- separate out package update to its own role

- further refinements
2019-07-25 08:54:41 -04:00
parent 3ef23484d8
commit f16d598797
7 changed files with 164 additions and 80 deletions
--- a/host.git
+++ b/host.git
@@ -10,6 +10,12 @@ wes-host3 ansible_host=192.168.88.218
 # that will act as the configuration server
 wes-host1

+[update]
+# machines for auto package update
+# this allows for excluding certain
+# machines from automatically updating
+# installed packages
+
 [pi]
 # include all Raspberry Pi devces here
 wes-host1
--- a/195
+++ b/195
@@ -1,74 +1,121 @@
-# list all of the raspberry PI devices in the network
-# the host name on each will be set to the first column
-# it can be 1-20 characters, letters, digits, and hyphens
-wes-host1 ansible_host=127.0.0.1
-#wes-host2 ansible_host=192.168.88.240
-#wes-host3 ansible_host=192.168.88.218
-
-[ansible-hosts]
-# there must only be one ansible-host.  this is the device
-# that will act as the configuration server
-wes-host1
-
-[pi]
-# include all Raspberry Pi devces here
-wes-host1
-
-#wes-host2
-#wes-host3
-
-# use variables for passwords
-# currently not implemented
-[pi:vars]
-vncpassword=vncpass99
-pipassword=pipassword99
-
-[samba-server]
-# it is best to have only one samba-server host
-wes-host1
-
-[smbclient]
-# it would probably be best to limit this to 10 clients
-#wes-host2
-#wes-host3
-
-[public]
-# not currently used
-#
-[snmpd]
-# installs SNMP daemon
-#
-wes-host1
-
-[netflows]
-# installs flow client
-#
-[facebook]
-# devices can be set up for facebook, salesforce or youtube
-# these are mutually exclusive and must be checked by you as there
-# is no automated process for that
-wes-host1
-
-[salesforce]
-# see comment for facebook
-#wes-host2
-
-[youtube]
-# see comment for facebook
-#wes-host3
-
-[ftpclient]
-
-[sipclient]
-# generates VoIP traffic, signaling and media
-wes-host1
-#wes-host3
-
-[sipserver]
-# there must only be one sipserver
-#wes-host2
-wes-host1
-
-[ntopng]
-# hosts running ntop
-wes-host1
+sdwcltm2	ansible_host=192.168.50.2	site_clli=CRHMNJAW
+sdwcltm3	ansible_host=192.168.201.55	site_clli=MTLRNJIK
+sdwcltm5	ansible_host=10.8.0.8		site_clli=PHLJPAMT
+sdwsrvm		ansible_host=192.168.60.2	site_clli=WLGRPABW
+sdwcltm8 	ansible_host=192.168.150.2	site_clli=FTCLCORN
+ubuntu-server-2	ansible_host=192.168.198.2	site_clli=CMCYCOJL
+sdwcltm7	ansible_host=192.168.199.2	site_clli=SRSPNYGN
+sdwsrvl		ansible_host=192.168.90.2	site_clli=LSBGFL59
+sdwcltm4	ansible_host=192.168.100.2	site_clli=PROVUTZZ
+sdwcltm6	ansible_host=192.168.200.34	site_clli=PHLJPAMT
+ubuntu-server-1	ansible_host=192.168.201.2	site_clli=MTLRNJIK
+sdwcltm9	ansible_host=192.168.200.163 	site_clli=NRCRGAQN
+#192.168.201.3
+ipsectest1	ansible_host=192.168.201.90
+ssh-jump	ansible_host=192.168.201.9
+
+[ansible-host]
+ubuntu-server-1
+
+[update]
+# machines for auto package update
+# this allows for excluding certain
+# machines from automatically updating
+# installed packages
+sdwcltm2
+sdwcltm3
+sdwcltm5
+sdwsrvm
+sdwcltm8
+sdwcltm7
+sdwsrvl
+sdwcltm4
+sdwcltm6
+sdwcltm9
+ipsectest1
+
+[pi]
+sdwcltm2
+sdwcltm3
+sdwcltm5
+sdwsrvm
+sdwcltm8
+sdwcltm6
+sdwcltm7
+sdwsrvl
+sdwcltm4
+#192.168.201.3
+
+[samba-server]
+ipsectest1
+
+[smbclient]
+sdwcltm2
+sdwcltm3
+ubuntu-server-1
+sdwcltm5
+sdwsrvm
+sdwcltm8
+sdwcltm6
+sdwcltm7
+sdwsrvl
+sdwcltm4
+sdwcltm9
+
+[public]
+ubuntu-server-1
+
+[snmpd]
+#192.168.201.3
+sdwcltm2
+sdwcltm3
+sdwcltm6
+sdwcltm8
+
+[netflows]
+
+[facebook]
+sdwcltm5
+sdwsrvm
+sdwcltm4
+
+[salesforce]
+sdwcltm3
+sdwcltm6
+sdwcltm7
+sdwsrvl
+sdwcltm8
+
+[youtube]
+sdwcltm2
+sdwcltm3
+
+[ftpclient]
+sdwcltm2
+sdwcltm3
+sdwcltm4
+sdwcltm5
+sdwcltm6
+sdwcltm7
+sdwcltm8
+sdwsrvm
+ubuntu-server-1
+
+[sipclient]
+sdwcltm2
+sdwcltm3
+sdwcltm4
+sdwcltm5
+sdwcltm6
+sdwcltm7
+sdwcltm8
+sdwcltm9
+sdwsrvl
+sdwsrvm
+
+[sipserver]
+ubuntu-server-2
+
+[ntopng]
+sdwcltm5
+sdwcltm6
--- a/main.yaml
+++ b/main.yaml
@@ -1,4 +1,7 @@
 ---
+- hosts: update
+  roles:
+          - update
 - hosts: netflows
  roles:
          - netflows
--- a/roles/common/tasks/main.yaml
+++ b/roles/common/tasks/main.yaml
@@ -2,12 +2,6 @@
 - name: Include OS-specific variables
  include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml"

- name: Upgrade all packages to the latest version
-  become: true
-  apt:
-          upgrade: yes
-          update_cache: yes
-  tags: apt_upgrade
 - name: Create directories
  file:
          path: "{{ item }}"
--- a/roles/ntopng/tasks/main.yaml
+++ b/roles/ntopng/tasks/main.yaml
@@ -1,4 +1,16 @@
 ---
+- name: check if nDPI exists
+  stat:
+          path: "{{ ansible_user_dir }}/nDPI/src/lib/libndpi.so.2.9.0"
+  register: nDPI_installed
+- name: check if ntopng built
+  stat:
+          path: "{{ ansible_user_dir }}/ntopng/ntopng"
+  register: ntopng_built
+- name: check if ntopng installed
+  stat:
+          path: "/usr/local/bin/ntopng"
+  register: ntopng_installed
 - name: Include OS-specific variables
  include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml"
 - name: install package dependencies
@@ -10,49 +22,61 @@
  git:
          repo: https://github.com/ntop/nDPI.git
          dest: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: clone ntopng
  git:
          repo: https://github.com/ntop/ntopng.git
          dest: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: run nDPI autogen.sh
  command: "./autogen.sh"
  args:
          chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: configure nDPI
  command: "./configure --with-pic"
  args:
          chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: build nDPI
  command: "make -j 3"
  args:
          chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: run ntopng autogen.sh
  command: "./autogen.sh"
  args:
          chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: run ntopng configure
  command: "./configure"
  args:
          chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: build ntopng
  command: "make -j 3"
  args:
          chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: install
  become: yes
  command: "make install"
  args:
          chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_installed.stat.exists == false
+  tags: test
 - name: create ntopng group
  become: yes
  group:
          name: ntopng
          state: present
+  tags: test
 - name: creaate ntopng user
  become: yes
  user:
          name: ntopng
          group: ntopng
+  tags: test
 - name: create directories
  become: yes
  file:
@@ -64,6 +88,7 @@
          - /var/nst/ntopng
          - /usr/share/ntopng
          - /etc/ntopng
+  tags: test
 - name: copy files
  become: yes
  copy:
@@ -75,6 +100,7 @@
          - { src: "{{ role_path }}/files/ntopng", dest: "/etc/default/ntopng" }
          - { src: "{{ role_path }}/files/ntopng.conf", dest: "/etc/ntopng/ntopng.conf" }
          - { src: "{{ role_path }}/files/ntopng.service", dest: "/etc/systemd/system/ntopng.service" }
+  tags: test
 - name: reload systemd
  become: true
  systemd:
--- a/roles/ntopng/vars/os_Raspbian_9.yml
+++ b/roles/ntopng/vars/os_Raspbian_9.yml
@@ -11,3 +11,4 @@ ntopng_dependency_packages:
  - libglib2.0-dev
  - redis-server
  - libmaxminddb-dev
+  - libjson-c-dev
--- a/roles/update/tasks/main.yaml
+++ b/roles/update/tasks/main.yaml
@@ -0,0 +1,7 @@
+---
+- name: Update all packages to the latest version
+  become: true
+  apt:
+          upgrade: yes
+          update_cache: yes
+  tags: apt_upgrade