From 710adf958b323b0e0da2687adde2879a8543f454 Mon Sep 17 00:00:00 2001 From: Pi Date: Mon, 22 Jul 2019 10:01:38 -0400 Subject: [PATCH] - break out packages by os distro/version --- host.git | 70 +++++++++++ hosts | 182 ++++++++++++++++----------- roles/common/tasks/main.yaml | 14 +-- roles/common/vars/os_Raspbian_10.yml | 25 ++++ 4 files changed, 214 insertions(+), 77 deletions(-) create mode 100644 host.git create mode 100644 roles/common/vars/os_Raspbian_10.yml diff --git a/host.git b/host.git new file mode 100644 index 0000000..fd05947 --- /dev/null +++ b/host.git @@ -0,0 +1,70 @@ +# list all of the raspberry PI devices in the network +# the host name on each will be set to the first column +# it can be 1-20 characters, letters, digits, and hyphens +wes-host1 ansible_host=192.168.88.217 +wes-host2 ansible_host=192.168.88.240 +wes-host3 ansible_host=192.168.88.218 + +[ansible-hosts] +# there must only be one ansible-host. this is the device +# that will act as the configuration server +wes-host1 + +[pi] +# include all Raspberry Pi devces here +wes-host1 +wes-host2 +wes-host3 + +# use variables for passwords +# currently not implemented +[pi:vars] +vncpassword=vncpass99 +pipassword=pipassword99 + +[samba-server] +# it is best to have only one samba-server host +wes-host1 + +[smbclient] +# it would probably be best to limit this to 10 clients +wes-host2 +wes-host3 + +[public] +# not currently used +# +[snmpd] +# installs SNMP daemon +# +[netflows] +# installs flow client +# +[facebook] +# devices can be set up for facebook, salesforce or youtube +# these are mutually exclusive and must be checked by you as there +# is no automated process for that +wes-host1 + +[salesforce] +# see comment for facebook +wes-host2 + +[youtube] +# see comment for facebook +wes-host3 + +[ftpclient] + +[sipclient] +# generates VoIP traffic, signaling and media +wes-host1 +wes-host3 + +[sipserver] +# there must only be one sipserver +wes-host2 + +[ntopng] +# hosts running ntop + diff --git a/hosts b/hosts index fd05947..6b7a984 100644 --- a/hosts +++ b/hosts @@ -1,70 +1,112 @@ -# list all of the raspberry PI devices in the network -# the host name on each will be set to the first column -# it can be 1-20 characters, letters, digits, and hyphens -wes-host1 ansible_host=192.168.88.217 -wes-host2 ansible_host=192.168.88.240 -wes-host3 ansible_host=192.168.88.218 - -[ansible-hosts] -# there must only be one ansible-host. this is the device -# that will act as the configuration server -wes-host1 - -[pi] -# include all Raspberry Pi devces here -wes-host1 -wes-host2 -wes-host3 - -# use variables for passwords -# currently not implemented -[pi:vars] -vncpassword=vncpass99 -pipassword=pipassword99 - -[samba-server] -# it is best to have only one samba-server host -wes-host1 - -[smbclient] -# it would probably be best to limit this to 10 clients -wes-host2 -wes-host3 - -[public] -# not currently used -# -[snmpd] -# installs SNMP daemon -# -[netflows] -# installs flow client -# -[facebook] -# devices can be set up for facebook, salesforce or youtube -# these are mutually exclusive and must be checked by you as there -# is no automated process for that -wes-host1 - -[salesforce] -# see comment for facebook -wes-host2 - -[youtube] -# see comment for facebook -wes-host3 - -[ftpclient] - -[sipclient] -# generates VoIP traffic, signaling and media -wes-host1 -wes-host3 - -[sipserver] -# there must only be one sipserver -wes-host2 - -[ntopng] -# hosts running ntop - +sdwcltm2 ansible_host=192.168.50.2 site_clli=CRHMNJAW +sdwcltm3 ansible_host=192.168.201.55 site_clli=MTLRNJIK +sdwcltm5 ansible_host=192.168.35.1 site_clli=PHLJPAMT +sdwsrvm ansible_host=192.168.60.2 site_clli=WLGRPABW +sdwcltm8 ansible_host=192.168.150.2 site_clli=FTCLCORN +ubuntu-server-2 ansible_host=192.168.198.2 site_clli=CMCYCOJL +sdwcltm7 ansible_host=192.168.199.2 site_clli=SRSPNYGN +sdwsrvl ansible_host=192.168.90.2 site_clli=LSBGFL59 +sdwcltm4 ansible_host=192.168.100.2 site_clli=PROVUTZZ +sdwcltm6 ansible_host=192.168.200.34 site_clli=PHLJPAMT +ubuntu-server-1 ansible_host=192.168.201.2 site_clli=MTLRNJIK +sdwcltm9 ansible_host=192.168.200.163 site_clli=NRCRGAQN +#192.168.201.3 +ipsectest1 ansible_host=192.168.201.90 +ssh-jump ansible_host=192.168.201.9 + +[pi] +sdwcltm2 +sdwcltm3 +sdwcltm5 +sdwsrvm +sdwcltm8 +sdwcltm6 +sdwcltm7 +sdwsrvl +sdwcltm4 +#192.168.201.3 + +[samba-server] +ipsectest1 + +[smbclient] +sdwcltm2 +sdwcltm3 +ubuntu-server-1 +sdwcltm5 +sdwsrvm +sdwcltm8 +sdwcltm6 +sdwcltm7 +sdwsrvl +sdwcltm4 +sdwcltm9 + +[public] +ubuntu-server-1 + +[snmpd] +#192.168.201.3 +sdwcltm2 +sdwcltm3 +sdwcltm6 +sdwcltm8 + +[netflows] +sdwcltm2 +sdwcltm3 +sdwcltm5 +sdwcltm6 +sdwcltm7 +sdwcltm4 +sdwcltm8 +sdwcltm9 +sdwsrvm +sdwsrvl +ubuntu-server-1 +ubuntu-server-2 + +[facebook] +sdwcltm5 +sdwsrvm +sdwcltm4 + +[salesforce] +sdwcltm3 +sdwcltm6 +sdwcltm7 +sdwsrvl +sdwcltm8 + +[youtube] +sdwcltm2 +sdwcltm3 + +[ftpclient] +sdwcltm2 +sdwcltm3 +sdwcltm4 +sdwcltm5 +sdwcltm6 +sdwcltm7 +sdwcltm8 +sdwsrvm +ubuntu-server-1 + +[sipclient] +sdwcltm2 +sdwcltm3 +sdwcltm4 +sdwcltm5 +sdwcltm6 +sdwcltm7 +sdwcltm8 +sdwcltm9 +sdwsrvl +sdwsrvm + +[sipserver] +ubuntu-server-2 + +[ntopng] +sdwcltm6 diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml index 48fc604..4bb895b 100644 --- a/roles/common/tasks/main.yaml +++ b/roles/common/tasks/main.yaml @@ -1,4 +1,7 @@ --- +- name: Include OS-specific variables + include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml" + - name: Upgrade all packages to the latest version become: true apt: @@ -23,13 +26,10 @@ content: "{{ lookup('template', '{{ role_path }}/templates/hosts.j2') }}" state: present tags: update_hosts -- name: install programs and libraries - become: true - apt: - name: [ 'expect', 'ftp', 'cadaver', 'iperf', 'iperf3', 'libpcap0.8', 'libsctp1', 'libsctp-dev', 'libncurses-dev', 'libssl-dev', 'libpcap-dev', 'vim', 'mc', 'smbclient', 'ncurses-dev', 'build-essential', 'openvpn', 'lightdm', 'lxde', 'realvnc-vnc-server', 'aptitude', 'chromium-browser', 'raspberrypi-ui-mods' ] - update_cache: true - state: present - tags: install_packages +- name: install required packages + package: + name: "{{ dependency_packages }}" + state: present - name: set hostname become: true hostname: diff --git a/roles/common/vars/os_Raspbian_10.yml b/roles/common/vars/os_Raspbian_10.yml new file mode 100644 index 0000000..fb8d97b --- /dev/null +++ b/roles/common/vars/os_Raspbian_10.yml @@ -0,0 +1,25 @@ +dependency_packages: + - name: + - expect + - ftp + - cadaver + - iperf + - iperf3 + - libpcap0.8 + - libsctp1 + - libsctp-dev + - libncurses-dev + - libssl-dev + - libpcap-dev + - vim + - mc + - smbclient + - ncurses-dev + - build-essential + - openvpn + - lightdm + - lxde + - realvnc-vnc-server + - aptitude + - chromium-browser + - raspberrypi-ui-mods