Ansible/Playbooks
From charlesreid1
Playbook Example: Secure Nginx Server
This page walks through a procedure resulting in the following files:
playbooks/ansible.cfg
playbooks/hosts
playbooks/Vagrantfile
playbooks/web-notls.yml
playbooks/web-tls.yml
playbooks/files/nginx.key
playbooks/files/nginx.crt
playbooks/files/nginx.conf
playbooks/templates/index.html.j2
playbooks/templates/nginx.conf.j2
Port configuration (Vagrantfile)
We want to arrange the Vagrant machine so that we map the local port 8080 to the vagrant machine's port 80, and map the local port 8443 to the vagrant machine's port 443.
The Vagrantfile should be modified as follows:
VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.box = "ubuntu/xenial64" config.vm.network "forwarded_port", guest: 80, host: 8080 config.vm.network "forwarded_port", guest: 443, host: 8443 end
Now instruct vagrant to reload from the Vagrantfile:
$ vagrant reload
==> default: Forwarding ports...
default: 80 => 8080 (adapter 1)
default: 443 => 8443 (adapter 1)
default: 22 => 2222 (adapter 1)
Simple playbook
Here is a simple playbook for our secure nginx server:
web-notls.yml:
- name: Configure webserver with nginx
hosts: webservers
become: True
tasks:
- name: install nginx
apt: name=nginx update_cache=yes
- name: copy nginx config file
copy: src=files/nginx.conf dest=/etc/nginx/sites-available/default
- name: enable configuration
file: >
dest=/etc/nginx/sites-enabled/default
src=/etc/nginx/sites-available/default
state=link
- name: copy index.html
template: src=templates/index.html.j2 dest=/usr/share/nginx/html/index.html
mode=0644
- name: restart nginx
service: name=nginx state=restarted
YAML truthy: true, True, TRUE, yes, Yes, YES, on, On, ON, y, Y
YAML falsey: false, False, FALSE, no, No, NO, off, Off, OFF, n, N