frpa/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
Patrick W. Fraley
2025-12-27 11:21:03 +01:00
parent 2cbc2d54f7
commit b0ea9ed49c
4 changed files with 100 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
.gitignore vendored
View File

@@ -1,3 +1,100 @@
# ---> Ansible # ---> Ansible
*.retry *.retry
ansible.log
# Vault password files - CRITICAL: Never commit these!
.vault_password
.vault_pass
vault_password.txt
**/vault_password.txt
~/.ansible/vault_password.txt
# Unencrypted vault files (safety backups)
**/vault.yml.unencrypted
**/secrets.yml.unencrypted
**/*-vault.yml.unencrypted
**/*.vault.yml.dec
**/*.decrypted
# Fact cache
.ansible/
/tmp/ansible_facts/
fact_cache/
# Temporary files
*.tmp
*.swp
*.swo
*~
.*.sw?
# Local override files
local.yml
override.yml
*-local.yml
*_local.yml
local_*.yml
# IDE and editor files
.vscode/
.idea/
*.iml
.project
.settings/
*.sublime-project
*.sublime-workspace
# OS files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
# Sensitive data patterns
credentials.yml
passwords.yml
private_keys/
*.key
*.pem
*.crt
*.csr
*.p12
*.pfx
# Backup files
*.bak
*.backup
*~
# Test and development
test_inventory/
dev/
scratch/
tmp/
.vagrant/
*.box
# Python
__pycache__/
*.py[cod]
*$py.class
*.so
.Python
venv/
ENV/
env/
# Logs
*.log
logs/
# Claude plans (optional - remove if you want to track them)
.claude/
# Other
.env
.envrc

112
CLAUDE.md
View File

@@ -1,112 +0,0 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Project Overview
This is an Ansible setup repository for managing system configurations. The project uses Ansible for infrastructure automation and configuration management.
**License**: GNU Affero General Public License v3.0 (AGPL-3.0)
## Repository Structure
This repository is currently in early setup phase. Typical Ansible project structure includes:
- `playbooks/` - Ansible playbooks for orchestrating configurations
- `roles/` - Reusable Ansible roles
- `inventory/` - Host inventory files (hosts.ini, hosts.yml)
- `group_vars/` - Variables organized by groups
- `host_vars/` - Variables for specific hosts
- `ansible.cfg` - Ansible configuration file
## Common Ansible Commands
### Running Playbooks
```bash
# Run a playbook
ansible-playbook playbooks/site.yml
# Run with specific inventory
ansible-playbook -i inventory/hosts.ini playbooks/site.yml
# Check mode (dry run)
ansible-playbook --check playbooks/site.yml
# Run with specific tags
ansible-playbook playbooks/site.yml --tags "web,database"
# Run specific hosts
ansible-playbook playbooks/site.yml --limit "webservers"
```
### Testing and Validation
```bash
# Check playbook syntax
ansible-playbook --syntax-check playbooks/site.yml
# List tasks in a playbook
ansible-playbook --list-tasks playbooks/site.yml
# List hosts that will be affected
ansible-playbook --list-hosts playbooks/site.yml
# Validate inventory
ansible-inventory --list -i inventory/hosts.ini
ansible-inventory --graph -i inventory/hosts.ini
```
### Ad-hoc Commands
```bash
# Ping all hosts
ansible all -m ping
# Check disk space on all hosts
ansible all -a "df -h"
# Gather facts from hosts
ansible all -m setup
```
### Ansible Vault (for sensitive data)
```bash
# Create encrypted file
ansible-vault create group_vars/production/vault.yml
# Edit encrypted file
ansible-vault edit group_vars/production/vault.yml
# Encrypt existing file
ansible-vault encrypt vars/secrets.yml
# Run playbook with vault password
ansible-playbook playbooks/site.yml --ask-vault-pass
```
## Development Workflow
### When Creating Playbooks
- Use YAML syntax with proper indentation (2 spaces)
- Start playbooks with descriptive names and hosts definitions
- Include `gather_facts: yes/no` explicitly
- Use `become: yes` when privilege escalation is needed
- Group related tasks using block statements
- Add meaningful task names that describe the action
### When Creating Roles
- Follow Ansible Galaxy role structure: tasks/, handlers/, templates/, files/, vars/, defaults/, meta/
- Keep roles focused on a single responsibility
- Use role dependencies in meta/main.yml when appropriate
- Test roles independently before integrating
### Variables and Inventory
- Use group_vars for shared variables across host groups
- Use host_vars for host-specific configurations
- Prefer YAML format over INI for inventory when complexity grows
- Never commit sensitive data unencrypted (use ansible-vault)
### Best Practices
- Always test with `--check` mode first
- Use handlers for service restarts and reloads
- Leverage tags for partial playbook execution
- Use templates (Jinja2) for dynamic configuration files
- Register task outputs when results are needed in subsequent tasks
- Use `changed_when` and `failed_when` to control task status reporting

5
README.md
View File

@@ -1,3 +1,4 @@
# Ansible # Ansible Setup for Fedora Workstations
Comprehensive Ansible configuration for managing Fedora Workstation laptops. This repository provides automated configuration management for system setup, package management, security hardening, and laptop-specific optimizations.
Ansible Setup for my Systems

3
workstations
View File

@@ -1,3 +0,0 @@
[workstations]
x1nano
x240