搜索 收起

汇总all

编辑

临时总结

您的位置 首页 ansible自动化运维

ansible roles basic

白眉大叔 白眉大叔 发布于 2023年4月21日 评论关闭 阅读(338)

重构所有的服务到roles角色中
1.写一个基础roles角色 basic (对所有服务器初始化角色)

#1.关闭防火墙
#2.关闭selinux
#3.关闭NetworkManager
#4.修改默认的YUM仓库
#5.安装扩展epel源
#6.安装常用软件命令
#7.时间同步
#8.创建虚拟用户www
#9.加大文件描述符
#10.nginx_yum_repository

 

最新版本

[root@m01 /etc/ansible/roles/basic/tasks]#cat main.yml 
- name: Create www group
  group:
   name: www
   gid: 666
- name: create user www
  user:
    name: www
    uid: 666
    group: www
    shell: /sbin/nologin
    create_home: false
- name: install soft
  yum: 
   name: 
     - nmap
     - psmisc
   state: present
- name:  ntpdate 5
  cron:
    name: "每5分钟时间同步"
    minute: " */5 "
    job: "ntpdate ntp1.aliyun.com &>/dev/null"      

  

#- name: "debug"
#  debug: 
#    msg: "{{ aaa }}"

- name: Put SELinux in permissive mode, logging actions that would be blocked.
  selinux:
    policy: targeted
    state: disabled

- name: shut down firewalld
  systemd:
    name: firewalld
    state: stopped
    enabled: no
- name: Set sysctl filel limite
  pam_limits:
    dest: "{{ item.dest }}"
    domain: "*"
    limit_type: "{{ item.limit_type }}"
    limit_item: "{{ item.limit_item }}"
    value: "{{ item.value }}"
  loop: 
    - { dest: '/etc/security/limits.conf', limit_type: 'soft', limit_item: 'nofile', value: '655350' }
    - { dest: '/etc/security/limits.conf', limit_type: 'hard', limit_item: 'nofile', value: '655350' }
- name: install Packages
  yum: 
    name: "{{ item }}"
    state: present
  loop: 
    - vim
    - tree
    - lrzsz
    - wget
    - unzip
    - net-tools
    - MySQL-python
    - ntpdate
    - bash-completion.noarch
    - bash-completion-extras.noarch

 

 

之前的版本

[root@m01 /etc/ansible/roles/basic]#cat tasks/main.yml
- name: Create www group
group:
name: www
gid: 666
- name: create user www
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: install soft
yum:
name:
- nmap
- psmisc
state: present
- name: ntpdate 5
cron:
name: "每5分钟时间同步"
minute: " */5 "
job: "ntpdate ntp1.aliyun.com &>/dev/null"

- name:
shell: "grep '* - nofile 65535' /etc/security/limits.conf| wc -l"
register: aaa

- name: file miaoshufu 65535
shell:
cmd: echo '* - nofile 65535' >> /etc/security/limits.conf
when: aaa.stdout == "0"

#- name: "debug"
# debug:
# msg: "{{ aaa }}"

- name: Put SELinux in permissive mode, logging actions that would be blocked.
selinux:
policy: targeted
state: disabled

- name: shut down firewalld
systemd:
name: firewalld
state: stopped
enabled: no
# tasks file for basic


 

欢迎来撩 : 汇总all

点赞(87)
白眉大叔

关于白眉大叔linux云计算: 白眉大叔

相关文章

热门文章

1m2是x86还是arm

点赞(300) 阅读(1,990)

2docker修改数据存储目录(docker数据目录更改)

点赞(295) 阅读(1,748)

3vmware虚拟机安装centos7.9(企业级安装步骤-个人也可以)centos安装

点赞(328) 阅读(1,698)

4linux开机自动挂载硬盘

点赞(315) 阅读(1,666)

5test

点赞(327) 阅读(1,575)