This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: all | |
gather_facts: false | |
tasks: | |
- name: Check for apache | |
command: rpm -q mod_ssl | |
register: modssl | |
ignore_errors: true | |
- name: Ensure openssl is latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: all | |
gather_facts: no | |
tasks: | |
- name: Check for Shellshock vulnerability | |
command: env x='() { :;}; echo vulnerable' bash -c "echo ok" | |
register: result | |
- name: Skip if not vulnerable | |
debug: msg="This host is vulnerable, patch bash" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import sys | |
import subprocess | |
import re | |
import string | |
try: | |
import json | |
except: | |
import simplejson as json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[defaults] | |
remote_user = vagrant | |
hostfile = .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory | |
private_key_file = ~/.vagrant.d/insecure_private_key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# {{ ansible_managed }} | |
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 | |
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 | |
{% for host in groups.all %} | |
{{ hostvars[host]['ansible_eth0']['ipv4']['address'] }} {{ host }} | |
{% endfor %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SERVER=10.1.1.1 | |
python -c "import socket; socket.create_connection((\"${SERVER}\",80),3)" 2>/dev/null | |
ret=$? | |
if [ $ret -eq 0 ]; then | |
# do stuff | |
else | |
# don't do stuff coz connectivity check failed | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- name: Ensure hostname set | |
hostname: | |
name: {{ inventory_hostname }} | |
when: not inventory_hostname|trim is match('(\d{1,3}\.){3}\d{1,3}') | |
- name: Ensure hostname is in /etc/hosts | |
lineinfile: | |
dest: /etc/hosts | |
regexp: "^{{ ansible_default_ipv4.address }}.+$" | |
line: "{{ ansible_default_ipv4.address }} {{ ansible_fqdn }} {{ ansible_hostname }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
host1.vm.provider :vmware_fusion do |vmw| | |
vdiskmanager = '/Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager' | |
dir = "#{ENV['PWD']}/.vagrant/additional-disks" | |
unless File.directory?( dir ) | |
Dir.mkdir dir | |
end | |
file_to_disk = "#{dir}/hd2.vmdk" | |
unless File.exists?( file_to_disk ) | |
`#{vdiskmanager} -c -s 10GB -a lsilogic -t 0 #{file_to_disk}` | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.PHONY: run test | |
# default inventory file | |
INV ?= dev | |
# default play | |
PLAY ?= site | |
# If a variable file is encrypted with Vault, create a file with the password | |
# in and run the make with SWITCHES including '--vault-password-file FILE'. | |
# Naturally DO NOT put that file in Git! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: all | |
tasks: | |
- group_by: key={{ ansible_virtualization_type }} | |
# Include *all* groups here | |
- include: webservers.yml | |
## |