Create an ec2 instance using anisble

---

- name: Create an ec2 instance
  hosts: web
  gather_facts: false

  vars:
      region: us-east-1
      instance_type: t2.micro
      ami: ami-05ea7729e394412c8
      keypair:

  tasks:

    - name: Create an ec2 instance
      ec2:
         aws_access_key: '********************'
         aws_secret_key: '****************************************'
         key_name: "{{ keypair }}"
         group: launch-wizard-26
         instance_type: "{{ instance_type }}"
         image: "{{ ami }}"
         wait: true
         region: "{{ region }}"
         count: 1
         vpc_subnet_id: subnet-02f498e16fd56c277
         assign_public_ip: yes
    register: ec2

Install software on remote windows machine

### Input Declaration

$targetHost = "localhost";
$targerFilePath = "\\$computer\C$\Tasks\Gateway"
$sourceFilePath = "c:\scripts\Tasks\*"
$ansibleInstallerPath = "c:\windows\Tasks\Cyberduck-Installer-7.0.1.30930.exe";
$pythonInstallerPath = "c:\windows\Tasks\Cyberduck-Installer-7.0.1.30930.exe";



### MainCode
   

### Check existence of gateway file and copy
if(![System.IO.File]::Exists($path))
  {
   ### Gateway Folder already Exists
   Write-Host "GatewayFolder already exists.";
   ###Copy all the content from engine & paste all the remote gateway
   Write-Host "Copy all the content from engine to gateway";
   Copy-Item $sourceFilePath $targerFilePath
 
        ###Trigger Ansible installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'ansible' }) -ne $null
              If(-Not $installed)
        {
        Write-Host "Ansible  NOT is installed.";
            Write-Host "Installing ansible";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $ansibleInstallerPath -ArgumentList '/silent' -Wait
                }
         }
         else
         {
        Write-Host "Ansible is already installed."
         }

        ###Trigger Python installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'Python' }) -ne $null

        If(-Not $installed)
        {
        Write-Host "Python  NOT is installed.";
            Write-Host "Installing Python";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $pythonInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Pyhton is already installed."
         }


        }
 else
 {
   ### Create Gateway Folder
    New-item -itemtype directory -path "Gateway"
      if(![System.IO.File]::Exists($path))
        {

           ###Copy all the content from engine & paste all the remote gateway 
              Copy-Item $sourceFilePath $targerFilePath

              Start-Sleep -s 15

           ###Trigger Ansible installer
              $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'ansible' }) -ne $null

              If(-Not $installed)
        {
        Write-Host "Ansible  NOT is installed.";
            Write-Host "Installing ansible";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $ansibleInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Ansible is already installed."
         }

    ###Trigger Python installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'Python' }) -ne $null

        If(-Not $installed)
        {
        Write-Host "Python  NOT is installed.";
            Write-Host "Installing Python";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $pythonInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Pyhton is already installed."
         }


        }
 

        }
        else
        {
          ### Unable to create Gateway Folder

                   Write-Host "Unable to create Gateway folder"
        }

Install software on remote linux machine

### Input Declaration

targetHost=localhost
targerFolderPath=/opt/raghu/gateway
sourceFolderPath=/tmp
ansibleInstallerPath=/opt/raghu
pythonInstallerPath=/opt/raghu


### Main Code

### Check existance of gateway file and copy

if [ -d $targerFolderPath ]; then
     echo "$targerFolderPath exist"
     #Copy all the content from engine & paste all the remote gateway
      sshpass -p "Pass@123" scp -r /tmp root@localhost:/opt/raghu/gateway


          if command -v python3.6 &>/dev/null; then
           echo Python 3 is already installed
           exit 1
          else
           echo Python 3 is not installed
           yum install gcc openssl-devel bzip2-devel -y
           cd /usr/src
           wget https://www.python.org/ftp/python/3.6.8/Python-3.6.8.tgz
           tar xzf Python-3.6.8.tgz
           cd Python-3.6.8
           ./configure --enable-optimizations
           make altinstall
           rm /usr/src/Python-3.6.8.tgz
           if command -v python3.6 &>/dev/null; then
              echo Python 3 is installed
              if command -v ansible &>/dev/null; then
                 echo anisble is already installed
                 exit 1
              else
                 echo ansible is not installed
                 echo installing ansible
                 pip3.6 install ansible
                     if command -v ansible &>/dev/null; then
                        echo installed ansible
                        exit 1
                     else
                        echo unable to install ansible by automation
                        exit 1
                     fi
              fi   
           else
              echo Unable to install python3 by automation
              exit 1
           fi
           fi

else
     echo "$targerFolderPath does not exist"
     mkdir -p /opt/raghu/gateway;
     #Copy all the content from engine & paste all the remote gateway\
     sshpass -p "Pass@123" scp -r /tmp root@localhost:/opt/raghu/gateway

      if [ -d $targerFolderPath ]; then
        echo "created gatewayfolder"

          if command -v python3.6 &>/dev/null; then
           echo Python 3 is already installed
           exit 1
          else
           echo Python 3 is not installed
           yum install gcc openssl-devel bzip2-devel -y
           cd /usr/src
           wget https://www.python.org/ftp/python/3.6.8/Python-3.6.8.tgz
           tar xzf Python-3.6.8.tgz
           cd Python-3.6.8
           ./configure --enable-optimizations
           make altinstall
           rm /usr/src/Python-3.6.8.tgz

           if command -v python3.6 &>/dev/null; then
              echo Python 3 is installed
              if command -v ansible &>/dev/null; then
                 echo anisble is already installed
                 exit 1
              else
                 echo ansible is not installed
                 echo installing ansible
                 pip3.6 install ansible
                     if command -v ansible &>/dev/null; then
                        echo installed ansible
                        exit 1
                     else
                        echo unable to install ansible by automation
                        exit 1
                     fi
               fi
            else
             echo Unable to install python3 by automation
             exit 1
            fi
         fi 
       else
        echo unable to create gateway via automation
        exit 1
       fi     
fi

Error : ERROR: Failed to log in as st2admin1: 401 Client Error: Unauthorized MESSAGE: Invalid or missing credentials for url: http://127.0.0.1:9100/tokens

 cd ~/.st2/token

 rm token-stadmin 

Ansible playbook to configure and install LDAP

---

- name: Create the directory for ldap database
  file: path=/var/lib/ldap/{{ openldap_server_domain_name }}/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Create the directory for ldap certificates
  file: path={{ openldap_server_app_path }}/certs/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Generate the private key for certificate request
  shell: openssl genrsa -des3 -passout pass:password -out my1.key 1024 chdir={{ openldap_server_app_path }}/certs/
         creates={{ openldap_server_app_path }}/certs/my1.key

- name: Strip the passphrase from the key
  shell: openssl rsa -in my1.key -passin pass:password -out my.key chdir={{ openldap_server_app_path }}/certs/
         creates={{ openldap_server_app_path }}/certs/my.key

- name: Create and sign the the new certificate
  shell: openssl req -new -x509 -subj '/C={{ openldap_server_country }}/ST={{ openldap_server_state }}/L={{ openldap_server_location }}/O={{ openldap_server_organization }}/CN={{ ansible_hostname }}/' -days 3650 -key my.key -out cert.crt -extensions v3_ca chdir={{ openldap_server_app_path }}/certs/   creates={{ openldap_server_app_path }}/certs/cert.crt

- name: copy the supporting files
  copy: src=ldap dest=/etc/sysconfig/ldap mode=0755
  when: openldap_server_enable_ssl and ansible_os_family == 'RedHat'
  notify:
   - restart slapd


- name: copy the supporting files
  copy: src=slapd_fedora dest=/etc/sysconfig/slapd mode=0755
  when: openldap_server_enable_ssl and ansible_distribution == "Fedora"
  notify:
   - restart slapd

- name: copy the supporting files
  copy: src=slapd dest=/etc/default/slapd mode=0755
  when: openldap_server_enable_ssl and ansible_os_family == 'Debian'
  notify:
   - restart slapd

- name: start the slapd service
  service: name=slapd state=started enabled=yes
 
- name: Copy the template for creating base dn
  template: src={{ openldap_server_ldif }} dest=/tmp/
  register: result

- name: add the base domain
  shell: ldapadd -x -D "cn=Manager,dc={{ openldap_server_domain_name.split('.')[0] }},dc={{ openldap_server_domain_name.split('.')[1] }}" -w {{ openldap_server_rootpw }} -f {{ result.dest|default(result.path) }} && touch {{ openldap_server_app_path }}/rootdn_created creates={{ openldap_server_app_path }}/rootdn_created

- name: Create the directory for ldap database

  file: path=/var/lib/ldap/{{ openldap_server_domain_name }}/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Create the directory for ldap certificates

  file: path={{ openldap_server_app_path }}/certs/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Generate the private key for certificate request

  shell: openssl genrsa -des3 -passout pass:password -out my1.key 1024 chdir={{ openldap_server_app_path }}/certs/ 

         creates={{ openldap_server_app_path }}/certs/my1.key

- name: Strip the passphrase from the key 

  shell: openssl rsa -in my1.key -passin pass:password -out my.key chdir={{ openldap_server_app_path }}/certs/ 

         creates={{ openldap_server_app_path }}/certs/my.key

- name: Create and sign the the new certificate 

  shell: openssl req -new -x509 -subj '/C={{ openldap_server_country }}/ST={{ openldap_server_state }}/L={{ openldap_server_location }}/O={{ openldap_server_organization }}/CN={{ ansible_hostname }}/' -days 3650 -key my.key -out cert.crt -extensions v3_ca chdir={{ openldap_server_app_path }}/certs/   creates={{ openldap_server_app_path }}/certs/cert.crt

- name: copy the supporting files

  copy: src=ldap dest=/etc/sysconfig/ldap mode=0755

  when: openldap_server_enable_ssl and ansible_os_family == 'RedHat'

  notify: 

   - restart slapd

- name: copy the supporting files

  copy: src=slapd_fedora dest=/etc/sysconfig/slapd mode=0755

  when: openldap_server_enable_ssl and ansible_distribution == "Fedora"

  notify: 

   - restart slapd

- name: copy the supporting files

  copy: src=slapd dest=/etc/default/slapd mode=0755

  when: openldap_server_enable_ssl and ansible_os_family == 'Debian'

  notify: 

   - restart slapd

- name: start the slapd service

  service: name=slapd state=started enabled=yes 

  

- name: Copy the template for creating base dn

  template: src={{ openldap_server_ldif }} dest=/tmp/

  register: result

- name: add the base domain

  shell: ldapadd -x -D "cn=Manager,dc={{ openldap_server_domain_name.split('.')[0] }},dc={{ openldap_server_domain_name.split('.')[1] }}" -w {{ openldap_server_rootpw }} -f {{ result.dest|default(result.path) }} && touch {{ openldap_server_app_path }}/rootdn_created creates={{ openldap_server_app_path }}/rootdn_created 

Ansible playbook to create shared folder

---

- hosts: unix
  sudo: yes
  connection: local
  tasks:
    - command: groupadd dev2
    - command: groupadd ops2
    - command: mkdir /home/spk2
    - command: chgrp dev /home/spk2

Ansible playbook to configure samba

---
- hosts: unix
  sudo: yes
  connection: local
  tasks:
   - apt:
       name: samba
       state: present
   - template:
       src: '/etc/samba/smb.conf2'
       dest: '/etc/samba/smb.conf2'
       owner: 'root'
       group: 'root'
   

     notify:  Restart Samba service   

  handlers:
   - name: Restart Samba service
     service: name=smb  state=restarted