feat: add Ansible support and improve inventory

- Added a new Python script to dynamically handle Ansible playbook executions with password prompts.
- Enhanced `inventory.yml` by defining explicit `ansible_name` and `ansible_host` for each host to improve manageability.
- Introduced `.gitignore` to omit `venv/` and `.vscode/` directories from version control, ensuring a cleaner repository.
- Updated `apt.yml` playbook to unify update and upgrade tasks, using `ansible.builtin.apt`.
- Created `requirements.txt` to manage Python dependencies, including `ansible`, `ansible-lint`, and `pyyaml`.

These changes streamline the management of Ansible hosts and execution of playbooks, aligning with best practices for ongoing development.
This commit is contained in:
Kumi 2024-10-25 18:50:37 +02:00
parent 317b88a26a
commit 63be88788e
Signed by: kumi
GPG key ID: ECBCC9082395383F
5 changed files with 134 additions and 10 deletions

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
venv/
.vscode/

View file

@ -3,12 +3,54 @@ all:
children:
debian:
hosts:
lardlad:
burns:
ansible_name: burns
ansible_host: 10.123.1.1
selma:
edna:
ansible_name: selma
ansible_host: 10.123.1.3
lardlad:
ansible_name: lardlad
ansible_host: 10.123.1.4
lance:
ansible_name: lance
ansible_host: 10.123.1.5
chimpman:
ansible_name: chimpman
ansible_host: 10.123.1.6
edna:
ansible_name: edna
ansible_host: 10.123.1.7
nelson:
ansible_name: nelson
ansible_host: 10.123.1.8
hannah:
ansible_name: hannah
ansible_host: 10.123.1.9
marge:
ansible_name: marge
ansible_host: 10.123.1.10
andy:
ansible_name: andy
ansible_host: 10.123.1.11
herman:
ansible_name: herman
ansible_host: 10.123.1.12
frink:
ansible_name: frink
ansible_host: 10.123.1.13
homer:
zwergente:
ansible_name: homer
ansible_host: 10.123.1.14
smaragdente:
ansible_name: smaragdente
ansible_host: 10.123.2.1
zwergente:
ansible_name: zwergente
ansible_host: 10.123.2.2
pekingente:
ansible_name: pekingente
ansible_host: 10.123.2.3
stockente:
ansible_name: stockente
ansible_host: 10.123.2.4

79
playbook.py Normal file
View file

@ -0,0 +1,79 @@
#!/usr/bin/env python
import yaml
import subprocess
import json
from getpass import getpass
import argparse
def parse_arguments():
parser = argparse.ArgumentParser(
description="Ansible-playbook wrapper for dynamic password input."
)
parser.add_argument("playbook", help="The path to the Ansible playbook.")
parser.add_argument(
"-i",
"--inventory",
default="inventory.yml",
help="The path to the inventory file.",
)
return parser.parse_args()
def load_playbook_targets(playbook_path):
# Load the playbook YAML and extract the hosts
with open(playbook_path, "r") as f:
playbook_data = yaml.safe_load(f)
return playbook_data[0].get("hosts", [])
def fetch_inventory(inventory_path):
inventory_json = subprocess.check_output(
["ansible-inventory", "-i", inventory_path, "--list"]
)
return json.loads(inventory_json)
def main():
args = parse_arguments()
playbook_targets = load_playbook_targets(args.playbook)
inventory = fetch_inventory(args.inventory)
# Determine targeted hosts
targeted_hosts = set()
if isinstance(playbook_targets, str):
if playbook_targets in inventory:
targeted_hosts.update(inventory[playbook_targets]["hosts"])
elif playbook_targets == "all":
targeted_hosts.update(inventory["_meta"]["hostvars"].keys())
elif isinstance(playbook_targets, list):
targeted_hosts.update(playbook_targets)
# Validate targeted hosts against inventory
valid_hosts = set(inventory["_meta"]["hostvars"].keys())
targeted_hosts.intersection_update(valid_hosts)
# Process each targeted host
for host in targeted_hosts:
print(f"Processing host: {host}")
become_pass = getpass(f"Enter become password for {host}: ")
# Execute Ansible playbook for each host
subprocess.run(
[
"ansible-playbook",
"-i",
args.inventory,
"--limit",
host,
args.playbook,
"--extra-vars",
f"ansible_become_pass={become_pass}",
]
)
if __name__ == "__main__":
main()

View file

@ -1,12 +1,10 @@
---
- name: Update and upgrade all Debian hosts
hosts: debian
become: yes
tasks:
- name: Update apt cache
apt:
update_cache: yes
become: true
- name: Upgrade all packages
apt:
tasks:
- name: Apt update and upgrade
ansible.builtin.apt:
update_cache: true
upgrade: dist

3
requirements.txt Normal file
View file

@ -0,0 +1,3 @@
ansible
ansible-lint
pyyaml