Automating SSH keys loading for Ansible usage

For using Ansible it’s required to have a working set of ssh-keys already deployed. If you get a set of systems that have not been provisioned by you and are missing the SSH keys, having it fixed might take a while if doing it manually. Good news is that you can use a script in expect to cover this part: #!/usr/bin/expect -f # set Variables set password [lrange $argv 0 0] set ipaddr [lrange $argv 1 1] # now connect to remote system spawn ssh-copy-id root@$ipaddr match_max 100000 # Check for initial connection (add key of host) set timeout 5 expect "yes/no" { send -- "yes\r" } # Check for password prmpt set timeout 120 # Look for passwod prompt expect "password:" { send -- "$password\r" } # send blank line (\r) to come back send -- "\n" expect eof This script, when used like: ...

March 2, 2023 · 2 min · Pablo Iranzo Gómez

Automate code build and deployment with ansible

Let’s say that we want to keep our system updated with some code which is not distributed as a regular package, but as a code in a repository (which unfortunately, it’s a pretty common situation). As a part of the ansible playbooks used for the hosts, I can add a snippet like this: gitrepos: - { url: "https://github.com/myrepo/repo.git", tag: "tagtocheckout", folder: "/root/path-for-check-out", chdir: "subdir to enter", build: "make build", exec: "build/mybuiltbinary", } With this definition in the host inventory, we can then in our playbook to perform several steps: ...

November 9, 2022 · 3 min · Pablo Iranzo Gómez

Ansible - dynamically include Jinja templates and tasks

For my ansible playbooks, I wanted to be able to add several new templates to be copied to target system, and additionally be able to perform some commands for them without having to specify each individual file/template to copy. My approach: Define for the hosts I want to find templates/playbooks define a var named extras for the relevant hosts: extras: - ntp - certificates The names defined (in above example ntp and certificates) are just name of folders laying inside tasks/templates/${folder} that are searched and included or excluded based on extras values. ...

September 24, 2022 · 2 min · Pablo Iranzo Gómez

Include Ansible playbooks sorted

Use sorted list for included files vs random provided by with_fileglob. - name: Include tasks include_tasks: "{{item}}" loop: "{{ query('fileglob', 'tasks/*.yaml') | sort }}"

September 23, 2022 · 1 min · Pablo Iranzo Gómez

Ansible setup for VPN using WireGuard

Setting up WireGuard is not a difficult process but I wanted to automate it among hosts by using a simple playbook that can be executed against the hosts and get it configured and deployed in a simple way. I also wanted to require the minimum possible number of values in the inventory, so tried to automate lot of the information required, leaving in the end only some required values: wireguard: True wgrole: 'master' or 'something else' wgport: port number to use The first step was to create the private and public key once the wireguard package is installed. ...

March 17, 2022 · 5 min · Pablo Iranzo Gómez
This blog is a participant in the Amazon Associate Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.