Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pvdabbeele/ansible

An Ansible repo with pluggable roles
https://github.com/pvdabbeele/ansible

ansible ansible-playbook ansible-playbooks ansible-role ansible-roles httpd jinja2 mariadb nginx php php-fpm postgresql rhel vaultwarden yaml

Last synced: about 1 month ago
JSON representation

An Ansible repo with pluggable roles

Awesome Lists containing this project

README 

        
# pluggable Ansible



## purpose



An Ansible repo with pluggable roles, such as:

- application servers: Jboss/Wildfly

- databases: MySQL/MariaDB, PostgreSQL

- scripting languages: PHP

- webservers: Apache2 (httpd), Nginx



## prerequisites

- RHEL (preferably 8)

- Ansible (preferably 2.12 or higher)

- an Ansible service account with authorized ssh login

- Vaultwarden with *community.general.bitwarden* installed

- an inventory, something like this would be lovely:

```yml

[applications]

my_app.local

[databases]

my_db.local

```

### two-tier

Above notation gives you the ability to tell Ansible: use the *"other tier"*:

```yml

{{ hostvars[groups['applications'][0]]['inventory_hostname'] }}

```



## content

- pluggable roles that can perform a **default** installation of aforementioned components

- a customization role that performs a **specific** installation and/or configuration

- installing PostgreSQL, or Nginx, does only that: the installation of a software package, without any project related details

- the custom role is designed for the latter: the creation of database, the configuration of a webserver



## variables

The idea is to centralize variables, and to define default values, as much as possible.



### defaults



- try to define **default** values as often as possible, in your YAML or Jinja2 syntax

- grouping the variables into **one file** improves readability

- refering to your variables is an easy syntax, for example: {{ mariadb.port }}



```yml

# {{ ansible_managed }}

[mariadb]

datadir = {{ mariadb.data_dir | default('/var/lib/mysql/', true) }}

general_log_file = {{ mariadb.log_dir | default('/var/log/mariadb', true) }}/mariadb.log

general_log = 1

log-error = {{ mariadb.log_dir | default('/var/log/mariadb', true) }}/mariadb_error.log

log_bin = {{ mariadb.log_dir | default('/var/log/mariadb', true) }}/mariadb_bin

port = {{ mariadb.port | default('3306', true) }}

```



### defaults/main.yml (excerpt)



```yml

mariadb:

  config_file: /etc/my.cnf

  data_dir: /var/lib/mysql/

  group: mysql

  log_dir: /var/log/mariadb/

  logs:

    - mariadb.log

    - mariadb_error.log

  owner: mysql

  packages:

    - { package: 'mariadb-server', state: 'present' }

    - { package: 'mariadb-connector-c', state: 'present' }

    - { package: 'python3-PyMySQL', state: 'present' }

    - { package: 'perl-DBD-MySQL', state: 'present' }

  port: 3306

```

## customize



After a *default installation*, that is: no customization added, your setup will look like this:

- databases: PostgreSQL or MySQL does not contain anything project related, the server is initialized, the passwords retrievable from Vaultwarden

- webservers: no vhosts (Apache2) or server blocks (Nginx) are created, your configuration is *stripped from default values* and should be secure

- In case you need something specific, adapt the required variables and *change only the custom role*.



## usage



values between square brackets are optional **[ ]** or an array of options **[ x | y ]** :



```yml

ansible-playbook [ -l  | -i  ] [ --become ] [ --check ] -e "env= [ database_type= mariadb | postgresql ] 

     [ webserver_type= httpd | nginx ] [ scripting_language=php ]" [ application_server_type=jboss ] site.yml

```



## license

GPLv3