configure_firewall.yml
[student@workstation lab-task-control]$ cat configure_firewall.yml 
---
- yum:
    name: "{{ fw_package }}"
    state: latest
  tags: production

- service:
    name: "{{ fw_service }}"
    state: started
  tags: production


- firewalld:
    service: "{{ item }}"
    immediate: true
    permanent: true
    state: enabled
  with_items:
    - http
    - https
  tags: production
configure_web.yml
[student@workstation lab-task-control]$ cat configure_web.yml 
---
- shell:
    rpm -q httpd
  register: rpm_check
  failed_when: rpm_check.rc == 1

- block:
  - get_url:
      url : "{{ https_uri }}"
      dest: /etc/httpd/conf.d/

  - file:
      path: /etc/httpd/conf.d/ssl
      state: directory
      mode: 0755

  - file:
      path: /var/www/html/logs
      state: directory
      mode: 0755

  - stat:
      path: /etc/httpd/conf.d/ssl.conf
    register: ssl_file

  - shell:
      mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak
    when: ssl_file.stat.exists

  - unarchive:
      src: "{{ ssl_uri }}"
      dest: /etc/httpd/conf.d/ssl/
      copy: no
    notify:
      - restart_services

  - copy:
      content: "{{ ansible_fqdn }} ({{ ansible_default_ipv4.address }}) has been customized by Ansible \n"
      dest: /var/www/html/index.html

  when:
    rpm_check.rc == 0
install_packages.yml
[student@workstation lab-task-control]$ cat install_packages.yml
---
- name: Installs the required packages
  yum:
    name: "{{ item }}"
  with_items:
    - "{{ web_package }}"
    - "{{ ssl_package }}"
  when:
    - inventory_hostname in groups["webservers"]
    - "(ansible_memory_mb.real.total) > (memory)"

- name: Starts the service
  service:
    name: "{{ web_service }}"
    state: started
playbook.yml
[student@workstation lab-task-control]$ cat playbook.yml 
---
- hosts: webservers
  tasks:
    - block:
      - include: install_packages.yml
        vars:
          memory: 256
          web_package: httpd
          ssl_package: mod_ssl
          web_service: httpd
      - include: configure_web.yml
        vars:
          https_uri: http://materials.example.com/task_control/https.conf
          ssl_uri: http://materials.example.com/task_control/ssl.tar.gz
      - include: configure_firewall.yml
        vars:
          fw_package: firewalld
          fw_service: firewalld
        tags: production

      rescue:
        - yum:
            name: httpd
            state: latest
          notify:
            - restart_services

        - debug:
            msg: "Failed to import and run all the tasks; installing the whb server manually"

      always:
        - shell:
            cmd: "systemctl status httpd"


  handlers:
    - name: restart_services
      service:
        name: "{{ item }}"
        state: restarted
      with_items:
        - httpd
        - firewalld
  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.