ansible-shared/README.md

# Ansible Shared Roles

Generic shared ansible roles for use in multiple ansible projects.

This is meant to be separate from your main ansible repo and symlinked into your roles folder

For example:

Main ansible is ~/Code/ansible
Clone this repo into ~/Code/ansible-shared
ln -s ~/Code/ansible-shared ~/Code/ansible/playbooks/roles/shared


# Requirements

These shared roles are geared toward Debian 9 and 10 with a few compatible with Ubuntu.

File `playbooks/group_vars/all` has user directory like so...add all your users here
```
users:
  # Root and toor
  root:
    id: 0
    gid: 0
    password: '{{ root_linux_password }}'
  toor:
    id: 1000
    gid: 1000
    password: '{{ toor_linux_password }}'
    groups: '{{ superuser_groups }}'
```

File `playbooks/group_vars/Debian.yml` like so
```
# ------------------------------------------------------------------------------
# Debian specific variables
# ------------------------------------------------------------------------------
superuser: toor
supergroup: staff
sudogroup: sudo
superuser_groups: [sudo,users,staff,adm,cdrom,floppy,audio,dip,video,plugdev,netdev]
```

Make one for each of your OS types, a `ManjroLinux.yml` may look like so
```
# ------------------------------------------------------------------------------
# Manjaro specific variables
# ------------------------------------------------------------------------------
superuser: toor
supergroup: staff
sudogroup: wheel
superuser_groups: [wheel,users,staff,adm,sys,network,power,video,storage,lp,input,audio]
```

Your `ansible.cfg` should look about like so.
```
# Ansible configuration for defaults and path modifications
# mReschke 2020-04-02

[defaults]
remote_user = root
remote_tmp = /tmp/ansible-$USER
roles_path = ./roles
private_key_file = ~/.ssh/mreschke-root.key
vault_password_file = ~/.files/configs/ansible/vault.passwd
retry_files_enabled = False
display_skipped_hosts = False
force_color = 1
nocows = 1
```



# Snippets

Quick helpers to remember common tasks


```yaml
# Detect OS
when: ansible_os_family == "Debian" and ansible_distribution_major_version == "10"
when: ansible_distribution == "Ubuntu" and ansible_distribution_version == "16.04"
when: ansible_os_family == "Archlinux" and ansible_lsb.id == "ManjaroLinux"

# Copy profiles to /etc/profile.d/
- include_tasks: ../../../functions/copy_etc-profile.d.yml

# Copy scripts to /usr/local/bin
- include_tasks: ../../../functions/copy_usr-local-bin.yml

# Copy globs
- name: Copying globs
  copy:
    src: "{{ item }}"
    dest: /usr/local/bin/
    owner: '{{ superuser }}'
    group: '{{ supergroup }}'
    mode: '0775'
  with_fileglob:
    - files/bin/*

# Copy nginx.conf
- name: Copying /etc/nginx/nginx.conf
  copy:
    src: nginx/nginx.conf
    dest: /etc/nginx/nginx.conf
    owner: root
    group: root
    mode: '0644'
  notify: restart nginx

# Template in a loop
- name: Templating ~/.getmail/config
  template:
    src: getmail
    dest: '{{ "~" + item.username | expanduser }}/.getmail/config'
    owner: '{{ item.username }}'
    group: 'users'
    mode: '0644'
  with_items: "{{ getmail_users }}"

# Symlink in a loop
- name: Symlinking /store/apps/getmail to ~/Mail
  file:
    src: '/store/apps/getmail/{ item.email }'
    dest: '{{ "~" + item.username | expanduser }}/Mail'
    state: link
    owner: '{{ item.username }}'
    group: 'users'
  with_items: "{{ getmail_users }}"

# Install common apps for all debian machines
- name: Installing Debian common applications
  apt:
    update_cache: yes
    state: present
    name:
      - apt-transport-https
      - openssh-server

# Creat directory /etc/nginx
- name: Create a directory if it does not exist
  file:
    path: /etc/nginx
    state: directory
    owner: '{{ superuser }}'
    group: '{{ superuser }}'
    mode: '0755'

# Set chown toor:toor -R /etc/nginx
- name: Applying ownership of /etc/nginx
  file:
    path: /etc/nginx
    state: directory
    recurse: yes
    owner: '{{ superuser }}'
    group: '{{ superuser }}'

```