ansible-ops-management/README.md

231 lines
8.8 KiB
Markdown
Raw Normal View History

2022-02-27 03:19:20 +00:00
# Ansible AWX Template: Ops Management
Ansible AWX is the method used for the Rocky Linux infrastructure, as a replacement for using the CLI. This template is used specifically for management of systems and infrastructure and takes bits and pieces from the original infrastructure git repository on GitHub.
This repository may include duplicate playbooks from other ansible management repositories. Some pieces may also be removed and put into their own repository.
## Notes on local runs and playbooks for local development systems
There are some playbooks that are meant to be ran locally. There are also cases where AWX is not feasible. To run said playbooks, these are things to keep in mind:
* local-ansible.cfg will need to be used
* `init-rocky-ansible-host.yml` will need to be ran using that configuration file (if there are roles/collections needed)
2023-07-17 09:18:45 +00:00
* **It is highly recommended that you change all `host: all` to `host: '{{ host }}'` as you may want more control.**
2022-02-27 03:19:20 +00:00
2023-08-14 06:25:05 +00:00
## Notes on system deployment
When provisioning a system, the minimum order of playbooks to run are:
* ansible-ipa-management/role-rocky-ipa-client.yml
* ansible-ops-management/init-rocky-system-config.yml
The first ensures the system is enrolled with the IPA domain. The second ensures the basic minimum system configuration is completed, such as basic hardening, auditd rules, PAM, and others.
2022-02-27 03:19:20 +00:00
## Provides / Information
This repository is for Infrastructure operations.
```
.
2023-08-14 06:25:05 +00:00
├── adhoc-facts-refresh.yml
├── adhoc-rabbitmqqueue.yml
├── adhoc-rabbitmquser.yml
├── collections
│   ├── README.md
│   └── requirements.yml
2022-02-27 03:19:20 +00:00
├── defaults
│   └── main.yml
├── files
2023-08-14 06:25:05 +00:00
│   ├── etc
│   │   ├── authselect
│   │   │   └── custom
│   │   │   └── sssd-rocky
│   │   │   ├── CentOS-8-system-auth -> RedHat-8-system-auth
│   │   │   ├── RedHat-8-system-auth
│   │   │   ├── RedHat-9-nsswitch.conf
│   │   │   ├── RedHat-9-system-auth
│   │   │   ├── Rocky-8-system-auth -> RedHat-8-system-auth
│   │   │   ├── Rocky-9-nsswitch.conf -> RedHat-9-nsswitch.conf
│   │   │   └── Rocky-9-system-auth -> RedHat-9-system-auth
│   │   ├── dynmotd
│   │   ├── motd
│   │   ├── pam.d
│   │   │   ├── CentOS-7-system-auth-ac -> RedHat-7-system-auth-ac
│   │   │   └── RedHat-7-system-auth-ac
│   │   ├── rockybanner
│   │   ├── sudoers.d
│   │   │   └── cis
│   │   └── systemd
│   │   └── system
│   │   └── noggin.service
│   ├── home
│   │   └── ansible
│   ├── README.md
│   ├── root
│   │   └── 9-tmux.conf
│   ├── tmp
│   ├── usr
│   │   └── local
│   │   └── bin
│   │   ├── dmidecode-pretty
│   │   └── lock-wrapper
│   └── var
│   └── www
│   └── mantisbt
│   └── signup_page.php
2022-02-27 03:19:20 +00:00
├── handlers
│   └── main.yml
2023-08-14 06:25:05 +00:00
├── init-rocky-account-services.yml
├── init-rocky-ansible-host.yml
├── init-rocky-bugzilla.yml
├── init-rocky-chrony.yml
├── init-rocky-install-kvm-hosts.yml
├── init-rocky-koji-ecosystem.yml
├── init-rocky-mantisbt.yml
├── init-rocky-noggin-theme.yml
├── init-rocky-noggin.yml
├── init-rocky-openqa-developer-host.yml
├── init-rocky-postfix-relay.yml
├── init-rocky-repo-servers.yml
├── init-rocky-session-recording.yml
├── init-rocky-system-config.yml
├── local-ansible.cfg
├── README.md
├── role-rocky-bootstrap_staging.yml
├── role-rocky-graylog.yml
├── role-rocky-kojid-staging.yml
├── role-rocky-kojid.yml
├── role-rocky-kojihub-staging.yml
├── role-rocky-kojihub.yml
├── role-rocky-mirrormanager.yml
├── role-rocky-monitoring.yml
├── role-rocky-mqtt.yml
├── role-rocky-node_exporter.yml
├── role-rocky-pinnwand.yml
├── role-rocky-rabbitmq.yml
├── role-rocky-repopool.yml
├── roles
│   ├── README.md
│   └── requirements.yml
2022-02-27 03:19:20 +00:00
├── tasks
2023-08-14 06:25:05 +00:00
│   ├── account_services.yml
│   ├── auditd.yml
│   ├── authentication.yml
│   ├── banners.yml
│   ├── bugzilla_install.yml
│   ├── bugzilla.yml
│   ├── chrony.yml
│   ├── efs_mount.yml
│   ├── grub.yml
│   ├── harden.yml
│   ├── init-koji.yml
│   ├── koji_efs.yml
│   ├── main.yml
│   ├── mantis
│   │   ├── mantispatch.yml
│   │   └── mantis.yml
│   ├── mirrormanager.yml
│   ├── noggin.yml
│   ├── openqa.yml
│   ├── postfix_relay.yml
│   ├── rabbitmq
│   │   ├── rabbitmq.yml
│   │   ├── topics.yml
│   │   ├── users.yml
│   │   └── vhost.yml
│   ├── repository.yml
│   ├── rsyncd.yml
│   ├── scripts.yml
│   ├── skel.yml
│   ├── srpmproc.yml
│   ├── ssh_config.yml
│   ├── tlog.yml
│   └── variable_loader_common.yml
2022-02-27 03:19:20 +00:00
├── templates
2023-08-14 06:25:05 +00:00
│   ├── etc
│   │   ├── audit
│   │   │   └── rules.d
│   │   │   └── collection.rules.j2
│   │   ├── chrony.conf.j2
│   │   ├── httpd
│   │   │   └── conf.d
│   │   │   ├── bugzilla.conf.j2
│   │   │   └── mantis.conf.j2
│   │   ├── modprobe.d
│   │   │   └── cis.conf.j2
│   │   ├── postfix
│   │   │   └── sasl_passwd.j2
│   │   ├── rabbitmq
│   │   │   ├── rabbitmq.conf.j2
│   │   │   └── rabbitmq-env.conf.j2
│   │   ├── resolv.conf.j2
│   │   ├── rsyncd.conf.j2
│   │   ├── rsyncd-motd
│   │   ├── rsyslog.d
│   │   ├── ssh
│   │   │   ├── CentOS-8-sshd_config.j2 -> RedHat-8-sshd_config.j2
│   │   │   ├── CentOS-9-sshd_config.j2 -> RedHat-9-sshd_config.j2
│   │   │   ├── RedHat-8-sshd_config.j2
│   │   │   ├── RedHat-9-60-infra.conf.j2
│   │   │   ├── RedHat-9-sshd_config.j2
│   │   │   ├── Rocky-8-sshd_config.j2 -> RedHat-8-sshd_config.j2
│   │   │   ├── Rocky-9-60-infra.conf.j2 -> RedHat-9-60-infra.conf.j2
│   │   │   └── Rocky-9-sshd_config.j2 -> RedHat-9-sshd_config.j2
│   │   ├── sssd
│   │   │   └── conf.d
│   │   │   └── session-recording.conf
│   │   └── tlog
│   │   └── tlog-rec-session.conf
│   ├── opt
│   │   └── mirrormanager
│   │   └── mirrormanager2.cfg.j2
2022-02-27 03:19:20 +00:00
│   ├── README.md
2023-08-14 06:25:05 +00:00
│   ├── tmp
│   │   └── mantis_import.sql.j2
│   └── var
│   └── www
│   ├── bugzilla
│   │   ├── answer
│   │   └── localconfig.j2
│   └── mantis
│   └── config
│   ├── config_inc.php.j2
│   ├── custom_constants_inc.php.j2
│   └── custom_strings_inc.php.j2
├── tests
2022-02-27 03:19:20 +00:00
│   ├── inventory
2023-08-14 06:25:05 +00:00
│   ├── README.md
2022-02-27 03:19:20 +00:00
│   └── test.yml
└── vars
2023-08-14 06:25:05 +00:00
├── bugzilla.yml
├── CentOS.yml -> RedHat.yml
├── common.yml
├── ipaserver.yml
├── main.yml
├── mantis.yml
├── mirrormanager.yml
├── mounts
│   ├── bootstrap_staging.yml
│   ├── mirrormanager.yml
│   ├── repopool.yml
│   └── srpmproc.yml
├── mqtt.yml
├── openqa.yml
├── pinnwand.yml
├── production
│   ├── koji-common.yml
│   ├── kojid.yml
│   └── kojihub.yml
├── rabbitmq_topics.yml
├── rabbitmq_users.yml
├── rabbitmq_vhost.yml
├── rabbitmq.yml
├── RedHat.yml
├── Rocky.yml -> RedHat.yml
├── rsync.yml
└── staging
├── koji-common.yml
├── kojid.yml
└── kojihub.yml
2022-02-27 03:19:20 +00:00
```