From f250cf1719f00bdd246736e6cc0135bb71cdf992 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 18:33:39 +0100
Subject: [PATCH 01/10] Refactor hosts inventory
---
all.yml | 2 +-
hosts | 146 ++++++++++++++++++++++---------------------------
plays/root.yml | 4 +-
3 files changed, 68 insertions(+), 84 deletions(-)
diff --git a/all.yml b/all.yml
index 709ba117..399b5c40 100755
--- a/all.yml
+++ b/all.yml
@@ -6,7 +6,7 @@
- import_playbook: plays/mail.yml
- import_playbook: plays/nfs.yml
#- import_playbook: plays/logs.yml
-#- import_playbook: plays/backup.yml
+- import_playbook: plays/backup.yml
- import_playbook: plays/network-interfaces.yml
- import_playbook: plays/monitoring.yml
diff --git a/hosts b/hosts
index ed6d9d84..2d2c70ad 100644
--- a/hosts
+++ b/hosts
@@ -1,70 +1,46 @@
# Crans servers inventory
-# How to name your server ?
-# > We name servers according to location, then type.
-# > Then we regroup everything in global geographic and type groups.
-
-
-# [framadate]
-# voyager.adm.crans.org
-#
-# [dhcp]
-# dhcp.adm.crans.org
-# odlyd.adm.crans.org
-#
-# [keepalived]
-# gulp.adm.crans.org
-# odlyd.adm.crans.org
-# eap.adm.crans.org
-# radius.adm.crans.org
-# frontdaur.adm.crans.org
-# bakdaur.adm.crans.org
-#
-# [test_vm]
-# re2o-test.adm.crans.org
-[dovecot]
-owl.adm.crans.org
-
[backups]
zephir.adm.crans.org
-[certbot]
-gitzly.adm.crans.org
+[baie]
+cameron.adm.crans.org
+tealc.adm.crans.org
+
+[bdd]
+tealc.adm.crans.org
[certbot:children]
+dovecot
+git
radius # We use certbot to manage LE certificates
reverseproxy
-dovecot
-
-[nginx_rtmp]
-fluxx.adm.crans.org
-[reverseproxy]
-hodaur.adm.crans.org
+[dhcp]
+routeur-sam.adm.crans.org
+#routeur-daniel.adm.crans.org
-[roundcube]
-roundcube-srv.adm.crans.org
+[dovecot]
+owl.adm.crans.org
[ethercalc]
ethercalc-srv.adm.crans.org
+[framadate]
+voyager.adm.crans.org
+
+[git]
+gitzly.adm.crans.org
+
[horde]
horde.adm.crans.org
-[radius]
-routeur-sam.adm.crans.org
+[irc]
+irc.adm.crans.org
-[re2o]
-re2o-newinfra.adm.crans.org
+[keepalived]
routeur-sam.adm.crans.org
-
-[bdd]
-tealc.adm.crans.org
-
-[virtu]
-sam.adm.crans.org
-daniel.adm.crans.org
-jack.adm.crans.org
+#routeur-daniel.adm.crans.org
[ldap_server]
tealc.adm.crans.org
@@ -72,55 +48,67 @@ sam.adm.crans.org
daniel.adm.crans.org
jack.adm.crans.org
-[keepalived]
+[nginx_rtmp]
+fluxx.adm.crans.org
+
+[radius]
routeur-sam.adm.crans.org
-#routeur-daniel.adm.crans.org
-[dhcp]
+[re2o]
+re2o-newinfra.adm.crans.org
routeur-sam.adm.crans.org
-#routeur-daniel.adm.crans.org
+
+[reverseproxy]
+hodaur.adm.crans.org
+
+[roundcube]
+roundcube-srv.adm.crans.org
+
+[virtu]
+sam.adm.crans.org
+daniel.adm.crans.org
+jack.adm.crans.org
[crans_routeurs:children]
dhcp
keepalived
[crans_physical]
-cameron.adm.crans.org
-tealc.adm.crans.org
-sam.adm.crans.org
-daniel.adm.crans.org
-jack.adm.crans.org
-#gulp.adm.crans.org
-zephir.adm.crans.org
+omnomnom.adm.crans.org
+
+[crans_physical:children]
+backups
+baie
+virtu
[crans_vm]
-owl.adm.crans.org
-codichotomie.adm.crans.org
-voyager.adm.crans.org
-#silice.adm.crans.org
-routeur-sam.adm.crans.org
-#routeur-daniel.adm.crans.org
#belenios.adm.crans.org
-#re2o-ldap.adm.crans.org
+bigbluebutton.adm.crans.org
+#boeing.adm.crans.org
+#casouley.adm.crans.org
+codichotomie.adm.crans.org
+#ethercalc-srv.adm.crans.org
+fluxx.adm.crans.org
gitlab-ci.adm.crans.org
gitzly.adm.crans.org
hodaur.adm.crans.org
-monitoring.adm.crans.org
-#boeing.adm.crans.org
-fluxx.adm.crans.org
-#unifi.adm.crans.org
-#pastemoisa.adm.crans.org
-#casouley.adm.crans.org
-kiwi.adm.crans.org
-kiwijuice.adm.crans.org
-tracker.adm.crans.org
+horde.adm.crans.org
+irc.adm.crans.org
jitsi.adm.crans.org
-#ethercalc-srv.adm.crans.org
kenobi.adm.crans.org
-roundcube.adm.crans.org
-horde.adm.crans.org
-bigbluebutton.adm.crans.org
+kiwi.adm.crans.org
+kiwijuice.adm.crans.org
+monitoring.adm.crans.org
+owl.adm.crans.org
owncloud.adm.crans.org
+#re2o-ldap.adm.crans.org
+roundcube.adm.crans.org
+#routeur-daniel.adm.crans.org
+routeur-sam.adm.crans.org
+#silice.adm.crans.org
+tracker.adm.crans.org
+voyager.adm.crans.org
+#unifi.adm.crans.org
[ovh_physical]
sputnik.adm.crans.org
@@ -129,7 +117,6 @@ sputnik.adm.crans.org
[crans_server:children]
crans_physical
crans_vm
-crans_routeurs
# everything at crans
[crans:children]
@@ -147,7 +134,6 @@ ovh_physical
# every virtual machine
[vm:children]
crans_vm
-crans_routeurs
# every server
[server:children]
diff --git a/plays/root.yml b/plays/root.yml
index a6b8f790..61f1da71 100755
--- a/plays/root.yml
+++ b/plays/root.yml
@@ -20,9 +20,7 @@
insertafter: '127.0.0.1 localhost'
when: check_mirror.found == 0
-
-
-- hosts: tealc.adm.crans.org
+- hosts: baie
roles:
- baie
--
GitLab
From 5fe9f1460ffe804d0e4a858201d9aaac55bfe42c Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 18:46:40 +0100
Subject: [PATCH 02/10] clean up nullmailer
---
hosts | 9 +++++++++
plays/mail.yml | 2 +-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/hosts b/hosts
index 2d2c70ad..77612b93 100644
--- a/hosts
+++ b/hosts
@@ -51,6 +51,15 @@ jack.adm.crans.org
[nginx_rtmp]
fluxx.adm.crans.org
+[postfix]
+boeing.adm.crans.org
+mailman.adm.crans.org
+redisdead.adm.crans.org
+soyouz.adm.crans.org
+sputnik.adm.crans.org
+titanic.adm.crans.org
+zamok.adm.crans.org
+
[radius]
routeur-sam.adm.crans.org
diff --git a/plays/mail.yml b/plays/mail.yml
index ea4cc641..536a2b68 100755
--- a/plays/mail.yml
+++ b/plays/mail.yml
@@ -6,7 +6,7 @@
# All other servers uses nullmailer to send local mail to Crans SMTP.
# Redirect local mail to mailserver
-- hosts: crans_server,!redisdead.adm.crans.org,!soyouz.adm.crans.org,!titanic.adm.crans.org,!boeing.adm.crans.org,!sputnik.adm.crans.org,!zamok.adm.crans.org,!mailman.adm.crans.org
+- hosts: crans_server,!postfix
vars:
mail_root: root@crans.org
mail_smtp_server: smtp.adm.crans.org
--
GitLab
From 761a7f9fe2ea57e4b94eb38084aa95a49f4b90b6 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 18:49:00 +0100
Subject: [PATCH 03/10] [all.yml] [tmp] Comment out network-interfaces.yml
---
all.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/all.yml b/all.yml
index 399b5c40..ebf90988 100755
--- a/all.yml
+++ b/all.yml
@@ -5,9 +5,9 @@
- import_playbook: plays/mail.yml
- import_playbook: plays/nfs.yml
-#- import_playbook: plays/logs.yml
+#- import_playbook: plays/logs.yml TODO: rsyncd
- import_playbook: plays/backup.yml
-- import_playbook: plays/network-interfaces.yml
+# - import_playbook: plays/network-interfaces.yml TODO: check this paybook
- import_playbook: plays/monitoring.yml
# Services that only apply to a subset of server
--
GitLab
From 8952eb42c70e997352d4b428bc7bcd460f38306e Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 18:51:29 +0100
Subject: [PATCH 04/10] [root.yml] cloud-init only relevant for VMs
---
plays/root.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plays/root.yml b/plays/root.yml
index 61f1da71..73e17b54 100755
--- a/plays/root.yml
+++ b/plays/root.yml
@@ -73,7 +73,7 @@
roles:
- openssh
-- hosts: server
+- hosts: crans_vm
tasks:
- name: Remove cloud-init
apt:
--
GitLab
From 0b70cca32345130020c9fd91c90cfaa2fb4cac17 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 20:44:57 +0100
Subject: [PATCH 05/10] More clean-up
---
all.yml | 2 +-
hosts | 66 ++++++++++++++++++++++++++++++++------------
plays/dns.yml | 6 ++--
plays/monitoring.yml | 6 ++--
4 files changed, 56 insertions(+), 24 deletions(-)
diff --git a/all.yml b/all.yml
index ebf90988..67830daf 100755
--- a/all.yml
+++ b/all.yml
@@ -11,7 +11,7 @@
- import_playbook: plays/monitoring.yml
# Services that only apply to a subset of server
-- import_playbook: plays/cas.yml
+# - import_playbook: plays/cas.yml
- import_playbook: plays/dhcp.yml
- import_playbook: plays/dns.yml
- import_playbook: plays/etherpad.yml
diff --git a/hosts b/hosts
index 77612b93..e6818cd1 100644
--- a/hosts
+++ b/hosts
@@ -16,9 +16,19 @@ git
radius # We use certbot to manage LE certificates
reverseproxy
-[dhcp]
-routeur-sam.adm.crans.org
-#routeur-daniel.adm.crans.org
+[dhcp:children]
+routeurs_vm
+
+[dns_auth_master]
+silice.adm.crans.org
+
+[dns_authoritative:children]
+dns_auth_master
+freebox
+ovh_physical
+
+[dns_recursive:children]
+routeurs_vm
[dovecot]
owl.adm.crans.org
@@ -29,6 +39,10 @@ ethercalc-srv.adm.crans.org
[framadate]
voyager.adm.crans.org
+[freebox]
+boeing.adm.crans.org
+titanic.adm.crans.org
+
[git]
gitzly.adm.crans.org
@@ -38,9 +52,8 @@ horde.adm.crans.org
[irc]
irc.adm.crans.org
-[keepalived]
-routeur-sam.adm.crans.org
-#routeur-daniel.adm.crans.org
+[keepalived:children]
+routeurs_vm
[ldap_server]
tealc.adm.crans.org
@@ -48,24 +61,35 @@ sam.adm.crans.org
daniel.adm.crans.org
jack.adm.crans.org
+[monitoring]
+monitoring.adm.crans.org
+
+[nginx]
+charybde.adm.crans.org
+
[nginx_rtmp]
fluxx.adm.crans.org
+[nginx:children]
+reverseproxy
+
[postfix]
-boeing.adm.crans.org
mailman.adm.crans.org
redisdead.adm.crans.org
-soyouz.adm.crans.org
-sputnik.adm.crans.org
-titanic.adm.crans.org
zamok.adm.crans.org
-[radius]
-routeur-sam.adm.crans.org
+[postfix:children]
+freebox
+ovh_physical
+
+[radius:children]
+routeurs_vm
[re2o]
re2o-newinfra.adm.crans.org
-routeur-sam.adm.crans.org
+
+[re2o:children]
+radius
[reverseproxy]
hodaur.adm.crans.org
@@ -73,17 +97,24 @@ hodaur.adm.crans.org
[roundcube]
roundcube-srv.adm.crans.org
+[routeurs_vm]
+routeur-daniel.adm.crans.org
+routeur-jack.adm.crans.org
+routeur-sam.adm.crans.org
+
[virtu]
sam.adm.crans.org
daniel.adm.crans.org
jack.adm.crans.org
[crans_routeurs:children]
-dhcp
-keepalived
+# dhcp TODO: Really needed ?
+# keepalived
+routeurs_vm
[crans_physical]
omnomnom.adm.crans.org
+charybde.adm.crans.org
[crans_physical:children]
backups
@@ -112,13 +143,14 @@ owl.adm.crans.org
owncloud.adm.crans.org
#re2o-ldap.adm.crans.org
roundcube.adm.crans.org
-#routeur-daniel.adm.crans.org
-routeur-sam.adm.crans.org
#silice.adm.crans.org
tracker.adm.crans.org
voyager.adm.crans.org
#unifi.adm.crans.org
+[crans_vm:children]
+routeurs_vm
+
[ovh_physical]
sputnik.adm.crans.org
diff --git a/plays/dns.yml b/plays/dns.yml
index b261acaa..4e61330f 100755
--- a/plays/dns.yml
+++ b/plays/dns.yml
@@ -1,12 +1,12 @@
#!/usr/bin/env ansible-playbook
---
# Deploy recursive DNS cache server
-- hosts: routeur-sam.adm.crans.org,routeur-daniel.adm.crans.org
+- hosts: dns_recursive
roles:
- bind-recursive
# Deploy authoritative DNS server
-- hosts: silice.adm.crans.org,sputnik.adm.crans.org,boeing.adm.crans.org
+- hosts: dns_authoritative
vars:
certbot_dns_secret: "{{ vault_certbot_dns_secret }}"
certbot_adm_dns_secret: "{{ vault_certbot_adm_dns_secret }}"
@@ -18,7 +18,7 @@
roles:
- bind-authoritative
-- hosts: silice.adm.crans.org
+- hosts: dns_auth_master
vars:
re2o:
server: re2o.adm.crans.org
diff --git a/plays/monitoring.yml b/plays/monitoring.yml
index ca8fc85a..2a6c6bcd 100755
--- a/plays/monitoring.yml
+++ b/plays/monitoring.yml
@@ -1,7 +1,7 @@
#!/usr/bin/env ansible-playbook
---
# Deploy Prometheus and Grafana on monitoring server
-- hosts: monitoring.adm.crans.org
+- hosts: monitoring
vars:
# Prometheus targets.json
prometheus:
@@ -64,13 +64,13 @@
# Monitor all hosts
-- hosts: server,test_vm
+- hosts: server
vars:
adm_ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
roles: ["prometheus-node-exporter"]
# Export nginx metrics
-- hosts: charybde.adm.crans.org,hodaur.adm.crans.org
+- hosts: nginx
vars:
adm_ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
roles: ["prometheus-nginx-exporter"]
--
GitLab
From 6f6b9bc8260ba54ab4393ab8ef67fca36c95e392 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 21:32:36 +0100
Subject: [PATCH 06/10] [moinmoin-gendoc] Documentation compliance about
writing facts modules.
---
.../{dmidecode.py => dmidecode_facts.py} | 33 +++++++++++++------
roles/moinmoin-gendoc/tasks/main.yml | 2 +-
2 files changed, 24 insertions(+), 11 deletions(-)
rename roles/moinmoin-gendoc/library/{dmidecode.py => dmidecode_facts.py} (70%)
diff --git a/roles/moinmoin-gendoc/library/dmidecode.py b/roles/moinmoin-gendoc/library/dmidecode_facts.py
similarity index 70%
rename from roles/moinmoin-gendoc/library/dmidecode.py
rename to roles/moinmoin-gendoc/library/dmidecode_facts.py
index 6e01acc3..765713d6 100644
--- a/roles/moinmoin-gendoc/library/dmidecode.py
+++ b/roles/moinmoin-gendoc/library/dmidecode_facts.py
@@ -32,7 +32,6 @@ EXAMPLES = '''
'''
-import dmidecode
import json
from ansible.module_utils.basic import AnsibleModule
@@ -48,16 +47,30 @@ def decode_dict(data):
def run_module():
module = AnsibleModule(
- argument_spec = {}
+ argument_spec = {},
+ supports_check_mode=True,
)
- dmi_data = decode_dict({
- 'bios': dmidecode.bios(),
- 'processor': dmidecode.processor(),
- 'system': dmidecode.system(),
- 'memory': dmidecode.memory(),
- 'slot': dmidecode.slot(),
- })
- module.exit_json(changed=True, ansible_facts=dmi_data)
+
+ try:
+ import dmidecode
+ dmi_data = decode_dict({
+ 'bios': dmidecode.bios(),
+ 'processor': dmidecode.processor(),
+ 'system': dmidecode.system(),
+ 'memory': dmidecode.memory(),
+ 'slot': dmidecode.slot(),
+ })
+
+ except ImportError:
+ dmi_data = {
+ 'bios': dict(),
+ 'processor': dict(),
+ 'system': dict(),
+ 'memory': dict(),
+ 'slot': dict(),
+ }
+
+ module.exit_json(changed=False, ansible_facts=dmi_data)
def main():
diff --git a/roles/moinmoin-gendoc/tasks/main.yml b/roles/moinmoin-gendoc/tasks/main.yml
index bcc819b5..a821e247 100644
--- a/roles/moinmoin-gendoc/tasks/main.yml
+++ b/roles/moinmoin-gendoc/tasks/main.yml
@@ -8,7 +8,7 @@
until: apt_result is succeeded
- name: get dmidecode facts
- dmidecode: {}
+ dmidecode_facts: {}
- name: get ssh fingerprints
sshfp: {}
--
GitLab
From 2be4377eeaf6c9ea62c1d208893c85938df91b39 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Wed, 30 Dec 2020 03:43:05 +0100
Subject: [PATCH 07/10] Update hosts
---
hosts | 1 +
1 file changed, 1 insertion(+)
diff --git a/hosts b/hosts
index e6818cd1..ab857d5f 100644
--- a/hosts
+++ b/hosts
@@ -144,6 +144,7 @@ owncloud.adm.crans.org
#re2o-ldap.adm.crans.org
roundcube.adm.crans.org
#silice.adm.crans.org
+titanic.adm.crans.org
tracker.adm.crans.org
voyager.adm.crans.org
#unifi.adm.crans.org
--
GitLab
From 0c0fcadd8e1c461ed8946c818a9937be6bd3cf6c Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Wed, 30 Dec 2020 03:46:56 +0100
Subject: [PATCH 08/10] Boost gendoc with an ActionPlugin instead of a module
---
action_plugins/moinmoin_page.py | 181 ++++++++++++++++++++++++++++++++
1 file changed, 181 insertions(+)
create mode 100755 action_plugins/moinmoin_page.py
diff --git a/action_plugins/moinmoin_page.py b/action_plugins/moinmoin_page.py
new file mode 100755
index 00000000..dff9b56c
--- /dev/null
+++ b/action_plugins/moinmoin_page.py
@@ -0,0 +1,181 @@
+#!/usr/bin/env python3
+
+# Copyright: (c) 2019, Alexandre Iooss <erdnaxe@crans.org>
+#
+# GNU General Public License v3.0+
+
+import re
+import urllib.error
+import urllib.parse
+import urllib.request
+import difflib
+
+
+from ansible.errors import AnsibleError
+from ansible.plugins.action import ActionBase
+from ansible.utils.display import Display
+from ansible.module_utils._text import to_native
+
+display = Display()
+
+
+class ActionModule(ActionBase):
+
+ TRANSFERS_FILES = False
+ _VALID_ARGS = frozenset(('url', 'user', 'password', 'content', 'revision_comment'))
+
+ def login(self, url, user, password):
+ """
+ Log in and return session cookie or None if failed
+
+ :param url: random wiki url (not root page)
+ :param user: wiki user
+ :param password: user's password
+ :return: session cookie
+ """
+ # Send a HTTP POST request
+ data = urllib.parse.urlencode({
+ 'action': 'login',
+ 'login': 'Connexion',
+ 'name': user,
+ 'password': password
+ }).encode()
+ req = urllib.request.Request(url, data)
+ try:
+ response = urllib.request.urlopen(req)
+ cookie = response.getheader('set-cookie')
+ except urllib.error.HTTPError as e:
+ # If 404, then also return header
+ cookie = e.getheader('set-cookie')
+
+ # Check that authentication worked
+ if not cookie:
+ raise AnsibleError(to_native('server did not return a session cookie'))
+ return cookie
+
+ def craft_request(self, suffix):
+ """
+ Crafts a function that takes an url and a cookie,
+ and returns the content of the requested page with given action suffix.
+ """
+ def f(url, cookie):
+ req = urllib.request.Request(url + suffix)
+ req.add_header("Cookie", cookie)
+ content = urllib.request.urlopen(req).read().decode('utf-8')
+ return content
+ return f
+
+
+ def edit_ticket(self, url, cookie):
+ """
+ Return edition ticket of url
+
+ :param url: page to edit
+ :param cookie: session cookie
+ :return: edit ticket
+ """
+ # Send request with session cookie
+ content = self.craft_request("?action=edit&editor=text")(url, cookie)
+
+ # Search for ticket
+ search = re.search('name=\"ticket\" value=\"([^\"]*)\"', content)
+ if not search:
+ raise AnsibleError(to_native('no edit ticket was found'))
+
+ return search.group(1)
+
+
+ def edit(self, url, user, password, content, revision_comment, cookie):
+ """
+ Edit a MoinMoin wiki page
+
+ :param url: page to edit
+ :param user: wiki user
+ :param password: user's password
+ :param content: content to place on this page
+ :param revision_comment: revision comment
+ """
+ # Connect and get edit ticket
+ ticket = self.edit_ticket(url, cookie)
+
+ # Create request and send
+ data = {
+ 'button_save': 'Enregistrer les modifications',
+ 'category': '',
+ 'comment': revision_comment.encode("utf-8"),
+ 'savetext': content.encode("utf-8"),
+ 'action': 'edit',
+ 'ticket': ticket
+ }
+ req = urllib.request.Request(url, urllib.parse.urlencode(data).encode())
+ req.add_header("Cookie", cookie)
+ urllib.request.urlopen(req)
+
+
+ def run(self, tmp=None, task_vars=None):
+ """
+ The run method is the main Action Plugin driver. All work is done from within this method.
+
+ tmp: Temporary directory. Sometimes an action plugin sets up
+ a temporary directory and then calls another module. This parameter
+ allows us to reuse the same directory for both.
+
+ task_vars: The variables (host vars, group vars, config vars, etc) associated with this task.
+ Note that while this will contain Ansible facts from the host, they should be used
+ with caution as a user running Ansible can disable their collection. If you want
+ make sure that your Action Plugin always has access to the ones it needs, you may
+ want to consider running the setup module directly in the run the method and getting
+ the Ansible facts that way.
+ The strategy plugin which manages running tasks on instances uses an ansible.vars.manager
+ VariableManager instance to retrieve this context specific dict of variables.
+ """
+ if task_vars is None:
+ task_vars = dict()
+
+
+ result = super(ActionModule, self).run(tmp, task_vars)
+ del tmp
+
+ result['changed'] = False
+
+
+ url = self._task.args.get("url")
+ user = self._task.args.get("user")
+ password = self._task.args.get("password")
+ content = self._task.args.get("content")
+ revision_comment = self._task.args.get("revision_comment")
+
+ cookie = self.login(url, user, password)
+
+ changed = False
+
+ try:
+ raw = self.craft_request("?action=raw")(url, cookie)
+ if raw != content:
+ changed = True
+ except urllib.error.HTTPError: # We will create the page.
+ changed = True
+ raw = ""
+
+ # Display any change
+ if changed:
+ diff = difflib.unified_diff(raw.splitlines(), content.splitlines(), fromfile="old", tofile="new", lineterm="")
+ for line in diff:
+ if line.startswith("-"):
+ display.display(line, "red")
+ elif line.startswith("+"):
+ display.display(line, "green")
+ elif line.startswith("@"):
+ display.display(line, "yellow")
+ else:
+ display.display(line)
+
+ # Do apply the change if not in check mode
+ if not self._play_context.check_mode:
+ self.edit(url, user, password, content, revision_comment, cookie)
+
+
+ self._supports_check_mode = True
+ self._supports_async = False
+
+ return result
--
GitLab
From 14b35312fe3b6e7ffb9183379a341835a4c000ad Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Wed, 30 Dec 2020 13:14:25 +0100
Subject: [PATCH 09/10] Pumped up MoinMoin gendoc
---
action_plugins/moinmoin_page.py | 48 +++---
.../moinmoin-gendoc/library/moinmoin_page.py | 139 ------------------
roles/moinmoin-gendoc/templates/server.j2 | 4 +-
3 files changed, 24 insertions(+), 167 deletions(-)
delete mode 100644 roles/moinmoin-gendoc/library/moinmoin_page.py
diff --git a/action_plugins/moinmoin_page.py b/action_plugins/moinmoin_page.py
index dff9b56c..30bd8c49 100755
--- a/action_plugins/moinmoin_page.py
+++ b/action_plugins/moinmoin_page.py
@@ -81,7 +81,7 @@ class ActionModule(ActionBase):
search = re.search('name=\"ticket\" value=\"([^\"]*)\"', content)
if not search:
raise AnsibleError(to_native('no edit ticket was found'))
-
+
return search.group(1)
@@ -132,12 +132,10 @@ class ActionModule(ActionBase):
if task_vars is None:
task_vars = dict()
-
+
result = super(ActionModule, self).run(tmp, task_vars)
del tmp
- result['changed'] = False
-
url = self._task.args.get("url")
user = self._task.args.get("user")
@@ -147,34 +145,32 @@ class ActionModule(ActionBase):
cookie = self.login(url, user, password)
- changed = False
-
try:
raw = self.craft_request("?action=raw")(url, cookie)
- if raw != content:
- changed = True
except urllib.error.HTTPError: # We will create the page.
- changed = True
raw = ""
+ diff = difflib.unified_diff(raw.splitlines(), content.splitlines(), fromfile="old", tofile="new", lineterm="")
+ i=0
+
# Display any change
- if changed:
- diff = difflib.unified_diff(raw.splitlines(), content.splitlines(), fromfile="old", tofile="new", lineterm="")
- for line in diff:
- if line.startswith("-"):
- display.display(line, "red")
- elif line.startswith("+"):
- display.display(line, "green")
- elif line.startswith("@"):
- display.display(line, "yellow")
- else:
- display.display(line)
-
- # Do apply the change if not in check mode
- if not self._play_context.check_mode:
- self.edit(url, user, password, content, revision_comment, cookie)
-
-
+ for line in diff:
+ i+=1
+ if line.startswith("-"):
+ display.display(line, "red")
+ elif line.startswith("+"):
+ display.display(line, "green")
+ elif line.startswith("@"):
+ display.display(line, "yellow")
+ else:
+ display.display(line)
+
+ # Do apply the change if not in check mode
+ if not self._play_context.check_mode:
+ self.edit(url, user, password, content, revision_comment, cookie)
+
+ result['changed']=i>0
+
self._supports_check_mode = True
self._supports_async = False
diff --git a/roles/moinmoin-gendoc/library/moinmoin_page.py b/roles/moinmoin-gendoc/library/moinmoin_page.py
deleted file mode 100644
index b6f6ee91..00000000
--- a/roles/moinmoin-gendoc/library/moinmoin_page.py
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/usr/bin/env python3
-
-# Copyright: (c) 2019, Alexandre Iooss <erdnaxe@crans.org>
-# GNU General Public License v3.0+
-
-"""
-This module simulate the edition of a MoinMoin wiki page
-
-Example:
- moinmoin_page:
- url: https://wiki.crans.org/WikiErdnaxe
- user: WikiErdnaxe
- password: HoTuNeMeConnaisPas
- content: "{{ lookup('template', 'mapage.j2') }}"
- revision_comment: Bip bip
-"""
-
-import re
-import urllib.error
-import urllib.parse
-import urllib.request
-
-from ansible.module_utils.basic import AnsibleModule
-
-
-def login(url, user, password):
- """
- Log in and return session cookie or None if failed
-
- :param url: random wiki url (not root page)
- :param user: wiki user
- :param password: user's password
- :return: session cookie
- """
- # Send a HTTP POST request
- data = urllib.parse.urlencode({
- 'action': 'login',
- 'login': 'Connexion',
- 'name': user,
- 'password': password
- }).encode()
- req = urllib.request.Request(url, data)
- try:
- response = urllib.request.urlopen(req)
- cookie = response.getheader('set-cookie')
- except urllib.error.HTTPError as e:
- # If 404, then also return header
- cookie = e.getheader('set-cookie')
-
- # Check that authentication worked
- assert cookie, 'server did not return a session cookie'
- return cookie
-
-
-def edit_ticket(url, cookie):
- """
- Return edition ticket of url
-
- :param url: page to edit
- :param cookie: session cookie
- :return: edit ticket
- """
- # Send request with session cookie
- suffix = "?action=edit&editor=text"
- req = urllib.request.Request(url + suffix)
- req.add_header("Cookie", cookie)
- content = urllib.request.urlopen(req).read().decode('utf-8')
-
- # Search for ticket
- search = re.search('name=\"ticket\" value=\"([^\"]*)\"', content)
- assert search, 'no edit ticket was found'
- return search.group(1)
-
-
-def edit(url, user, password, content, revision_comment):
- """
- Edit a MoinMoin wiki page
-
- :param url: page to edit
- :param user: wiki user
- :param password: user's password
- :param content: content to place on this page
- :param revision_comment: revision comment
- """
- # Connect and get edit ticket
- cookie = login(url, user, password)
- ticket = edit_ticket(url, cookie)
-
- # Create request and send
- data = {
- 'button_save': 'Enregistrer les modifications',
- 'category': '',
- 'comment': revision_comment.encode("utf-8"),
- 'savetext': content.encode("utf-8"),
- 'action': 'edit',
- 'ticket': ticket
- }
- req = urllib.request.Request(url, urllib.parse.urlencode(data).encode())
- req.add_header("Cookie", cookie)
- urllib.request.urlopen(req)
-
-
-def run_module():
- # Define arguments that should be passed
- module_args = {
- 'url': {'type': 'str', 'required': True},
- 'user': {'type': 'str', 'required': True},
- 'password': {'type': 'str', 'required': True},
- 'content': {'type': 'str', 'required': True},
- 'revision_comment': {'type': 'str', 'required': True},
- }
-
- # Define arguments that are returned
- result = {
- 'changed': False,
- }
-
- # Our AnsibleModule
- module = AnsibleModule(
- argument_spec=module_args,
- supports_check_mode=True
- )
-
- # TODO: get current wiki page and compare
- result['changed'] = True
-
- # If not is check mode and page need to change, then update page
- if not module.check_mode and result['changed']:
- edit(**module.params)
-
- module.exit_json(**result)
-
-
-def main():
- run_module()
-
-
-if __name__ == '__main__':
- main()
diff --git a/roles/moinmoin-gendoc/templates/server.j2 b/roles/moinmoin-gendoc/templates/server.j2
index e287e258..c49a5039 100644
--- a/roles/moinmoin-gendoc/templates/server.j2
+++ b/roles/moinmoin-gendoc/templates/server.j2
@@ -4,7 +4,7 @@
== Caractéristiques matérielles ==
{% if ansible_form_factor != 'Other' and ansible_form_factor != 'Unknown' %}
-'''Forme du serveur''' :
+'''Forme du serveur''' :
{{ ansible_form_factor }}
{% endif %}
@@ -56,7 +56,7 @@ et {{ (ansible_memory_mb.swap.total/1024)|round(1) }} GiB de SWAP.
== Caractéristiques logicielles ==
'''Système d'exploitation''' :
-{{ ansible_lsb.description }}
+{{ ansible_distribution }} {{ ansible_distribution_major_version }} ({{ ansible_distribution_release }})
'''Noyau''' :
{{ ansible_kernel }}
--
GitLab
From 239587395bf160f7837dfebb1237b58e3c72493c Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Wed, 30 Dec 2020 13:14:44 +0100
Subject: [PATCH 10/10] Update hosts
---
hosts | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hosts b/hosts
index ab857d5f..a87d64d9 100644
--- a/hosts
+++ b/hosts
@@ -103,9 +103,9 @@ routeur-jack.adm.crans.org
routeur-sam.adm.crans.org
[virtu]
-sam.adm.crans.org
daniel.adm.crans.org
jack.adm.crans.org
+sam.adm.crans.org
[crans_routeurs:children]
# dhcp TODO: Really needed ?
@@ -113,8 +113,9 @@ jack.adm.crans.org
routeurs_vm
[crans_physical]
-omnomnom.adm.crans.org
charybde.adm.crans.org
+omnomnom.adm.crans.org
+zamok.adm.crans.org
[crans_physical:children]
backups
@@ -142,6 +143,7 @@ monitoring.adm.crans.org
owl.adm.crans.org
owncloud.adm.crans.org
#re2o-ldap.adm.crans.org
+redisdead.adm.crans.org
roundcube.adm.crans.org
#silice.adm.crans.org
titanic.adm.crans.org
--
GitLab