exam 1

 

Add an entry for node00 in ~/playbooks/inventory file. IP address of node00 host is 172.20.1.100 and SSH user and password is root and Passw0rd. We have a list of users in ~/playbooks/data/users.yml file. There are two groups in there admins and developers which have list of different users. Create a playbook ~/playbooks/add_users.yml to perform below given tasks on node00 node:


a. Add all users given in users.yml on node00.

b. Make sure home directory for all users under developers group is /var/www and for admins it should be default.

c. Set password d3v3l0p3r for all users under developers group and adm$n$ for users under admins group. Make sure to use Ansible vault to encrypt the passwords, use ~/playbooks/secrets/vault.txt file as vault secret file.

d. All users under admins group must be added as sudo user, for that simply make them member of wheel group on node00

=============================

========================================

=======================================================

Update inventory as per below given code
node00 ansible_host=172.20.1.100 ansible_user=root ansible_ssh_pass=Passw0rd
node01 ansible_host=172.20.1.101 ansible_user=root ansible_ssh_pass=Passw0rd
node02 ansible_host=172.20.1.102 ansible_user=root ansible_ssh_pass=Passw0rd
Create vault password for admins and developers
ansible-vault encrypt_string d3v3l0p3r
ansible-vault encrypt_string  adm$n$
Create add_users.yml playbook and add below given code
---
- hosts: node00
  gather_facts: no
  vars:
    admin_pass: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          64396331383031323064343432353935323334626437666531313633343232353936323738313337
          3436666266356534343934653132363866626231636663610a663731653135316132613831323463
          61663331626236303163306234353632643231353036323833373865346531306331613761356665
          3365653631656530310a626332643537333861653335643836646566323934653362333364386137
          3731
    developer_pass: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          63613761313339646563643435326633313066303030666266393232646137343065376530363933
          3034353231653239656332363661346337353836666130370a613366646565373431343932633337
          34666430376264386137326632626637383630383262333330376661656266393665386337326465
          3165366632623865660a363866653237386163653636373764626334303631333062623762396235
          6630
  tasks:
    - name: Include user.yml
      include_vars:
        file: data/users.yml
    - name: Creating admins
      user:
        name: "{{ item }}"
        password: "{{ admin_pass | string | password_hash('sha512') }}"
        groups: wheel
      with_items: "{{ admins | list }}"

    - name: creating developers
      user:
        name: "{{ item }}"
        password: "{{ developer_pass | string | password_hash('sha512') }}"
        home: /var/www
      with_items: "{{ developers | list }}"

Comments

Post a Comment

Popular posts from this blog

exam 16

  Write a playbook  /home/thor/playbooks/install_from_source.yml  to install a tool:  mosh  from the source: https://github.com/mobile-shell/mosh  on all servers inside the inventory  /home/thor/playbooks/inventory . A normal install from source flow is: git clone https://github.com/mobile-shell/mosh cd mosh ./autogen.sh ./configure make && make install To compile mosh from source, you need these dependencies: git make autoconf automake protobuf-devel libutempter-devel ncurses-devel openssl-devel gcc gcc-c++ Create  install_from_source.yml  playbook and add below given code --- - hosts: all tasks: - package: name: " {{ item }} " state: present with_items: - git - make - autoconf - automake - protobuf-devel - libutempter-devel - ncurses-devel - openssl-devel - gcc - gcc-c++ - git: rep...
Read more

ansible 5

Check if  report_status.sh  copied earlier to  web2  remote host is executable or not. If it is not executable, log the message:  File report_status.sh is not executable, making it executable...  in file  /tmp/change.log  on  web2  remote host and make it executable. Develop a playbook   /home/thor/playbooks/make_it_executable.yml   and use the inventory file   /home/thor/playbooks/inventory ====================================================================  --- - hosts: all   gather_facts: no   vars:     remote_dest: /usr/local/bin/report_status.sh   tasks:     - stat:         path: "{{remote_dest}}"       register: file_status     - debug: var=file_status     - shell: echo "File report_status.sh is not exective " > /tmp/change.log       when: file_status.stat.executable == false     - name: Make th...
Read more

practical 3

Help your friend fix this playbook  /home/thor/playbooks/copy_file_only_if.yml . Your firend is trying to copy this script   /home/thor/playbooks/report_status.sh   to   web2   at location   /usr/local/bin/report_status.sh   based on a condition: if variable   copy_file_only_if=true . Problem is: Even though (s)he is passing   True   or   true   the boolean variable set this way is being evaulated as string and the conditional is being skipped as   Conditional result was False Please use the inventory file   /home/thor/playbooks/inventory ==================================================  --- - name: copy script if not present   gather_facts: no   hosts: web2   vars:     remote_dest: /usr/local/bin/report_status.sh   tasks:     - copy:         src: report_status.sh         dest: "{{remote_dest}}"       when: copy_file_...
Read more