From 570e069ded7ec4bc1695e2cd6fffa217e3a8c171 Mon Sep 17 00:00:00 2001 From: Madars Batraks Date: Tue, 2 Sep 2025 10:55:09 +0300 Subject: [PATCH] Initial commit --- inventory.yml | 4 ++ main.yml | 13 +++++ .../files/etc/nginx/sites-available/default | 15 ++++++ .../common/files/etc/rsyslog.d/20-remote.conf | 1 + roles/common/handlers/main.yml | 14 ++++++ roles/common/tasks/ldap.yml | 0 roles/common/tasks/main.yml | 26 ++++++++++ roles/common/tasks/syslog.yml | 13 +++++ roles/common/tasks/webserver.yml | 48 +++++++++++++++++++ roles/common/templates/etc/hosts | 7 +++ .../templates/var/www/default/index.html | 9 ++++ 11 files changed, 150 insertions(+) create mode 100755 inventory.yml create mode 100755 main.yml create mode 100755 roles/common/files/etc/nginx/sites-available/default create mode 100755 roles/common/files/etc/rsyslog.d/20-remote.conf create mode 100755 roles/common/handlers/main.yml create mode 100755 roles/common/tasks/ldap.yml create mode 100755 roles/common/tasks/main.yml create mode 100755 roles/common/tasks/syslog.yml create mode 100755 roles/common/tasks/webserver.yml create mode 100755 roles/common/templates/etc/hosts create mode 100755 roles/common/templates/var/www/default/index.html diff --git a/inventory.yml b/inventory.yml new file mode 100755 index 0000000..be38ba7 --- /dev/null +++ b/inventory.yml @@ -0,0 +1,4 @@ +ungrouped: + hosts: + ansible-test: + ansible_host: 192.168.102.4 diff --git a/main.yml b/main.yml new file mode 100755 index 0000000..c7f03c9 --- /dev/null +++ b/main.yml @@ -0,0 +1,13 @@ +- name: run common tasks + hosts: all + become: true + become_user: root + gather_facts: true + roles: + - common + + #- name: run host-specific tasks + # hosts: all + # become: true + # become_user: root + # roles: "{{inventory_hostname}}" diff --git a/roles/common/files/etc/nginx/sites-available/default b/roles/common/files/etc/nginx/sites-available/default new file mode 100755 index 0000000..4690537 --- /dev/null +++ b/roles/common/files/etc/nginx/sites-available/default @@ -0,0 +1,15 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + # SSL configuration + listen 443 ssl default_server; + listen [::]:443 ssl default_server; + include snippets/snakeoil.conf; + + root /var/www/default; + index index.html; + server_name _; + location / { + try_files $uri $uri/ =404; + } +} diff --git a/roles/common/files/etc/rsyslog.d/20-remote.conf b/roles/common/files/etc/rsyslog.d/20-remote.conf new file mode 100755 index 0000000..f72ee55 --- /dev/null +++ b/roles/common/files/etc/rsyslog.d/20-remote.conf @@ -0,0 +1 @@ +# dummy file (man nav syslog servera) diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml new file mode 100755 index 0000000..c2b7647 --- /dev/null +++ b/roles/common/handlers/main.yml @@ -0,0 +1,14 @@ +- name: Restart rsyslog + systemd_service: + name: rsyslog + state: restarted + +- name: Reload nginx + systemd_service: + name: nginx + state: reloaded + +- name: Restart nginx + systemd_service: + name: nginx + state: restarted diff --git a/roles/common/tasks/ldap.yml b/roles/common/tasks/ldap.yml new file mode 100755 index 0000000..e69de29 diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100755 index 0000000..25232d7 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,26 @@ +- name: Install basic packages + ansible.builtin.package: + name: + - neovim + - htop + - git + - curl + state: present + +- name: Set a hostname + ansible.builtin.hostname: + name: "{{inventory_hostname}}" + +- name: Set default hosts file + ansible.builtin.template: + src: etc/hosts + dest: /etc/hosts + owner: root + group: root + mode: 0644 + +- name: Import syslog.yml + import_tasks: syslog.yml + +- name: Import webserver.yml + import_tasks: webserver.yml diff --git a/roles/common/tasks/syslog.yml b/roles/common/tasks/syslog.yml new file mode 100755 index 0000000..52267fe --- /dev/null +++ b/roles/common/tasks/syslog.yml @@ -0,0 +1,13 @@ +- name: Install rsyslog + ansible.builtin.package: + name: rsyslog + state: present + +- name: Copy rsyslog config + ansible.builtin.copy: + src: etc/rsyslog.d/20-remote.conf + dest: /etc/rsyslog.d/20-remote.conf + owner: root + group: root + mode: 0644 + notify: Restart rsyslog diff --git a/roles/common/tasks/webserver.yml b/roles/common/tasks/webserver.yml new file mode 100755 index 0000000..45a886f --- /dev/null +++ b/roles/common/tasks/webserver.yml @@ -0,0 +1,48 @@ + +- name: Install webserver packages + ansible.builtin.package: + name: + - nginx + - ssl-cert # snakeoil certificates for default site + state: present + +- name: Remove default website + ansible.builtin.file: + path: /var/www/html + state: absent + +- name: Create default site directory + ansible.builtin.file: + path: /var/www/default + state: directory + owner: root + group: root + mode: 0755 + +- name: Copy default index + ansible.builtin.template: + src: var/www/default/index.html + dest: /var/www/default/index.html + owner: www-data + group: www-data + mode: 0640 + +- name: Copy default config + ansible.builtin.copy: + src: etc/nginx/sites-available/default + dest: /etc/nginx/sites-available/default + owner: root + group: root + mode: 0644 + notify: Reload nginx + +- name: Enable default config + ansible.builtin.file: + path: /etc/nginx/sites-enabled/default + src: /etc/nginx/sites-available/default + state: link + owner: root + group: root + mode: 0644 + + diff --git a/roles/common/templates/etc/hosts b/roles/common/templates/etc/hosts new file mode 100755 index 0000000..adc2ee3 --- /dev/null +++ b/roles/common/templates/etc/hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost +127.0.0.1 {{ inventory_hostname }} + +# The following lines are desirable for IPv6 capable hosts +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/roles/common/templates/var/www/default/index.html b/roles/common/templates/var/www/default/index.html new file mode 100755 index 0000000..b9ba700 --- /dev/null +++ b/roles/common/templates/var/www/default/index.html @@ -0,0 +1,9 @@ + + + + +

Welcome to {{inventory_hostname}}

+

This is a paragraph

+ + +