Skip to content

Instantly share code, notes, and snippets.

@riemers
Last active August 29, 2015 14:16
Show Gist options
  • Save riemers/c98047999f332473ae51 to your computer and use it in GitHub Desktop.
Save riemers/c98047999f332473ae51 to your computer and use it in GitHub Desktop.
Ansible: Make a new server ready for consumption. Since not everybody uses amazon or api related services for their setup. This assumes you have a new server (just the root password and can still ssh in with it) and want to add it to your pool of servers (read addserver.yml what it does). Just add below .profile to your current homedir where you…
PBLOC=~/projects/somewhere/addserver.yml
addserver() {
if [[ -z "$1" ]]; then
echo "[e] You need to give an IP for this to work. Dont use ssh-agent, since it will have precedence"
else
echo "[i] Running setup for new server, be ready to type in your root password"
echo "[i] Removing and re-adding the known_hosts file"
ssh-keygen -f "${HOME}/.ssh/known_hosts" -R $1
ssh-keyscan -t rsa -H $1 >> ~/.ssh/known_hosts
ansible-playbook ${PBLOC} -u root -i "newserver," --extra-vars="hosts=newserver ansible_ssh_host=$1" -k
echo "[i] Ssh keys are added, sudoers file change. You can now run your normal playbooks against this server"
fi
}
---
- hosts: '{{ hosts }}'
tasks:
- name: Create awx user
user: name=awx comment="Ansible user" shell=/bin/bash
- name: Make sure we can sudo as awx user
lineinfile: dest=/etc/sudoers state=present regexp='^awx' line='awx ALL=(ALL) NOPASSWD:ALL'
- name: Disable requiretty for awx user to support pipelining
lineinfile: dest=/etc/sudoers state=present regexp='^Defaults:awx' line='Defaults:awx !requiretty'
- name: Add authorized_keys
authorized_key: user=awx
key="{{ lookup('file','~/.ssh/id_rsa.pub') }}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment