From 6a16328b7b219d87407735b8badd63735020ab1b Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Sun, 13 Nov 2022 19:27:45 +0100 Subject: [PATCH] Make Ansible setup testable in Vagrant Added logic to change the sshd port if not already configured, configued Vagrantfile to work properly and fixed a couple of deploy errors. --- Vagrantfile | 3 +-- playbook.yml | 2 +- roles/ubuntu_base/handlers/main.yml | 5 ++++ roles/ubuntu_base/tasks/base.yml | 14 +++++----- roles/ubuntu_base/tasks/main.yml | 3 ++- roles/ubuntu_base/tasks/ssh.yml | 42 +++++++++++++++++++++++++++++ 6 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 roles/ubuntu_base/handlers/main.yml create mode 100644 roles/ubuntu_base/tasks/ssh.yml diff --git a/Vagrantfile b/Vagrantfile index 28f2e28..37c9521 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,14 +1,13 @@ Vagrant.require_version ">= 1.7.0" Vagrant.configure(2) do |config| - + config.vm.network "forwarded_port", guest: 19022, host: 19022, id: "new_ssh" config.vm.define "datacoop" do |datacoop| datacoop.vm.box = "ubuntu/bionic64" datacoop.vm.hostname = "datacoop" datacoop.vm.provider "virtualbox" do |v| v.memory = 4096 end - datacoop.vm.network "private_network", ip: "192.168.0.42" datacoop.vm.provision "ansible" do |ansible| ansible.verbose = "v" ansible.compatibility_mode = "2.0" diff --git a/playbook.yml b/playbook.yml index 1b98c5d..9a71856 100644 --- a/playbook.yml +++ b/playbook.yml @@ -9,11 +9,11 @@ services: - nginx-proxy + - postfix - openldap - nextcloud - passit - gitea - - postfix - matrix_riot - privatebin - codimd diff --git a/roles/ubuntu_base/handlers/main.yml b/roles/ubuntu_base/handlers/main.yml new file mode 100644 index 0000000..0416cca --- /dev/null +++ b/roles/ubuntu_base/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: Restart sshd + service: + name: sshd + state: restarted diff --git a/roles/ubuntu_base/tasks/base.yml b/roles/ubuntu_base/tasks/base.yml index 257352b..bf4b0f1 100644 --- a/roles/ubuntu_base/tasks/base.yml +++ b/roles/ubuntu_base/tasks/base.yml @@ -4,17 +4,19 @@ name: "{{ packages }}" vars: packages: - - aptitude - - python3-pip - - apparmor - - haveged - - mosh - - srvadmin-all # Dell OpenManage + - aptitude + - python3-pip + - apparmor + - haveged + - mosh + - srvadmin-all # Dell OpenManage - name: Install necessary packages via pip pip: name: "{{ packages }}" + state: latest vars: packages: + - pip # upgrade needed for docker-compose to install - docker - docker-compose diff --git a/roles/ubuntu_base/tasks/main.yml b/roles/ubuntu_base/tasks/main.yml index d6d34a4..36c4488 100644 --- a/roles/ubuntu_base/tasks/main.yml +++ b/roles/ubuntu_base/tasks/main.yml @@ -1,4 +1,6 @@ --- +- import_tasks: ssh.yml + tags: [change-ssh-port] - import_tasks: custom-apt-repos.yml tags: [setup-custom-apt] - import_tasks: upgrade.yml @@ -7,4 +9,3 @@ tags: [install-base-packages] - import_tasks: users.yml tags: [setup-users] - diff --git a/roles/ubuntu_base/tasks/ssh.yml b/roles/ubuntu_base/tasks/ssh.yml new file mode 100644 index 0000000..e0bbe1e --- /dev/null +++ b/roles/ubuntu_base/tasks/ssh.yml @@ -0,0 +1,42 @@ +--- +- name: Check if SSH port is already configured + wait_for: + port: 19022 + state: started + host: "{{ inventory_hostname }}" + connect_timeout: 5 + timeout: 10 + become: false + delegate_to: localhost + ignore_errors: true + register: ssh_configured + +# If we're running in Vagrant, ansible_port is 2222 +- name: Change Ansible port to 22 if needed + set_fact: + ansible_port: 22 + when: ssh_configured is defined and + (ssh_configured.state is undefined or + (ssh_configured.state is defined and + ssh_configured.state != "started")) and + ansible_port != 2222 + +- name: Change SSH port + lineinfile: + dest: "/etc/ssh/sshd_config" + regexp: "^#?Port" + line: "Port 19022" + register: ssh_changed + notify: "Restart sshd" + when: ssh_configured is defined and + (ssh_configured.state is undefined or + (ssh_configured.state is defined and + ssh_configured.state != "started")) + +- name: Ensure sshd is reloaded if needed + meta: flush_handlers + +- name: Change ansible_port 19022 + set_fact: + ansible_port: 19022 + when: ssh_changed is defined