projects / noc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (initial)
added basic infra for ansible playbooks and roles
authorChristian Pointner <equinox@realraum.at>
Fri, 31 Mar 2017 02:50:32 +0000 (04:50 +0200)
committerChristian Pointner <equinox@realraum.at>
Fri, 31 Mar 2017 02:50:32 +0000 (04:50 +0200)
README-vault [new file with mode: 0644] patch | blob
ansible.cfg [new file with mode: 0644] patch | blob
hosts [new file with mode: 0644] patch | blob
log [new file with mode: 0644] patch | blob
open-vault.sh [new file with mode: 0755] patch | blob
secrets/dummy.yaml [new file with mode: 0644] patch | blob
vault-pass.gpg [new file with mode: 0644] patch | blob

diff --git a/README-vault b/README-vault
new file mode 100644 (file)
index 0000000..0e09ec0
--- /dev/null
+++ b/README-vault
@@ -0,0 +1,11 @@
+Creating key:
+    pwgen -s 128 -1 | gpg2 -e -a -o vault-pass.gpg
+
+Reencrypt for new set of keys:
+    ./open-vault.sh | gpg2 -e -a -o vault-pass.gpg
+
+Create a new vault file:
+    ansible-vault create secrets/foo.yaml
+
+Edit a vault file:
+    ansible-vault edit secrets/foo.yaml
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644 (file)
index 0000000..09bd8fe
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,13 @@
+[defaults]
+inventory = ./hosts
+remote_user = root
+log_path = ./log
+nocows=1
+vault_password_file = ./open-vault.sh
+
+gathering = smart
+var_compression_level = 9
+
+[ssh_connection]
+pipelining = True
+ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
diff --git a/hosts b/hosts
new file mode 100644 (file)
index 0000000..2f4919d
--- /dev/null
+++ b/hosts
@@ -0,0 +1,24 @@
+[baremetalservers]
+alfred
+
+[kvmhosts]
+alfred
+
+[virtualservers]
+athsdisc
+calendar
+ctf
+entrance
+galley
+hacksch
+r3home
+tickets
+tools
+
+[servers:children]
+baremetalservers
+virtualservers
+
+
+[desktops]
+wuerfel
diff --git a/log b/log
new file mode 100644 (file)
index 0000000..cd521ee
--- /dev/null
+++ b/log
@@ -0,0 +1 @@
+2017-03-31 04:46:19,866 p=15260 u=equinox |  ERROR! Missing target hosts
diff --git a/open-vault.sh b/open-vault.sh
new file mode 100755 (executable)
index 0000000..9490484
--- /dev/null
+++ b/open-vault.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+exec gpg2 --decrypt --batch < "${BASH_SOURCE%/*}/vault-pass.gpg" 2> /dev/null
diff --git a/secrets/dummy.yaml b/secrets/dummy.yaml
new file mode 100644 (file)
index 0000000..8c5c6b1
--- /dev/null
+++ b/secrets/dummy.yaml
@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+61386232386136363036383864626534633964363664303338326562386239643134376563613434
+3133616561366134623038663730356435353564623637640a656561653961343861623932343733
+38346565303536373235646537623766663737363331663333623266633234363764653734343037
+6364616234396665380a356235623063383936303033313436626234663261363164343436353266
+6262
diff --git a/vault-pass.gpg b/vault-pass.gpg
new file mode 100644 (file)
index 0000000..d333e16
--- /dev/null
+++ b/vault-pass.gpg
@@ -0,0 +1,52 @@
+-----BEGIN PGP MESSAGE-----
+
+hQIMA+Qd5U24qffPAQ//d9gulPUkndUq2aen6WpLeyNqmM0EQK+1Vc20e3sKAmQW
+6W1TCt7BIWj13Lmv5D0capuyLXYKrWxGLPazIDcvd6UvBGjvfnCdSecZJDhzQVtH
+ijurbkNjlfnzdVKv6pHRi3NA0/VXyKu4KlpaJxD56qWnB+y+OINESax7Nnbg0Crg
+kwI+/7b56lElBY2e1HFFE71ARsgx9NGuGh3ZLem4qv3uzbdo7PygKijc1udfBmpO
+3K94w3GSI0rahtGkU36JnbIXdqce8cEAtU13ThDXkIPcFtGy4o8B62G1EIB+MgzR
+wWYUJrCx4mZ9k+5EIEO3zjn4wPcOwibVuuxhG+mWVjbtUo5I4EeGn/cklwJ9ERe0
+Q+WeEws4RYiItq0mk0vS+arNUmUqtL7/OCum8kZsqze4bQ9/95GlYNB71Q1GsWoN
+kHeaqJw+koh3BrsQcw8CaUc/XVHXesl9A2feXtQnbd3FQtPSdVgWQ3Fq88XO/T3+
+Rmk+1QIrCg/4j6XGSHRMuHm3V6F/WyuvQOE/G9wZpdbmlJf9BVkCHjH6Iciuslp8
+kzh8YyV6bizghdBfD5AVcYCeLUPBRJ+Dn/PGxJ7HbpWK6t7J9MogFYfoOR0TbO2D
+y03ksCF7tFW1QJfUkd5oCiN/+c/0iWqZ9T6qT71RdbaKRffWcTDJPsHSz4hQP9CF
+AgwDsut2TczGUykBEACNYXA+eM6C9DARNPttNnqMGgOCpwYPLgAHPnv9iYC0KiWV
+fgkE4683cVwOBWgp60i9oqXc6FsHtL1R3nxXmfjNxUBrvRRtqiAZgA0ksL2CC0BJ
+1ePjBwkdS72YRdjBmn666Bg9wmZFyWbns9uLdfI6RdxQoWj0NwK6JIeebGu1HUvY
+s1ZCWOjO6zn5uYayOxQKGTCTJjAe/ydPdP9MUxlenKWbloozwMtfTyIUh4A6dcSc
+M+CzkO7gybsFyktWYQjF+1X/KgFYOfwyflm4amrDGxxi+Xsq0JUeuccvt48+X5J/
+KKuPmRmQqv+Tl0aIGrH+FHWRMcpWvRU+f+GUk3nAPYFgHOAM6IiNzi1T7ScQ+1li
+VoSTShR+UDnL17kV5gxVrT4tYc8/2EO+dyrGeeAGoBobg1Juc4fRWJQsnoLIOIsq
+5I7tX7rwIy5meMu314rYDoV0ZKXG76IgD+fH1tdOkElWhYfwWGU9Fo8cyPtFIFof
+PJGkzgvCaPkEXzn/+dR2/4cKakDy1oZBNck6K6SkEv0Be0GrNQCFUP/3ztCK0dgR
+KeOBu7FHiHn2tHB5yj92bbRvcQjZT0bNvLRilIlhuYvwKgPwGZCjyw5gKSTlKNDz
+45/2CdzubAi0nRuAMxrJiSMGXs53L0oWPsjYaHUNmc8s1ftpxWsVMO5z2ntKjIUC
+DAOvXK62loKnywEP/i2TbiZ7CbTU8IOuMWyfYOMAJ6WBIn+B9MmQ5DRVHejWCspW
+UaPTIQy4jzCNyLjGKm5faSd8dICHxRVxoi/v6brSr8P8XMheooBbUWF+dylC9bFj
+W4F4Np0X56I3itIvy3i5Ga7csgeMHJhQHEHP90cOv2Bm1K4L44SllN0/Us5sHmkN
+67saPVFQRv+wgdU0dOCNoguI2vRw9hNkiRwdBvAZZWykuFBsjQIFYTo9GbFqYRha
+XL2ZfIYRt6lf+k10dQkjGyvD1puMAZ7SFM0Y9RUFDN7dO94EIgDbqkhnWgQHiWj4
+zh2CErQ2x32xqjBtnAI55L0J8f8SW/AdkPPxweW7OTk6Ef3OVBLvAVrm0G+Jb+xn
+BYjFSmC1F2qgjTXUFXrN+oCeXD9bMJKvHpjHawqZGiZqEFOlnxZIH63VfEWGmqa2
+MbTZW31gCT8XWWG7bTcP7SPewZYANVG2M+wGiAz110yOFfKFLivspZZgyGbuR/4j
+0K2Nqk71RZ5tGRIthy+G/p0TenMxZTGy5mGuRiZTTyxbyoN6WpopiMLoH/Nx6Sjd
+PgLYDHkgkY3TooVMEKMBr2Ps/N6ZvbD4up4vUfRojssFT+wuoqOBan3NEuTL/OO0
+XGDB9RYsgnqWGa88Dw0t6byQcPU1hy5f5kQ4/qMnURbDLPnmZAK1RBGW0CNEhQIM
+A5935MibhBNKAQ//QgAHUP1sq2zFWO1+aMDSCt2breoG6puE6SMAW908kAuXTzif
+GPswr7P31qeGEOkBrXI3N/YItmuO+6bcG/KmIOxYXSuX0kgD/POVi2vNs3pMD5/e
+74aiu5IgRF8aP3BpfngvSYNwJMnDB541sWkS4s6FY2ipYe75dxhuWJxPZhCKmH3B
+TPH90qokZCVScLM9pOgCQ1J7xCkeGHvy6NkJ9k+LQVeD/JV1As4M88CNgQ1YDwXs
+hGZuwUBNsjlGZlrWvUONouHwQ0leRuT6yy3QnpCv4yYAJ2icG4xlyY3Zvw0uFO+7
+y8FW6Dzb9SUqxNdw2kBvpbPdyAkJG7nIgVD+aosh+Zh6JrWwK1OrDVHu4gkhKn0z
+dtcYSLSYRQfpbKcrwnR+Up3eFeIs9yJ0hoIanFbjNBeCpr8uXovhO8TQ4Cjj23bu
+xiv1t/g9QLgbsqZ0pXZyp/I8wRxdQ8Hpb7f82Ygx4ySDbEz4YIsi2CbasQpRO01x
+E6vRoh5Pl0VHD7yJKIp+dDRo555/pWMQF2lZuMj5pmlU7cTvg9+wwDljEftSkx8y
+264bNK/ZZRtitkEQMs4Xc9OSTyLv5QNqeAP+pz9etVbaTApbNVc8mhzHrYIPih4e
+4tLnRB8CdOG4r5FaF4tDm7yA257I1rE8COLbikxWtugfaLgrTHI628Z+UUPSvAFT
+DqgwzEEINcDIuksyKhcaamDVVuwkvxjOIeID4pqtNwcfbzpcbWQfKGpA25BNqy4o
+H6IDpj1EyCaPifbO1tVxH7n+Cs/Innyl0WYiuFPL/7a9fHeyhUo44xPSs5B3Iowm
+VCmpLAhr5rHC60gccITT34VOQ9/l/1NItgI6dz5AxUXwzaadEINGwzqIYOK2bqFl
+1eok+Pt8cFZP+FB3F8Nhz5V9xms08lDWf+8XDrgJfAkcuHF7hWV4/SB7
+=1RgH
+-----END PGP MESSAGE-----
realraum noc documentation and public ressources