From 84c2277e80c75ce3ec1e4dcb14ad2fd91b577706 Mon Sep 17 00:00:00 2001 From: AnsibleGuy Date: Tue, 2 Nov 2021 22:08:11 +0100 Subject: [PATCH] init --- LICENSE.txt | 21 ++++++++++++++++ README.md | 55 +++++++++++++++++++++++++++++++++++++++++ defaults/main.yml | 8 ++++++ filter_plugins/utils.py | 21 ++++++++++++++++ meta/main.yml | 18 ++++++++++++++ playbook.yml | 9 +++++++ requirements.yml | 6 +++++ tasks/debian/main.yml | 6 +++++ tasks/main.yml | 5 ++++ 9 files changed, 149 insertions(+) create mode 100644 LICENSE.txt create mode 100644 README.md create mode 100644 defaults/main.yml create mode 100644 filter_plugins/utils.py create mode 100644 meta/main.yml create mode 100644 playbook.yml create mode 100644 requirements.yml create mode 100644 tasks/debian/main.yml create mode 100644 tasks/main.yml diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..3c645d7 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2021 AnsibleGuy + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..2f5d887 --- /dev/null +++ b/README.md @@ -0,0 +1,55 @@ +# Ansible Role for certificate generation + +**Tested:** +* Debian 11 + +## Functionality + +* Package installation + * Ansible dependencies (_minimal_) + * +* Configuration + * Two Possible Modes + * Generate Self-Signed certificate + * Create an internal-ca and generate certificates using it + * Default config: + * Mode => Self-Signed + * Default opt-ins: + * + * Default opt-outs: + * + + +## Info + +* **Note:** this role currently only supports debian-based systems + + +* **Note:** Most of this functionality can be opted in or out using the main defaults file and variables! + + + +## Requirements + +* Community collection: ```ansible-galaxy install -r requirements.yml``` + + +## Usage + +Define the config as needed: + +```yaml +app: + +``` + +Run the playbook: +```bash +ansible-playbook -K -D -i inventory/hosts.yml playbook.yml +``` + +There are also some useful **tags** available: +* base => only configure basics; sites will not be touched +* sites +* config +* certs diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..3e473a0 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,8 @@ +--- + +# default config => is overwritten by provided config +default_app: {} + +APP_CONFIG: "{{ default_app | combine(app, recursive=true) }}" + +default_instance_config: {} diff --git a/filter_plugins/utils.py b/filter_plugins/utils.py new file mode 100644 index 0000000..226737c --- /dev/null +++ b/filter_plugins/utils.py @@ -0,0 +1,21 @@ +from re import sub as regex_replace + + +class FilterModule(object): + + def filters(self): + return { + "safe_key": self.safe_key, + "fallback": self.fallback, + } + + @staticmethod + def safe_key(key: str) -> str: + return regex_replace('[^0-9a-zA-Z]+', '', key.replace(' ', '_')) + + @staticmethod + def fallback(opt1: str, opt2: str) -> str: + if opt1 not in [None, '', 'None', 'none', ' ']: + return opt1 + + return opt2 diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..b15a762 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,18 @@ +--- + +galaxy_info: + author: 'AnsibleGuy ' + readme: 'README.md' + license: 'MIT' + repository: 'https://github.com/ansibleguy/ROLE' + issue_tracker_url: 'https://github.com/ansibleguy/ROLE/issues' + github_branch: 'stable' + min_ansible_version: 2.9.0 + description: '' + platforms: + - name: Debian + versions: + - bullseye + galaxy_tags: [] + +collections: [] \ No newline at end of file diff --git a/playbook.yml b/playbook.yml new file mode 100644 index 0000000..2fcea1d --- /dev/null +++ b/playbook.yml @@ -0,0 +1,9 @@ +--- + +# ansible-playbook -K -D -i inventory/hosts.yml playbook.yml + +- hosts: all # should be limited + become: true + gather_facts: yes + roles: + - ansibleguy.ROLE diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..1e2a9ef --- /dev/null +++ b/requirements.yml @@ -0,0 +1,6 @@ +# external roles and collections to download +# install: ansible-galaxy install -r requirements.yml + +collections: [] +# - name: 'community.general' +# source: 'https://galaxy.ansible.com' diff --git a/tasks/debian/main.yml b/tasks/debian/main.yml new file mode 100644 index 0000000..cd683db --- /dev/null +++ b/tasks/debian/main.yml @@ -0,0 +1,6 @@ +--- + +- name: ROLE | Debian | Task + ansible.builtin.apt: + pkg: "{{ something }}" + tags: [base] diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..3317b5d --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- name: ROLE | Processing debian config + ansible.builtin.import_tasks: debian/main.yml + when: "ansible_distribution|lower in ['debian', 'ubuntu']"