From 6e383d6afac2dfb054293c75200d9ed4e40db92a Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 17 Nov 2022 22:11:32 +0100 Subject: [PATCH] Simplify SSH configuration Now that the Vagrantfile supplies SSH port information to Ansible, we no longer need to figure it out in Ansible. Also, since gather_facts (which requires an SSH connection) is set to true in playbook.yml, one needs to supply --extra-vars "ansible_port=22" on the commandline when provisioning for the first time on real hardware, because the port is hardcoded in the inventory file. --- Vagrantfile | 7 ++++++ roles/ubuntu_base/handlers/main.yml | 5 ----- roles/ubuntu_base/tasks/ssh-port.yml | 33 +++++++--------------------- 3 files changed, 15 insertions(+), 30 deletions(-) delete mode 100644 roles/ubuntu_base/handlers/main.yml diff --git a/Vagrantfile b/Vagrantfile index 391209e..7ebc9d3 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,22 +1,29 @@ Vagrant.require_version ">= 1.7.0" + PORT = 19022 + Vagrant.configure(2) do |config| config.vm.network :forwarded_port, guest: PORT, host: PORT, id: "new_ssh" + # If we are trying to SSH into the VM, we need to use the new port if ARGV[0] == "ssh" config.ssh.guest_port = PORT end + config.vm.define "datacoop" do |datacoop| datacoop.vm.box = "ubuntu/focal64" datacoop.vm.hostname = "datacoop" + datacoop.vm.provider "virtualbox" do |v| v.memory = 4096 end + datacoop.vm.provision "ansible" do |ansible| ansible.compatibility_mode = "2.0" ansible.playbook = "playbook.yml" ansible.ask_vault_pass = true ansible.verbose = "v" + # If we are running the provision command, then we override the ansible_port if ARGV[0] == "provision" ansible.host_vars = { diff --git a/roles/ubuntu_base/handlers/main.yml b/roles/ubuntu_base/handlers/main.yml deleted file mode 100644 index 0416cca..0000000 --- a/roles/ubuntu_base/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Restart sshd - service: - name: sshd - state: restarted diff --git a/roles/ubuntu_base/tasks/ssh-port.yml b/roles/ubuntu_base/tasks/ssh-port.yml index 90ae178..5b708c9 100644 --- a/roles/ubuntu_base/tasks/ssh-port.yml +++ b/roles/ubuntu_base/tasks/ssh-port.yml @@ -1,24 +1,4 @@ --- -- name: Check if SSH port is already configured - wait_for: - port: 19022 - host: "{{ ansible_host }}" - search_regex: "OpenSSH" - connect_timeout: 5 - timeout: 10 - become: false - delegate_to: localhost - ignore_errors: true - register: ssh_configured - -# If running in Vagrant, ansible_port is always 2222 -- name: Change Ansible port to 22 if needed - set_fact: - ansible_port: 22 - when: ssh_configured is defined and - ssh_configured.state is undefined and - ansible_port != 2222 - - name: Change SSH port on host lineinfile: dest: "/etc/ssh/sshd_config" @@ -26,13 +6,16 @@ line: "Port 19022" register: ssh_changed notify: "Restart sshd" - when: ssh_configured is defined and - ssh_configured.state is undefined -- name: Ensure sshd is reloaded if needed - meta: flush_handlers +- name: Restart sshd + service: + name: sshd + state: restarted + when: ssh_changed is defined and + ssh_changed.changed - name: Change Ansible port to 19022 set_fact: ansible_port: 19022 - when: ssh_changed is defined + when: ssh_changed is defined and + ssh_changed.changed