Monday, 12 August 2019

Ansible vault with roles



The Ansible vault implementation is best leveraged in conjunction with roles. Roles (as we discussed earlier) allow us to modularize our playbooks and reuse functionality within them. The specific area of the roles implementation we are going to look at would be the vars folder. The vars folder is where we define our variables and data points that are then used by the tasks and plays.
To begin with this tutorial, let's start by creating an Ansible playbook with the following folder and file structure (the contents of the files can be blank for now, as we will fill in the details in just a moment):
Once created, there are a few things that should become immediately apparent. The first is that the playbook we are creating is a simple vault test with a single role and a sensitive_data variable's implementation. Also, as you may have guessed, we will be using the sensitive_data.yml file to store our super secret information. The contents of this file should reflect the following:

---



secret_text: |



  The contents of this message are secret. This tape will explode in 5 seconds.
As we can see from the provided file content, we have a simple vars file with a variable defined within, titled secret_text.
The YAML syntax supports multi-line variable implementations. This is accomplished via the | or pipe character, which is provided at the end of the line.
Now that sensitive data has been created, let's encrypt our vars file using the Ansible vault encrypt command. This is accomplished via the following command-line entry:
#> ansible-vauult encrypt sensitive_data.yml
Now that the file is encrypted, we can create our role file, call it the main.yml file, and populate our role information. The contents of main.yml should look like the following:

---



- include_vars: sensitive_data.yml



- name: Copy sensitive data file from Ansible control server to target hosts



  copy:



    content="{{secret_text}}"



    dest=/tmp/secret_text.txt
Finally, let's create our playbook.yml file. These files are going to be really simple and only point to a single role (vaulttest). Let's take a look at the contents of these files:

---



# File: playbook.yml

- hosts: all

roles:


 - { role: vaulttest }
Now that we have all our files created, let's go ahead and commit our code to source control (if applicable) and test it out. The command to run the solution is provided next:
#> ansible-playbook -i 'localhost,' -c local playbook.yml --ask-vault-pass
The following is the output you should see when running it:
- No comments:

Friday, 2 August 2019

Run Django Server Permanently




=> Screen
=> Python manage.py runserver

After these two commands your django server will start.
Now its time to close your terminal. So press CTRL+a and CTRL+d  and close your terminal.
your server will not stop.
- No comments:

Thursday, 1 August 2019

ERROR! failed to combine variables, expected dicts but got a 'dict' and a 'Ansible Sequence':



=> Var folder in role does not support  " - Include "
- No comments:
Subscribe to: Comments (Atom)

Git

1 git add ↳ It lets you add changes from the working directory into the staging area 2 git commit ↳ It lets you save a snapshot of currently...