From 091ecb76b2b3e327d0d5cfbff332c383f864394a Mon Sep 17 00:00:00 2001
From: Ger Strikwerda <g.j.c.strikwerda@rug.nl>
Date: Thu, 5 Apr 2018 17:04:05 +0200
Subject: [PATCH] rugcms

---
 hosts      | 16 +++++++++++++++
 rugcms.yml | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 74 insertions(+)
 create mode 100644 hosts
 create mode 100644 rugcms.yml

diff --git a/hosts b/hosts
new file mode 100644
index 0000000..be70a33
--- /dev/null
+++ b/hosts
@@ -0,0 +1,16 @@
+[rugcms]
+
+cms-fa21 ansible_host=cms-fa21.service.rug.nl ansible_port=22
+cms-fa22 ansible_host=cms-fa22.service.rug.nl ansible_port=22
+cms-fa23 ansible_host=cms-fa23.service.rug.nl ansible_port=22
+cms-fa24 ansible_host=cms-fa24.service.rug.nl ansible_port=22
+
+cms-fp21 ansible_host=cms-fp21.service.rug.nl ansible_port=22
+cms-fp22 ansible_host=cms-fp22.service.rug.nl ansible_port=22
+cms-fp23 ansible_host=cms-fp23.service.rug.nl ansible_port=22
+
+[acc]
+cms-fa[21:24]
+
+[prod]
+cms-fp[21:23]
diff --git a/rugcms.yml b/rugcms.yml
new file mode 100644
index 0000000..12655a1
--- /dev/null
+++ b/rugcms.yml
@@ -0,0 +1,58 @@
+# catchall rugcms ansible uitrol script:
+#
+# - create rugcms group
+# - create rugmcs user, lid van rugcms en homedir /local_disk
+# - push ssh-keys rugcms user
+# - install packages
+# - upgrade all rpms
+# - disable selinux
+#
+# Usage: $ ansible-playbook rugcms.yml 
+---
+- name: rugcms ansible  
+  hosts: "{{ myhosts | default('acc')}}" 
+  
+  tasks:
+    - group:
+        name:  rugcms
+        state: present
+
+    - user:
+        name: rugcms
+        comment: "rugcms user"
+        state: present
+        group: rugcms
+        home: /local_disk
+
+    - authorized_key:
+        user: rugcms 
+        key: '{{ item }}'
+        state: present
+      with_items:
+            - 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAz/4D/jhUycyYS8gOrQDs+BqK+MLzfB9kb60W9zGTs9KigKGUOtvZ78mb1F2+ouy/uQUbOO4MoUu+fOzSlSE56GdyTSc/RsLaoHde2aRalXnRf55tuIVgv6MNG7siZt1i4iDhm/uql8nzc7m0Ompr9XXLXOQ0ZGFPViLLYyRcLOc= r.m.uittenbroek@rug.nl'
+            - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoRM/8ItzD87bvO6WVwDS83mkLUv0fo1dUxBzGB0w9j+a4vtUbcGm13TXp6zIS6zZqj09QD8jznO1OE92tC1axjuwENbAi7WiqaFMJdqB6MLN4Fxo4xa5LaadDTFbd4yLI1lzheowfPvFypUW90L4ToEkKkvgp+r+4C7BrLLUTzksS3PzBB2jp25XimdbxQvbZS74RdEa4O1Xqz0A4+FbM9r90OIJGrexVTKb2jpQk3bhTIpCXDkRldA1PLYSPoUAmCViGPoHCoyNbtZj8MWDjOKH/Ut/WXg5z60JfFqHazkHsQiJ9YkgUk2zy/7cjl5Pl8DVkPp79c/F5YFw492XN rugcms@charanga'
+
+    - name: Install epel-repo 
+      yum: name=epel-release state=latest
+
+    - name: Install ntp package
+      yum: name=ntp state=latest
+ 
+    - name: Install yum-utils
+      yum: name=yum-utils state=latest
+
+    - name: upgrade all packages
+      yum: name=* state=latest
+
+    - name: disable selinux
+      selinux: state=disabled
+
+    - name: start ntp service
+      systemd:
+          name: ntpd.service
+          state: started
+
+    - name: disable firewalld
+      systemd:
+         name: firewalld.service
+         state: stopped