On the computer running the playbooks:
- A Python virtualenv with the requirements installed
figletandlolcat-cinstalled, to generate the ASCII art used in the MOTD banner
On the managed servers:
- An
ansibleuser account with passwordless sudo (run thecreate-ansible-userplaybook for this)
To develop on your computer:
- A Python virtualenv with the requirements installed
- Recommended: the
justcommand runner, to simplify running commands - Recommended: Visual Studio Code with the
Ansibleextension (you should be prompted to install it when opening the project)
A justfile is provided, to help you run the most common commands. Once you have installed just, you can run the following:
just(with no arguments): list all recipes/commands availablejust playbook-deploy-infra: run the playbook (you can add any argument and they will be passed to the underlyingansible-playbookcommand)just lint: run ansible-lint to check the playbooks and roles for errors and bad practicesjust todo: search all files for# TODOand# noqacomments (they silence linter errors)just vault <username>: login to Vault using theuserpassmethodjust venv: create a local virtualenv using the currently available Python (in.venv) and install dependencies usingpipjust cmdb: generate an HTML overview of all hosts in the inventory with information gathered by Ansible, including variables (usingansible-cmdb)- ...and more, see
justfor the updated list
If you want to run a playbook manually, you will need to:
- Export the Vault URL:
export VAULT_ADDR=https://<vault URL> - Login to Vault:
vault login -method=userpass username=<username>(you can use any other method) - Retrieve the SSH private key from Vault and save it as
id_ed25519_ansible - Execute a playbook:
ansible-playbook --inventory hosts playbooks/deploy-server.yml
A GitHub Actions workflow is run on all push and pull requests to check any alerts from ansible-lint.
TODO: still useful?