Skip to content

Instantly share code, notes, and snippets.

View phips's full-sized avatar
🇬🇧

Mark Phillips phips

🇬🇧
94 followers · 25 following
View GitHub Profile
@phips
phips / gist:a87b8d60d62a94f68d1a
Created October 26, 2014 11:31
Quick Ansible Poodle (CVE-2014-3566) fix (RHEL/CentOS)
---
- hosts: all
gather_facts: false
tasks:
- name: Check for apache
command: rpm -q mod_ssl
register: modssl
ignore_errors: true
- name: Ensure openssl is latest
@phips
phips / gist:3297e7910da78556e222
Created October 22, 2014 21:00
Quick Ansible check for Shellshock
---
- hosts: all
gather_facts: no
tasks:
- name: Check for Shellshock vulnerability
command: env x='() { :;}; echo vulnerable' bash -c "echo ok"
register: result
- name: Skip if not vulnerable
debug: msg="This host is vulnerable, patch bash"
@phips
phips / wip.py
Last active June 19, 2017 14:20
VMware Fusion Ansible dynamic inventory
#!/usr/bin/env python
import sys
import subprocess
import re
import string
try:
import json
except:
import simplejson as json
@phips
phips / ansible.cfg
Last active February 13, 2018 09:31
Ansible for Vagrant
[defaults]
remote_user = vagrant
hostfile = .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
private_key_file = ~/.vagrant.d/insecure_private_key
@phips
phips / hosts.j2
Created June 16, 2014 17:57
hostvars test fail
# {{ ansible_managed }}
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
{% for host in groups.all %}
{{ hostvars[host]['ansible_eth0']['ipv4']['address'] }} {{ host }}
{% endfor %}
@phips
phips / gist:11234471
Created April 23, 2014 22:19
Quick Python one-liner connectivity check
SERVER=10.1.1.1
python -c "import socket; socket.create_connection((\"${SERVER}\",80),3)" 2>/dev/null
ret=$?
if [ $ret -eq 0 ]; then
# do stuff
else
# don't do stuff coz connectivity check failed
fi
@phips
phips / hosts.yml
Last active August 2, 2021 19:59
Ansible setting of hostname from inventory, but ignoring IP addresses
- name: Ensure hostname set
hostname:
name: {{ inventory_hostname }}
when: not inventory_hostname|trim is match('(\d{1,3}\.){3}\d{1,3}')
- name: Ensure hostname is in /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: "^{{ ansible_default_ipv4.address }}.+$"
line: "{{ ansible_default_ipv4.address }} {{ ansible_fqdn }} {{ ansible_hostname }}"
@phips
phips / Vagrantfile
Last active February 10, 2016 08:02 — forked from jtopper/gist:8588263
host1.vm.provider :vmware_fusion do |vmw|
vdiskmanager = '/Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager'
dir = "#{ENV['PWD']}/.vagrant/additional-disks"
unless File.directory?( dir )
Dir.mkdir dir
end
file_to_disk = "#{dir}/hd2.vmdk"
unless File.exists?( file_to_disk )
`#{vdiskmanager} -c -s 10GB -a lsilogic -t 0 #{file_to_disk}`
end
@phips
phips / Makefile
Created April 16, 2014 21:01
ansible control Makefile
.PHONY: run test
# default inventory file
INV ?= dev
# default play
PLAY ?= site
# If a variable file is encrypted with Vault, create a file with the password
# in and run the make with SWITCHES including '--vault-password-file FILE'.
# Naturally DO NOT put that file in Git!
@phips
phips / site.yml
Created March 13, 2014 15:30
Ansible dynamic grouping
---
- hosts: all
tasks:
- group_by: key={{ ansible_virtualization_type }}
# Include *all* groups here
- include: webservers.yml
##