Trying a whole buncha stuff

2019-11-23 14:30:39 -05:00
parent 11771acc17
commit 62b95d4e22
24 changed files with 517 additions and 48 deletions
--- a/playbooks/dependencies.yml
+++ b/playbooks/dependencies.yml
@@ -1,9 +1,26 @@
 ---
 - hosts: all
  name: Ansible python bindings
-  tags: always
+  tags:
+    - always
+    - initialize
  tasks:
-    - import_tasks: tasks/centos/bindings.yml
+    - name: Install CentOS python bindings
      when: ansible_distribution == "CentOS"
-    - import_tasks: tasks/fedora/bindings.yml
+      become: true
+      dnf:
+        state: latest
+        name:
+          - python3-libselinux
+          - python3-policycoreutils
+          - python3-firewall
+
+    - name: Install Fedora python bindings
      when: ansible_distribution == "Fedora"
+      become: true
+      dnf:
+        state: latest
+        name:
+          - libselinux-python
+          - policycoreutils-python
+          - python3-firewall
--- a/playbooks/deploy-homepage.yml
+++ b/playbooks/deploy-homepage.yml
@@ -0,0 +1,38 @@
+---
+- hosts: nimbus-1.net.enp.one
+  name: Deploy main landing page at enpaul.net
+  vars:
+    # Local directory to use for cloning and building the documentation site
+    DIR_BUILD: /tmp/docs
+    # Remote directory to install the site at
+    DIR_DEPLOY: /usr/share/nginx/enpaul.net/html
+  tasks:
+    - name: Upload static site to remote
+      copy:
+        src: "{{ DIR_BUILD }}/site/"
+        dest: "/tmp/docs/"
+    - name: Remove legacy site
+      become: true
+      file:
+        path: "{{ DIR_DEPLOY }}"
+        state: absent
+    - name: Copy static site to deployment directory
+      become: true
+      copy:
+        src: "/tmp/docs/"
+        dest: "{{ DIR_DEPLOY }}"
+        remote_src: true
+        owner: root
+        group: nginx
+        mode: 0755
+        setype: httpd_sys_content_t
+
+    - name: Clean up local build directory
+      delegate_to: 127.0.0.1
+      file:
+        path: "{{ DIR_BUILD }}"
+        state: absent
+    - name: Clean up remote temp directory
+      file:
+        path: /tmp/docs
+        state: absent
--- a/playbooks/files/bashrc.sh
+++ b/playbooks/files/bashrc.sh
@@ -1,16 +1,61 @@
+# Global network bashrc/profile file
+# Updated 2019-11-12
+
+function venv() {
+        DIR="/home/$USERNAME/.venvs"
+
+        if [ $# -eq 0 ]; then
+                echo "No command specified"
+
+        elif [ $1 = "--help" ] || [ $1 = '-h' ]; then
+                echo "Custom python Virtualenv manager
+\"Because pipenv is too hard and everything else sucks\"
+
+Commands:
+  list                 List available virtualenvs
+  show                 Alias of list
+  delete <venv>        Delete a virtualenv
+  del                  Alias of delete
+  rm                   Alias of delete
+  load <venv>          Activate a virtualenv for usage
+  new <venv> <python>  Create a new virtualenv. If <python> is not specified,
+                       then the system default python is used
+"
+        elif [ $1 = "list" ] || [ $1 = "show" ] || [ $1 = "ls" ]; then
+                ls $DIR
+        elif [ $1 = "load" ]; then
+                . $DIR/$2/bin/activate
+        elif [ $1 = "new" ]; then
+                virtualenv $DIR/$2 --python=$3
+        elif [ $1 = "delete" ] || [ $1 = "del" ] || [ $1 = "rm" ]; then
+                rm -rf $DIR/$2
+        elif [ $1 = "go" ]; then
+                cd $DIR/$2
+        fi
+}
+
+function parse_git_branch() {
+    git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/ (\1)/'
+}
+
 function up() { cd $(eval printf '../'%.0s {1..$1}); }
+
+function pipin() { pip freeze | grep $1; }
+
+alias bk='cd -'
 alias fuck='sudo $(history -p \!\!)'
 alias doc='cd ~/Documents'
-alias explorer='nautilus'
+alias dn='cd ~/Downloads'
 alias version='uname -orp && lsb_release -a | grep Description'
 alias activate='source ./bin/activate'
 alias ipconfig='ip address show'
 alias cls='clear'
 alias mklink='ln -s'
-alias ls='ls -lshF --color --group-directories-first --time-style=long-iso'
+alias ls='/usr/bin/ls -lshF --color --group-directories-first --time-style=long-iso'
 alias gg='cd ~/Git'
-parse_git_branch() {
-    git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/ (\1)/'
-}
+alias gmtime='/usr/bin/date -u --iso-8601=seconds'
+alias date='/usr/bin/date --iso-8601=seconds'
+alias whatismyip='curl https://icanhazip.com/'

+export rc=/home/$USERNAME/.bashrc
 export PS1="\[\e[0;97m\]\[\e[37m\]\u\[\e[1;94m\]@\[\e[94m\]\H\[\e[0;33m\]$(parse_git_branch) \[\e[37m\]\w\[\e[33m\] \[\e[0;97m\]$\[\e[0m\] "
--- a/playbooks/initialize.yml
+++ b/playbooks/initialize.yml
@@ -0,0 +1,34 @@
+---
+- import_playbook: dependencies.yml
+
+- name: Setup environment
+  hosts: all:!network
+  tags:
+    - initialize
+  vars:
+    restart_services: true
+  roles:
+    - role: packages
+      vars:
+        update: true
+        exclude: [] # Override the default kernel exclusion
+        clean: true
+  tasks:
+    - name: Set hostname
+      become: true
+      hostname:
+        name: "{{ inventory_hostname }}"
+    - name: Install global bashrc
+      become: true
+      copy:
+        src: bashrc.sh
+        dest: /etc/profile.d/ZA-enpn-bashrc.sh
+        mode: 0644
+
+- name: Configure services
+  hosts: all:!network
+  tags:
+    - initialize
+  roles:
+    - role: sshd
+    - role: networkd
--- a/playbooks/provision.yml
+++ b/playbooks/provision.yml
@@ -1,29 +1,11 @@
 ---
- import_playbook: dependencies.yml
+- import_playbook: initialize.yml

-
- hosts: all
-  name: Init
-  tags: initialize
-  tasks:
-    - name: Set hostname
-      become: true
-      hostname:
-        name: "{{ default_host if default_host is defined else inventory_hostname }}"
-
-    - name: Install global bashrc
-      become: true
-      copy:
-        src: bashrc.sh
-        dest: /etc/profile.d/global-bashrc.sh
-        mode: 0644
-
-    - import_tasks: tasks/sshd/banner.yml
-
-
- hosts: all
-  name: System packages
-  tags: initialize
+- name: System packages
+  hosts: all
+  tags:
+    - provision
+    - initialize
  tasks:
    - name: Load package variables
      include_vars:
--- a/playbooks/roles
+++ b/playbooks/roles
@@ -0,0 +1 @@
+../roles
--- a/playbooks/update-system.yml
+++ b/playbooks/update-system.yml
@@ -2,6 +2,8 @@
 - hosts: all
  name: Upgrade packages
  tasks:
+
+
    - name: Upgrade YUM packages
      when: ansible_distribution == "CentOS"
      become: true
--- a/playbooks/update-users-network.yml
+++ b/playbooks/update-users-network.yml
@@ -2,7 +2,12 @@
 - hosts: router.net.enp.one
  name: Configure users on router
  connection: network_cli
+<<<<<<< Updated upstream
  gather_facts: false
+=======
+  vars:
+    ansible_network_os: edgeos
+>>>>>>> Stashed changes
  tasks:
    - import_tasks: tasks/users-preprocessing.yml

@@ -18,9 +23,9 @@
      edgeos_config:
        lines:
          - set system login user {{ item.name }} level admin
-      with_items:
-        - "{{ local_admin_users | difference([None]) }}"
+      loop: "{{ local_admin_users | difference([None]) }}"

+<<<<<<< Updated upstream
    - name: Assemble loadkey files
      edgeos_command:
        commands:
@@ -32,3 +37,23 @@
        lines:
          - loadkey {{ item }} /tmp/{{ item }}.keys
      loop: "{{ local_admin_users | difference([None]) }}"
+=======
+    - name: Assemble key files for loadkey usage
+      edgeos_command:
+        commands: sudo tee /tmp/{{ item.name }}.keys<<<"{{ item.sshkeys | join('\n') }}"
+      loop: "{{ local_admin_users | difference([None]) }}"
+
+    # - name: Assemble loadkey files
+    #   copy:
+    #     src: keys/{{ item }}
+    #     dest: /tmp
+    #   with_items:
+    #     - "{{ local_admin_users | difference([None]) }}"
+
+    # - name: Load keys
+    #   edgeos_config:
+    #     lines:
+    #       - loadkey {{ item }} /tmp/{{ item }}/*.pub
+    #   with_items:
+    #     - "{{ local_admin_users | difference([None]) }}"
+>>>>>>> Stashed changes