环境搭建
安装yum模块
- name: INSTALL NGINX SERVER
yum:
name: nginx
state: present
Copy文件识别文件内变量并解析
- name: Copy YUM REPO
template:
src: "{{item.src}}"
dest: "{{item.dest}}"
owner: root
group: root
mode: "{{item.mode}}"
notify: YUM CLEAN ALL
loop:
- { src: yum.repo , dest: /etc/yum.repos.d/yum.repo , mode: "0644"}
- { src: ifcfg-eth1 ,dest: /etc/sysconfig/network-scripts/ifcfg-eth1 , mode: "0644"}
重启服务模块
- name: SYSTEMD NGINX SERVER
systemd:
name: nginx
state: started
enabled: yes
创建组用户变量写在group_vars/all
- name: GROUP WWW
group:
name: "{{www_user}}"
gid: "{{www_gid}}"
创建用户变量写在group_vars/all
- name: USER WWW
user:
name: "{{www_user}}"
uid: "{{www_uid}}"
group: "{{www_gid}}"
删除文件变量
- name: Ansible delete file glob
find:
paths: /etc/yum.repos.d/
patterns: CentOS*
register: files_to_delete
- name: Ansible remove file glob
file:
path: "{{ item.path }}"
state: absent
with_items: "{{ files_to_delete.files }}"
设置sysctl文件limiit
- name: Set sysctl file limiits
pam_limits:
domain: '*'
limit_type: "{{ item.limit_type }}"
limit_item: "{{ item.limit_item }}"
value: "{{ item.value }}"
loop:
- { limit_type: 'soft',limit_item: 'nofile', value: '65535' }
- { limit_type: 'hard',limit_item: 'nofile', value: '65535' }
- { limit_type: 'soft',limit_item: 'nproc', value: '102400' }
- { limit_type: 'hard',limit_item: 'nproc', value: '102400' }
创建目录模块
- name: create code
file:
path: /code/zh
state: directory
owner: www
group: www
recurse: yes
推送并解压文件(压缩文件放在files目录下)
- name: copy zh code
unarchive:
src: zh.zip
dest: "{{zh_path}}"
copy: yes
owner: www
group: www
creates: "/code/zh/index.php"
mount 挂载nfs共享目录
- name: MOUNT OPT2
mount:
src: 172.16.1.31:/data/zh
path: /opt2
fstype: nfs
opts: defaults
state: mounted
创建软连接
- name: Create a symbolic link
file:
src: /opt2
dest: /code/zh/uploads
owner: www
group: www
state: link
防火墙规则
- name: Firewalld 80 8080 22 443 10050
firewalld:
port: "{{item.port}}"
permanent: yes
state: enabled
loop:
- { port: 80/tcp}
- { port: 8080/tcp}
- { port: 443/tcp}
- { port: 22/tcp}
- { port: 10050/tcp}
- name: Firewalld https on
firewalld:
service: https
permanent: yes
state: enabled
- name: Firewalld Keepalived on
shell: firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --protocol vrrp -j ACCEPT ;firewall-cmd --reload
mysql模块
- name: MYSQL PASSWORD DEL
shell: mysqld --initialize-insecure --user=mysql --datadir=/var/lib/mysql|echo "已初始化" > /tmp/1.txt
run_once: true
- name: Start MYSQL Service
service:
name: mysqld
state: started
enabled: yes
- name: ROOT PASSWORD
mysql_user:
user: root
login_user: root
login_password: '123.com'
password: '123.com'
update_password: always
- name: Copy MYSQL Dump.sql
copy:
src: all.sql
dest: /tmp/all.sql
mode: '0644'
owner: root
group: root
- name: Import MYSQL Databases
mysql_db:
state: import
name: all
login_user: root
login_password: '123.com'
target: /tmp/all.sql
- name: Start MYSQL Service
service:
name: mysqld
state: restarted
- name: Create MYSQL User
mysql_user:
name: all
login_user: root
login_password: '123.com'
password: '123.com'
priv: '*.*:ALL'
host: '%'
state: present