Skip to content

gliech/common-ansible-role

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits

.github

.github

 
 

defaults

defaults

 
 

handlers

handlers

 
 

meta

meta

 
 

molecule/default

molecule/default

 
 

tasks

tasks

 
 

templates

templates

 
 

vars

vars

 
 

.ansible-lint

.ansible-lint

 
 

.gitignore

.gitignore

 
 

.yamllint

.yamllint

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

test_requirements.txt

test_requirements.txt

 
 

Repository files navigation

Common Ansible Role

test & release

This role does two things. Firstly, it installs a few packages that are required to run some essential Ansible modules, but are sometimes absent from managed nodes. Secondly it manages, and can create, the agent user (ansible_user). The role can not bootstrap a host on its own though. If used to create the permanent ansible_user it requires a privileged "bootstrap" user (which can optionally be removed as part of this role) and a python executable on the target machine.

Requirements

A version of Python that Ansible can use.

Role Variables

NameRequiredType / ChoicesDescription
common_agent_user_name no string

Name of the managed user. During normal operations this should be the same as the ansible_user for the host.

Default: "ansible"

common_agent_user_home no path

Home directory of the managed user.

Default: "/var/ansible"

common_agent_user_shell no path

Login shell for the managed user.

Default: "/bin/bash"

common_agent_user_create_local no boolean

Use the local option during user creation. This requires the luseradd command to be present on the target host. This role will install this command if possible, but some Linux distributions (eg. ArchLinux) do not have an install target for the luseradd executable in their package sources.

Default: false

common_bootstrap_user_name no string

Name of a dedicated bootstrap user that WILL BE REMOVED as part of this role. This variable has no effect if the given user does not exist on the system.

The idea is, that during the bootstrapping process ansible can log in to the new target host using a throwaway user that is set up with unsave credentials during system installation. This role will than create the permanent agent user, switch over to that new user for the rest of the play, and then, finally, remove the temporary user.

Default: "ansible_bootstrap"

common_remove_unused_sshd no boolean

Remove the openssh-server package if the ansible connection does not require it. This is option is currently only considered for the lxd connection type.

Default: true

common_configure_connection no `"lxd"`, `"ssh"`

By default this role will do some custom configuration (if applicable) for the connection type used during the playbook run. If another connection plugin should be configured instead, this variable can be used to overwrite it.

Default: {{ ansible_connection }}

Dependencies

None.

Example Playbooks

- hosts: all
  tasks:
    - ansible.builtin.import_role:
        name: gliech.common

License

This project is licensed under the terms of the GNU General Public License v3.0

About

An ansible role that manages a user for the purpose of running ansible and installs packages for some ansible core modules to function fully.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 4

v2.0.0 Latest
Apr 7, 2024
+ 3 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages