 9 | environment = {{ app['env'] }} 10 | 11 | [prefs] 12 | {% if fav.color is defined %} 13 | color = {{ fav['color'] }} 14 | {% endif %} 15 | 16 | {% if fav.fruit is defined %} 17 | fruit = {{ fav['fruit'] }} 18 | {% endif %} 19 | 20 | {% if fav.car is defined %} 21 | car = {{ fav['car'] }} 22 | {% endif %} 23 | 24 | {% if fav.laptop is defined %} 25 | laptop = {{ fav['laptop'] }} 26 | {% endif %} 27 | 28 | -------------------------------------------------------------------------------- /chap10/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap10/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap10/roles/frontend/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: www-data 4 | group: www-data -------------------------------------------------------------------------------- /chap10/roles/frontend/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: apache 4 | group: apache -------------------------------------------------------------------------------- /chap10/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap10/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap10/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap10/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap10/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap10/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | 13 | - name: additional php packages on debian 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - libapache2-mod-php 19 | when: ansible_os_family == 'Debian' 20 | notify: Restart apache service 21 | -------------------------------------------------------------------------------- /chap10/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap10/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap10/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap10/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap10/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap10/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap10/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap10/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: create systems users 4 | user: 5 | name: "{{ item.key }}" 6 | uid: "{{ item.value.uid | default('none') }}" 7 | shell: "{{ item.value.shell | default('none') }}" 8 | home: "{{ item.value.home | default('none') }}" 9 | state: "{{ item.value.state | default('none') }}" 10 | with_dict: "{{ users }}" 11 | 12 | 13 | - name: install common systems packages 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - "{{ systems.packages }}" -------------------------------------------------------------------------------- /chap10/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap10/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap10/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap10/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | - import_playbook: lb.yml 5 | tags: lb 6 | 7 | - import_playbook: app.yml 8 | tags: app 9 | 10 | - import_playbook: db.yml 11 | tags: db 12 | -------------------------------------------------------------------------------- /chap10/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap11/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | hash_behaviour = merge 9 | roles_path = roles:galaxy-roles 10 | fact_caching = yaml 11 | fact_caching_connection = /tmp/facts 12 | -------------------------------------------------------------------------------- /chap11/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | vars: 5 | fav: 6 | fruit: mango 7 | roles: 8 | - { role: apache, tags: www } 9 | - { role: php, tags: [ 'www', 'php' ] } 10 | - { role: frontend, tags: devopsdemo } 11 | tags: 12 | - frontend 13 | -------------------------------------------------------------------------------- /chap11/cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: cleanup database server 3 | hosts: db 4 | become: true 5 | tasks: 6 | - name: stop mysql service 7 | service: 8 | name: mysqld 9 | state: stopped 10 | 11 | - name: uninstall mysql related packages 12 | package: 13 | name: "{{ item }}" 14 | state: absent 15 | with_items: 16 | - mysql-server 17 | - mysql 18 | -------------------------------------------------------------------------------- /chap11/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: playbook to configure db servers 3 | hosts: db 4 | become: yes 5 | roles: 6 | - { role: geerlingguy.mysql } 7 | -------------------------------------------------------------------------------- /chap11/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | app3 ansible_user=devops ansible_ssh_pass=codespaces 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap11/environments/staging: -------------------------------------------------------------------------------- 1 | [app] 2 | app2 3 | 4 | [db] 5 | app2 6 | 7 | [staging:children] 8 | app 9 | db 10 | 11 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | services: docker 3 | 4 | env: 5 | - distro: centos7 6 | - distro: centos6 7 | - distro: ubuntu1604 8 | - distro: ubuntu1404 9 | - distro: ubuntu1204 10 | 11 | script: 12 | # Configure test script so we can run extra tests after playbook is run. 13 | - export container_id=$(date +%s) 14 | - export cleanup=false 15 | 16 | # Download test shim. 17 | - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ 18 | - chmod +x ${PWD}/tests/test.sh 19 | 20 | # Run tests. 21 | - ${PWD}/tests/test.sh 22 | 23 | # Make sure haproxy is installed. 24 | - 'docker exec --tty ${container_id} env TERM=xterm haproxy -v' 25 | 26 | notifications: 27 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 28 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | haproxy_socket: /var/lib/haproxy/stats 3 | haproxy_chroot: /var/lib/haproxy 4 | haproxy_user: haproxy 5 | haproxy_group: haproxy 6 | 7 | # Frontend settings. 8 | haproxy_frontend_name: 'hafrontend' 9 | haproxy_frontend_bind_address: '*' 10 | haproxy_frontend_port: 80 11 | haproxy_frontend_mode: 'http' 12 | 13 | # Backend settings. 14 | haproxy_backend_name: 'habackend' 15 | haproxy_backend_mode: 'http' 16 | haproxy_backend_balance_method: 'roundrobin' 17 | haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' 18 | 19 | # List of backend servers. 20 | haproxy_backend_servers: [] 21 | # - name: app1 22 | # address: 192.168.0.1:80 23 | # - name: app2 24 | # address: 192.168.0.2:80 25 | 26 | # Extra global vars (see README for example usage). 27 | haproxy_global_vars: [] 28 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart haproxy 3 | service: name=haproxy state=restarted 4 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:20 2018', version: 1.1.1} 2 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: HAProxy installation and configuration. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - precise 18 | - trusty 19 | - xenial 20 | galaxy_tags: 21 | - web 22 | - networking 23 | - cloud 24 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure HAProxy is installed (Debian). 3 | apt: name=haproxy state=installed 4 | when: ansible_os_family == 'Debian' 5 | 6 | - name: Ensure HAProxy is enabled (so init script will start it on Debian). 7 | lineinfile: 8 | dest: /etc/default/haproxy 9 | regexp: "^ENABLED.+$" 10 | line: "ENABLED=1" 11 | state: present 12 | when: ansible_os_family == 'Debian' 13 | 14 | - name: Ensure HAProxy is installed (RedHat). 15 | yum: name=haproxy state=installed 16 | when: ansible_os_family == 'RedHat' 17 | 18 | - name: Get HAProxy version. 19 | command: haproxy -v 20 | register: haproxy_version_result 21 | changed_when: false 22 | check_mode: no 23 | 24 | - name: Set HAProxy version. 25 | set_fact: 26 | haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.4' }}" 27 | 28 | - name: Copy HAProxy configuration in place. 29 | template: 30 | src: haproxy.cfg.j2 31 | dest: /etc/haproxy/haproxy.cfg 32 | mode: 0644 33 | validate: haproxy -f %s -c -q 34 | notify: restart haproxy 35 | 36 | - name: Ensure HAProxy is started and enabled on boot. 37 | service: name=haproxy state=started enabled=yes 38 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.haproxy/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | vars: 5 | haproxy_socket: '' 6 | haproxy_chroot: '' 7 | haproxy_user: root 8 | haproxy_group: root 9 | 10 | haproxy_backend_servers: 11 | - name: app1 12 | address: 127.0.0.1:8080 13 | 14 | pre_tasks: 15 | - name: Update apt cache. 16 | apt: update_cache=yes cache_valid_time=600 17 | when: ansible_os_family == 'Debian' 18 | 19 | roles: 20 | - role_under_test 21 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mysql 3 | service: "name={{ mysql_daemon }} state=restarted sleep=5" 4 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:01 2018', version: 2.8.1} 2 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: MySQL server for RHEL/CentOS and Debian/Ubuntu. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - all 18 | - name: Debian 19 | versions: 20 | - all 21 | - name: Archlinux 22 | versions: 23 | - all 24 | galaxy_tags: 25 | - database 26 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/databases.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL databases are present. 3 | mysql_db: 4 | name: "{{ item.name }}" 5 | collation: "{{ item.collation | default('utf8_general_ci') }}" 6 | encoding: "{{ item.encoding | default('utf8') }}" 7 | state: "{{ item.state | default('present') }}" 8 | with_items: "{{ mysql_databases }}" 9 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Variable configuration. 3 | - include: variables.yml 4 | 5 | # Setup/install tasks. 6 | - include: setup-RedHat.yml 7 | when: ansible_os_family == 'RedHat' 8 | static: no 9 | 10 | - include: setup-Debian.yml 11 | when: ansible_os_family == 'Debian' 12 | static: no 13 | 14 | - include: setup-Archlinux.yml 15 | when: ansible_os_family == 'Archlinux' 16 | static: no 17 | 18 | - name: Check if MySQL packages were installed. 19 | set_fact: 20 | mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) 21 | or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) 22 | or (arch_mysql_install_packages is defined and arch_mysql_install_packages.changed) }}" 23 | 24 | # Configure MySQL. 25 | - include: configure.yml 26 | - include: secure-installation.yml 27 | - include: databases.yml 28 | - include: users.yml 29 | - include: replication.yml 30 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/setup-Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL Python libraries are installed. 3 | pacman: "name=mysql-python state=present" 4 | 5 | - name: Ensure MySQL packages are installed. 6 | pacman: "name={{ item }} state=present" 7 | with_items: "{{ mysql_packages }}" 8 | register: arch_mysql_install_packages 9 | 10 | # Init the database if mysql is newly installed 11 | - command: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql 12 | when: arch_mysql_install_packages.changed 13 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/setup-Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if MySQL is already installed. 3 | stat: path=/etc/init.d/mysql 4 | register: mysql_installed 5 | 6 | - name: Update apt cache if MySQL is not yet installed. 7 | apt: update_cache=yes 8 | when: mysql_installed.stat.exists == false 9 | 10 | - name: Ensure MySQL Python libraries are installed. 11 | apt: "name=python-mysqldb state=installed" 12 | 13 | - name: Ensure MySQL packages are installed. 14 | apt: "name={{ item }} state=installed" 15 | with_items: "{{ mysql_packages }}" 16 | register: deb_mysql_install_packages 17 | 18 | # Because Ubuntu starts MySQL as part of the install process, we need to stop 19 | # mysql and remove the logfiles in case the user set a custom log file size. 20 | - name: Ensure MySQL is stopped after initial install. 21 | service: "name={{ mysql_daemon }} state=stopped" 22 | when: mysql_installed.stat.exists == false 23 | 24 | - name: Delete innodb log files created by apt package after initial install. 25 | file: path={{ mysql_datadir }}/{{item}} state=absent 26 | with_items: 27 | - "ib_logfile0" 28 | - "ib_logfile1" 29 | when: mysql_installed.stat.exists == false 30 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/setup-RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL packages are installed. 3 | yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" 4 | with_items: "{{ mysql_packages }}" 5 | register: rh_mysql_install_packages 6 | 7 | - name: Ensure MySQL Python libraries are installed. 8 | yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" 9 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tasks/users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL users are present. 3 | mysql_user: 4 | name: "{{ item.name }}" 5 | host: "{{ item.host | default('localhost') }}" 6 | password: "{{ item.password }}" 7 | priv: "{{ item.priv | default('*.*:USAGE') }}" 8 | state: "{{ item.state | default('present') }}" 9 | append_privs: "{{ item.append_privs | default('no') }}" 10 | encrypted: "{{ item.encrypted | default('no') }}" 11 | with_items: "{{ mysql_users }}" 12 | no_log: true 13 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/templates/root-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_root_username }}" 5 | password="{{ mysql_root_password }}" 6 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/templates/user-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_user_name }}" 5 | password="{{ mysql_user_password }}" 6 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tests/centos-7-test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | vars: 4 | mysql_packages: 5 | - mariadb 6 | - mariadb-server 7 | - mariadb-libs 8 | - MySQL-python 9 | - perl-DBD-MySQL 10 | mysql_daemon: mariadb 11 | mysql_log_error: /var/log/mariadb/mariadb.log 12 | mysql_syslog_tag: mariadb 13 | mysql_pid_file: /var/run/mariadb/mariadb.pid 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tests/initctl_faker: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" 3 | 4 | case "$ALIAS_CMD" in 5 | start|stop|restart|reload|status) 6 | exec service $1 $ALIAS_CMD 7 | ;; 8 | esac 9 | 10 | case "$1" in 11 | list ) 12 | exec service --status-all 13 | ;; 14 | reload-configuration ) 15 | exec service $2 restart 16 | ;; 17 | start|stop|restart|reload|status) 18 | exec service $2 $1 19 | ;; 20 | \?) 21 | exit 0 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | pre_tasks: 5 | - name: Copy initctl_faker into place for Ubuntu 14.04. 6 | copy: 7 | src: initctl_faker 8 | dest: /sbin/initctl 9 | mode: 0755 10 | force: yes 11 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' 12 | changed_when: false 13 | 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/vars/Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 6 | __mysql_log_error: /var/log/mysql.err 7 | __mysql_syslog_tag: mysql 8 | __mysql_pid_file: /run/mysqld/mysqld.pid 9 | __mysql_config_file: /etc/mysql/my.cnf 10 | __mysql_config_include_dir: /etc/mysql/conf.d 11 | __mysql_socket: /run/mysqld/mysqld.sock 12 | __mysql_supports_innodb_large_prefix: true 13 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysql 3 | __mysql_packages: 4 | - mysql-common 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/mysql/my.cnf 11 | __mysql_config_include_dir: /etc/mysql/conf.d 12 | __mysql_socket: /var/run/mysqld/mysqld.sock 13 | __mysql_supports_innodb_large_prefix: true 14 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/vars/RedHat-6.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysqld 3 | __mysql_packages: 4 | - mysql 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/my.cnf 11 | __mysql_config_include_dir: /etc/my.cnf.d 12 | __mysql_socket: /var/lib/mysql/mysql.sock 13 | __mysql_supports_innodb_large_prefix: false 14 | -------------------------------------------------------------------------------- /chap11/galaxy-roles/geerlingguy.mysql/vars/RedHat-7.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | - mariadb-server 6 | - mariadb-libs 7 | - MySQL-python 8 | - perl-DBD-MySQL 9 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 10 | __mysql_log_error: /var/log/mariadb/mariadb.log 11 | __mysql_syslog_tag: mariadb 12 | __mysql_pid_file: /var/run/mariadb/mariadb.pid 13 | __mysql_config_file: /etc/my.cnf 14 | __mysql_config_include_dir: /etc/my.cnf.d 15 | __mysql_socket: /var/lib/mysql/mysql.sock 16 | __mysql_supports_innodb_large_prefix: true 17 | -------------------------------------------------------------------------------- /chap11/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | users: 3 | admin: 4 | uid: 5001 5 | shell: /bin/bash 6 | home: /home/admin 7 | state: present 8 | dojo: 9 | state: absent 10 | 11 | systems: 12 | packages: 13 | - ntp 14 | - tree 15 | - vim 16 | -------------------------------------------------------------------------------- /chap11/group_vars/prod.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | app: 4 | version: 1.5 5 | env: prod 6 | 7 | fav: 8 | color: yellow 9 | fruit: guava 10 | 11 | dbconn: 12 | host: 192.168.61.14 13 | user: devops 14 | pass: GKkdw72Jil0ld 15 | db: devopsdemo 16 | 17 | haproxy_backend_httpchk: '' 18 | haproxy_socket: /var/run/haproxy.sock 19 | 20 | 21 | mysql_root_password: wxCb3snfSdG 22 | mysql_databases: 23 | - name: devopsdemo 24 | encoding: latin1 25 | collation: latin1_general_ci 26 | mysql_users: 27 | - name: devops 28 | host: "%" 29 | password: GKkdw72Jil0ld 30 | priv: "devopsdemo.*:ALL" 31 | mysql_bind_address: '0.0.0.0' 32 | -------------------------------------------------------------------------------- /chap11/group_vars/staging.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | app: 4 | version: 1.5 5 | env: staging 6 | 7 | fav: 8 | color: blue 9 | fruit: watermelon 10 | 11 | dbconn: 12 | host: 127.0.0.1 13 | user: devops 14 | pass: dfkl8d6msoYc0 15 | db: devopsdemo 16 | 17 | mysql_root_password: dfdvdHkst0ks72sY 18 | mysql_databases: 19 | - name: devopsdemo 20 | encoding: latin1 21 | collation: latin1_general_ci 22 | mysql_users: 23 | - name: devops 24 | host: "%" 25 | password: dfkl8d6msoYc0 26 | priv: "devopsdemo.*:ALL" 27 | -------------------------------------------------------------------------------- /chap11/lb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: setting up load balancer 3 | hosts: lb 4 | become: true 5 | roles: 6 | - { role: geerlingguy.haproxy } 7 | -------------------------------------------------------------------------------- /chap11/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap11/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap11/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap11/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: 5 | name: "{{ apache.service.name }}" 6 | state: restarted 7 | -------------------------------------------------------------------------------- /chap11/roles/apache/tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: copy apache config 3 | copy: 4 | src: httpd.conf 5 | dest: /etc/httpd.conf 6 | owner: root 7 | group: root 8 | mode: 0644 9 | notify: Restart apache service 10 | tags: 11 | - apache 12 | - config -------------------------------------------------------------------------------- /chap11/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | package: 4 | name: "{{ apache.package }}" 5 | state: latest 6 | 7 | tags: 8 | - apache 9 | - install -------------------------------------------------------------------------------- /chap11/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | 4 | - include_vars: "{{ ansible_os_family }}.yml" 5 | 6 | - import_tasks: install.yml 7 | 8 | - import_tasks: service.yml 9 | 10 | - import_tasks: config.yml 11 | when: ansible_os_family == 'RedHat' 12 | -------------------------------------------------------------------------------- /chap11/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: 4 | name: "{{ apache.service.name }}" 5 | state: "{{ apache.service.state }}" 6 | 7 | tags: 8 | - apache 9 | - service -------------------------------------------------------------------------------- /chap11/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap11/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap11/roles/apache/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: apache2 4 | service: 5 | name: apache2 6 | state: started -------------------------------------------------------------------------------- /chap11/roles/apache/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: httpd 4 | service: 5 | name: httpd 6 | state: started -------------------------------------------------------------------------------- /chap11/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap11/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap11/roles/frontend/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap11/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | app: 4 | version: 1.5 5 | env: LOCALDEV 6 | 7 | fav: 8 | color: magenta 9 | fruit: orange 10 | car: chevy 11 | laptop: toshiba 12 | 13 | dbconn: 14 | host: localhost 15 | user: root 16 | pass: changeme 17 | db: devopsdemo 18 | -------------------------------------------------------------------------------- /chap11/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap11/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend 3 | - include_vars: "{{ ansible_os_family }}.yml" 4 | - name: create app directory 5 | file: 6 | path: /opt/app 7 | owner: "{{ apache.user }}" 8 | group: "{{ apache.group }}" 9 | mode: 0755 10 | state: directory 11 | 12 | - name: create release path 13 | file: 14 | path: /opt/app/release 15 | owner: "{{ apache.user }}" 16 | group: "{{ apache.group }}" 17 | mode: 0755 18 | state: directory 19 | 20 | 21 | - name: Download and extract the release 22 | unarchive: 23 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/{{ app.version }}.tar.gz 24 | dest: /opt/app/release 25 | owner: "{{ apache.user }}" 26 | group: "{{ apache.group }}" 27 | creates: /opt/app/release/devops-demo-app-{{ app.version }} 28 | remote_src: yes 29 | 30 | - name: create a symlink 31 | file: 32 | src: /opt/app/release/devops-demo-app-{{ app.version }} 33 | dest: /var/www/html/app 34 | owner: "{{ apache.user }}" 35 | group: "{{ apache.group }}" 36 | state: link 37 | 38 | - name: add application configs 39 | template: 40 | src: config.ini.j2 41 | dest: /var/www/html/app/config.ini 42 | owner: "{{ apache.user }}" 43 | group: "{{ apache.group }}" 44 | mode: 0644 45 | -------------------------------------------------------------------------------- /chap11/roles/frontend/templates/config.ini.j2: -------------------------------------------------------------------------------- 1 | 2 | [database] 3 | hostname = {{ dbconn['host'] }} 4 | username = {{ dbconn['user'] }} 5 | password = {{ dbconn['pass'] }} 6 | dbname = {{ dbconn['db'] }} 7 | 8 | [environment] 9 | environment = {{ app['env'] }} 10 | 11 | [prefs] 12 | {% if fav.color is defined %} 13 | color = {{ fav['color'] }} 14 | {% endif %} 15 | 16 | {% if fav.fruit is defined %} 17 | fruit = {{ fav['fruit'] }} 18 | {% endif %} 19 | 20 | {% if fav.car is defined %} 21 | car = {{ fav['car'] }} 22 | {% endif %} 23 | 24 | {% if fav.laptop is defined %} 25 | laptop = {{ fav['laptop'] }} 26 | {% endif %} 27 | 28 | -------------------------------------------------------------------------------- /chap11/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap11/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap11/roles/frontend/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: www-data 4 | group: www-data -------------------------------------------------------------------------------- /chap11/roles/frontend/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: apache 4 | group: apache -------------------------------------------------------------------------------- /chap11/roles/frontend/vars/Redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: apache 4 | group: apache -------------------------------------------------------------------------------- /chap11/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap11/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap11/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap11/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap11/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap11/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | 13 | - name: additional php packages on debian 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - libapache2-mod-php 19 | when: ansible_os_family == 'Debian' 20 | notify: Restart apache service 21 | -------------------------------------------------------------------------------- /chap11/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap11/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap11/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap11/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap11/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap11/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap11/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap11/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: create systems users 4 | user: 5 | name: "{{ item.key }}" 6 | uid: "{{ item.value.uid | default('none') }}" 7 | shell: "{{ item.value.shell | default('none') }}" 8 | home: "{{ item.value.home | default('none') }}" 9 | state: "{{ item.value.state | default('none') }}" 10 | with_dict: "{{ users }}" 11 | 12 | 13 | - name: install common systems packages 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - "{{ systems.packages }}" -------------------------------------------------------------------------------- /chap11/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap11/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap11/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap11/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | 5 | - import_playbook: app.yml 6 | tags: app 7 | 8 | - import_playbook: lb.yml 9 | tags: lb 10 | 11 | - import_playbook: db.yml 12 | tags: db 13 | -------------------------------------------------------------------------------- /chap11/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap12/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | hash_behaviour = merge 9 | roles_path = roles:galaxy-roles 10 | fact_caching = yaml 11 | fact_caching_connection = /tmp/facts 12 | -------------------------------------------------------------------------------- /chap12/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | vars: 5 | fav: 6 | fruit: mango 7 | roles: 8 | - { role: apache, tags: www } 9 | - { role: php, tags: [ 'www', 'php' ] } 10 | - { role: frontend, tags: devopsdemo } 11 | tags: 12 | - frontend 13 | -------------------------------------------------------------------------------- /chap12/cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: cleanup database server 3 | hosts: db 4 | become: true 5 | tasks: 6 | - name: stop mysql service 7 | service: 8 | name: mysqld 9 | state: stopped 10 | 11 | - name: uninstall mysql related packages 12 | package: 13 | name: "{{ item }}" 14 | state: absent 15 | with_items: 16 | - mysql-server 17 | - mysql 18 | -------------------------------------------------------------------------------- /chap12/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: playbook to configure db servers 3 | hosts: db 4 | become: yes 5 | roles: 6 | - { role: geerlingguy.mysql } 7 | -------------------------------------------------------------------------------- /chap12/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | app3 ansible_user=devops ansible_ssh_pass=codespaces 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap12/environments/staging: -------------------------------------------------------------------------------- 1 | [app] 2 | app2 3 | 4 | [db] 5 | app2 6 | 7 | [staging:children] 8 | app 9 | db 10 | 11 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | services: docker 3 | 4 | env: 5 | - distro: centos7 6 | - distro: centos6 7 | - distro: ubuntu1604 8 | - distro: ubuntu1404 9 | - distro: ubuntu1204 10 | 11 | script: 12 | # Configure test script so we can run extra tests after playbook is run. 13 | - export container_id=$(date +%s) 14 | - export cleanup=false 15 | 16 | # Download test shim. 17 | - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ 18 | - chmod +x ${PWD}/tests/test.sh 19 | 20 | # Run tests. 21 | - ${PWD}/tests/test.sh 22 | 23 | # Make sure haproxy is installed. 24 | - 'docker exec --tty ${container_id} env TERM=xterm haproxy -v' 25 | 26 | notifications: 27 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 28 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | haproxy_socket: /var/lib/haproxy/stats 3 | haproxy_chroot: /var/lib/haproxy 4 | haproxy_user: haproxy 5 | haproxy_group: haproxy 6 | 7 | # Frontend settings. 8 | haproxy_frontend_name: 'hafrontend' 9 | haproxy_frontend_bind_address: '*' 10 | haproxy_frontend_port: 80 11 | haproxy_frontend_mode: 'http' 12 | 13 | # Backend settings. 14 | haproxy_backend_name: 'habackend' 15 | haproxy_backend_mode: 'http' 16 | haproxy_backend_balance_method: 'roundrobin' 17 | haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' 18 | 19 | # List of backend servers. 20 | haproxy_backend_servers: [] 21 | # - name: app1 22 | # address: 192.168.0.1:80 23 | # - name: app2 24 | # address: 192.168.0.2:80 25 | 26 | # Extra global vars (see README for example usage). 27 | haproxy_global_vars: [] 28 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart haproxy 3 | service: name=haproxy state=restarted 4 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:20 2018', version: 1.1.1} 2 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: HAProxy installation and configuration. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - precise 18 | - trusty 19 | - xenial 20 | galaxy_tags: 21 | - web 22 | - networking 23 | - cloud 24 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure HAProxy is installed (Debian). 3 | apt: name=haproxy state=installed 4 | when: ansible_os_family == 'Debian' 5 | 6 | - name: Ensure HAProxy is enabled (so init script will start it on Debian). 7 | lineinfile: 8 | dest: /etc/default/haproxy 9 | regexp: "^ENABLED.+$" 10 | line: "ENABLED=1" 11 | state: present 12 | when: ansible_os_family == 'Debian' 13 | 14 | - name: Ensure HAProxy is installed (RedHat). 15 | yum: name=haproxy state=installed 16 | when: ansible_os_family == 'RedHat' 17 | 18 | - name: Get HAProxy version. 19 | command: haproxy -v 20 | register: haproxy_version_result 21 | changed_when: false 22 | check_mode: no 23 | 24 | - name: Set HAProxy version. 25 | set_fact: 26 | haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.4' }}" 27 | 28 | - name: Copy HAProxy configuration in place. 29 | template: 30 | src: haproxy.cfg.j2 31 | dest: /etc/haproxy/haproxy.cfg 32 | mode: 0644 33 | validate: haproxy -f %s -c -q 34 | notify: restart haproxy 35 | 36 | - name: Ensure HAProxy is started and enabled on boot. 37 | service: name=haproxy state=started enabled=yes 38 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.haproxy/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | vars: 5 | haproxy_socket: '' 6 | haproxy_chroot: '' 7 | haproxy_user: root 8 | haproxy_group: root 9 | 10 | haproxy_backend_servers: 11 | - name: app1 12 | address: 127.0.0.1:8080 13 | 14 | pre_tasks: 15 | - name: Update apt cache. 16 | apt: update_cache=yes cache_valid_time=600 17 | when: ansible_os_family == 'Debian' 18 | 19 | roles: 20 | - role_under_test 21 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mysql 3 | service: "name={{ mysql_daemon }} state=restarted sleep=5" 4 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:01 2018', version: 2.8.1} 2 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: MySQL server for RHEL/CentOS and Debian/Ubuntu. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - all 18 | - name: Debian 19 | versions: 20 | - all 21 | - name: Archlinux 22 | versions: 23 | - all 24 | galaxy_tags: 25 | - database 26 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/databases.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL databases are present. 3 | mysql_db: 4 | name: "{{ item.name }}" 5 | collation: "{{ item.collation | default('utf8_general_ci') }}" 6 | encoding: "{{ item.encoding | default('utf8') }}" 7 | state: "{{ item.state | default('present') }}" 8 | with_items: "{{ mysql_databases }}" 9 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Variable configuration. 3 | - include: variables.yml 4 | 5 | # Setup/install tasks. 6 | - include: setup-RedHat.yml 7 | when: ansible_os_family == 'RedHat' 8 | static: no 9 | 10 | - include: setup-Debian.yml 11 | when: ansible_os_family == 'Debian' 12 | static: no 13 | 14 | - include: setup-Archlinux.yml 15 | when: ansible_os_family == 'Archlinux' 16 | static: no 17 | 18 | - name: Check if MySQL packages were installed. 19 | set_fact: 20 | mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) 21 | or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) 22 | or (arch_mysql_install_packages is defined and arch_mysql_install_packages.changed) }}" 23 | 24 | # Configure MySQL. 25 | - include: configure.yml 26 | - include: secure-installation.yml 27 | - include: databases.yml 28 | - include: users.yml 29 | - include: replication.yml 30 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/setup-Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL Python libraries are installed. 3 | pacman: "name=mysql-python state=present" 4 | 5 | - name: Ensure MySQL packages are installed. 6 | pacman: "name={{ item }} state=present" 7 | with_items: "{{ mysql_packages }}" 8 | register: arch_mysql_install_packages 9 | 10 | # Init the database if mysql is newly installed 11 | - command: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql 12 | when: arch_mysql_install_packages.changed 13 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/setup-Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if MySQL is already installed. 3 | stat: path=/etc/init.d/mysql 4 | register: mysql_installed 5 | 6 | - name: Update apt cache if MySQL is not yet installed. 7 | apt: update_cache=yes 8 | when: mysql_installed.stat.exists == false 9 | 10 | - name: Ensure MySQL Python libraries are installed. 11 | apt: "name=python-mysqldb state=installed" 12 | 13 | - name: Ensure MySQL packages are installed. 14 | apt: "name={{ item }} state=installed" 15 | with_items: "{{ mysql_packages }}" 16 | register: deb_mysql_install_packages 17 | 18 | # Because Ubuntu starts MySQL as part of the install process, we need to stop 19 | # mysql and remove the logfiles in case the user set a custom log file size. 20 | - name: Ensure MySQL is stopped after initial install. 21 | service: "name={{ mysql_daemon }} state=stopped" 22 | when: mysql_installed.stat.exists == false 23 | 24 | - name: Delete innodb log files created by apt package after initial install. 25 | file: path={{ mysql_datadir }}/{{item}} state=absent 26 | with_items: 27 | - "ib_logfile0" 28 | - "ib_logfile1" 29 | when: mysql_installed.stat.exists == false 30 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/setup-RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL packages are installed. 3 | yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" 4 | with_items: "{{ mysql_packages }}" 5 | register: rh_mysql_install_packages 6 | 7 | - name: Ensure MySQL Python libraries are installed. 8 | yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" 9 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tasks/users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL users are present. 3 | mysql_user: 4 | name: "{{ item.name }}" 5 | host: "{{ item.host | default('localhost') }}" 6 | password: "{{ item.password }}" 7 | priv: "{{ item.priv | default('*.*:USAGE') }}" 8 | state: "{{ item.state | default('present') }}" 9 | append_privs: "{{ item.append_privs | default('no') }}" 10 | encrypted: "{{ item.encrypted | default('no') }}" 11 | with_items: "{{ mysql_users }}" 12 | no_log: true 13 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/templates/root-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_root_username }}" 5 | password="{{ mysql_root_password }}" 6 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/templates/user-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_user_name }}" 5 | password="{{ mysql_user_password }}" 6 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tests/centos-7-test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | vars: 4 | mysql_packages: 5 | - mariadb 6 | - mariadb-server 7 | - mariadb-libs 8 | - MySQL-python 9 | - perl-DBD-MySQL 10 | mysql_daemon: mariadb 11 | mysql_log_error: /var/log/mariadb/mariadb.log 12 | mysql_syslog_tag: mariadb 13 | mysql_pid_file: /var/run/mariadb/mariadb.pid 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tests/initctl_faker: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" 3 | 4 | case "$ALIAS_CMD" in 5 | start|stop|restart|reload|status) 6 | exec service $1 $ALIAS_CMD 7 | ;; 8 | esac 9 | 10 | case "$1" in 11 | list ) 12 | exec service --status-all 13 | ;; 14 | reload-configuration ) 15 | exec service $2 restart 16 | ;; 17 | start|stop|restart|reload|status) 18 | exec service $2 $1 19 | ;; 20 | \?) 21 | exit 0 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | pre_tasks: 5 | - name: Copy initctl_faker into place for Ubuntu 14.04. 6 | copy: 7 | src: initctl_faker 8 | dest: /sbin/initctl 9 | mode: 0755 10 | force: yes 11 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' 12 | changed_when: false 13 | 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/vars/Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 6 | __mysql_log_error: /var/log/mysql.err 7 | __mysql_syslog_tag: mysql 8 | __mysql_pid_file: /run/mysqld/mysqld.pid 9 | __mysql_config_file: /etc/mysql/my.cnf 10 | __mysql_config_include_dir: /etc/mysql/conf.d 11 | __mysql_socket: /run/mysqld/mysqld.sock 12 | __mysql_supports_innodb_large_prefix: true 13 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysql 3 | __mysql_packages: 4 | - mysql-common 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/mysql/my.cnf 11 | __mysql_config_include_dir: /etc/mysql/conf.d 12 | __mysql_socket: /var/run/mysqld/mysqld.sock 13 | __mysql_supports_innodb_large_prefix: true 14 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/vars/RedHat-6.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysqld 3 | __mysql_packages: 4 | - mysql 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/my.cnf 11 | __mysql_config_include_dir: /etc/my.cnf.d 12 | __mysql_socket: /var/lib/mysql/mysql.sock 13 | __mysql_supports_innodb_large_prefix: false 14 | -------------------------------------------------------------------------------- /chap12/galaxy-roles/geerlingguy.mysql/vars/RedHat-7.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | - mariadb-server 6 | - mariadb-libs 7 | - MySQL-python 8 | - perl-DBD-MySQL 9 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 10 | __mysql_log_error: /var/log/mariadb/mariadb.log 11 | __mysql_syslog_tag: mariadb 12 | __mysql_pid_file: /var/run/mariadb/mariadb.pid 13 | __mysql_config_file: /etc/my.cnf 14 | __mysql_config_include_dir: /etc/my.cnf.d 15 | __mysql_socket: /var/lib/mysql/mysql.sock 16 | __mysql_supports_innodb_large_prefix: true 17 | -------------------------------------------------------------------------------- /chap12/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | users: 3 | admin: 4 | uid: 5001 5 | shell: /bin/bash 6 | home: /home/admin 7 | state: present 8 | dojo: 9 | state: absent 10 | 11 | systems: 12 | packages: 13 | - ntp 14 | - tree 15 | - vim 16 | -------------------------------------------------------------------------------- /chap12/group_vars/staging.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | app: 4 | version: 1.5 5 | env: staging 6 | 7 | fav: 8 | color: blue 9 | fruit: watermelon 10 | 11 | dbconn: 12 | host: 127.0.0.1 13 | user: devops 14 | pass: dfkl8d6msoYc0 15 | db: devopsdemo 16 | 17 | mysql_root_password: dfdvdHkst0ks72sY 18 | mysql_databases: 19 | - name: devopsdemo 20 | encoding: latin1 21 | collation: latin1_general_ci 22 | mysql_users: 23 | - name: devops 24 | host: "%" 25 | password: dfkl8d6msoYc0 26 | priv: "devopsdemo.*:ALL" 27 | -------------------------------------------------------------------------------- /chap12/lb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: setting up load balancer 3 | hosts: lb 4 | become: true 5 | roles: 6 | - { role: geerlingguy.haproxy } 7 | -------------------------------------------------------------------------------- /chap12/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap12/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap12/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap12/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: 5 | name: "{{ apache.service.name }}" 6 | state: restarted 7 | -------------------------------------------------------------------------------- /chap12/roles/apache/tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: copy apache config 3 | copy: 4 | src: httpd.conf 5 | dest: /etc/httpd.conf 6 | owner: root 7 | group: root 8 | mode: 0644 9 | notify: Restart apache service 10 | tags: 11 | - apache 12 | - config -------------------------------------------------------------------------------- /chap12/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | package: 4 | name: "{{ apache.package }}" 5 | state: latest 6 | 7 | tags: 8 | - apache 9 | - install -------------------------------------------------------------------------------- /chap12/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | 4 | - include_vars: "{{ ansible_os_family }}.yml" 5 | 6 | - import_tasks: install.yml 7 | 8 | - import_tasks: service.yml 9 | 10 | - import_tasks: config.yml 11 | when: ansible_os_family == 'RedHat' 12 | -------------------------------------------------------------------------------- /chap12/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: 4 | name: "{{ apache.service.name }}" 5 | state: "{{ apache.service.state }}" 6 | 7 | tags: 8 | - apache 9 | - service -------------------------------------------------------------------------------- /chap12/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap12/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap12/roles/apache/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: apache2 4 | service: 5 | name: apache2 6 | state: started -------------------------------------------------------------------------------- /chap12/roles/apache/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | package: httpd 4 | service: 5 | name: httpd 6 | state: started -------------------------------------------------------------------------------- /chap12/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap12/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap12/roles/frontend/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap12/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | app: 4 | version: 1.5 5 | env: LOCALDEV 6 | 7 | fav: 8 | color: magenta 9 | fruit: orange 10 | car: chevy 11 | laptop: toshiba 12 | 13 | dbconn: 14 | host: localhost 15 | user: root 16 | pass: changeme 17 | db: devopsdemo 18 | -------------------------------------------------------------------------------- /chap12/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap12/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend 3 | - include_vars: "{{ ansible_os_family }}.yml" 4 | - name: create app directory 5 | file: 6 | path: /opt/app 7 | owner: "{{ apache.user }}" 8 | group: "{{ apache.group }}" 9 | mode: 0755 10 | state: directory 11 | 12 | - name: create release path 13 | file: 14 | path: /opt/app/release 15 | owner: "{{ apache.user }}" 16 | group: "{{ apache.group }}" 17 | mode: 0755 18 | state: directory 19 | 20 | 21 | - name: Download and extract the release 22 | unarchive: 23 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/{{ app.version }}.tar.gz 24 | dest: /opt/app/release 25 | owner: "{{ apache.user }}" 26 | group: "{{ apache.group }}" 27 | creates: /opt/app/release/devops-demo-app-{{ app.version }} 28 | remote_src: yes 29 | 30 | - name: create a symlink 31 | file: 32 | src: /opt/app/release/devops-demo-app-{{ app.version }} 33 | dest: /var/www/html/app 34 | owner: "{{ apache.user }}" 35 | group: "{{ apache.group }}" 36 | state: link 37 | 38 | - name: add application configs 39 | template: 40 | src: config.ini.j2 41 | dest: /var/www/html/app/config.ini 42 | owner: "{{ apache.user }}" 43 | group: "{{ apache.group }}" 44 | mode: 0644 45 | -------------------------------------------------------------------------------- /chap12/roles/frontend/templates/config.ini.j2: -------------------------------------------------------------------------------- 1 | 2 | [database] 3 | hostname = {{ dbconn['host'] }} 4 | username = {{ dbconn['user'] }} 5 | password = {{ dbconn['pass'] }} 6 | dbname = {{ dbconn['db'] }} 7 | 8 | [environment] 9 | environment = {{ app['env'] }} 10 | 11 | [prefs] 12 | {% if fav.color is defined %} 13 | color = {{ fav['color'] }} 14 | {% endif %} 15 | 16 | {% if fav.fruit is defined %} 17 | fruit = {{ fav['fruit'] }} 18 | {% endif %} 19 | 20 | {% if fav.car is defined %} 21 | car = {{ fav['car'] }} 22 | {% endif %} 23 | 24 | {% if fav.laptop is defined %} 25 | laptop = {{ fav['laptop'] }} 26 | {% endif %} 27 | 28 | -------------------------------------------------------------------------------- /chap12/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap12/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap12/roles/frontend/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: www-data 4 | group: www-data -------------------------------------------------------------------------------- /chap12/roles/frontend/vars/Redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apache: 3 | user: apache 4 | group: apache -------------------------------------------------------------------------------- /chap12/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap12/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap12/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap12/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap12/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap12/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | 13 | - name: additional php packages on debian 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - libapache2-mod-php 19 | when: ansible_os_family == 'Debian' 20 | notify: Restart apache service 21 | -------------------------------------------------------------------------------- /chap12/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap12/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap12/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap12/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap12/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap12/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap12/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap12/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: create systems users 4 | user: 5 | name: "{{ item.key }}" 6 | uid: "{{ item.value.uid | default('none') }}" 7 | shell: "{{ item.value.shell | default('none') }}" 8 | home: "{{ item.value.home | default('none') }}" 9 | state: "{{ item.value.state | default('none') }}" 10 | with_dict: "{{ users }}" 11 | 12 | 13 | - name: install common systems packages 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - "{{ systems.packages }}" -------------------------------------------------------------------------------- /chap12/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap12/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap12/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap12/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | 5 | - import_playbook: app.yml 6 | tags: app 7 | 8 | - import_playbook: lb.yml 9 | tags: lb 10 | 11 | - import_playbook: db.yml 12 | tags: db 13 | -------------------------------------------------------------------------------- /chap12/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap12/test_vault.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: testing ansible vault 3 | hosts: 'local:app' 4 | become: true 5 | tasks: 6 | - name: copy a file containing api keys 7 | copy: 8 | src: vault/api_keys 9 | dest: /root/.api_keys 10 | owner: root 11 | group: root 12 | mode: 0400 13 | -------------------------------------------------------------------------------- /chap12/tmp: -------------------------------------------------------------------------------- 1 | !vault | 2 | $ANSIBLE_VAULT;1.2;AES256;prod 3 | 63373365666439363431646239366666313330396461303932333530616163313063633261336365 4 | 3935623262613563343138623830356537333239653166610a613137373438373935653134663031 5 | 65633334313366623636313461366539326365396432663239613866366365313538356237383437 6 | 3535336165386366300a353935663166613264346537616666363766646637326166646236656663 7 | 3535 8 | -------------------------------------------------------------------------------- /chap12/vault/api_keys: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 65326433313633373632336135666265353163633739626166393162316638653563616535313735 3 | 3333633964336266363763303335396339656664393830610a613234336135326631643864613331 4 | 62656133633966653337636138333030376631383231663133316463636438653634663131656461 5 | 6635303534336637630a363336636663666432323138373238643035623938323138613230306232 6 | 63306635386534353934346365666562363661373031316564386239396166393836346163383662 7 | 37333963313034623639663664353133353061313766633262376362393333623235303262323030 8 | 356162306461666537363232303933396434 9 | -------------------------------------------------------------------------------- /chap12/vault/creds: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 34346231393862363634336532636563303938646262336637666563323036613735613766663130 3 | 3330343866613531356135386630666563343031323265630a343564396635326166323736626138 4 | 39656437653062653866646439333834313834613432363262346332386666383862353961666234 5 | 3132313635346662360a623565393264313936663436633564376134666433323733373861653465 6 | 37316566643063336565376266303838343530643737363031333238653738666536363436643535 7 | 6333666636633961323763353366393736616565653134366362 8 | -------------------------------------------------------------------------------- /chap12/vault/dev: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 35383834613038653237646161613431343731333064316134306261666465666438643939663133 3 | 3466383335376631313639623038636565323961333966390a353032373565363563303064656234 4 | 39366666373566306639623536386339313762393030616661323838396138376563656537333232 5 | 3331386532393931650a666463653738643162326461626135353437613666343064653239353635 6 | 33336431366134363538393335353239656662376437666365663739373230623866 7 | -------------------------------------------------------------------------------- /chap12/vault/prod: -------------------------------------------------------------------------------- 1 | mysql_root_password: fdjnjg12 2 | 3 | -------------------------------------------------------------------------------- /chap12/vault/staging: -------------------------------------------------------------------------------- 1 | mysql_root_password: dfjknnjkn982qcdnsjkvnsn 2 | 3 | -------------------------------------------------------------------------------- /chap4/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/schoolofdevops/ansible-bootcamp-code/d5181c04a97df1550d1aca6524209c953ac99628/chap4/README.md -------------------------------------------------------------------------------- /chap5/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | 9 | -------------------------------------------------------------------------------- /chap5/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap6/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | 9 | -------------------------------------------------------------------------------- /chap6/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap6/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap7/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | 9 | -------------------------------------------------------------------------------- /chap7/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | roles: 5 | - apache 6 | - php 7 | - frontend 8 | -------------------------------------------------------------------------------- /chap7/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap7/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap7/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap7/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap7/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: name=httpd state=restarted 5 | -------------------------------------------------------------------------------- /chap7/roles/apache/tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: copy over httpd configs 3 | copy: 4 | src: httpd.conf 5 | dest: /etc/httpd.conf 6 | owner: root 7 | group: root 8 | mode: 0644 9 | notify: Restart apache service 10 | 11 | -------------------------------------------------------------------------------- /chap7/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | yum: name=httpd state=latest 4 | -------------------------------------------------------------------------------- /chap7/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | - import_tasks: install.yml 4 | - import_tasks: service.yml 5 | - import_tasks: config.yml 6 | -------------------------------------------------------------------------------- /chap7/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: name=httpd state=started 4 | -------------------------------------------------------------------------------- /chap7/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap7/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap7/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap7/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap7/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | -------------------------------------------------------------------------------- /chap7/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap7/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend- name: create app directory 3 | - name: create a app dir 4 | file: 5 | path: /opt/app 6 | owner: apache 7 | group: apache 8 | mode: 0755 9 | state: directory 10 | 11 | - name: create release path 12 | file: 13 | path: /opt/app/release 14 | owner: apache 15 | group: apache 16 | mode: 0755 17 | state: directory 18 | 19 | 20 | - name: Download and extract the release 21 | unarchive: 22 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/1.1.tar.gz 23 | dest: /opt/app/release 24 | owner: apache 25 | group: apache 26 | creates: /opt/app/release/devops-demo-app-1.1 27 | remote_src: yes 28 | 29 | - name: create a symlink 30 | file: 31 | src: /opt/app/release/devops-demo-app-1.1 32 | dest: /var/www/html/app 33 | owner: apache 34 | group: apache 35 | state: link -------------------------------------------------------------------------------- /chap7/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap7/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap7/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap7/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap7/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap7/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap7/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap7/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | -------------------------------------------------------------------------------- /chap7/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap7/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap7/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap7/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap7/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap7/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap7/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap7/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: remove user dojo 4 | user: > 5 | name=dojo 6 | state=absent 7 | 8 | - name: install tree utility 9 | yum: > 10 | name=tree 11 | state=present 12 | 13 | - name: install ntp 14 | yum: > 15 | name=ntp 16 | state=installed 17 | -------------------------------------------------------------------------------- /chap7/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap7/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap7/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap7/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | - import_playbook: app.yml 5 | -------------------------------------------------------------------------------- /chap7/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap8/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | hash_behaviour = merge 9 | -------------------------------------------------------------------------------- /chap8/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | vars: 5 | fav: 6 | fruit: mango 7 | roles: 8 | - apache 9 | - php 10 | - frontend 11 | -------------------------------------------------------------------------------- /chap8/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap8/group_vars/prod.yml: -------------------------------------------------------------------------------- 1 | --- 2 | fav: 3 | color: yellow 4 | fruit: guava 5 | 6 | -------------------------------------------------------------------------------- /chap8/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap8/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap8/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap8/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: name=httpd state=restarted 5 | -------------------------------------------------------------------------------- /chap8/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | yum: name=httpd state=latest 4 | -------------------------------------------------------------------------------- /chap8/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | - import_tasks: install.yml 4 | - import_tasks: service.yml 5 | -------------------------------------------------------------------------------- /chap8/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: name=httpd state=started 4 | -------------------------------------------------------------------------------- /chap8/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap8/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap8/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap8/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap8/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | app: 4 | version: 1.5 5 | env: LOCALDEV 6 | 7 | fav: 8 | color: magenta 9 | fruit: orange 10 | car: chevy 11 | laptop: toshiba 12 | 13 | dbconn: 14 | host: localhost 15 | user: root 16 | pass: changeme 17 | db: devopsdemo 18 | -------------------------------------------------------------------------------- /chap8/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap8/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend 3 | 4 | - name: create app directory 5 | file: 6 | path: /opt/app 7 | owner: apache 8 | group: apache 9 | mode: 0755 10 | state: directory 11 | 12 | - name: create release path 13 | file: 14 | path: /opt/app/release 15 | owner: apache 16 | group: apache 17 | mode: 0755 18 | state: directory 19 | 20 | 21 | - name: Download and extract the release 22 | unarchive: 23 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/{{ app.version }}.tar.gz 24 | dest: /opt/app/release 25 | owner: apache 26 | group: apache 27 | creates: /opt/app/release/devops-demo-app-{{ app.version }} 28 | remote_src: yes 29 | 30 | - name: create a symlink 31 | file: 32 | src: /opt/app/release/devops-demo-app-{{ app.version }} 33 | dest: /var/www/html/app 34 | owner: apache 35 | group: apache 36 | state: link 37 | 38 | - name: add application configs 39 | template: 40 | src: config.ini.j2 41 | dest: /var/www/html/app/config.ini 42 | owner: apache 43 | group: apache 44 | mode: 0644 45 | -------------------------------------------------------------------------------- /chap8/roles/frontend/templates/config.ini.j2: -------------------------------------------------------------------------------- 1 | 2 | [database] 3 | hostname = {{ dbconn['host'] }} 4 | username = {{ dbconn['user'] }} 5 | password = {{ dbconn['pass'] }} 6 | dbname = {{ dbconn['db'] }} 7 | 8 | [environment] 9 | environment = {{ app['env'] }} 10 | 11 | [prefs] 12 | color = {{ fav['color'] }} 13 | fruit = {{ fav['fruit'] }} 14 | car = {{ fav['car'] }} 15 | laptop = {{ fav['laptop'] }} 16 | 17 | -------------------------------------------------------------------------------- /chap8/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap8/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap8/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap8/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap8/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap8/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap8/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap8/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | -------------------------------------------------------------------------------- /chap8/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap8/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap8/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap8/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap8/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap8/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap8/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap8/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: remove user dojo 4 | user: > 5 | name=dojo 6 | state=absent 7 | 8 | - name: install tree utility 9 | yum: > 10 | name=tree 11 | state=present 12 | 13 | - name: install ntp 14 | yum: > 15 | name=ntp 16 | state=installed 17 | -------------------------------------------------------------------------------- /chap8/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap8/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap8/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap8/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | - import_playbook: lb.yml 5 | - import_playbook: app.yml 6 | - import_playbook: db.yml 7 | -------------------------------------------------------------------------------- /chap8/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | -------------------------------------------------------------------------------- /chap9/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | remote_user = devops 4 | inventory = environments/prod 5 | retry_files_save_path = /tmp 6 | host_key_checking = False 7 | log_path=~/ansible.log 8 | hash_behaviour = merge 9 | roles_path = roles:galaxy-roles 10 | -------------------------------------------------------------------------------- /chap9/app.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: app 3 | become: true 4 | vars: 5 | fav: 6 | fruit: mango 7 | roles: 8 | - { role: apache, tags: www } 9 | - { role: php, tags: [ 'www', 'php' ] } 10 | - { role: frontend, tags: devopsdemo } 11 | tags: 12 | - frontend 13 | -------------------------------------------------------------------------------- /chap9/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: playbook to configure db servers 3 | hosts: db 4 | become: yes 5 | roles: 6 | - { role: geerlingguy.mysql } 7 | -------------------------------------------------------------------------------- /chap9/environments/prod: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | [lb] 5 | lb 6 | 7 | [app] 8 | app1 9 | app2 10 | app3 ansible_user=devops ansible_ssh_pass=codespaces 11 | 12 | [db] 13 | db 14 | 15 | [prod:children] 16 | lb 17 | app 18 | db 19 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | services: docker 3 | 4 | env: 5 | - distro: centos7 6 | - distro: centos6 7 | - distro: ubuntu1604 8 | - distro: ubuntu1404 9 | - distro: ubuntu1204 10 | 11 | script: 12 | # Configure test script so we can run extra tests after playbook is run. 13 | - export container_id=$(date +%s) 14 | - export cleanup=false 15 | 16 | # Download test shim. 17 | - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ 18 | - chmod +x ${PWD}/tests/test.sh 19 | 20 | # Run tests. 21 | - ${PWD}/tests/test.sh 22 | 23 | # Make sure haproxy is installed. 24 | - 'docker exec --tty ${container_id} env TERM=xterm haproxy -v' 25 | 26 | notifications: 27 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 28 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | haproxy_socket: /var/lib/haproxy/stats 3 | haproxy_chroot: /var/lib/haproxy 4 | haproxy_user: haproxy 5 | haproxy_group: haproxy 6 | 7 | # Frontend settings. 8 | haproxy_frontend_name: 'hafrontend' 9 | haproxy_frontend_bind_address: '*' 10 | haproxy_frontend_port: 80 11 | haproxy_frontend_mode: 'http' 12 | 13 | # Backend settings. 14 | haproxy_backend_name: 'habackend' 15 | haproxy_backend_mode: 'http' 16 | haproxy_backend_balance_method: 'roundrobin' 17 | haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' 18 | 19 | # List of backend servers. 20 | haproxy_backend_servers: [] 21 | # - name: app1 22 | # address: 192.168.0.1:80 23 | # - name: app2 24 | # address: 192.168.0.2:80 25 | 26 | # Extra global vars (see README for example usage). 27 | haproxy_global_vars: [] 28 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart haproxy 3 | service: name=haproxy state=restarted 4 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:20 2018', version: 1.1.1} 2 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: HAProxy installation and configuration. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - precise 18 | - trusty 19 | - xenial 20 | galaxy_tags: 21 | - web 22 | - networking 23 | - cloud 24 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure HAProxy is installed (Debian). 3 | apt: name=haproxy state=installed 4 | when: ansible_os_family == 'Debian' 5 | 6 | - name: Ensure HAProxy is enabled (so init script will start it on Debian). 7 | lineinfile: 8 | dest: /etc/default/haproxy 9 | regexp: "^ENABLED.+$" 10 | line: "ENABLED=1" 11 | state: present 12 | when: ansible_os_family == 'Debian' 13 | 14 | - name: Ensure HAProxy is installed (RedHat). 15 | yum: name=haproxy state=installed 16 | when: ansible_os_family == 'RedHat' 17 | 18 | - name: Get HAProxy version. 19 | command: haproxy -v 20 | register: haproxy_version_result 21 | changed_when: false 22 | check_mode: no 23 | 24 | - name: Set HAProxy version. 25 | set_fact: 26 | haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.4' }}" 27 | 28 | - name: Copy HAProxy configuration in place. 29 | template: 30 | src: haproxy.cfg.j2 31 | dest: /etc/haproxy/haproxy.cfg 32 | mode: 0644 33 | validate: haproxy -f %s -c -q 34 | notify: restart haproxy 35 | 36 | - name: Ensure HAProxy is started and enabled on boot. 37 | service: name=haproxy state=started enabled=yes 38 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.haproxy/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | vars: 5 | haproxy_socket: '' 6 | haproxy_chroot: '' 7 | haproxy_user: root 8 | haproxy_group: root 9 | 10 | haproxy_backend_servers: 11 | - name: app1 12 | address: 127.0.0.1:8080 13 | 14 | pre_tasks: 15 | - name: Update apt cache. 16 | apt: update_cache=yes cache_valid_time=600 17 | when: ansible_os_family == 'Debian' 18 | 19 | roles: 20 | - role_under_test 21 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | tests/test.sh 3 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Jeff Geerling 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mysql 3 | service: "name={{ mysql_daemon }} state=restarted sleep=5" 4 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/meta/.galaxy_install_info: -------------------------------------------------------------------------------- 1 | {install_date: 'Fri Feb 2 05:20:01 2018', version: 2.8.1} 2 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: geerlingguy 6 | description: MySQL server for RHEL/CentOS and Debian/Ubuntu. 7 | company: "Midwestern Mac, LLC" 8 | license: "license (BSD, MIT)" 9 | min_ansible_version: 2.2 10 | platforms: 11 | - name: EL 12 | versions: 13 | - 6 14 | - 7 15 | - name: Ubuntu 16 | versions: 17 | - all 18 | - name: Debian 19 | versions: 20 | - all 21 | - name: Archlinux 22 | versions: 23 | - all 24 | galaxy_tags: 25 | - database 26 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/databases.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL databases are present. 3 | mysql_db: 4 | name: "{{ item.name }}" 5 | collation: "{{ item.collation | default('utf8_general_ci') }}" 6 | encoding: "{{ item.encoding | default('utf8') }}" 7 | state: "{{ item.state | default('present') }}" 8 | with_items: "{{ mysql_databases }}" 9 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Variable configuration. 3 | - include: variables.yml 4 | 5 | # Setup/install tasks. 6 | - include: setup-RedHat.yml 7 | when: ansible_os_family == 'RedHat' 8 | static: no 9 | 10 | - include: setup-Debian.yml 11 | when: ansible_os_family == 'Debian' 12 | static: no 13 | 14 | - include: setup-Archlinux.yml 15 | when: ansible_os_family == 'Archlinux' 16 | static: no 17 | 18 | - name: Check if MySQL packages were installed. 19 | set_fact: 20 | mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) 21 | or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) 22 | or (arch_mysql_install_packages is defined and arch_mysql_install_packages.changed) }}" 23 | 24 | # Configure MySQL. 25 | - include: configure.yml 26 | - include: secure-installation.yml 27 | - include: databases.yml 28 | - include: users.yml 29 | - include: replication.yml 30 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/setup-Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL Python libraries are installed. 3 | pacman: "name=mysql-python state=present" 4 | 5 | - name: Ensure MySQL packages are installed. 6 | pacman: "name={{ item }} state=present" 7 | with_items: "{{ mysql_packages }}" 8 | register: arch_mysql_install_packages 9 | 10 | # Init the database if mysql is newly installed 11 | - command: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql 12 | when: arch_mysql_install_packages.changed 13 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/setup-Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if MySQL is already installed. 3 | stat: path=/etc/init.d/mysql 4 | register: mysql_installed 5 | 6 | - name: Update apt cache if MySQL is not yet installed. 7 | apt: update_cache=yes 8 | when: mysql_installed.stat.exists == false 9 | 10 | - name: Ensure MySQL Python libraries are installed. 11 | apt: "name=python-mysqldb state=installed" 12 | 13 | - name: Ensure MySQL packages are installed. 14 | apt: "name={{ item }} state=installed" 15 | with_items: "{{ mysql_packages }}" 16 | register: deb_mysql_install_packages 17 | 18 | # Because Ubuntu starts MySQL as part of the install process, we need to stop 19 | # mysql and remove the logfiles in case the user set a custom log file size. 20 | - name: Ensure MySQL is stopped after initial install. 21 | service: "name={{ mysql_daemon }} state=stopped" 22 | when: mysql_installed.stat.exists == false 23 | 24 | - name: Delete innodb log files created by apt package after initial install. 25 | file: path={{ mysql_datadir }}/{{item}} state=absent 26 | with_items: 27 | - "ib_logfile0" 28 | - "ib_logfile1" 29 | when: mysql_installed.stat.exists == false 30 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/setup-RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL packages are installed. 3 | yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" 4 | with_items: "{{ mysql_packages }}" 5 | register: rh_mysql_install_packages 6 | 7 | - name: Ensure MySQL Python libraries are installed. 8 | yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" 9 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tasks/users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure MySQL users are present. 3 | mysql_user: 4 | name: "{{ item.name }}" 5 | host: "{{ item.host | default('localhost') }}" 6 | password: "{{ item.password }}" 7 | priv: "{{ item.priv | default('*.*:USAGE') }}" 8 | state: "{{ item.state | default('present') }}" 9 | append_privs: "{{ item.append_privs | default('no') }}" 10 | encrypted: "{{ item.encrypted | default('no') }}" 11 | with_items: "{{ mysql_users }}" 12 | no_log: true 13 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/templates/root-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_root_username }}" 5 | password="{{ mysql_root_password }}" 6 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/templates/user-my.cnf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | [client] 4 | user="{{ mysql_user_name }}" 5 | password="{{ mysql_user_password }}" 6 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tests/README.md: -------------------------------------------------------------------------------- 1 | # Ansible Role tests 2 | 3 | To run the test playbook(s) in this directory: 4 | 5 | 1. Install and start Docker. 6 | 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: 7 | - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` 8 | 1. Make the test shim executable: `chmod +x tests/test.sh`. 9 | 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` 10 | 11 | If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` 12 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tests/centos-7-test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | vars: 4 | mysql_packages: 5 | - mariadb 6 | - mariadb-server 7 | - mariadb-libs 8 | - MySQL-python 9 | - perl-DBD-MySQL 10 | mysql_daemon: mariadb 11 | mysql_log_error: /var/log/mariadb/mariadb.log 12 | mysql_syslog_tag: mariadb 13 | mysql_pid_file: /var/run/mariadb/mariadb.pid 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tests/initctl_faker: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" 3 | 4 | case "$ALIAS_CMD" in 5 | start|stop|restart|reload|status) 6 | exec service $1 $ALIAS_CMD 7 | ;; 8 | esac 9 | 10 | case "$1" in 11 | list ) 12 | exec service --status-all 13 | ;; 14 | reload-configuration ) 15 | exec service $2 restart 16 | ;; 17 | start|stop|restart|reload|status) 18 | exec service $2 $1 19 | ;; 20 | \?) 21 | exit 0 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | pre_tasks: 5 | - name: Copy initctl_faker into place for Ubuntu 14.04. 6 | copy: 7 | src: initctl_faker 8 | dest: /sbin/initctl 9 | mode: 0755 10 | force: yes 11 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' 12 | changed_when: false 13 | 14 | roles: 15 | - role_under_test 16 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/vars/Archlinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 6 | __mysql_log_error: /var/log/mysql.err 7 | __mysql_syslog_tag: mysql 8 | __mysql_pid_file: /run/mysqld/mysqld.pid 9 | __mysql_config_file: /etc/mysql/my.cnf 10 | __mysql_config_include_dir: /etc/mysql/conf.d 11 | __mysql_socket: /run/mysqld/mysqld.sock 12 | __mysql_supports_innodb_large_prefix: true 13 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysql 3 | __mysql_packages: 4 | - mysql-common 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/mysql/my.cnf 11 | __mysql_config_include_dir: /etc/mysql/conf.d 12 | __mysql_socket: /var/run/mysqld/mysqld.sock 13 | __mysql_supports_innodb_large_prefix: true 14 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/vars/RedHat-6.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mysqld 3 | __mysql_packages: 4 | - mysql 5 | - mysql-server 6 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 7 | __mysql_log_error: /var/log/mysql.err 8 | __mysql_syslog_tag: mysql 9 | __mysql_pid_file: /var/run/mysqld/mysqld.pid 10 | __mysql_config_file: /etc/my.cnf 11 | __mysql_config_include_dir: /etc/my.cnf.d 12 | __mysql_socket: /var/lib/mysql/mysql.sock 13 | __mysql_supports_innodb_large_prefix: false 14 | -------------------------------------------------------------------------------- /chap9/galaxy-roles/geerlingguy.mysql/vars/RedHat-7.yml: -------------------------------------------------------------------------------- 1 | --- 2 | __mysql_daemon: mariadb 3 | __mysql_packages: 4 | - mariadb 5 | - mariadb-server 6 | - mariadb-libs 7 | - MySQL-python 8 | - perl-DBD-MySQL 9 | __mysql_slow_query_log_file: /var/log/mysql-slow.log 10 | __mysql_log_error: /var/log/mariadb/mariadb.log 11 | __mysql_syslog_tag: mariadb 12 | __mysql_pid_file: /var/run/mariadb/mariadb.pid 13 | __mysql_config_file: /etc/my.cnf 14 | __mysql_config_include_dir: /etc/my.cnf.d 15 | __mysql_socket: /var/lib/mysql/mysql.sock 16 | __mysql_supports_innodb_large_prefix: true 17 | -------------------------------------------------------------------------------- /chap9/group_vars/prod.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | users: 4 | admin: 5 | uid: 5001 6 | shell: /bin/bash 7 | home: /home/admin 8 | state: present 9 | dojo: 10 | state: absent 11 | 12 | systems: 13 | packages: 14 | - ntp 15 | - tree 16 | - vim 17 | 18 | fav: 19 | color: yellow 20 | fruit: guava 21 | 22 | dbconn: 23 | host: 192.168.61.14 24 | user: devops 25 | pass: GKkdw72Jil0ld 26 | db: devopsdemo 27 | 28 | haproxy_backend_servers: 29 | - name: app1 30 | address: 192.168.61.12:80 31 | - name: app2 32 | address: 192.168.61.13:80 33 | - name: app3 34 | address: 192.168.61.15:80 35 | haproxy_backend_httpchk: '' 36 | haproxy_socket: /var/run/haproxy.sock 37 | 38 | 39 | mysql_root_password: wxCb3snfSdG 40 | mysql_databases: 41 | - name: devopsdemo 42 | encoding: latin1 43 | collation: latin1_general_ci 44 | mysql_users: 45 | - name: devops 46 | host: "%" 47 | password: GKkdw72Jil0ld 48 | priv: "devopsdemo.*:ALL" 49 | mysql_bind_address: '0.0.0.0' 50 | -------------------------------------------------------------------------------- /chap9/lb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: setting up load balancer 3 | hosts: lb 4 | become: true 5 | roles: 6 | - { role: geerlingguy.haproxy } 7 | -------------------------------------------------------------------------------- /chap9/roles/apache/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap9/roles/apache/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap9/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for apache 3 | -------------------------------------------------------------------------------- /chap9/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for apache 3 | - name: Restart apache service 4 | service: 5 | name: "{{ apache.service.name }}" 6 | state: restarted 7 | -------------------------------------------------------------------------------- /chap9/roles/apache/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache... 3 | package: 4 | name: "{{ apache.package }}" 5 | state: latest 6 | 7 | tags: 8 | - apache 9 | - install -------------------------------------------------------------------------------- /chap9/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for apache 3 | 4 | - include_vars: "{{ ansible_os_family }}.yml" 5 | 6 | - import_tasks: install.yml 7 | 8 | - import_tasks: service.yml 9 | 10 | - import_tasks: config.yml 11 | when: ansible_os_family == 'RedHat' 12 | -------------------------------------------------------------------------------- /chap9/roles/apache/tasks/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Starting Apache... 3 | service: 4 | name: "{{ apache.service.name }}" 5 | state: "{{ apache.service.state }}" 6 | 7 | tags: 8 | - apache 9 | - service -------------------------------------------------------------------------------- /chap9/roles/apache/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap9/roles/apache/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - apache -------------------------------------------------------------------------------- /chap9/roles/apache/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for apache 3 | -------------------------------------------------------------------------------- /chap9/roles/frontend/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap9/roles/frontend/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for frontend 3 | app: 4 | version: 1.5 5 | env: LOCALDEV 6 | 7 | fav: 8 | color: magenta 9 | fruit: orange 10 | car: chevy 11 | laptop: toshiba 12 | 13 | dbconn: 14 | host: localhost 15 | user: root 16 | pass: changeme 17 | db: devopsdemo 18 | -------------------------------------------------------------------------------- /chap9/roles/frontend/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for frontend 3 | -------------------------------------------------------------------------------- /chap9/roles/frontend/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for frontend 3 | - include_vars: "{{ ansible_os_family }}.yml" 4 | - name: create app directory 5 | file: 6 | path: /opt/app 7 | owner: "{{ apache.user }}" 8 | group: "{{ apache.group }}" 9 | mode: 0755 10 | state: directory 11 | 12 | - name: create release path 13 | file: 14 | path: /opt/app/release 15 | owner: "{{ apache.user }}" 16 | group: "{{ apache.group }}" 17 | mode: 0755 18 | state: directory 19 | 20 | 21 | - name: Download and extract the release 22 | unarchive: 23 | src: https://github.com/devopsdemoapps/devops-demo-app/archive/{{ app.version }}.tar.gz 24 | dest: /opt/app/release 25 | owner: "{{ apache.user }}" 26 | group: "{{ apache.group }}" 27 | creates: /opt/app/release/devops-demo-app-{{ app.version }} 28 | remote_src: yes 29 | 30 | - name: create a symlink 31 | file: 32 | src: /opt/app/release/devops-demo-app-{{ app.version }} 33 | dest: /var/www/html/app 34 | owner: "{{ apache.user }}" 35 | group: "{{ apache.group }}" 36 | state: link 37 | 38 | - name: add application configs 39 | template: 40 | src: config.ini.j2 41 | dest: /var/www/html/app/config.ini 42 | owner: "{{ apache.user }}" 43 | group: "{{ apache.group }}" 44 | mode: 0644 45 | -------------------------------------------------------------------------------- /chap9/roles/frontend/templates/config.ini.j2: -------------------------------------------------------------------------------- 1 | 2 | [database] 3 | hostname = {{ dbconn['host'] }} 4 | username = {{ dbconn['user'] }} 5 | password = {{ dbconn['pass'] }} 6 | dbname = {{ dbconn['db'] }} 7 | 8 | [environment] 9 | environment = {{ app['env'] }} 10 | 11 | [prefs] 12 | {% if fav.color is defined %} 13 | color = {{ fav['color'] }} 14 | {% endif %} 15 | 16 | {% if fav.fruit is defined %} 17 | fruit = {{ fav['fruit'] }} 18 | {% endif %} 19 | 20 | {% if fav.car is defined %} 21 | car = {{ fav['car'] }} 22 | {% endif %} 23 | 24 | {% if fav.laptop is defined %} 25 | laptop = {{ fav['laptop'] }} 26 | {% endif %} 27 | 28 | -------------------------------------------------------------------------------- /chap9/roles/frontend/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap9/roles/frontend/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - frontend -------------------------------------------------------------------------------- /chap9/roles/frontend/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for frontend 3 | -------------------------------------------------------------------------------- /chap9/roles/php/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap9/roles/php/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap9/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for php 3 | -------------------------------------------------------------------------------- /chap9/roles/php/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /chap9/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for php 3 | - name: install php 4 | package: 5 | name: "{{ item }}" 6 | state: installed 7 | with_items: 8 | - php 9 | - php-mysql 10 | - nmap 11 | notify: Restart apache service 12 | 13 | - name: additional php packages on debian 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - libapache2-mod-php 19 | when: ansible_os_family == 'Debian' 20 | notify: Restart apache service 21 | -------------------------------------------------------------------------------- /chap9/roles/php/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap9/roles/php/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - php -------------------------------------------------------------------------------- /chap9/roles/php/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for php 3 | -------------------------------------------------------------------------------- /chap9/roles/systems/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /chap9/roles/systems/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /chap9/roles/systems/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for systems 3 | -------------------------------------------------------------------------------- /chap9/roles/systems/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for systems 3 | -------------------------------------------------------------------------------- /chap9/roles/systems/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for systems 3 | - name: create systems users 4 | user: 5 | name: "{{ item.key }}" 6 | uid: "{{ item.value.uid | default('none') }}" 7 | shell: "{{ item.value.shell | default('none') }}" 8 | home: "{{ item.value.home | default('none') }}" 9 | state: "{{ item.value.state | default('none') }}" 10 | with_dict: "{{ users }}" 11 | 12 | 13 | - name: install common systems packages 14 | package: 15 | name: "{{ item }}" 16 | state: installed 17 | with_items: 18 | - "{{ systems.packages }}" -------------------------------------------------------------------------------- /chap9/roles/systems/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /chap9/roles/systems/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - systems -------------------------------------------------------------------------------- /chap9/roles/systems/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for systems 3 | -------------------------------------------------------------------------------- /chap9/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is a sitewide playbook 3 | # filename: site.yml 4 | - import_playbook: lb.yml 5 | tags: lb 6 | 7 | - import_playbook: app.yml 8 | tags: app 9 | 10 | - import_playbook: db.yml 11 | tags: db 12 | -------------------------------------------------------------------------------- /chap9/systems.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: base configs for all hosts 3 | hosts: prod 4 | become: true 5 | tasks: 6 | - name: create admin user 7 | user: > 8 | name=admin 9 | uid=5001 10 | shell=/bin/bash 11 | home=/home/admin 12 | state=present 13 | 14 | - name: remove user dojo 15 | user: > 16 | name=dojo 17 | state=absent 18 | 19 | - name: install tree utility 20 | yum: > 21 | name=tree 22 | state=present 23 | 24 | - name: install ntp 25 | yum: > 26 | name=ntp 27 | state=installed 28 | 29 | - name: App Server Configurations 30 | hosts: app 31 | become: true 32 | tasks: 33 | - name: create deploy user 34 | user: name=deploy state=present uid=5003 35 | 36 | - name: install git 37 | package: name=git state=present 38 | 39 | ... 40 | --------------------------------------------------------------------------------