Ansible playbook (자주 사용)

############# 간단한 playbook만 오픈 합니다. ################

 

 

 

 

# ansible-playbook hostsAllow.yml -u jgshin                          ## 호스트 ip 추가

 

# ansible-playbook password_update.yml                    ## 패스워드 변경

 

# ansible DOCKERTEST -m shell -a "docker ps -a"           ## 커맨드 명령어

# ansible all -m ping                                                                 ## 통신 확인

 

# ansible all -m copy -a "src=/test.txt dest=/tmp/test.txt"     ## 카피 배포

 

# ansible SERVER -m user -a "name=jgshin update_password=Admin123! password={{ 'passwordda' | password_hash('sha512') }}" -u jgshin

 

 

############################## 사용자생성

---

- name: 사용자 추가

  hosts: TESTU

  become: true

  tasks:

    - name: 사용자 이름 생성

      user:

        name: "{{ USER_NAME }}"

    - name: 패스워드 변경

      user:

        name: "{{ USER_NAME }}"

        password: "{{ PASSWORD | password_hash('sha512') }}"

    - name: sudoers.d 추가

      copy:

       content: |

         %{{USER_NAME}} ALL=(ALL) NOPASSWD: ALL

       dest: "/etc/sudoers.d/{{USER_NAME}}"

       owner: root

       group: root

       mode: 0440

       validate: "/usr/sbin/visudo -c -f '%s'"

  

  

# ansible-playbook usercreate.yml --extra-vars "USER_NAME=jgshintest PASSWORD=1234" -u jgshin                           ## 유저 생성

  

  

############################### hosts.allow 추가

 

- name: HOST IP

  hosts: TESTU

  become: true

  tasks:

    - name: ADD

      lineinfile:

        state: present

        dest: "/etc/hosts.allow"

        line: "sshd: ALL"

 

############################### 패스워드 초기화

 

- name: password change

  hosts: ALL

  become: true

  tasks:

    - name: password change

      shell: "passwd -e jgshin"

 

############################### 유저변경 , 쉘스크립트 실행

 

- name: Container Run

  hosts: EC2-REAL001

#  become: true

  tasks:

    - name: deploy user change

      become: true

      become_user: deploy

      register: become_user

      command: whoami

    - debug:

        msg: "{{ become_user.stdout }}"

    - name: docker-compose -f docker-compose up -d

      shell: "./restart.sh"

      args:

       chdir: /home/deploy/pkg/deploy-jgshin/release/multi

       executable: /bin/bash

  

########################################

 

- hosts: TESTU

  become: yes

  tasks:

    - name: Copy sec.sh to remote server

      copy:

        src: /home/jgshin/ubuntu_sec.sh

        dest: /home/jgshin/ubuntu_sec.sh

        mode: 0755

 

    - name: Execute ubuntu_sec.sh

      shell: "./ubuntu_sec.sh"

      args:

       chdir: /home/jgshin

       executable: /bin/bash

 

 

######################################

 

- name: chage check

  hosts: SERVER

  become: true

  tasks:

    - name: chage check

      command: chage -m 1 jgshin

 

 

- name: password set

  hosts: SERVER

  become: true

  gather_facts: no

  tasks:

    - user:

        name: "{{ Name }}"

        password: "{{ Password | password_hash('sha512') }}"

 

#########################################

 

- name: update user password

  hosts: SERVER

  become: true

  become_method: sudo

  tasks:

  - user:

      name: jgshin

      update_password: Admin123!

      password: "{{ newpassword|password_hash('sha512') }}"

 

 #########################################

---

- hosts: all

  become: yes

  tasks:

    - name: Change user password

      user:

        name: "{{ username }}"

        password: "{{ new_password }}"