Initial import

12 files changed, 151 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a8b42eb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+*.retry
diff --git a/README b/README
new file mode 100644
index 0000000..592d5ae
--- /dev/null
+++ b/README
@@ -0,0 +1,9 @@
+IT Management (itm)
+=============
+ - Hackish playbooks to make common administration on IPE netwok.
+
+Problems
+--------
+ - Gnome desktop installation (Fedora) on Camera stations prevents system
+   from properly booting. I guess should be because of headless NVIDIA
+   cards.... But I am not sure...
diff --git a/cuda.yml b/cuda.yml
new file mode 100644
index 0000000..636b6f6
--- /dev/null
+++ b/cuda.yml
@@ -0,0 +1,6 @@
+- name: Common Software
+  hosts: all
+  remote_user: root
+  roles:
+    - role: cuda
+
diff --git a/desktop.yml b/desktop.yml
new file mode 100644
index 0000000..6f35ab2
--- /dev/null
+++ b/desktop.yml
@@ -0,0 +1,6 @@
+- name: Common Software
+  hosts: all
+  remote_user: root
+  roles:
+    - role: desktop
+
diff --git a/install.yml b/install.yml
new file mode 100644
index 0000000..2cd3768
--- /dev/null
+++ b/install.yml
@@ -0,0 +1,17 @@
+- name: Common Software
+  hosts: all
+  remote_user: root
+  roles:
+    - role: common
+
+- name: CUDA 
+  hosts: cuda
+  remote_user: root
+  roles:
+    - role: cuda
+    
+- name: Desktop
+  hosts: desktop
+  remote_user: root
+  roles:
+    - role: desktop
diff --git a/inventories/ipe.erb b/inventories/ipe.erb
new file mode 100644
index 0000000..5c33cdb
--- /dev/null
+++ b/inventories/ipe.erb
@@ -0,0 +1,11 @@
+[camera]
+192.168.26.[80:89]
+
+[student]
+192.168.26.[60:69]
+
+[desktop:children]
+student
+
+[cuda:children]
+camera
diff --git a/roles/common/README b/roles/common/README
new file mode 100644
index 0000000..c8bd679
--- /dev/null
+++ b/roles/common/README
@@ -0,0 +1,11 @@
+Dependencies:
+ - Executed on all nodes
+ - No dependencies & no facts
+
+Parameters:
+ extra_packages: list of extra packages to install
+ 
+Actions:
+ - Enables standard repositories
+ - Install a set of common packages on all nodes (mc, etc.)
+ 
\ No newline at end of file
diff --git a/roles/common/default/main.yml b/roles/common/default/main.yml
new file mode 100644
index 0000000..d355d15
--- /dev/null
+++ b/roles/common/default/main.yml
@@ -0,0 +1 @@
+os_update: "{{ ands_update | default(false) }}"
\ No newline at end of file
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
new file mode 100644
index 0000000..8070bc6
--- /dev/null
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,18 @@
+- name: Ensure all required repositories are configured
+  package: name={{item}} state=present
+  register: result
+  with_items:
+    - epel-release
+  when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
+
+- name: Add our repository with updates and overrides
+  yum_repository: name="{{ item.name }}" description= "{{ item.description | default('Ands repository') }}" baseurl="{{ item.url }}" enabled="yes" gpgcheck="no" cost="{{ item.cost | default(1) }}"
+  with_items: "{{ ands_repositories | default([]) }}"
+
+# We always update on first install and if requested
+- name: Update CentOS
+  yum: name=* state=latest update_cache=yes
+  when: (result | changed) or (os_update | default(false))
+
+- name: Install additional software
+  include_tasks: software.yml
diff --git a/roles/common/tasks/software.yml b/roles/common/tasks/software.yml
new file mode 100644
index 0000000..c621ef3
--- /dev/null
+++ b/roles/common/tasks/software.yml
@@ -0,0 +1,30 @@
+- name: Install various ansible requirements
+  package: name={{item}} state=present
+  with_items: 
+    - yum-plugin-versionlock
+    - libselinux-python
+    - libsemanage-python
+    - yamllint
+    - pyOpenSSL
+    - python-passlib
+    - python2-ruamel-yaml
+    - python2-jmespath
+    - python-ipaddress
+    - iptables-services
+    - PyYAML
+    - python-rhsm-certificates
+
+- name: Install various administrative tools
+  package: name={{item}} state=present
+  with_items: 
+    - mc
+    - telnet
+    - lsof
+    - strace
+    - bzr
+    - git
+    - pciutils
+
+- name: Ensure all extra packages are installed
+  package: name={{item}} state=present
+  with_items: "{{ extra_packages | default([]) }}"
diff --git a/roles/kernel/tasks/software.yml b/roles/kernel/tasks/software.yml
new file mode 100644
index 0000000..92733aa
--- /dev/null
+++ b/roles/kernel/tasks/software.yml
@@ -0,0 +1,11 @@
+- name: Install various administrative tools
+  package: name={{item}} state=present
+  register: result
+  with_items: 
+    - kernel-devel
+
+# We always update on first install and if requested
+- name: Update kernel
+  package: name=kernel state=latest
+  when: (result | changed)
+
diff --git a/ssh.yml b/ssh.yml
new file mode 100644
index 0000000..43d8d2d
--- /dev/null
+++ b/ssh.yml
@@ -0,0 +1,30 @@
+- name: Store known hosts of 'all' the hosts in the inventory file
+  hosts: all:localhost
+  connection: local
+  tasks:
+  - delegate_to: "localhost"
+    set_fact: target_hosts="{{ play_hosts | difference(['localhost']) }}"
+    
+ 
+- name: Store known hosts of 'all' the hosts in the inventory file
+  hosts: localhost
+  connection: local
+ 
+  vars:
+    ssh_known_hosts_command: "ssh-keyscan -T 10"
+    ssh_known_hosts_file: "{{ lookup('env','HOME') + '/.ssh/known_hosts' }}"
+    ssh_known_hosts: "{{ target_hosts }}"
+
+  tasks:
+  - name: For each host, scan for its ssh public key
+    shell: "ssh-keyscan {{ item }},`dig +short {{ item }}`"
+    with_items: "{{ ssh_known_hosts }}"
+    register: ssh_known_host_results
+    ignore_errors: yes
+
+  - name: "Add/update the public key of {{ item.item }} in the {{ ssh_known_hosts_file }}"
+    known_hosts:
+      name: "{{ item.item }}"
+      key: "{{ item.stdout }}"
+      path: "{{ ssh_known_hosts_file }}"
+    with_items: "{{ ssh_known_host_results.results }}"