├── .gitignore ├── 3tier_arch.yml ├── LICENSE ├── README.md ├── ansible.cfg ├── inventory ├── playbooks ├── apache.yaml ├── app_lb.yml ├── app_routetable.yml ├── app_sg.yml ├── appserver1_subnet.yml ├── appserver2_subnet.yml ├── cgw.yml ├── db1_subnet.yml ├── db2_subnet.yml ├── db_routetable.yml ├── db_sg.yml ├── digitalocean_instance_create.yml ├── ec2.yml ├── ec2_appserver1.yml ├── ec2_appserver2.yml ├── ec2_webserver1.yml ├── ec2_webserver2.yml ├── igw.yml ├── lb1_subnet.yml ├── lb2_subnet.yml ├── lb_routetable.yml ├── nat.yml ├── rds.yml ├── rds_subnet_group.yml ├── routetable.yml ├── security_group.yml ├── subnet.yml ├── vgw.yml ├── vpc.yml ├── vpc_peering.yml ├── vpn_connection.yml ├── vpn_routetable.yml ├── web_routetable.yml ├── web_sg.yml ├── webserver1_subnet.yml ├── webserver2_subnet.yml └── wordpress_install.yml ├── roles ├── .DS_Store ├── accept_vpc_peering │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── app_lb │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── app_security_group │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── cgw │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── db_security_group │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── ec2 │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── igw │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── nat │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── rds │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── rds_subnet_group │ ├── .DS_Store │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── routetable │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── subnet │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── target_groups │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── vgw │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── vpc │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── vpc_peering │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── vpn_connection │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml ├── vpn_routetable │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml └── wb_security_group │ ├── README.md │ ├── defaults │ └── main.yml │ ├── handlers │ └── main.yml │ ├── meta │ └── main.yml │ ├── tasks │ └── main.yml │ ├── tests │ ├── inventory │ └── test.yml │ └── vars │ └── main.yml ├── sample_input.txt ├── vpc_peering.yml └── vpn_setup.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *.retry -------------------------------------------------------------------------------- /3tier_arch.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : playbooks/vpc.yml 3 | - import_playbook : playbooks/igw.yml 4 | - import_playbook : playbooks/subnet.yml 5 | - import_playbook : playbooks/nat.yml 6 | - import_playbook : playbooks/routetable.yml 7 | - import_playbook : playbooks/rds_subnet_group.yml 8 | - import_playbook : playbooks/rds.yml 9 | - import_playbook : playbooks/security_group.yml 10 | - import_playbook : playbooks/ec2.yml 11 | - import_playbook : playbooks/app_lb.yml 12 | - import_playbook : vpn_setup.yml 13 | - import_playbook : vpc_peering.yml 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 tensult 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # AWS automation with Ansible 2 | 3 | This playbook installs and configures a three tier architecture for creating a VPC in Amazon Web services. It also sets up a VPN connection with the VPC along with a VPC peering connection. It contains a web layer, an application layer and a database layer. There are two EC2 instances running in two different availability zones in the web layer and the same for the application layer as well. 4 | 5 | The playbooks for VPN connection and VPC peering connection have also been provided seperately so that you can run them independently though you have to make same changes in the roles. Before running the playbook for VPC peering connection make sure that you change your AWS config file so as to include the access and secret key in it. Click [here](https://boto3.readthedocs.io/en/latest/guide/configuration.html#aws-config-file) to see the format. 6 | 7 | The playbook accepts inputs given by the user such as names, CIDR blocks, tags etc and then builds the VPC in AWS. This is still a work in progress. 8 | 9 | The main playbook I have created is "3tier_arch.yml" which calls other play-books to configure the different components. Each playbook calls the concerned role to execute the task and configure the required component. The different roles used are: 10 | 1) vpc - This role is used to create the VPC in the inital step. It takes parameters such as name of the VPC, the CIDR block, region etc as inputs from the user and then configures the VPC based on these inputs. 11 | 12 | 2) igw - This role is used to set-up the internet gateway for the VPC. 13 | 14 | 3) subnet - This role is used to create a subnet inside the VPC. The web layer and application have two subnets each in two different availability zones and database layer has a subnet all of which are private. The load balancer has two subnets in the two availability zones which is same as the zones for web layer. Different playbook are used to call this role which then creates a subnet based on the parameters passed to the role from the respective playbook.  15 | 16 | 4) nat- This role is used to create a NAT gateway for theVPC. 17 | 18 | 5) routetable - This role is used to create the routetable for the different associated subnets in the VPC. The same process whereby we call the same role with different playbooks as in the case of "subnet" role is used to create different routetables for the different layers in the VPC. 19 | 20 | 6) rds_subnet_group - This role is used to create a RDS subnet group so that we can configure a realtional database service within the VPC. 21 | 22 | 7) rds- This role is used to create a RDS instance. The concerned playbook accepts inputs from the user to determine the type of RDS, instance, size, username etc which passes the inputs to the role so that it can configure it accordingly. 23 | 24 | 8) security_group- This role is used to create the security group for the different subnets. The different roles used to create security groups are app_security_group, db_security_group and wb_security_group. The playbooks associated with each role accepts the required inputs and passes it to the concerned role. 25 | 26 | 9) ec2 - This role is used to create EC2 instances for the web and application layer. As we have seen in the case of "subnet" roles, the different playbooks accept inputs from the user and then they call the "ec2" role which configures the required instance in the VPC. 27 | 28 | 10) elb- This role is used to create a load balancer to manage the traffic to the web layer. 29 | 30 | 11) cgw - This role is used to create a customer gateway for the VPN connection. The concerned playbook gathers the inputs from the user and then invokes the role. 31 | 32 | 12) vgw - This role is used to create a virtual private gateway and then attach it to the VPC. 33 | 34 | 13) vpn_connection - This role is used to set-up the virtual private network connection between the customer gateway and the virtual private gateway. 35 | 36 | 14) vpn_routetable - This role is used to create a routetable for the virtual gateway and also to allow route propogation for the virtual gateway. 37 | 38 | The roles invoke the AWS modules in Ansible to carry out their respective tasks. 39 | 40 | ## Running the playbook 41 | Open the terminal and change the path to where you have downloaded the folder. 42 | Then run the following command in the terminal: 43 | > $ anisble_playbook 3tier_arch.yml 44 | 45 | ## Requirements 46 | You must have AWS CLI, latest Python module and boto3 installed before running this playbook else it will result in an error saying you need one of these installed. 47 | 48 | If you don't have it installed follow the steps below in the terminal: 49 | 50 | 1) Install Homebrew with the following command 51 | 52 | > $ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" 53 | 2) Once you’ve installed Homebrew, insert the Homebrew directory at the top of your PATH environment variable. You can do this by adding the following line at the bottom of your ~/.profile file 54 | 55 | > export PATH=/usr/local/bin:/usr/local/sbin:$PATH 56 | 3) Now install Python with the following 57 | > $ brew install python 58 | 4) Install pip using 59 | > sudo easy_install pip 60 | 5) Install AWS CLI using pip 61 | 62 | >pip install awscli 63 | 64 | 6) Install boto3 65 | 66 | > brew install python 67 | 68 | 69 | 70 | A sample input file has also been provided so that you can test the code easily though there are some lines you have to enter like the AWS keypair, the VPC peering connection details etc. Make sure to edit the line starting with a '#' symbol and enter the required value. -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | inventory = ./inventory -------------------------------------------------------------------------------- /inventory: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local -------------------------------------------------------------------------------- /playbooks/apache.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: Dev 3 | become: yes 4 | tasks: 5 | - name: Installing apache on ubuntu 6 | apt: name=apache2 state=present 7 | when: ansible_os_family == "Debian" 8 | - name: Installing apache on centos 9 | yum: name=httpd state=present 10 | when: ansible_os_family == "RedHat" 11 | -------------------------------------------------------------------------------- /playbooks/app_lb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "lb_name" 5 | prompt: "Enter the name of the load balancer" 6 | private: no 7 | 8 | tasks: 9 | - set_fact: 10 | lb_name: "{{lb_name}}" 11 | 12 | roles: 13 | - ../roles/target_groups 14 | - ../roles/app_lb 15 | -------------------------------------------------------------------------------- /playbooks/app_routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating app routetable 4 | vars_prompt: 5 | - name: "rt1_name" 6 | prompt: "Enter the name of the routetable" 7 | private: no 8 | - name: "destination1" 9 | prompt: "Enter the destination of the routetable" 10 | private: no 11 | 12 | tasks: 13 | - name: Creating app routetable 14 | include_role: 15 | name: ../roles/routetable 16 | vars: 17 | rt_name: "{{rt1_name}}" 18 | destination: "{{destination1}}" 19 | subnet1_id: "{{ vpc_info.app1_subnet.subnet.id }}" 20 | subnet2_id: "{{ vpc_info.app2_subnet.subnet.id }}" 21 | gateway_id: "{{ new_nat_gateway.nat_gateway_id }}" 22 | - name: Print output 23 | debug: 24 | var: vpc_info 25 | -------------------------------------------------------------------------------- /playbooks/app_sg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "app_sg_name" 5 | prompt: "Enter the name of the security group for application layer" 6 | private: no 7 | - name: "app_sg_desc" 8 | prompt: "Enter the description of the security group for application layer" 9 | private: no 10 | - name: "app_sg_rule_desc" 11 | prompt: "Enter the rule description " 12 | private: no 13 | - name: "app_protocol" 14 | prompt: "Enter the protocol for application layer " 15 | private: no 16 | - name: "app_port_no" 17 | prompt: "Enter the port number for application layer" 18 | private: no 19 | - name: "app_source_cidr" 20 | prompt: "Enter the source CIDR block for application layer" 21 | private: no 22 | 23 | tasks: 24 | - set_fact: 25 | app_sg_name: "{{app_sg_name}}" 26 | app_sg_desc: "{{app_sg_desc}}" 27 | app_sg_rule_desc: "{{app_sg_rule_desc}}" 28 | app_protocol: "{{app_protocol}}" 29 | app_port_no: "{{app_port_no}}" 30 | app_source_cidr: "{{app_source_cidr}}" 31 | 32 | roles: 33 | - ../roles/app_security_group -------------------------------------------------------------------------------- /playbooks/appserver1_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating app server 1 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet3" 6 | prompt: "Enter the CIDR block you want for app server 1 subnet" 7 | private: no 8 | - name: "subnet_name3" 9 | prompt: "Enter the name of the app server 1 subnet" 10 | private: no 11 | - name: "subnet_env3" 12 | prompt: "Enter the environment tag of app server 1 subnet" 13 | private: no 14 | - name: "subnet_az3" 15 | prompt: "Enter the availability zone of app server 1 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating app server 1 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet3}}" 24 | subnet_name: "{{subnet_name3}}" 25 | subnet_env: "{{subnet_env3}}" 26 | subnet_az: "{{subnet_az3}}" 27 | subnet_key: app1_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/appserver2_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating app server 2 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet4" 6 | prompt: "Enter the CIDR block you want for app server 2 subnet" 7 | private: no 8 | - name: "subnet_name4" 9 | prompt: "Enter the name of the app server 2 subnet" 10 | private: no 11 | - name: "subnet_env4" 12 | prompt: "Enter the environment tag of app server 2 subnet" 13 | private: no 14 | - name: "subnet_az4" 15 | prompt: "Enter the availability zone of app server 2 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating app server 2 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet4}}" 24 | subnet_name: "{{subnet_name4}}" 25 | subnet_env: "{{subnet_env4}}" 26 | subnet_az: "{{subnet_az4}}" 27 | subnet_key: app2_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/cgw.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "cgw_name" 5 | prompt: "Enter the name of the customer gateway" 6 | private: no 7 | - name: "ip_add" 8 | prompt: "Enter the IP address" 9 | private: no 10 | 11 | tasks: 12 | - set_fact: 13 | cgw_name: "{{cgw_name}}" 14 | ip_add: "{{ip_add}}" 15 | 16 | roles: 17 | - ../roles/cgw 18 | 19 | -------------------------------------------------------------------------------- /playbooks/db1_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating db server 1 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet5" 6 | prompt: "Enter the CIDR block you want for db server 1 subnet" 7 | private: no 8 | - name: "subnet_name5" 9 | prompt: "Enter the name of the db server 1 subnet" 10 | private: no 11 | - name: "subnet_env5" 12 | prompt: "Enter the environment tag of db server 1 subnet" 13 | private: no 14 | - name: "subnet_az5" 15 | prompt: "Enter the availability zone of db server 1 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating db server 1 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet5}}" 24 | subnet_name: "{{subnet_name5}}" 25 | subnet_env: "{{subnet_env5}}" 26 | subnet_az: "{{subnet_az5}}" 27 | subnet_key: db1_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/db2_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating db server 2 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet6" 6 | prompt: "Enter the CIDR block you want for db server 2 subnet" 7 | private: no 8 | - name: "subnet_name6" 9 | prompt: "Enter the name of the db server 2 subnet" 10 | private: no 11 | - name: "subnet_env6" 12 | prompt: "Enter the environment tag of db server 2 subnet" 13 | private: no 14 | - name: "subnet_az6" 15 | prompt: "Enter the availability zone of db server 2 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating db server 2 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet6}}" 24 | subnet_name: "{{subnet_name6}}" 25 | subnet_env: "{{subnet_env6}}" 26 | subnet_az: "{{subnet_az6}}" 27 | subnet_key: db2_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/db_routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating db routetable 4 | vars_prompt: 5 | - name: "rt2_name" 6 | prompt: "Enter the name of the routetable" 7 | private: no 8 | - name: "destination2" 9 | prompt: "Enter the destination of the routetable" 10 | private: no 11 | 12 | tasks: 13 | - name: Creating db routetable 14 | include_role: 15 | name: ../roles/routetable 16 | vars: 17 | rt_name: "{{rt2_name}}" 18 | destination: "{{destination2}}" 19 | subnet1_id: "{{ vpc_info.db1_subnet.subnet.id }}" 20 | subnet2_id: "{{ vpc_info.db2_subnet.subnet.id }}" 21 | gateway_id: "{{ new_nat_gateway.nat_gateway_id }}" 22 | - name: Print output 23 | debug: 24 | var: vpc_info 25 | -------------------------------------------------------------------------------- /playbooks/db_sg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "db_sg_name" 5 | prompt: "Enter the name of the security group for database layer" 6 | private: no 7 | - name: "db_sg_desc" 8 | prompt: "Enter the description of the security group for database layer" 9 | private: no 10 | - name: "db_sg_rule_desc" 11 | prompt: "Enter the rule description for database layer " 12 | private: no 13 | - name: "db_protocol" 14 | prompt: "Enter the protocol for database layer " 15 | private: no 16 | - name: "db_port_no" 17 | prompt: "Enter the port number for database layer " 18 | private: no 19 | - name: "db_source_cidr" 20 | prompt: "Enter the source CIDR block for database layer " 21 | private: no 22 | 23 | tasks: 24 | - set_fact: 25 | db_sg_name: "{{db_sg_name}}" 26 | db_sg_desc: "{{db_sg_desc}}" 27 | db_sg_rule_desc: "{{db_sg_rule_desc}}" 28 | db_protocol: "{{db_protocol}}" 29 | db_port_no: "{{db_port_no}}" 30 | db_source_cidr: "{{db_source_cidr}}" 31 | 32 | 33 | roles: 34 | - ../roles/db_security_group -------------------------------------------------------------------------------- /playbooks/digitalocean_instance_create.yml: -------------------------------------------------------------------------------- 1 | # Ansible playbook for digitalocean instance creation 2 | --- 3 | - hosts: digitalocean 4 | vars: 5 | do_tokens: 6 | tasks: 7 | - name: ensure ssh key exists 8 | user: > 9 | name={{ 0 }} 10 | generate_ssh_key=yes 11 | ssh_key_file=.ssh/id_rsah_key_file=.ssh/id_rsa 12 | - name: ensure droplet one exists 13 | digital_ocean: > 14 | state=present 15 | command=droplet 16 | name=droplet-one 17 | size_id=512mb 18 | region_id=sgp1 19 | image_id=ubuntu-14-04-x64 20 | ssh_key_ids={{ my_ssh_key.ssh_key.id }} 21 | api_token={{ do_token }} 22 | register: droplet_one 23 | 24 | - debug: msg="IP is {{ droplet_one.droplet.ip_address }}" 25 | 26 | ... 27 | -------------------------------------------------------------------------------- /playbooks/ec2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "key_pair1" 5 | prompt: "Enter the name of your keypair" 6 | private: no 7 | 8 | tasks: 9 | - set_fact: 10 | key_pair1: "{{key_pair1}}" 11 | 12 | - import_playbook : ec2_webserver1.yml 13 | - import_playbook : ec2_webserver2.yml 14 | - import_playbook : ec2_appserver1.yml 15 | - import_playbook : ec2_appserver2.yml -------------------------------------------------------------------------------- /playbooks/ec2_appserver1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "instance_name3" 5 | prompt: "Enter the name of the app server 1" 6 | private: no 7 | - name: "ec2_type3" 8 | prompt: "Enter the type of instance you want " 9 | private: no 10 | - name: "sg3" 11 | prompt: "Enter the name of the security group" 12 | private: no 13 | - name: "public_ip3" 14 | prompt: "Do you want public IP for app server 1" 15 | private: no 16 | - name: "ec2_image3" 17 | prompt: "Enter image of your EC2 instance" 18 | private: no 19 | 20 | tasks: 21 | - name: Creating app server 1 22 | include_role: 23 | name: ../roles/ec2 24 | vars: 25 | instance_name: "{{instance_name3}}" 26 | ec2_type: "{{ec2_type3}}" 27 | sg: "{{sg3}}" 28 | public_ip: "{{public_ip3}}" 29 | ec2_subnet_id: "{{ vpc_info.app1_subnet.subnet.id }}" 30 | ec2_name: appserver1 31 | ec2_image: "{{ec2_image3}}" 32 | - name: Print output 33 | debug: 34 | var: vpc_info -------------------------------------------------------------------------------- /playbooks/ec2_appserver2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "instance_name4" 5 | prompt: "Enter the name of the app server 2" 6 | private: no 7 | - name: "ec2_type4" 8 | prompt: "Enter the type of instance you want " 9 | private: no 10 | - name: "sg4" 11 | prompt: "Enter the name of the security group" 12 | private: no 13 | - name: "public_ip4" 14 | prompt: "Do you want public IP for app server 2" 15 | private: no 16 | - name: "ec2_image4" 17 | prompt: "Enter image of your EC2 instance" 18 | private: no 19 | 20 | tasks: 21 | - name: Creating app server 2 22 | include_role: 23 | name: ../roles/ec2 24 | vars: 25 | instance_name: "{{instance_name4}}" 26 | ec2_type: "{{ec2_type4}}" 27 | sg: "{{sg4}}" 28 | public_ip: "{{public_ip4}}" 29 | ec2_subnet_id: "{{ vpc_info.app2_subnet.subnet.id }}" 30 | ec2_name: appserver2 31 | ec2_image: "{{ec2_image4}}" 32 | - name: Print output 33 | debug: 34 | var: vpc_info -------------------------------------------------------------------------------- /playbooks/ec2_webserver1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "instance_name1" 5 | prompt: "Enter the name of the web server 1" 6 | private: no 7 | - name: "ec2_type1" 8 | prompt: "Enter the type of instance you want " 9 | private: no 10 | - name: "sg1" 11 | prompt: "Enter the name of the security group" 12 | private: no 13 | - name: "public_ip1" 14 | prompt: "Do you want public IP for web server 1" 15 | private: no 16 | - name: "ec2_image1" 17 | prompt: "Enter image of your EC2 instance" 18 | private: no 19 | 20 | tasks: 21 | - name: Creating web server 1 22 | include_role: 23 | name: ../roles/ec2 24 | vars: 25 | instance_name: "{{instance_name1}}" 26 | ec2_type: "{{ec2_type1}}" 27 | sg: "{{sg1}}" 28 | public_ip: "{{public_ip1}}" 29 | ec2_subnet_id: "{{ vpc_info.web1_subnet.subnet.id }}" 30 | ec2_name: webserver1 31 | ec2_image: "{{ec2_image1}}" 32 | - name: Print output 33 | debug: 34 | var: vpc_info -------------------------------------------------------------------------------- /playbooks/ec2_webserver2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "instance_name2" 5 | prompt: "Enter the name of the web server 2" 6 | private: no 7 | - name: "ec2_type2" 8 | prompt: "Enter the type of instance you want " 9 | private: no 10 | - name: "sg2" 11 | prompt: "Enter the name of the security group" 12 | private: no 13 | - name: "public_ip2" 14 | prompt: "Do you want public IP for web server 2" 15 | private: no 16 | - name: "ec2_image2" 17 | prompt: "Enter image of your EC2 instance" 18 | private: no 19 | 20 | tasks: 21 | - name: Creating web server 2 22 | include_role: 23 | name: ../roles/ec2 24 | vars: 25 | instance_name: "{{instance_name2}}" 26 | ec2_type: "{{ec2_type2}}" 27 | sg: "{{sg2}}" 28 | public_ip: "{{public_ip2}}" 29 | ec2_subnet_id: "{{ vpc_info.web2_subnet.subnet.id }}" 30 | ec2_name: webserver2 31 | ec2_image: "{{ec2_image2}}" 32 | - name: Print output 33 | debug: 34 | var: vpc_info -------------------------------------------------------------------------------- /playbooks/igw.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "igw_name" 5 | prompt: "Enter the name of the IGW" 6 | private: no 7 | 8 | tasks: 9 | - set_fact: 10 | igw_name: "{{igw_name}}" 11 | 12 | roles: 13 | - ../roles/igw 14 | -------------------------------------------------------------------------------- /playbooks/lb1_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating lb server 1 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet7" 6 | prompt: "Enter the CIDR block you want for lb server 1 subnet" 7 | private: no 8 | - name: "subnet_name7" 9 | prompt: "Enter the name of the lb server 1 subnet" 10 | private: no 11 | - name: "subnet_env7" 12 | prompt: "Enter the environment tag of lb server 1 subnet" 13 | private: no 14 | - name: "subnet_az7" 15 | prompt: "Enter the availability zone of lb server 1 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating lb server 1 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet7}}" 24 | subnet_name: "{{subnet_name7}}" 25 | subnet_env: "{{subnet_env7}}" 26 | subnet_az: "{{subnet_az7}}" 27 | subnet_key: lb1_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/lb2_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating lb server 2 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet8" 6 | prompt: "Enter the CIDR block you want for lb server 2 subnet" 7 | private: no 8 | - name: "subnet_name8" 9 | prompt: "Enter the name of the lb server 2 subnet" 10 | private: no 11 | - name: "subnet_env8" 12 | prompt: "Enter the environment tag of lb server 2 subnet" 13 | private: no 14 | - name: "subnet_az8" 15 | prompt: "Enter the availability zone of lb server 2 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating lb server 2 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet8}}" 24 | subnet_name: "{{subnet_name8}}" 25 | subnet_env: "{{subnet_env8}}" 26 | subnet_az: "{{subnet_az8}}" 27 | subnet_key: lb2_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/lb_routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating lb routetable 4 | vars_prompt: 5 | - name: "rt4_name" 6 | prompt: "Enter the name of the routetable" 7 | private: no 8 | - name: "destination4" 9 | prompt: "Enter the destination of the routetable" 10 | private: no 11 | 12 | tasks: 13 | - name: Creating lb routetable 14 | include_role: 15 | name: ../roles/routetable 16 | vars: 17 | rt_name: "{{rt4_name}}" 18 | destination: "{{destination4}}" 19 | subnet1_id: "{{ vpc_info.lb1_subnet.subnet.id }}" 20 | subnet2_id: "{{ vpc_info.lb2_subnet.subnet.id }}" 21 | gateway_id: "{{ igw.gateway_id }}" 22 | - name: Print output 23 | debug: 24 | var: vpc_info 25 | -------------------------------------------------------------------------------- /playbooks/nat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | roles: 4 | - ../roles/nat 5 | -------------------------------------------------------------------------------- /playbooks/rds.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "db_instance" 5 | prompt: "Enter the type of RDS you want (MySQL/Aurora/MariaDB/PostgreSQL/Oracle/Microsoft SQL server)" 6 | private: no 7 | - name: "db_name" 8 | prompt: "Enter the name of your instance" 9 | private: no 10 | - name: "db_size" 11 | prompt: "Enter the size of your instance" 12 | private: no 13 | - name: "instance_type" 14 | prompt: "Enter the instance type" 15 | private: no 16 | - name: "user_name" 17 | prompt: "Enter user name for your database" 18 | private: no 19 | - name: "db_password" 20 | prompt: "Enter the password for your database" 21 | private: no 22 | - name: "group_name" 23 | prompt: "Enter the name of the RDS subnet group " 24 | private: no 25 | tasks: 26 | - set_fact: 27 | db_instance: "{{db_instance}}" 28 | db_name: "{{db_name}}" 29 | db_size: "{{db_size}}" 30 | instance_type: "{{instance_type}}" 31 | user_name: "{{user_name}}" 32 | db_password: "{{db_password}}" 33 | group_name: "{{group_name}}" 34 | roles: 35 | - ../roles/rds 36 | -------------------------------------------------------------------------------- /playbooks/rds_subnet_group.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "rds_group_name" 5 | prompt: "Enter the name of the RDS subnet group" 6 | private: no 7 | - name: "rds_group_description" 8 | prompt: "Enter the description of the group" 9 | private: no 10 | tasks: 11 | - set_fact: 12 | rds_group_name: "{{rds_group_name}}" 13 | rds_group_description: "{{rds_group_description}}" 14 | roles: 15 | - ../roles/rds_subnet_group -------------------------------------------------------------------------------- /playbooks/routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : app_routetable.yml 3 | - import_playbook : db_routetable.yml 4 | - import_playbook : lb_routetable.yml 5 | - import_playbook : web_routetable.yml 6 | -------------------------------------------------------------------------------- /playbooks/security_group.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : web_sg.yml 3 | - import_playbook : app_sg.yml 4 | - import_playbook : db_sg.yml -------------------------------------------------------------------------------- /playbooks/subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : webserver1_subnet.yml 3 | - import_playbook : lb1_subnet.yml 4 | - import_playbook : webserver2_subnet.yml 5 | - import_playbook : lb2_subnet.yml 6 | - import_playbook : appserver1_subnet.yml 7 | - import_playbook : appserver2_subnet.yml 8 | - import_playbook : db1_subnet.yml 9 | - import_playbook : db2_subnet.yml -------------------------------------------------------------------------------- /playbooks/vgw.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "vgw_name" 5 | prompt: "Enter the name of the virtual private gateway" 6 | private: no 7 | 8 | tasks: 9 | - set_fact: 10 | vgw_name: "{{vgw_name}}" 11 | 12 | roles: 13 | - ../roles/vgw 14 | -------------------------------------------------------------------------------- /playbooks/vpc.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "cidr_block" 5 | prompt: "Enter the CIDR block you want" 6 | private: no 7 | - name: "vpc_name" 8 | prompt: "Enter the name of the VPC" 9 | private: no 10 | - name: "region" 11 | prompt: "Enter the region of the VPC" 12 | private: no 13 | - name: "tag_env" 14 | prompt: "Enter the environment tag" 15 | private: no 16 | tasks: 17 | - set_fact: 18 | cidr_block: "{{cidr_block}}" 19 | vpc_name: "{{vpc_name}}" 20 | region: "{{region}}" 21 | tag_env: "{{tag_env}}" 22 | roles: 23 | - ../roles/vpc 24 | 25 | -------------------------------------------------------------------------------- /playbooks/vpc_peering.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "connection_name" 5 | prompt: "Enter the name of the VPC peering connection" 6 | private: no 7 | - name: "peer_region" 8 | prompt: "Enter the region of the VPC peering connection" 9 | private: no 10 | - name: "peer_vpc_id" 11 | prompt: "Enter the VPC ID of the accepting VPC" 12 | private: no 13 | - name: "peer_owner_id" 14 | prompt: "Enter the AWS account number for cross account peering" 15 | private: no 16 | - name: "peer_profile" 17 | prompt: "Enter the AWS account number for cross account peering" 18 | private: no 19 | tasks: 20 | - set_fact: 21 | connection_name: "{{connection_name}}" 22 | peer_region: "{{peer_region}}" 23 | peer_vpc_id: "{{peer_vpc_id}}" 24 | peer_owner_id: "{{peer_owner_id}}" 25 | peer_profile: "{{peer_profile}}" 26 | roles: 27 | - ../roles/vpc_peering 28 | - ../roles/accept_vpc_peering 29 | -------------------------------------------------------------------------------- /playbooks/vpn_connection.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "vpn_name1" 5 | prompt: "Enter the name of the VPN" 6 | private: no 7 | 8 | tasks: 9 | - name: Creating VPN connection 10 | include_role: 11 | name: ../roles/vpn_connection 12 | vars: 13 | vpnname: "{{vpn_name1}}" 14 | -------------------------------------------------------------------------------- /playbooks/vpn_routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating routetable for VGW configuration 4 | vars_prompt: 5 | - name: "vgwrt_name1" 6 | prompt: "Enter the name of the routetable" 7 | private: no 8 | - name: "vgwdestination1" 9 | prompt: "Enter the destination of the routetable" 10 | private: no 11 | 12 | tasks: 13 | - name: Creating routetable for VGW configuration 14 | include_role: 15 | name: ../roles/vpn_routetable 16 | vars: 17 | vgwrtname: "{{vgwrt_name1}}" 18 | vgwdestination: "{{vgwdestination1}}" 19 | vgwsubnet1_id: "{{ vpc_info.web1_subnet.subnet.id }}" 20 | vgwsubnet2_id: "{{ vpc_info.web2_subnet.subnet.id }}" 21 | 22 | - name: Print output 23 | debug: 24 | var: vpc_info -------------------------------------------------------------------------------- /playbooks/web_routetable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating web routetable 4 | vars_prompt: 5 | - name: "rt3_name" 6 | prompt: "Enter the name of the routetable" 7 | private: no 8 | - name: "destination3" 9 | prompt: "Enter the destination of the routetable" 10 | private: no 11 | 12 | tasks: 13 | - name: Creating web routetable 14 | include_role: 15 | name: ../roles/routetable 16 | vars: 17 | rt_name: "{{rt3_name}}" 18 | destination: "{{destination3}}" 19 | subnet1_id: "{{ vpc_info.web1_subnet.subnet.id }}" 20 | subnet2_id: "{{ vpc_info.web2_subnet.subnet.id }}" 21 | gateway_id: "{{ new_nat_gateway.nat_gateway_id }}" 22 | - name: Print output 23 | debug: 24 | var: vpc_info 25 | -------------------------------------------------------------------------------- /playbooks/web_sg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | vars_prompt: 4 | - name: "wb_sg_name" 5 | prompt: "Enter the name of the security group for web layer" 6 | private: no 7 | - name: "wb_sg_desc" 8 | prompt: "Enter the description of the security group for web layer" 9 | private: no 10 | - name: "wb_sg_rule_desc" 11 | prompt: "Enter the rule description " 12 | private: no 13 | 14 | tasks: 15 | - set_fact: 16 | wb_sg_name: "{{wb_sg_name}}" 17 | wb_sg_desc: "{{wb_sg_desc}}" 18 | wb_sg_rule_desc: "{{wb_sg_rule_desc}}" 19 | 20 | roles: 21 | - ../roles/wb_security_group -------------------------------------------------------------------------------- /playbooks/webserver1_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating web server 1 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet1" 6 | prompt: "Enter the CIDR block you want for web server 1 subnet" 7 | private: no 8 | - name: "subnet_name1" 9 | prompt: "Enter the name of the web server 1 subnet" 10 | private: no 11 | - name: "subnet_env1" 12 | prompt: "Enter the environment tag of web server 1 subnet" 13 | private: no 14 | - name: "subnet_az1" 15 | prompt: "Enter the availability zone of web server 1 subnet" 16 | private: no 17 | 18 | tasks: 19 | - set_fact: 20 | vpc_info: {} 21 | - name: Creating web server 1 subnet 22 | include_role: 23 | name: ../roles/subnet 24 | vars: 25 | cidr_block: "{{ cidr_block_subnet1 }}" 26 | subnet_name: "{{ subnet_name1 }}" 27 | subnet_env: "{{ subnet_env1 }}" 28 | subnet_az: "{{ subnet_az1 }}" 29 | subnet_key: web1_subnet 30 | - name: Print output 31 | debug: 32 | var: vpc_info 33 | -------------------------------------------------------------------------------- /playbooks/webserver2_subnet.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: local 3 | name: Creating web server 2 subnet 4 | vars_prompt: 5 | - name: "cidr_block_subnet2" 6 | prompt: "Enter the CIDR block you want for web server 2 subnet" 7 | private: no 8 | - name: "subnet_name2" 9 | prompt: "Enter the name of the web server 2 subnet" 10 | private: no 11 | - name: "subnet_env2" 12 | prompt: "Enter the environment tag of web server 2 subnet" 13 | private: no 14 | - name: "subnet_az2" 15 | prompt: "Enter the availability zone of web server 2 subnet" 16 | private: no 17 | 18 | tasks: 19 | - name: Creating web server 2 subnet 20 | include_role: 21 | name: ../roles/subnet 22 | vars: 23 | cidr_block: "{{cidr_block_subnet2}}" 24 | subnet_name: "{{subnet_name2}}" 25 | subnet_env: "{{subnet_env2}}" 26 | subnet_az: "{{subnet_az2}}" 27 | subnet_key: web2_subnet 28 | - name: Print output 29 | debug: 30 | var: vpc_info 31 | -------------------------------------------------------------------------------- /playbooks/wordpress_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Refer this for documentation: https://blogs.tensult.com/2019/11/14/automating-wordpress-installation-using-ansible-on-multiple-nodes/ 3 | - name: Wordpress Installation 4 | hosts: Tensult-wordpressnodes 5 | become: yes 6 | vars: 7 | wp_mysql_db: wordpress 8 | wp_mysql_user: wp-admin 9 | wp_mysql_password: tensult 10 | wp_mysql_host: "{{ansible_default_ipv4.address}}" 11 | tasks: 12 | - name: LAMP installation 13 | yum: name={{ item }} state=present 14 | with_items: 15 | - httpd24 16 | - mysql-server 17 | - php56 18 | - php56-mysqlnd 19 | - MySQL-python27 20 | - name: Removing httpd welcome page from webserver 21 | file: 22 | path: "/etc/httpd/conf.d/welcome.conf" 23 | state: absent 24 | - name: Downloading wordpress to document root of remote nodes 25 | unarchive: 26 | src: http://www.wordpress.org/latest.tar.gz 27 | dest: /var/www/html/ 28 | remote_src: yes 29 | - name: Renaming sample wordpress configuration from webserver 30 | command: "mv /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php" 31 | - name: Update WordPress config file 32 | lineinfile: dest=/var/www/html/wordpress/wp-config.php regexp={{ item.regexp }} line={{ item.line }} 33 | with_items: 34 | - {'regexp': "define\\( 'DB_NAME', '(database_name_here)+' \\);", 'line': "define('DB_NAME', '{{wp_mysql_db}}');"} 35 | - {'regexp': "define\\( 'DB_USER', '(username_here)+' \\);", 'line': "define('DB_USER', '{{wp_mysql_user}}');"} 36 | - {'regexp': "define\\( 'DB_PASSWORD', '(password_here)+' \\);", 'line': "define('DB_PASSWORD', '{{wp_mysql_password}}');"} 37 | - {'regexp': "define\\( 'DB_HOST', '(localhost)+' \\);", 'line': "define('DB_HOST', '{{wp_mysql_host}}');"} 38 | - name: Update default Apache site 39 | lineinfile: 40 | dest=/etc/httpd/conf/httpd.conf 41 | line="DocumentRoot /var/www/html/wordpress" 42 | - name: Starting the mysqld service 43 | service: 44 | name: mysqld 45 | state: started 46 | - name: Creating database for wordpress 47 | mysql_db: 48 | name: "{{wp_mysql_db}}" 49 | state: present 50 | - name: Creating user for wordpress and allow all permissions to db wordpress 51 | mysql_user: 52 | name: "{{wp_mysql_user}}" 53 | password: "{{wp_mysql_password}}" 54 | host: '%' 55 | priv: '*.*:ALL' 56 | state: present 57 | - name: starting httpd and mysqld 58 | service: name={{ item }} state=restarted 59 | with_items: 60 | - httpd 61 | - mysqld 62 | ... 63 | -------------------------------------------------------------------------------- /roles/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tensult/ansible-automation/ca116bc1a27f963173cf3bba60adf4155b0c0754/roles/.DS_Store -------------------------------------------------------------------------------- /roles/accept_vpc_peering/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/accept_vpc_peering/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/accept_vpc_peering/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/accept_vpc_peering/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/accept_vpc_peering/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Accept peering connection 3 | ec2_vpc_peer: 4 | region: "{{peer_region}}" 5 | peering_id: "{{ vpc_peering.peering_id }}" 6 | profile: "{{peer_profile}}" 7 | state: accept 8 | register: action_peer -------------------------------------------------------------------------------- /roles/accept_vpc_peering/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/accept_vpc_peering/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/accept_vpc_peering/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet 3 | -------------------------------------------------------------------------------- /roles/app_lb/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/app_lb/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/app_lb/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/app_lb/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/app_lb/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating load balancer for web servers 3 | elb_application_lb: 4 | name: "{{lb_name}}" 5 | region: "{{region}}" 6 | security_groups: "{{web_sg.group_id}}" 7 | subnets: 8 | - "{{ vpc_info.lb1_subnet.subnet.id }}" 9 | - "{{ vpc_info.lb2_subnet.subnet.id }}" 10 | listeners: 11 | - Protocol: HTTP 12 | Port: 80 13 | DefaultActions: 14 | - Type: forward 15 | TargetGroupName: applbgroup 16 | state: present 17 | -------------------------------------------------------------------------------- /roles/app_lb/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/app_lb/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/app_lb/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/app_security_group/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/app_security_group/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/app_security_group/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/app_security_group/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/app_security_group/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating app security group 3 | ec2_group: 4 | name: "{{app_sg_name}}" 5 | tags: { "Name":"{{app_sg_name}}" } 6 | description: "{{app_sg_desc}}" 7 | vpc_id: "{{ vpc.vpc.id }}" 8 | region: "{{region}}" 9 | rules: 10 | - proto: "{{app_protocol}}" 11 | ports: 12 | - "{{app_port_no}}" 13 | cidr_ip: "{{app_source_cidr}}" 14 | rule_desc: "{{app_sg_rule_desc}}" 15 | -------------------------------------------------------------------------------- /roles/app_security_group/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/app_security_group/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/app_security_group/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet 3 | -------------------------------------------------------------------------------- /roles/cgw/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/cgw/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/cgw/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/cgw/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/cgw/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Creating Customer Gateway 4 | ec2_customer_gateway: 5 | state: present 6 | name: "{{cgw_name}}" 7 | region: "{{region}}" 8 | routing: static 9 | ip_address: "{{ip_add}}" 10 | 11 | register: cgw 12 | 13 | -------------------------------------------------------------------------------- /roles/cgw/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/cgw/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/cgw/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/db_security_group/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/db_security_group/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/db_security_group/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/db_security_group/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/db_security_group/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating DB security group 3 | ec2_group: 4 | name: "{{db_sg_name}}" 5 | tags: { "Name":"{{db_sg_name}}" } 6 | description: "{{db_sg_desc}}" 7 | vpc_id: "{{ vpc.vpc.id }}" 8 | region: "{{region}}" 9 | rules: 10 | - proto: "{{db_protocol}}" 11 | ports: 12 | - "{{db_port_no}}" 13 | cidr_ip: "{{db_source_cidr}}" 14 | rule_desc: "{{db_sg_rule_desc}}" 15 | 16 | -------------------------------------------------------------------------------- /roles/db_security_group/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/db_security_group/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/db_security_group/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet 3 | -------------------------------------------------------------------------------- /roles/ec2/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/ec2/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/ec2/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/ec2/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/ec2/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating {{instance_name}} EC2 instance 3 | ec2: 4 | region: "{{region}}" 5 | state: present 6 | key_name: "{{key_pair1}}" 7 | instance_tags: { "Name":"{{instance_name}}" } 8 | image: "{{ec2_image}}" 9 | instance_type: "{{ec2_type}}" 10 | group: "{{sg}}" 11 | vpc_subnet_id: "{{ec2_subnet_id}}" 12 | assign_public_ip: "{{public_ip}}" 13 | wait: true 14 | register: ec2_instance 15 | - set_fact: 16 | vpc_info: "{{ vpc_info | combine({ ec2_name: ec2_instance}) }}" -------------------------------------------------------------------------------- /roles/ec2/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/ec2/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/ec2/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/igw/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/igw/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/igw -------------------------------------------------------------------------------- /roles/igw/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/igw -------------------------------------------------------------------------------- /roles/igw/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/igw/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: creating internet gateway 3 | ec2_vpc_igw: 4 | region: "{{region}}" 5 | vpc_id: "{{ vpc.vpc.id }}" 6 | state: present 7 | tags: 8 | Name: "{{igw_name}}" 9 | register: igw -------------------------------------------------------------------------------- /roles/igw/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/igw/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/igw -------------------------------------------------------------------------------- /roles/igw/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/igw -------------------------------------------------------------------------------- /roles/nat/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/nat/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/nat -------------------------------------------------------------------------------- /roles/nat/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/nat -------------------------------------------------------------------------------- /roles/nat/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/nat/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create new NAT gateway 3 | ec2_vpc_nat_gateway: 4 | state: present 5 | subnet_id: "{{ vpc_info.lb1_subnet.subnet.id }}" 6 | wait: yes 7 | region: "{{region}}" 8 | if_exist_do_not_create: true 9 | register: new_nat_gateway -------------------------------------------------------------------------------- /roles/nat/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/nat/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/nat -------------------------------------------------------------------------------- /roles/nat/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/nat -------------------------------------------------------------------------------- /roles/rds/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/rds/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/rds/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/rds/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/rds/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating RDS instance 3 | rds: 4 | command: create 5 | instance_name: "{{db_name}}" 6 | db_engine: "{{db_instance}}" 7 | size: "{{db_size}}" 8 | region: "{{region}}" 9 | publicly_accessible: no 10 | instance_type: "{{instance_type}}" 11 | username: "{{user_name}}" 12 | password: "{{db_password}}" 13 | multi_zone: yes 14 | subnet: "{{group_name}}" 15 | 16 | tags: 17 | Environment: testing 18 | Application: cms 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /roles/rds/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/rds/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/rds/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/rds_subnet_group/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tensult/ansible-automation/ca116bc1a27f963173cf3bba60adf4155b0c0754/roles/rds_subnet_group/.DS_Store -------------------------------------------------------------------------------- /roles/rds_subnet_group/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/rds_subnet_group/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for vpc -------------------------------------------------------------------------------- /roles/rds_subnet_group/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for vpc -------------------------------------------------------------------------------- /roles/rds_subnet_group/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/rds_subnet_group/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating RDS Subnet groups 3 | rds_subnet_group: 4 | state: present 5 | name: "{{rds_group_name}}" 6 | description: "{{rds_group_description}}" 7 | region: "{{region}}" 8 | subnets: 9 | - "{{ vpc_info.db1_subnet.subnet.id }}" 10 | - "{{ vpc_info.db2_subnet.subnet.id }}" 11 | -------------------------------------------------------------------------------- /roles/rds_subnet_group/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/rds_subnet_group/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - vpc -------------------------------------------------------------------------------- /roles/rds_subnet_group/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for vpc -------------------------------------------------------------------------------- /roles/routetable/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/routetable/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/routetable -------------------------------------------------------------------------------- /roles/routetable/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/routetable -------------------------------------------------------------------------------- /roles/routetable/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/routetable/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating {{rt_name}} route table 3 | ec2_vpc_route_table: 4 | vpc_id: "{{ vpc.vpc.id }}" 5 | region: "{{region}}" 6 | tags: 7 | Name: "{{rt_name}}" 8 | subnets: 9 | - "{{ subnet1_id }}" 10 | - "{{ subnet2_id }}" 11 | routes: 12 | - dest: "{{destination}}" 13 | gateway_id: "{{ gateway_id }}" 14 | register: routetable_info 15 | - set_fact: 16 | vpc_info: "{{ vpc_info | combine({ rt_name: routetable_info}) }}" 17 | -------------------------------------------------------------------------------- /roles/routetable/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/routetable/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/routetable -------------------------------------------------------------------------------- /roles/routetable/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/routetable -------------------------------------------------------------------------------- /roles/subnet/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/subnet/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/subnet/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/subnet/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/subnet/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating {{subnet_name}} subnet 3 | ec2_vpc_subnet: 4 | state: present 5 | vpc_id: "{{ vpc.vpc.id }}" 6 | region: "{{region}}" 7 | az: "{{subnet_az}}" 8 | cidr: "{{cidr_block}}" 9 | resource_tags: 10 | Name: "{{subnet_name}}" 11 | Environment: "{{subnet_env}}" 12 | register: output 13 | - set_fact: 14 | vpc_info: "{{ vpc_info | combine({ subnet_key: output}) }}" 15 | 16 | -------------------------------------------------------------------------------- /roles/subnet/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/subnet/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/subnet/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/target_groups/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/target_groups/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/target_groups/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/target_groups/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/target_groups/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating target groups 3 | elb_target_group: 4 | name: applbgroup 5 | region: "{{region}}" 6 | protocol: http 7 | port: 80 8 | vpc_id: "{{ vpc.vpc.id }}" 9 | targets: 10 | - Id: "{{ vpc_info.webserver1.instance_ids[0]}}" 11 | Port: 80 12 | - Id: "{{ vpc_info.webserver2.instance_ids[0]}}" 13 | Port: 80 14 | state: present -------------------------------------------------------------------------------- /roles/target_groups/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/target_groups/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/target_groups/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/vgw/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/vgw/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/vgw/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/vgw/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/vgw/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Creating Virtual Private Gateway 4 | ec2_vpc_vgw: 5 | state: present 6 | region: "{{region}}" 7 | vpc_id: "{{ vpc.vpc.id }}" 8 | name: "{{vgw_name}}" 9 | type: ipsec.1 10 | register: vgw 11 | 12 | -------------------------------------------------------------------------------- /roles/vgw/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/vgw/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/vgw/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/vpc/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/vpc/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for vpc -------------------------------------------------------------------------------- /roles/vpc/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for vpc -------------------------------------------------------------------------------- /roles/vpc/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/vpc/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating VPC 3 | ec2_vpc_net: 4 | name: "{{vpc_name}}" 5 | region: "{{region}}" 6 | state: present 7 | cidr_block: "{{cidr_block}}" 8 | resource_tags: { "Environment":"{{tag_env}}" } 9 | register: vpc 10 | -------------------------------------------------------------------------------- /roles/vpc/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/vpc/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - vpc -------------------------------------------------------------------------------- /roles/vpc/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for vpc -------------------------------------------------------------------------------- /roles/vpc_peering/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/vpc_peering/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/vpc_peering/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/vpc_peering/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/vpc_peering/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create cross account VPC peering Connection 3 | ec2_vpc_peer: 4 | region: "{{region}}" 5 | vpc_id: "{{ vpc.vpc.id }}" 6 | peer_region: "{{peer_region}}" 7 | peer_vpc_id: "{{peer_vpc_id}}" 8 | peer_owner_id: "{{peer_owner_id}}" 9 | state: present 10 | tags: 11 | Name: "{{connection_name}}" 12 | register: vpc_peering -------------------------------------------------------------------------------- /roles/vpc_peering/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/vpc_peering/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/vpc_peering/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet 3 | -------------------------------------------------------------------------------- /roles/vpn_connection/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/vpn_connection/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/vpn_connection/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/vpn_connection/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/vpn_connection/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating Virtual Private Network connection 3 | ec2_vpc_vpn: 4 | state: present 5 | region: "{{region}}" 6 | vpn_gateway_id: "{{vgw.vgw.id}}" 7 | customer_gateway_id: "{{cgw.gateway.customer_gateway.customer_gateway_id}}" 8 | static_only: yes 9 | routes: 10 | - 0.0.0.0/0 11 | tags: 12 | Name: "{{vpnname}}" 13 | 14 | -------------------------------------------------------------------------------- /roles/vpn_connection/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/vpn_connection/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/vpn_connection/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet -------------------------------------------------------------------------------- /roles/vpn_routetable/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/vpn_routetable/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/routetable -------------------------------------------------------------------------------- /roles/vpn_routetable/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/routetable -------------------------------------------------------------------------------- /roles/vpn_routetable/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/vpn_routetable/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Set up route table 2 | ec2_vpc_route_table: 3 | vpc_id: "{{ vpc.vpc.id }}" 4 | region: "{{region}}" 5 | tags: 6 | Name: "{{vgwrtname}}" 7 | subnets: 8 | - "{{ vgwsubnet1_id }}" 9 | - "{{ vgwsubnet2_id }}" 10 | propagating_vgw_ids: "{{vgw.vgw.id}}" 11 | routes: 12 | - dest: "{{vgwdestination}}" 13 | gateway_id: "{{vgw.vgw.id}}" -------------------------------------------------------------------------------- /roles/vpn_routetable/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/vpn_routetable/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/routetable -------------------------------------------------------------------------------- /roles/vpn_routetable/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/routetable -------------------------------------------------------------------------------- /roles/wb_security_group/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/wb_security_group/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for roles/subnet -------------------------------------------------------------------------------- /roles/wb_security_group/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for roles/subnet -------------------------------------------------------------------------------- /roles/wb_security_group/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Some suggested licenses: 11 | # - BSD (default) 12 | # - MIT 13 | # - GPLv2 14 | # - GPLv3 15 | # - Apache 16 | # - CC-BY 17 | license: license (GPLv2, CC-BY, etc) 18 | 19 | min_ansible_version: 1.2 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # Optionally specify the branch Galaxy will use when accessing the GitHub 25 | # repo for this role. During role install, if no tags are available, 26 | # Galaxy will use this branch. During import Galaxy will access files on 27 | # this branch. If Travis integration is configured, only notifications for this 28 | # branch will be accepted. Otherwise, in all cases, the repo's default branch 29 | # (usually master) will be used. 30 | #github_branch: 31 | 32 | # 33 | # platforms is a list of platforms, and each platform has a name and a list of versions. 34 | # 35 | # platforms: 36 | # - name: Fedora 37 | # versions: 38 | # - all 39 | # - 25 40 | # - name: SomePlatform 41 | # versions: 42 | # - all 43 | # - 1.0 44 | # - 7 45 | # - 99.99 46 | 47 | galaxy_tags: [] 48 | # List tags for your role here, one per line. A tag is a keyword that describes 49 | # and categorizes the role. Users find roles by searching for tags. Be sure to 50 | # remove the '[]' above, if you add tags to this list. 51 | # 52 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 53 | # Maximum 20 tags per role. 54 | 55 | dependencies: [] 56 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 57 | # if you add dependencies to this list. -------------------------------------------------------------------------------- /roles/wb_security_group/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Creating web security group 3 | 4 | ec2_group: 5 | name: "{{wb_sg_name}}" 6 | tags: { "Name":"{{wb_sg_name}}" } 7 | description: "{{wb_sg_desc}}" 8 | vpc_id: "{{ vpc.vpc.id }}" 9 | region: "{{region}}" 10 | rules: 11 | - proto: TCP 12 | ports: 13 | - 80 14 | - 443 15 | cidr_ip: 0.0.0.0/0 16 | rule_desc: Allow HTTP and HTTPS 17 | register: web_sg 18 | -------------------------------------------------------------------------------- /roles/wb_security_group/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/wb_security_group/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - roles/subnet -------------------------------------------------------------------------------- /roles/wb_security_group/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for roles/subnet 3 | -------------------------------------------------------------------------------- /sample_input.txt: -------------------------------------------------------------------------------- 1 | 10.0.0.0/16 2 | testvpc 3 | ap-south-1 4 | test 5 | test 6 | 10.0.0.0/24 7 | websb1 8 | test 9 | ap-south-1a 10 | 10.0.1.0/24 11 | lbsb1 12 | test 13 | ap-south-1a 14 | 10.0.2.0/24 15 | websb2 16 | test 17 | ap-south-1b 18 | 10.0.3.0/24 19 | lbsb2 20 | test 21 | ap-south-1b 22 | 10.0.4.0/24 23 | appsb1 24 | test 25 | ap-south-1a 26 | 10.0.5.0/24 27 | appsb2 28 | test 29 | ap-south-1b 30 | 10.0.6.0/24 31 | dbsb1 32 | test 33 | ap-south-1a 34 | 10.0.7.0/24 35 | dbsb2 36 | test 37 | ap-south-1b 38 | apprt 39 | 0.0.0.0/0 40 | dbrt 41 | 0.0.0.0/0 42 | lbrt 43 | 0.0.0.0/0 44 | webrt 45 | 0.0.0.0/0 46 | rdssgtest 47 | test 48 | MySQL 49 | sqltest 50 | 18 51 | db.t2.micro 52 | #username 53 | #password 54 | rdssgtest 55 | websg 56 | test 57 | allow traffic 58 | appsg 59 | test 60 | allow traffic 61 | TCP 62 | 22 63 | 0.0.0.0/0 64 | dbsg 65 | test 66 | allow traffic 67 | TCP 68 | 22 69 | 0.0.0.0/0 70 | #enter_aws_key_name 71 | webserver1 72 | t2.micro 73 | websg 74 | no 75 | ami-7c87d913 76 | webserver2 77 | t2.micro 78 | websg 79 | no 80 | ami-7c87d913 81 | appserver1 82 | t2.micro 83 | appsg 84 | no 85 | ami-7c87d913 86 | appserver2 87 | t2.micro 88 | appsg 89 | no 90 | ami-7c87d913 91 | lbtest 92 | cgwtest 93 | 54.43.32.21 94 | vgwtest 95 | vpntest123 96 | vgwrt 97 | 0.0.0.0/0 98 | anisble_dms_peering 99 | #enter_region_of_VPC_peering 100 | #enter_VPC ID_of_accepter 101 | #enter_account_number_of_accepter 102 | -------------------------------------------------------------------------------- /vpc_peering.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : playbooks/vpc_peering.yml 3 | 4 | 5 | -------------------------------------------------------------------------------- /vpn_setup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook : playbooks/cgw.yml 3 | - import_playbook : playbooks/vgw.yml 4 | - import_playbook : playbooks/vpn_connection.yml 5 | - import_playbook : playbooks/vpn_routetable.yml 6 | --------------------------------------------------------------------------------