Assignment #7 Ansible Solution

Overview




In this assignment, you will be writing an Ansible playbook that will encompass several previous projects from the course. First, generate an SSH key for ansible to use, and put that key on your client server. Make sure the account you add it to has sudo permissions (use grading if you wish). Once you have a key and can authenticate, you can begin writing your playbook. The playbook will need to accomplish the tasks listed below. Use your submissions for previous projects when needed, no need to rewrite anything.




* Assignment #1 - Server Setup

* Install openssh-server, change to use port 2222. Restart service if changed.

* Install ufw, enable ufw firewall and add rules for port 22, 2222, 80, 8080

* Assignment #2 - systemd & sudo

* Create the "grading" user if it doesn't exist

* Add "grading" to sudoers with NOPASSWD option

* Copy pa2.sh to /usr/local/bin, make executable

* Copy your systemd service and timer to /etc/systemd/system, run daemon-reload if changed

* Make sure the systemd timer is running

* Assignment #5 - udev

* Create or copy your udev rules file in /etc/udev/rules.d/, reload rules

* Assignment #6 - Web Hosting

* Copy your python web server to /usr/local/bin, make it executable

* Copy your systemd service to /etc/systemd/system, run daemon-reload if changed

* Make sure the service is running




Submission




Submit via the provided git repo by 11:59pm Monday, April 29th. You will submit your ansible playbook and any supporting files (scripts your playbook copies to clients, hosts file, etc.). An example submission hierarchy can be seen below:







```

assignment-7-username

├── hosts

├── Pipfile

├── Pipfile.lock

├── README.md

├── roles

│   ├── pa1

│   │   └── main.yml

│   ├── pa2

│   │   ├── files

│   │   │   ├── pa2.service

│   │   │   ├── pa2.sh

│   │   │   └── pa2.timer

│   │   └── main.yml

│   ├── pa5

│   │   ├── files

│   │   │   └── 99-pa5.rules

│   │   └── main.yml

│   └── pa6

│   ├── files

│   │   ├── pa6.py

│   │   └── pa6.service

│   └── main.yml

└── site.yml




```




Running your playbook

The repo includes files for a [pipenv](https://pipenv.readthedocs.io/en/latest/). This will manage the creation of a python virtualenv and install the necessary dependencies along with ansible itself. You will need to initialize the pipenv to run ansible, with `pipenv install`, that will create the virtualenv and install all of the packages. To run things (like ansible) inside your pipenv, you can run `pipenv shell` to enter a shell inside the environment, then run whatever you want: `ansible -m shell -a "hostname" -i hosts`, etc. OR run `pipenv run ansible -m shell -a "hostname" -i hosts` outside the env to accomplish the same thing.




Tips

You can run your playbook with your GCP server as a client, from ubuntu.cse.unr.edu if you'd like.




Tinker with Ansible ad-hoc commands to learn the modules and capabilities.




Modules you will be using: [apt](https://docs.ansible.com/ansible/latest/modules/apt_module.html), [service](https://docs.ansible.com/ansible/latest/modules/service_module.html), [ufw](https://docs.ansible.com/ansible/latest/modules/ufw_module.html), [user](https://docs.ansible.com/ansible/latest/modules/user_module.html), [copy](https://docs.ansible.com/ansible/latest/modules/copy_module.html), [command](https://docs.ansible.com/ansible/latest/modules/command_module.html)




[Ansible Documentation](https://docs.ansible.com/ansible/latest/user_guide/)