dfritz/playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2 Commits 1 Branch 0 Tags 38 KiB
Jinja 100%
main
Go to file
Donavan Fritz 004e149fe5 add msp
2024-09-30 20:35:21 -05:00
compute add msp 2024-09-30 20:35:21 -05:00
.gitignore initial migration and clean-up from previous repo 2024-06-07 13:43:00 -07:00
README.md initial migration and clean-up from previous repo 2024-06-07 13:43:00 -07:00

README.md

Fritzlab Ansible Playbooks

Proxmox Hosts

We manage Proxmox hosts via Ansible. The following playbook will set the Proxmox settings for all hosts in the inventory file.

$ ansible-playbook --vault-password-file vault-password compute/playbook-host-proxmox.yaml -i compute/inventory-host-proxmox.yaml

Dell iDRAC

We manage Dell iDRAC settings via Ansible (via Redfish API). The following playbook will set the iDRAC settings for all hosts in the inventory file.

$ ansible-playbook --vault-password-file vault-password compute/playbook-machine-idrac.yaml -i compute/inventory-machine-idrac.yaml

Secrets

We use ansible-vault to encrypt secrets. The vault password is assumed to be available in a file called vault-password. This password file is not stored in the repository and must be created by the user. It is stored in 1Password under the name Ansible Vault Password.

Add new secret into an inventory file

Here is how to encrypt a new secret with ansible-vault:

$ ansible-vault encrypt_string --vault-password-file vault-password <super-secret-text>
!vault |
          $ANSIBLE_VAULT;1.1;AES256
          64383837303638393966666536323131376366613531613966633532633439343961663934373263
          6237393730666235326365326430396231623031613166340a386363653865656432373138616232
          34393765326262373435373334653838366562616465333536633335356637353335333839613233
          6337316139363334650a393238656266643965333630343166366335616539393838366333323934
          65616636656235373738306561316431336232376165356465623232313465303435

The result is a string that can be used in a playbook.

dell_machines:
  hosts:
    host001:
      idrac_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          65356164386561376463613762323663633466653432643561313230393131356635646361353265
          6437613034393061336565366465656539326366326430650a366331383165333136326535633833
          39336366666137623230393261633166313837303432653336636363393936323133636366313636
          3738316235663337370a333031643466323962643034313433666236313831643861656461643833
          35316235356566333761333635356337373632646365343364373563613034636334