- separate out package update to its own role

- further refinements

host.git

@@ -10,6 +10,12 @@ wes-host3 ansible_host=192.168.88.218
 # that will act as the configuration server
 wes-host1
 
+[update]
+# machines for auto package update
+# this allows for excluding certain
+# machines from automatically updating
+# installed packages
+
 [pi]
 # include all Raspberry Pi devces here
 wes-host1

hosts

@@ -1,74 +1,121 @@
-# list all of the raspberry PI devices in the network
+sdwcltm2	ansible_host=192.168.50.2	site_clli=CRHMNJAW
-# the host name on each will be set to the first column
+sdwcltm3	ansible_host=192.168.201.55	site_clli=MTLRNJIK
-# it can be 1-20 characters, letters, digits, and hyphens
+sdwcltm5	ansible_host=10.8.0.8		site_clli=PHLJPAMT
-wes-host1 ansible_host=127.0.0.1
+sdwsrvm		ansible_host=192.168.60.2	site_clli=WLGRPABW
-#wes-host2 ansible_host=192.168.88.240
+sdwcltm8 	ansible_host=192.168.150.2	site_clli=FTCLCORN
-#wes-host3 ansible_host=192.168.88.218
+ubuntu-server-2	ansible_host=192.168.198.2	site_clli=CMCYCOJL
+sdwcltm7	ansible_host=192.168.199.2	site_clli=SRSPNYGN
+sdwsrvl		ansible_host=192.168.90.2	site_clli=LSBGFL59
+sdwcltm4	ansible_host=192.168.100.2	site_clli=PROVUTZZ
+sdwcltm6	ansible_host=192.168.200.34	site_clli=PHLJPAMT
+ubuntu-server-1	ansible_host=192.168.201.2	site_clli=MTLRNJIK
+sdwcltm9	ansible_host=192.168.200.163 	site_clli=NRCRGAQN
+#192.168.201.3
+ipsectest1	ansible_host=192.168.201.90
+ssh-jump	ansible_host=192.168.201.9
 
-[ansible-hosts]
+[ansible-host]
-# there must only be one ansible-host.  this is the device
+ubuntu-server-1
-# that will act as the configuration server
+
-wes-host1
+[update]
+# machines for auto package update
+# this allows for excluding certain
+# machines from automatically updating
+# installed packages
+sdwcltm2
+sdwcltm3
+sdwcltm5
+sdwsrvm
+sdwcltm8
+sdwcltm7
+sdwsrvl
+sdwcltm4
+sdwcltm6
+sdwcltm9
+ipsectest1
 
 [pi]
-# include all Raspberry Pi devces here
+sdwcltm2
-wes-host1
+sdwcltm3
-
+sdwcltm5
-#wes-host2
+sdwsrvm
-#wes-host3
+sdwcltm8
-
+sdwcltm6
-# use variables for passwords
+sdwcltm7
-# currently not implemented
+sdwsrvl
-[pi:vars]
+sdwcltm4
-vncpassword=vncpass99
+#192.168.201.3
-pipassword=pipassword99
 
 [samba-server]
-# it is best to have only one samba-server host
+ipsectest1
-wes-host1
 
 [smbclient]
-# it would probably be best to limit this to 10 clients
+sdwcltm2
-#wes-host2
+sdwcltm3
-#wes-host3
+ubuntu-server-1
+sdwcltm5
+sdwsrvm
+sdwcltm8
+sdwcltm6
+sdwcltm7
+sdwsrvl
+sdwcltm4
+sdwcltm9
 
 [public]
-# not currently used
+ubuntu-server-1
-#
+
 [snmpd]
-# installs SNMP daemon
+#192.168.201.3
-#
+sdwcltm2
-wes-host1
+sdwcltm3
+sdwcltm6
+sdwcltm8
 
 [netflows]
-# installs flow client
+
-#
 [facebook]
-# devices can be set up for facebook, salesforce or youtube
+sdwcltm5
-# these are mutually exclusive and must be checked by you as there
+sdwsrvm
-# is no automated process for that
+sdwcltm4
-wes-host1
 
 [salesforce]
-# see comment for facebook
+sdwcltm3
-#wes-host2
+sdwcltm6
+sdwcltm7
+sdwsrvl
+sdwcltm8
 
 [youtube]
-# see comment for facebook
+sdwcltm2
-#wes-host3
+sdwcltm3
 
 [ftpclient]
+sdwcltm2
+sdwcltm3
+sdwcltm4
+sdwcltm5
+sdwcltm6
+sdwcltm7
+sdwcltm8
+sdwsrvm
+ubuntu-server-1
 
 [sipclient]
-# generates VoIP traffic, signaling and media
+sdwcltm2
-wes-host1
+sdwcltm3
-#wes-host3
+sdwcltm4
+sdwcltm5
+sdwcltm6
+sdwcltm7
+sdwcltm8
+sdwcltm9
+sdwsrvl
+sdwsrvm
 
 [sipserver]
-# there must only be one sipserver
+ubuntu-server-2
-#wes-host2
-wes-host1
 
 [ntopng]
-# hosts running ntop
+sdwcltm5
-wes-host1
+sdwcltm6

main.yaml

@@ -1,4 +1,7 @@
 ---
+- hosts: update
+  roles:
+          - update
 - hosts: netflows
   roles:
           - netflows

roles/common/tasks/main.yaml

@@ -2,12 +2,6 @@
 - name: Include OS-specific variables
   include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml"
 
-- name: Upgrade all packages to the latest version
-  become: true
-  apt:
-          upgrade: yes
-          update_cache: yes
-  tags: apt_upgrade
 - name: Create directories
   file:
           path: "{{ item }}"

roles/ntopng/tasks/main.yaml

@@ -1,4 +1,16 @@
 ---
+- name: check if nDPI exists
+  stat:
+          path: "{{ ansible_user_dir }}/nDPI/src/lib/libndpi.so.2.9.0"
+  register: nDPI_installed
+- name: check if ntopng built
+  stat:
+          path: "{{ ansible_user_dir }}/ntopng/ntopng"
+  register: ntopng_built
+- name: check if ntopng installed
+  stat:
+          path: "/usr/local/bin/ntopng"
+  register: ntopng_installed
 - name: Include OS-specific variables
   include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml"
 - name: install package dependencies
@@ -10,49 +22,61 @@
   git:
           repo: https://github.com/ntop/nDPI.git
           dest: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: clone ntopng
   git:
           repo: https://github.com/ntop/ntopng.git
           dest: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: run nDPI autogen.sh
   command: "./autogen.sh"
   args:
           chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: configure nDPI
   command: "./configure --with-pic"
   args:
           chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: build nDPI
   command: "make -j 3"
   args:
           chdir: "{{ ansible_user_dir }}/nDPI"
+  when: nDPI_installed.stat.exists == false
 - name: run ntopng autogen.sh
   command: "./autogen.sh"
   args:
           chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: run ntopng configure
   command: "./configure"
   args:
           chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: build ntopng
   command: "make -j 3"
   args:
           chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_built.stat.exists == false
 - name: install
   become: yes
   command: "make install"
   args:
           chdir: "{{ ansible_user_dir }}/ntopng"
+  when: ntopng_installed.stat.exists == false
+  tags: test
 - name: create ntopng group
   become: yes
   group:
           name: ntopng
           state: present
+  tags: test
 - name: creaate ntopng user
   become: yes
   user:
           name: ntopng
           group: ntopng
+  tags: test
 - name: create directories
   become: yes
   file:
@@ -64,6 +88,7 @@
           - /var/nst/ntopng
           - /usr/share/ntopng
           - /etc/ntopng
+  tags: test
 - name: copy files
   become: yes
   copy:
@@ -75,6 +100,7 @@
           - { src: "{{ role_path }}/files/ntopng", dest: "/etc/default/ntopng" }
           - { src: "{{ role_path }}/files/ntopng.conf", dest: "/etc/ntopng/ntopng.conf" }
           - { src: "{{ role_path }}/files/ntopng.service", dest: "/etc/systemd/system/ntopng.service" }
+  tags: test
 - name: reload systemd
   become: true
   systemd:

roles/ntopng/vars/os_Raspbian_9.yml

@@ -11,3 +11,4 @@ ntopng_dependency_packages:
   - libglib2.0-dev
   - redis-server
   - libmaxminddb-dev
+  - libjson-c-dev

roles/update/tasks/main.yaml

@@ -0,0 +1,7 @@
+---
+- name: Update all packages to the latest version
+  become: true
+  apt:
+          upgrade: yes
+          update_cache: yes
+  tags: apt_upgrade