Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # Ansible playbook for doing basic setup on a Civcraft server
- #
- - name: Deploy Civcraft
- hosts: all
- connection: local
- gather_facts: True
- - hosts: all
- vars:
- sshd_config: /etc/ssh/sshd_config
- docker: false
- users:
- - maxopoly
- - ttk2
- - jacky
- - rourke
- - erocs
- - programmerdan
- tasks:
- - name: Create Docker group
- become: true
- group: name=docker state=present
- when: "{{ docker }}"
- - name: Add Primary user
- user: name=civcraft-admins state=present groups=wheel,docker password=$6$rounds=656000$kKqCMHLjiIiJ4Wow$WuB4gEHWvj7m6uII.HLDwCfRmWutM.0HDxfG.GmWvmCggLjMq.xmtMdSBYfbduj28xB2l5zGuZlQdzskpTNcb.
- - name: Add individual users
- user: name="{{ item }}" state=present
- with_items: "{{ users }}"
- - name: Setup Keys for Users
- authorized_key:
- key: "{{ lookup('file', 'keys/{{item}}.pub') }}"
- user: "{{ item }}"
- manage_dir: yes
- with_items: "{{ users }}"
- - name: Add to Sudoers for Autologin
- lineinfile: dest=/etc/sudoers state=present regexp='^Cmnd_Alias' line='Cmnd_Alias CMD_LINE = /bin/byobu, /bin/bash'
- - name: Add to Sudoers for Auotlogin
- lineinfile: dest=/etc/sudoers state=present regexp='^%civcraft-sudo' line='%civcraft-sudo ALL=(civcraft-admins) NOPASSWD{{":"}} CMD_LINE'
- #- name: Update bashrc for user
- # lineinfile: dest=/home/"{{ item }}"/.bashrc line='sudo -u civcraft-admins -s' owner="{{ item }}" regexp='^sudo' state=present
- # with_items: "{{ users }}"
- #
- # Don't know why the above does not work
- #
- - name: Update bashrc for user
- shell: echo "sudo -u civcraft-admins -s" >> /home/"{{ item }}"/.bashrc
- with_items: "{{ users }}"
- - name: Disable empty password login
- lineinfile: dest={{ sshd_config }} regexp="^#?PermitEmptyPasswords" line="PermitEmptyPasswords no"
- notify: restart sshd
- - name: Disable remote root login
- lineinfile: dest={{ sshd_config }} regexp="^#?PermitRootLogin" line="PermitRootLogin no"
- notify: restart sshd
- - name: Disable password login
- lineinfile: dest={{ sshd_config }} regexp="^#?PasswordAuthentication" line="PasswordAuthentication no"
- notify: restart sshd
- - name: upgrade all packages
- yum: name=* state=latest
- - name: Install epel
- yum: name=epel-release state=latest
- - name: Install OpenJDK 1.8
- yum: name=java-1.8.0-openjdk state=latest
- - name: Add repository
- yum_repository:
- name: MariaDB
- description: MariaDB
- baseurl: http://yum.mariadb.org/10.1/centos7-amd64
- - name: Install MariaDB
- yum: name=mariadb-server state=latest
- - name: Install MariaDB-devel
- yum: name=mariadb-devel state=latest
- - name: Install RabbitMQ
- yum: name=rabbitmq-server state=latest
- - name: Install pip
- yum: name=python-pip state=latest
- - name: Install python virtualenv
- yum: name=python-virtualenv state=latest
- - name: Install gcc for pip
- yum: name=gcc state=latest
- - name: Install Python mysql backend
- pip: name=MySQL-python
- - name: Install Duplicity
- yum: name=duplicity state=latest
- - name: Install htop
- yum: name=htop state=latest
- - name: Install Yum-cron
- yum: name=yum-cron state=latest
- - name: Enable Yum-cron
- shell: chkconfig yum-cron on
- - name: Install Byobu
- yum: name=byobu state=latest
- - name: Fix stupid byobu issue
- lineinfile: dest=/etc/fstab regexp='^devpts' line="devpts /dev/pts devpts gid=5,mode=620 0 0"
- - name: Enable rabbit management
- shell: rabbitmq-plugins enable rabbitmq_management
- - name: Start rabbit/mysql
- service: name=mysql-server enabled=yes
- service: name=rabbitmq-server enabled=yes
- - name: Add RabbitMQ users
- rabbitmq_user: "user={{ item.name }} \
- password={{ rabbit_non_root_pass }} \
- vhost=/ \
- configure_priv=^mc\\. \
- read_priv=^mc\\. \
- write_priv=^mc\\. \
- state=present"
- with_items: "{{ shards }}"
- become: true
- - name: Add RabbitMQ users for Bungee
- rabbitmq_user: "user={{ item }} \
- password={{ rabbit_non_root_pass }} \
- vhost=/ \
- configure_priv=^mc\\. \
- read_priv=^mc\\. \
- write_priv=^mc\\. \
- state=present"
- when: inventory_hostname in groups['valhalla']
- with_items: "{{ hosts_list }}"
- become: true
- - name: Add Docker repo
- yum_repository:
- name: Docker
- description: Docker repository
- baseurl: https://yum.dockerproject.org/repo/main/centos/$releasever/
- when: "{{ docker }}"
- - name: Install Docker
- yum: name=docker-engine state=latest
- when: "{{ docker }}"
- - name: Start docker service
- service: name=docker state=started
- when: "{{ docker }}"
- - name: Start docker service on startup
- shell: chkconfig docker on
- when: "{{ docker }}"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement