From 64462c434e700b93f4dbadb40fe637fa2b1e2791 Mon Sep 17 00:00:00 2001 From: fdavis Date: Thu, 20 Jun 2013 17:25:44 -0700 Subject: [PATCH] setting up ansible infra, add-ssh-key playbook --- README | 2 +- TODO | 4 + ansible.cfg | 161 ++++++++++++++++++++++++++++++++++++++ django.yml | 6 ++ group_vars/django-servers | 2 + host_vars/ubuntu-server | 2 + playbooks/add-ssh-key.yml | 6 ++ production | 2 + 8 files changed, 184 insertions(+), 1 deletion(-) create mode 100644 TODO create mode 100644 ansible.cfg create mode 100644 django.yml create mode 100644 group_vars/django-servers create mode 100644 host_vars/ubuntu-server create mode 100644 playbooks/add-ssh-key.yml create mode 100644 production diff --git a/README b/README index 92d0781..52665db 100644 --- a/README +++ b/README @@ -1 +1 @@ -This is an experiement provisioning Django on Ubuntu 12.04 LTS +This is an experiement provisioning Django 1.5.1 on Ubuntu 12.04 LTS diff --git a/TODO b/TODO new file mode 100644 index 0000000..079aef7 --- /dev/null +++ b/TODO @@ -0,0 +1,4 @@ +setup other account for machines to use READ ONLY +snapshot VBox +playbook to get django hello world setup + diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..4e2f4e9 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,161 @@ +# config file for ansible -- http://ansible.github.com +# nearly all parameters can be overridden in ansible-playbook or with command line flags +# ansible will read ~/.ansible.cfg or /etc/ansible/ansible.cfg, whichever it finds first + +[defaults] + +# location of inventory file, eliminates need to specify -i + +hostfile = ./production + +# location of ansible library, eliminates need to specify --module-path + +library = /usr/share/ansible + +# default module name used in /usr/bin/ansible when -m is not specified + +module_name = command + +# location for ansible log file. If set, will store output from ansible +# and ansible-playbook. If enabling, you may wish to configure +# logrotate. + +#log_path = /var/log/ansible.log + +# home directory where temp files are stored on remote systems. Should +# almost always contain $HOME or be a directory writeable by all users + +remote_tmp = $HOME/.ansible/tmp + +# the default pattern for ansible-playbooks ("hosts:") + +pattern = * + +# the default number of forks (parallelism) to be used. Usually you +# can crank this up. + +forks=5 + +# the timeout used by various connection types. Usually this corresponds +# to an SSH timeout + +timeout=10 + +# when using --poll or "poll:" in an ansible playbook, and not specifying +# an explicit poll interval, use this interval + +poll_interval=15 + +# when specifying --sudo to /usr/bin/ansible or "sudo:" in a playbook, +# and not specifying "--sudo-user" or "sudo_user" respectively, sudo +# to this user account + +sudo_user=root + +# the following forces ansible to always ask for the sudo password (instead of having +# to add -K to the commandline). Or you can use the environment variable (ANSIBLE_ASK_SUDO_PASS) + +#ask_sudo_pass=True + +# the following forces ansible to always ask for the ssh-password (-k) +# can also be set by the environment variable ANSIBLE_ASK_PASS + +#ask_pass=True + +# connection to use when -c is not specified + +transport=paramiko + +# remote SSH port to be used when --port or "port:" or an equivalent inventory +# variable is not specified. + +remote_port=22 + +# if set, always run /usr/bin/ansible commands as this user, and assume this value +# if "user:" is not set in a playbook. If not set, use the current Unix user +# as the default + +#remote_user=root + +# the default sudo executable. If a sudo alternative with a sudo-compatible interface +# is used, specify its executable name as the default + +sudo_exe=sudo + +# the default flags passed to sudo +# sudo_flags=-H + +# all commands executed under sudo are passed as arguments to a shell command +# This shell command defaults to /bin/sh +# Changing this helps the situation where a user is only allowed to run +# e.g. /bin/bash with sudo privileges + +# executable = /bin/sh + +# how to handle hash defined in several places +# hash can be merged, or replaced +# if you use replace, and have multiple hashes named 'x', the last defined +# will override the previously defined one +# if you use merge here, hash will cumulate their keys, but keys will still +# override each other +# replace is the default value, and is how ansible always handled hash variables +# +# hash_behaviour=replace + +# How to handle variable replacement - as of 1.2, Jinja2 variable syntax is +# preferred, but we still support the old $variable replacement too. +# If you change legacy_playbook_variables to no then Ansible will no longer +# try to do replacement on $variable style variables. +# +# legacy_playbook_variables=yes + +# if you need to use jinja2 extensions, you can list them here +# use a coma to separate extensions, e.g. : +# jinja2_extensions=jinja2.ext.do,jinja2.ext.i18n +# no extensions are loaded by default + +#jinja2_extensions= + +# if set, always use this private key file for authentication, same as if passing +# --private-key to ansible or ansible-playbook + +#private_key_file=/path/to/file + +# format of string $ansible_managed available within Jinja2 templates, replacing +# {file}, {host} and {uid} with template filename, host and owner respectively. +# The resulting string is passed through strftime(3) so it may contain any +# time-formatting specifiers. +# +# Example: ansible_managed = DONT TOUCH {file}: call {uid} at {host} for changes +ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host} + +# additional plugin paths for non-core plugins + +action_plugins = /usr/share/ansible_plugins/action_plugins +callback_plugins = /usr/share/ansible_plugins/callback_plugins +connection_plugins = /usr/share/ansible_plugins/connection_plugins +lookup_plugins = /usr/share/ansible_plugins/lookup_plugins +vars_plugins = /usr/share/ansible_plugins/vars_plugins +filter_plugins = /usr/share/ansible_plugins/filter_plugins + +# set to 1 if you don't want cowsay support. Alternatively, set ANSIBLE_NOCOWS=1 +# in your environment +# nocows = 1 + +[paramiko_connection] + +# nothing to configure yet + +[ssh_connection] + +# if uncommented, sets the ansible ssh arguments to the following. Leaving off ControlPersist +# will result in poor performance, so use transport=paramiko on older platforms rather than +# removing it + +ssh_args=-o ControlMaster=auto -o ControlPersist=60s -o ControlPath=/tmp/ansible-ssh-%h-%p-%r + +# the following makes ansible use scp if the connection type is ssh (default is sftp) + +#scp_if_ssh=True + + diff --git a/django.yml b/django.yml new file mode 100644 index 0000000..7da6365 --- /dev/null +++ b/django.yml @@ -0,0 +1,6 @@ +--- +- hosts: django-servers + roles: + - role: django + tags: + - django diff --git a/group_vars/django-servers b/group_vars/django-servers new file mode 100644 index 0000000..4484965 --- /dev/null +++ b/group_vars/django-servers @@ -0,0 +1,2 @@ +--- +place_holder: data diff --git a/host_vars/ubuntu-server b/host_vars/ubuntu-server new file mode 100644 index 0000000..4484965 --- /dev/null +++ b/host_vars/ubuntu-server @@ -0,0 +1,2 @@ +--- +place_holder: data diff --git a/playbooks/add-ssh-key.yml b/playbooks/add-ssh-key.yml new file mode 100644 index 0000000..b68f400 --- /dev/null +++ b/playbooks/add-ssh-key.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + + tasks: + - name: add ssh key + authorized_key: user=fdavis key='$FILE(/home/fdavis/.ssh/id_rsa.pub)' state=present diff --git a/production b/production new file mode 100644 index 0000000..c94a01d --- /dev/null +++ b/production @@ -0,0 +1,2 @@ +[django-servers] +ubuntu-server ansible_ssh_port=2222 ansible_ssh_host=127.0.0.1