Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/samdoran/ansible-role-ansible-pull
Use Ansible in push mode to setup a remote machine to run Ansible Pull
https://github.com/samdoran/ansible-role-ansible-pull
Last synced: 3 days ago
JSON representation
Use Ansible in push mode to setup a remote machine to run Ansible Pull
- Host: GitHub
- URL: https://github.com/samdoran/ansible-role-ansible-pull
- Owner: samdoran
- Created: 2016-03-15T13:24:08.000Z (almost 9 years ago)
- Default Branch: main
- Last Pushed: 2023-01-18T13:55:19.000Z (almost 2 years ago)
- Last Synced: 2024-11-01T09:14:42.663Z (about 2 months ago)
- Language: Jinja
- Size: 17.6 KB
- Stars: 14
- Watchers: 4
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
Ansible Pull
=========
[![Galaxy](https://img.shields.io/badge/galaxy-samdoran.ansible_pull-blue.svg?style=flat)](https://galaxy.ansible.com/samdoran/ansible_pull)Configure a remote machine to run `ansible-pull` on a schedule. `ansible` will be installed on the managed node in a virtual environment using `pip`.
Requirements
------------- cron
- logrotateRole Variables
--------------At a minimum, you need to define `ansible_pull_repo` where your Ansible playbook repository lives as well as the `ansible_pull_playbook` to run.
| Name | Default Value | Description |
|-------------------|---------------------|----------------------|
| `ansible_pull_workdir` | `/var/lib/ansible/local` | Directory where repository is cloned. |
| `ansible_pull_repo` | `https://github.com/samdoran/demo-playbooks.git` | Remote repository to clone when running `ansible-pull`. |
| `ansible_pull_playbook` | `{{ ansible_pull_workdir }}/hello.yml` | Playbook to run with `ansible-pull`. |
| `ansible_pull_logfile` | `/var/log/ansible-pull.log` | Where to log output from `ansible-pull`. Also gets rotated. |
| `ansible_pull_vault_password_file` | `/root/.vault` | File to hold Ansible vault key. **Not recommonded unless you aware of the implications of storing keys in clear text on remote hosts, or you are using a script to get the secret from an external source.** |
| `ansible_pull_vault_password` | `SuperSecretKey` | Vault key, in plain text, that will be inserted int `ansible_pull_vault_password_file`. **Not recommonded unless you aware of the implications of storing keys in clear text on remote hosts, or you are using a script to get the secret from an external source.** |
| `ansible_pull_ssh_private_key` | [see `defaults/main.yml`] | Optionally define an SSH private key that will be installed for `root` on the remote host. If this is not defined, a new key will be generated and the public SSH key will be output at the end of the play. |
| `ansible_known_hosts` | `[]` | List of SSH host keys to add to `/root/.ssh/known_hosts`. |
| `ansible_pull_cron_jobs` | [see `defaults/main.yml`] | Cron configuration for jobs that run `ansible-pull`. The default settings run `ansible-pull` every ten minutes. |
| `ansible_pull_user` | `root` | User that will run `ansible-pull`. |
| `ansible_pull_pip_packages` | `['ansible']` | List of Python packages to install in the virtual environment. |Dependencies
------------- samdoran.repo_epel
Example Playbook
----------------Here is a playbook using an internal GitLab server with the `pull.yml` playbook. We also set the SSH key of the internal GitLab server to avoid any problems.
- name: Setup Ansible Pull
hosts: all
become: Truevars:
ansible_pull_playbook: "{{ ansible_pull_workdir }}/playbooks/pull.yml"
ansible_pull_repo: "[email protected]/internal.git"
ansible_pull_known_hosts:
- name: "gitlab.acme.com"
state: present
key: "gitlab.acme.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCEPm0nPQBk+W4FBWSuI2wP0vO2W5cfDQV3B65WayiQPCh5kQIaTfDaRXIHACu9GcZRx5mhTsXYt+jY2egvLwazX5xvvQqDZX7wLw+qJXnpb1pqS7koINnAopGspp5v/+KPk7e3SRbLdNDk8O/g7uXb1PwaryebQM2+eluDebh1zbDd2QgKHf1/p4gZ66m4QJ9s17+Qzj3AJO+5fNr9z0MxPkYkf3jLvJ8PmAqGT+6AYlAh889yCrrC+yGj7VH/H6P3dEakj2xEx3Ib4g42EjKOpumoCVLY6dKrtSlkyOVBEOkf7G3liIV2ZNm6smWsJsnCTMPy4o9ioxF+x5GG1nsL"roles:
- samdoran.repo_epel
- samdoran.ansible_pullLicense
-------Apache 2.0