Ansible - Test playbook

1. - hosts: testservers
2.   tasks:
4.     - name: Installing VM Ware Tools
5.       yum: name=open-vm-tools state=present
6.       when: ansible_distribution == "CentOS"
7.  
8.     - name: Installing VM Ware Tools Suse
9.       zypper: name=https://packages.vmware.com/tools/esx/latest/repos/vmware-tools-repo-SLES{{ ansible_distribution_major_version }}.{{ ansible_distribution_release }}-latest.sles{{ ansible_distribution_major_version }}.{{ ansible_architecture }}.rpm
10.       when: ansible_os_family == "Suse"
11.  
12.     - name: VM Ware tools
13.       service: name=vmtoolsd.service state=restarted enabled=yes
14.      # when: ansible_distribution == "CentOS" and ansible_virtualization_type =="VMware"
15.  
16. - hosts: testservers
17.   vars:
18.     db_name: wordpress
19.     db_user: wpuser
20.     db_password: P@ssw0rd
21.  
22.   tasks:
24.   #### SYSTEM UPDATE ####
25.  
26.   # CentOS #
27.  
28.   - name: System Update CentOS
29.     yum: name=* state=latest
30.     when: ansible_distribution == "CentOS"
31.  
32.   - name: Disable SELinux CentOS
33.     selinux: state=disabled
34.     when: ansible_distribution == "CentOS"
35.  
36.   - name: Installing epel-rep CentOS
37.     yum: pkg=epel-release state=latest
38.     when: ansible_distribution == "CentOS"
39.  
40.   # SUSE #
41.  
42.   - name: System Update Suse
43.     zypper: name=* state=latest
44.     when: ansible_os_family == "Suse"
45.  
46.   - name: Apply all patches Suse
47.     zypper: name=* state=latest type=patch
48.     when: ansible_os_family == "Suse"
49.  
50.   # ALL OS #
51.  
52.   - name: Reboot server
53.     shell: sleep 3 && /sbin/shutdown -r "Ansible system reboot"
54. #    async: 1
55.     poll: 0
56.  
57.   - name: Waiting for SSH connection
58.     local_action: wait_for host={{ inventory_hostname }} port=22 delay=20 connect_timeout=200
59.     become: false
60.     delegate_to: localhost
61.  
62. #### Software Installation ####
63.  
64.   - name: Installation Utils CentOS
65.     yum: pkg={{ item }}
66.     with_items:
67.      - wget
68.       - mc
69.       - nano
70.     when: ansible_distribution == "CentOS"
71.  
72.   - name: Installation Utils Suse
73.     zypper: pkg={{ item }}
74.     with_items:
75.      - wget
76.       - mc
77.     when: ansible_os_family == "Suse"
78.  
79. #### APACHE ####
80.  
81. # CentOS #
82.  
83.   - name: Installation Apache Suse
84.     yum: pkg=httpd state=present
85.     when: ansible_distribution == "CentOS"
86.  
87.   - name: Enable Apache on System Boot CentOS
88.     service: name=httpd enabled=yes
89.     when: ansible_distribution == "CentOS"
90.  
91. # Suse #
92.  
93.   - name: Installation Apache Suse
94.     zypper: name=apache2 state=latest
95.     when: ansible_os_family == "Suse"
96.  
97.   - name: Enable Apache on System Boot Suse
98.     service: name=apache2 enabled=yes
99.     when: ansible_os_family == "Suse"
100.  
101. #### PHP ####
102.  
103. # CentOS #
104.  
105.   - name: Installation PHP mods CentOS
106.     yum: pkg={{ item }} state=present
107.     with_items:
108.     - php
109.      - php-gd
110.      - php-mysql
111.      - php-devel
112.     when: ansible_distribution == "CentOS"
113.  
114. # Suse #
115.    
116.   - name: Installation PHP mods Suse
117.     zypper: pkg={{ item }} state=present
118.     with_items:
119.     - php
120.      - php-mysql
121.      - php-gd
122.     when: ansible_os_family == "Suse"
123.  
124. #### MariaDB - CentOS ####
125.  
126.  
127.   - name: Installation MariaDB CentOS
128.     yum: pkg=mariadb-server state=present
129.     when: ansible_distribution == "CentOS"
130.  
131.   - name: Enable MariaDB on System Boot CentOS
132.     service: name=mariadb enabled=yes
133.     when: ansible_distribution == "CentOS"
134.  
135.   - name: Installation Pyton Mysql module CentOS
136.     yum: pkg=MySQL-python state=present
137.     when: ansible_distribution == "CentOS"
138.  
139. #### MySQL - Suse ####
140.  
141.   - name: Installation MySQL server Suse
142.     zypper: pkg=mysql state=present
143.     when: ansible_os_family == "Suse"
144.  
145.   - name: Installation MySQL client Suse
146.     zypper: pkg=mysql-client state=present
147.     when: ansible_os_family == "Suse"
148.  
149.   - name: Enable MySQL server on System Boot Suse
150.     service: name=mysql enabled=yes
151.     when: ansible_os_family == "Suse"
152.  
153.   - name: Install Phyton-MySQL module Suse
154.     zypper: pkg=python-mysql state=present
155.     when: ansible_os_family == "Suse"
156.  
157. #### phpMyAdmin ####
158.  
159. # CentOS #
160.  
161.   - name: Installation phpMyAdmin
162.     yum: pkg=phpMyAdmin state=present
163.     when: ansible_distribution == "CentOS"
164.  
165. # Suse #
166.  
167. #  - name: Installation phpMyAdmin Suse
168. #    zypper: pkg=phpMyAdmin
169. #    when: ansible_os_family == "Suse"  
170.  
171. #### Starting services ####
172.  
173. # CentOS #
174.  
175.   - name: Service Mariadb start CentOS
176.     service: name=mariadb state=started
177.     when: ansible_distribution == "CentOS"
178.  
179.   - name: Service Apache start CentOS
180.     service: name=httpd state=started
181.     when: ansible_distribution == "CentOS"
182.  
183. # Suse #
184.  
185.   - name: Service MySQL start Suse
186.     service: name=mysql state=started
187.     when: ansible_os_family == "Suse"
188.  
189.   - name: Service Apache start Suse
190.     service: name=apache2 state=started
191.     when: ansible_os_family == "Suse"
192.  
193. #### Configuring MariaDB and SQL !!! ALL OS !!! ####
194.  
195.   - name: Set root Password
196.     mysql_user: user=root password=P@ssw0rd host=localhost
197.     #when: ansible_distribution == "CentOS"
198.  
199.   - name: Create MySQL database
200.     mysql_db: name={{ db_name }} login_user=root login_password=P@ssw0rd state=present
201.     #when: ansible_distribution == "CentOS"
202.  
203.   - name: Create MySQL user
204.     mysql_user: login_user=root login_password=P@ssw0rd name={{ db_user }} password={{ db_password }} priv=*.*:ALL
205.     #when: ansible_distribution == "CentOS"
206.  
207. #### WordPress ####
208.  
209. # ALL OS #
210.  
211.   - name: Download LAST version WordPress
212.     get_url: url=https://wordpress.org/latest.tar.gz dest=/tmp/wordpress.tar.gz validate_certs=no
213.     #when: ansible_distribution == "CentOS"
214.  
215. # CentOS #
216.  
217.   - name: Extract WordPress CentOS
218.     unarchive: src=/tmp/wordpress.tar.gz dest=/var/www/html copy=no
219.     when: ansible_distribution == "CentOS"
220.  
221. # Suse #
222.  
223.   - name: Extract WordPress Suse
224.     unarchive: src=/tmp/wordpress.tar.gz dest=/srv/www/htdocs copy=no
225.     when: ansible_os_family == "Suse"
226.  
227. #### WordPress Config ####
228.  
229. # CentOS #  
230.  
231.   - name: Create WordPress config file CentOS
232.     command: mv /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php creates=/var/www/html/wordpress/wp-config.php
233.     when: ansible_distribution == "CentOS"
234.  
235.   - name: Update WordPress config file CentOS
236.     lineinfile:
237.      dest=/var/www/html/wordpress/wp-config.php
238.       regexp="{{ item.regexp }}"
239.       line="{{ item.line }}"
240.     with_items:
241.       - {'regexp': "define\\('DB_NAME', '(.)+'\\);", 'line': "define('DB_NAME', '{{ db_name }}');"}
242.       - {'regexp': "define\\('DB_USER', '(.)+'\\);", 'line': "define('DB_USER', '{{ db_user }}');"}
243.       - {'regexp': "define\\('DB_PASSWORD'. '(.)+'\\);", 'line': "define('DB_PASSWORD', '{{ db_password }}');"}
244.     when: ansible_distribution == "CentOS"
245.  
246. # Suse #
247.  
248.   - name: Create WordPress config file Suse
249.     command: mv /srv/www/htdocs/wordpress/wp-config-sample.php /srv/www/htdocs/wordpress/wp-config.php creates=/var/www/html/wordpress/wp-config.php
250.     when: ansible_os_family == "Suse"
251.  
252.   - name: Update WordPress config file Suse
253.     lineinfile:
254.      dest=/srv/www/htdocs/wordpress/wp-config.php
255.       regexp="{{ item.regexp }}"
256.       line="{{ item.line }}"
257.     with_items:
258.       - {'regexp': "define\\('DB_NAME', '(.)+'\\);", 'line': "define('DB_NAME', '{{ db_name }}');"}
259.       - {'regexp': "define\\('DB_USER', '(.)+'\\);", 'line': "define('DB_USER', '{{ db_user }}');"}
260.       - {'regexp': "define\\('DB_PASSWORD'. '(.)+'\\);", 'line': "define('DB_PASSWORD', '{{ db_password }}');"}
261.     when: ansible_os_family == "Suse"
262.  
263. #### Firewall Config ####
264.  
265. # CentOS #
266.  
267.   - name: Add HTTP service CentOS
268.     command: firewall-cmd --add-service=http --permanent
269.     when: ansible_distribution == "CentOS"
270.  
271.   - name: Add HTTPs service CentOS
272.     command: firewall-cmd --add-service=https --permanent
273.     when: ansible_distribution == "CentOS"
274.  
275.   - name: Add MySQL service CentOS
276.     command: firewall-cmd --add-port=3306/tcp --permanent
277.     when: ansible_distribution == "CentOS"
278.  
279.   - name: Restarting firewall CentOS
280.     command: firewall-cmd --reload
281.     when: ansible_distribution == "CentOS"
282.  
283. # Suse #
284.  
285.   - name: Add HTTP service Suse
286.     lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_CONFIGURATIONS_EXT="apache2"' create="yes"
287.     when: ansible_os_family == "Suse"
288.  
289.   - name: Add SSH servcie Suse
290.     lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_SERVICES_EXT_TCP="ssh"' create="yes"
291.     when: ansible_os_family == "Suse"
292.  
293.   - name: Add MySQL servcie Suse
294.     lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_SERVICES_EXT_TCP="3306"' create="yes"
295.     when: ansible_os_family == "Suse"
296.  
297.   - name: Allow ping Suse
298.     lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_ALLOW_PING_FW="yes"' create="yes"
299.     when: ansible_os_family == "Suse"
300.  
301.   - name: Reload init Firewall settings Suse
302.     command: /etc/init.d/SuSEfirewall2_init restart
303.     when: ansible_os_family == "Suse"
304.  
305.   - name: Reload init Firewall settings Suse
306.     command: /etc/init.d/SuSEfirewall2_init restart
307.     when: ansible_os_family == "Suse"
308.  
309. #### Services ####
310.  
311. # CentOS #
312.  
313.   - name: MariaDB restart CentOS
314.     service: name=mariadb state=restarted
315.     when: ansible_distribution == "CentOS"
316.  
317.   - name: Apache restart CentOS
318.     service: name=httpd state=restarted
319.     when: ansible_distribution == "CentOS"
320.  
321. # Suse #
322.  
323.   - name: MySQL restart Suse
324.     service: name=mysql state=restarted
325.     when: ansible_distribution == "Suse"
326.  
327.   - name: Apache restart Suse
328.     service: name=apache2 state=restarted
329.     when: ansible_distribution == "Suse"
330.  
331. - hosts: testservers
332.   vars:
333.     vmwaretools_tools_version: latest
334.     vmwaretools_yum_server: https://packages.vmware.com
335.     vmwaretools_yum_path: /tools
336.     vmwaretools_repo_version: latest
337.   tasks:
339.   - name: Downloading file
340.     get_url: url={{ vmwaretools_yum_server }}{{ vmwaretools_yum_path }}/esx/{{ vmwaretools_tools_version }}/repos/vmware-tools-repo-SELS{{ ansible_distribution_major_version }}.{{ ansible_distribution_release }}-{{ vmwaretools_repo_version }}.sles{{ ansible_distribution_major_version }}.{{ ansible_architecture }}.rpm dest=/tmp/vmtools.rpm validate_certs=no
341.     when: ansible_os_family == "Suse" and ansible_distribution_major_version|int == 11
342.  
343. - hosts: testservers
344.   tasks:
346. ##### Firewall config #####
347.  
348. ## CentOS ##
349.  
350.    - name: Allow HTTP  CentOS
351.      command: firewall-cmd --add-service=http --permanent
352.      when: ansible_distribution == "CentOS"
353.  
354.    - name: Allow HTTPs  CentOS
355.      command: firewall-cmd --add-service=https --permanent
356.      when: ansible_distribution == "CentOS"
357.    
358.    - name: Allow SQL  CentOS
359.      command: firewall-cmd  --add-port=3306/tcp --permanent
360.      when: ansible_distribution == "CentOS"
361.  
362. ## SUSE ##
363.  
364.    - name: Allow HTTP  SUSE
365.      lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_CONFIGURATIONS_EXT="apache2"' create=yes
366.      when: ansible_os_family == "Suse"
367.  
368.    - name: Allow SSH  SUSE
369.      lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_SERVICES_EXT_TCP="ssh"' create=yes
370.      when: ansible_os_family == "Suse"
371.  
372.    - name: Allow PING  SUSE
373.      lineinfile: dest=/etc/sysconfig/SuSEfirewall2 line='FW_ALLOW_PING_FW="yes"' create=yes
374.      when: ansible_os_family == "Suse"
375.  
376. ###### Firewall restart ######
377.  
378.    - name: Reload firewall service  CentOS
379.      command: firewall-cmd --reload
380.      when: ansible_distribution == "CentOS"
381.  
382.    - name: Reload init firewall service  SUSE
383.      command: /etc/init.d/SuSEfirewall2_init restart
384.      when: ansible_os_family == "Suse"
385.  
386.    - name: Reload setup firewall service  SUSE
387.      command: /etc/init.d/SuSEfirewall2_setup restart
388.      when: ansible_os_family == "Suse"