Fritzlab Ansible Playbooks
Proxmox Hosts
We manage Proxmox hosts via Ansible. The following playbook will set the Proxmox settings for all hosts in the inventory file.
$ ansible-playbook --vault-password-file vault-password compute/playbook-host-proxmox.yaml -i compute/inventory-host-proxmox.yaml
Dell iDRAC
We manage Dell iDRAC settings via Ansible (via Redfish API). The following playbook will set the iDRAC settings for all hosts in the inventory file.
$ ansible-playbook --vault-password-file vault-password compute/playbook-machine-idrac.yaml -i compute/inventory-machine-idrac.yaml
Secrets
We use ansible-vault to encrypt secrets.
The vault password is assumed to be available in a file called vault-password
.
This password file is not stored in the repository and must be created by the user.
It is stored in 1Password under the name Ansible Vault Password
.
Add new secret into an inventory file
Here is how to encrypt a new secret with ansible-vault:
$ ansible-vault encrypt_string --vault-password-file vault-password <super-secret-text>
!vault |
$ANSIBLE_VAULT;1.1;AES256
64383837303638393966666536323131376366613531613966633532633439343961663934373263
6237393730666235326365326430396231623031613166340a386363653865656432373138616232
34393765326262373435373334653838366562616465333536633335356637353335333839613233
6337316139363334650a393238656266643965333630343166366335616539393838366333323934
65616636656235373738306561316431336232376165356465623232313465303435
The result is a string that can be used in a playbook.
dell_machines:
hosts:
host001:
idrac_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
65356164386561376463613762323663633466653432643561313230393131356635646361353265
6437613034393061336565366465656539326366326430650a366331383165333136326535633833
39336366666137623230393261633166313837303432653336636363393936323133636366313636
3738316235663337370a333031643466323962643034313433666236313831643861656461643833
35316235356566333761333635356337373632646365343364373563613034636334
Description
Languages
Jinja
100%