Basic folder structure
. ├── ansible.cfg <-- The ansible configuration file ├── files │ └── <filename>.conf <-- General files ├── host_vars │ └── <host>.yml <-- Variables for specic <host>s ├── inventory <-- The inventory ├── requirements.txt <-- Optional a requirements-file for the python virtual environment ├── roles │ └── <your_role> <-- Your role │ ├── defaults <-- With default paremeters, if you don't define them in your playbook │ │ └── main.yml │ ├── files <-- Files for this role │ │ └── <filename>.conf │ ├── handlers <-- Handlers to trigger post actions to e.g. restart a service services │ │ └── main.yml │ ├── tasks <-- The "playbook" of this role │ │ └── main.yml │ └── templates <-- Template for this role │ └── <role_template>.j2 ├── secrets <-- Secrets (e.g. passwords, ...) - You should encrypt this with ansible-vault ├── site.yml <-- Your main playbook ├── templates <-- General templates │ └── <template>.j2 └── vpass.txt <-- Optional a file to store the vault password (configuration in ansible.cfg)
Precondtions
requirements.txt
You need to define the modules / libraries to be installed. You need at least the module ansible. The following requirements are recommended:
ansible ansible-lint
Create the virtual environment
With the following commands...
$ python -m venv venv $ source venv/bin/activate $ pip install -r requirements.txt
If you want to use ansible in a later session, you just need the source command to enable the ansible environment.
Client precondtion
You need a client which is reachable via ssh with a key, so that you don't need to give a password. You need to know the sudo passsword to get privileged access.
$ ssh -i ~/.ssh/ansible ansible@<hostname> ansible@<hostname>:~ $
Basic configuration / Setup
In the basic setup, you will get an example for every file / folder. You should be able to
ansible.cfg
[defaults] inventory = inventory private_key_file = ~/.ssh/ansible remote_user=ansible vault_password_file=vpass.txt
host_vars
<your_key>: <your_value>
inventory
[all] <hostname>
secrets
A file in yaml format, to define som secret stuff passwords. You should encode this File with ansible-vault.
site.yml
Your playbook
templates
Jinja template
vpass.txt
Just a password to decrypt your encrypted files. You can also give this password on the command line.