Advertisement
D0cEvil

Ansible - Test Playbook 2

Dec 27th, 2022
100
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 2.73 KB | Software | 0 0
  1. - hosts: testservers
  2.   tasks:
  3.     #### System Update ####
  4.  
  5.     ## CentOS ##
  6.  
  7.     - name: System Update CentOS
  8.       yum: name=* state=latest
  9.       when: ansible_distribution == "CentOS"
  10.  
  11.     - name: Disable SELinux
  12.       selinux: state=disabled
  13.       when: ansible_distribution == "CentOS"
  14.  
  15.  
  16.     ## SUSE ##
  17.  
  18.     - name: System Update SUSE
  19.       zypper: name=* state=latest
  20.       when: ansible_os_family == "Suse"
  21.  
  22.     - name: Apply ALL patches SUSE
  23.       zypper: name=* state=latest type=patch
  24.       when: ansible_os_family == "Suse"
  25.  
  26.     ## ALL OS ##
  27.  
  28.     - name: Reboot server
  29.       shell: sleep 3 && /sbin/shutdown -r now "Ansible system reboot"
  30.       async: 1 #ansible-playbook this_file.yml --check не отработает! закомментить при тесте!#
  31.       poll: 0
  32.  
  33.     - name: Wait for hosts sshd
  34.       local_action: wait_for host={{ inventory_hostname }} port=22 delay=20 connect_timeout=200
  35.       become: false
  36.       delegate_to: localhost
  37.  
  38.     #### Software installation ####
  39.  
  40.     ## Apache CentOS ##
  41.  
  42.     - name: Install Apache CentOS
  43.       yum: pkg=httpd state=latest
  44.       when: ansible_distribution == "CentOS"
  45.  
  46.     - name: Enable Apache on System Boot CentOS
  47.       service: name=httpd enabled=yes
  48.       when: ansible_distribution == "CentOS"
  49.  
  50.     - name: Starting service Apache CentOS
  51.       service: name=httpd state=started
  52.       when: ansible_distribution == "CentOS"
  53.  
  54.     ## Apache SUSE ##
  55.  
  56.     - name: Install Apache SUSE
  57.       zypper: name=apache2 state=latest
  58.       when: ansible_os_family == "Suse"
  59.  
  60.     - name: Enable Apache on System Boot SUSE
  61.       service: name=apache2 enabled=yes
  62.       when: ansible_os_family == "Suse"
  63.  
  64.     #### Firewall config ####
  65.  
  66.     ## CentOS ##
  67.  
  68.     - name: Allow HTTP CentOS
  69.       command: firewall-cmd --add-service=http --permanent
  70.       when: ansible_distribution == "CentOS"
  71.  
  72.     - name: Allow HTTPs CentOS
  73.       command: firewall-cmd --add-service=https --permanent
  74.       when: ansible_distribution == "CentOS"
  75.  
  76.     ## SUSE ##
  77.  
  78.     - name: Allow SSH SUSE
  79.       command: iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  80.       when: ansible_os_family == "Suse"
  81.  
  82.     - name: Allow HTTP SUSE
  83.       command: iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  84.       when: ansible_os_family == "Suse"
  85.  
  86.     - name: Allow HTTPs SUSE
  87.       command: iptables -A INPUT -p tcp --dport 443 -j ACCEPT
  88.       when: ansible_os_family == "Suse"
  89.  
  90.     #### Firewall reboot ####
  91.  
  92.     - name: Reload Firewall settings CentOS
  93.       command: firewall-cmd --reload
  94.       when: ansible_distribution == "CentOS"
  95.  
  96. #    - name: Reload Firewall settings SUSE
  97. #      command: /etc/init.d/SuSEfirewall2_init restart
  98. #      when: ansible_os_family == "Suse"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement