{"id":24702972,"url":"https://github.com/richlamdev/ansible-misc","last_synced_at":"2025-10-09T09:30:28.756Z","repository":{"id":140093430,"uuid":"268026897","full_name":"richlamdev/ansible-misc","owner":"richlamdev","description":"Random Ansible System Administration Tasks for Ubuntu / Centos","archived":false,"fork":false,"pushed_at":"2025-07-24T15:50:37.000Z","size":207,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-10-09T00:44:44.769Z","etag":null,"topics":["ansible","automation","centos","systemadministration","ubuntu"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/richlamdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-30T06:59:54.000Z","updated_at":"2025-07-24T15:50:41.000Z","dependencies_parsed_at":"2023-12-24T02:29:41.665Z","dependency_job_id":"6a651312-78de-448f-b661-2113ceaabc8e","html_url":"https://github.com/richlamdev/ansible-misc","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/richlamdev/ansible-misc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richlamdev%2Fansible-misc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richlamdev%2Fansible-misc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richlamdev%2Fansible-misc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richlamdev%2Fansible-misc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/richlamdev","download_url":"https://codeload.github.com/richlamdev/ansible-misc/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richlamdev%2Fansible-misc/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279001135,"owners_count":26083022,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","automation","centos","systemadministration","ubuntu"],"created_at":"2025-01-27T05:51:42.758Z","updated_at":"2025-10-09T09:30:28.409Z","avatar_url":"https://github.com/richlamdev.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Miscellaneous Ansible playbooks\n\nThis is a small collection of playbooks for basic administration and audit of Ubuntu and Redhat based Linux distributions.\n\nSome of the tasks include:\n\nCreate/remove users\\\nCreate/remove groups\\\nCheck patching status\\\nInstall patches\\\nCheck firewall/DNS/NTP settings\n\n## Requirements\n\n1) Linux or Mac Operating System.\n\n2) ansible:\\\n````pip3 install ansible````\n\n3) jinja2 template:\\\n````pip3 install jinja2````\n\n4) sshpass:\\\n````sudo apt install sshpass````\\\n** *Limit use of sshpass for early setup only, due to potential security issues.  Deploy ssh keys to target hosts as early as possible.* **\n\n## Summary of current configuration of ansible configuration (ansible.cfg). Edit as required.\nSet inventory file as \"inventory\" (ini format)\\\nSet default display of output for better readability\\\nSet ansible.log in root directory of playbook\\\nSet default interpreter as python3\\\nSet some optimizations\\\nSet host key checking to ignore\n\n\n## Edit inventory file as required.  Eg:\n\ninventory\n\n[py3hosts]\\\nlocalhost\\\n192.168.2.3\\\nmy-vmware-cloud\\\nmy-file-server\n\n\n## Playbook Usage:\n\n````ansible-playbook tasks/adduser.yml -b -k -K````\n\nwhere:\n\n-b, --become                   run operations with become (does not imply password prompting)\\\n-K, --ask-become-pass          ask for privilege escalation password\\\n-k, --ask-pass                 ask for connection password\n\n-k, --ask-pass is not required if using SSH keys\n\n\n## adduser-ansible-sudo.yml\n\nThis playbook creates a sudo user on newly provisioned VM(s) with SSH key deployed.\nRequires the play executed from the context of the new user on from the ansible \"push\" server (host machine).\\\n\nExample:\n\nCreate the user \"ansible-user\" as a sudo user to all the newly provisioned VM's.  All commands to be executed on the host or local machine.\n\n1) Create ansible-user:\\\n````sudo adduser ansible-user````\n\n2) Switch or log on as the ansible-user:\\\n````su - ansible-user````\n\n3) Generate an SSH keypair\\\n````ssh-keygen -b 4096 -t rsa````\n\n4) Edit inventory file to include the VM's to have this user deployed to.\n\n5) From the roote of the git repo, execute the play to create the ansible-user on the new VM's:\\\n````ansible-playbook tasks/initial-ansible-user.yml -bkK -u \u003croot user or sudo user\u003e````\n\n6) Test the user was created with an SSH key on the new VM(s):\\\n````ssh ansible-user@\u003cIP-of-new-vm\u003e````\n\n\n## Roles\n\nBrief note, if the ansible-role-nginx-tls is used, be aware that\ndeployment of TLS private key certificate should _not_ be provisioned this way.\nThis is implemented here as a quick and simple example of how it could be done.\nPrimarily for the purposes of being to able to view/test TLS certificates via\ngui, instead via openssl.\n\nFor test/development/temporary TLS certificate creation via HashiCorp Vault,\nsee this repo:\n[HashiCorp Vault TLS Certificates with raft backend](https://github.com/richlamdev/vault-pki-raft)\n\n\n******************************************************************************\n\n## Misc Ad-hoc Command examples\n\n### Ping all the assets in inventory file\n````ansible all -m ping  -b -k -K````\n\n### Gather facts (information) from assets in inventory file\n````ansible all -m setup  -b -k -K````\n\n### Random command execution; alternative to writing a dedicated playbook\n````ansible all -a \"cat /etc/passwd\"  -b -k -K````\n\n\nwhere:\n\n-m MODULE_NAME, --module-name MODULE_NAME     module name to execute (default=command)\\\n-a MODULE_ARGS, --args MODULE_ARGS            module arguments\\\n-b, --become                                  run operations with become (does not imply password prompting)\\\n-K, --ask-become-pass                         ask for privilege escalation password\\\n-k, --ask-pass                                ask for connection password\n\n-k, --ask-pass is not required if using SSH keys\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frichlamdev%2Fansible-misc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frichlamdev%2Fansible-misc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frichlamdev%2Fansible-misc/lists"}