Run a Playbook

ansible-playbook bla.yml --ask-become-pass

Using a Password Protected SSH Key

Initially load the key into ssh-agent. The password will be needed for the ssh-add command once.

eval "$(ssh-agent -s)"
ssh-add .ssh/key

Playbooks

Updating all VMs

With apt for Debian / Ubuntu

- hosts: services management spy dmz automation
  vars:
    ansible_python_interpreter: /usr/bin/python3
  become: true
  tasks:
    - name: Update apt repo and cache on all Debian/Ubuntu boxes
      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600

    - name: Upgrade all packages on servers
      apt: upgrade=dist force_apt_get=yes

    - name: Check if a reboot is needed on all servers
      register: reboot_required_file
      stat: path=/var/run/reboot-required get_md5=no

    - name: Reboot the box if kernel updated
      reboot:
        msg: "Reboot initiated by Ansible for kernel updates"
        connect_timeout: 5
        reboot_timeout: 300
        pre_reboot_delay: 0
        post_reboot_delay: 30
        test_command: uptime
      when: reboot_required_file.stat.exists

Fix Time Zone

- hosts: all
  become: true  
  tasks:
    - name: Set timezone to Europe/Berlin
      timezone:
        name: Europe/Berlin

Set APT Proxy

- hosts: all
  become: true
  tasks:
    - name: Creating proxy.conf
      copy:
        dest: "/etc/apt/apt.conf.d/proxy.conf"
        content: |
          Acquire::http::Proxy "http://xxx.xxx.xxx.xxx:3128/";

Install Base Packages

- hosts: all
  become: true  
  tasks:
    - name: Install missing packages
      ansible.builtin.apt:
        pkg:
        - net-tools
        - sudo
        - qemu-guest-agent
        - ntp
        - rsync