From 4cb8b4190f0551b24fa07a653a2cc0cca4de83f6 Mon Sep 17 00:00:00 2001 From: Whisker Jones Date: Wed, 22 May 2024 16:42:32 -0600 Subject: [PATCH] ansible setup --- tech_docs/automation/ansible/ssh_ansible.md | 182 ++++++++++++++++++++ 1 file changed, 182 insertions(+) create mode 100644 tech_docs/automation/ansible/ssh_ansible.md diff --git a/tech_docs/automation/ansible/ssh_ansible.md b/tech_docs/automation/ansible/ssh_ansible.md new file mode 100644 index 0000000..2ad2ef2 --- /dev/null +++ b/tech_docs/automation/ansible/ssh_ansible.md @@ -0,0 +1,182 @@ +Here's the refactored version of your technical guide based on the suggestions provided: + +### Step-by-Step Guide to Setting Up GitHub SSH Keys on Ansible Control Node + +#### Step 1: Generate SSH Keys for GitHub Access + +1. **Generate SSH key pair for GitHub access**: + ```bash + ssh-keygen -t rsa -b 4096 + ``` + - When prompted, save the key in a specific file (e.g., `/home/prometheus/.ssh/github_rsa`). + - Enter a passphrase for added security. + +2. **Add the SSH key to the SSH agent**: + ```bash + eval "$(ssh-agent -s)" + ssh-add /home/prometheus/.ssh/github_rsa + ``` + +3. **Copy the public key**: + ```bash + cat /home/prometheus/.ssh/github_rsa.pub + ``` + +#### Step 2: Add SSH Key to GitHub + +1. **Go to GitHub**: + - Navigate to your GitHub account settings. + - Go to "SSH and GPG keys" > "New SSH key". + +2. **Add your SSH public key**: + - Title: `ansible-control-node` + - Key: Paste the contents of `/home/prometheus/.ssh/github_rsa.pub` + +#### Step 3: Configure SSH to Use the Key for GitHub + +1. **Edit SSH configuration**: + ```bash + nano /home/prometheus/.ssh/config + ``` + +2. **Add the following configuration**: + ```ini + Host github.com + HostName github.com + IdentityFile /home/prometheus/.ssh/github_rsa + IdentitiesOnly yes + ``` + +3. **Set the correct permissions**: + ```bash + chmod 600 /home/prometheus/.ssh/config + ``` + +#### Step 4: Clone Your GitHub Repository + +1. **Navigate to the home directory**: + ```bash + cd ~ + ``` + +2. **Clone the repository using the SSH URL**: + ```bash + git clone git@github.com:crazystorm720/ansible.git ~/ansible + ``` + +#### Step 5: Configure Ansible Inventory and Configuration + +1. **Navigate to the repository directory**: + ```bash + cd ~/ansible + ``` + +2. **Create the necessary directories and files**: + ```bash + mkdir -p group_vars host_vars roles + touch hosts.ini ansible.cfg setup_playbook.yml + ``` + +3. **Configure the inventory file**: + ```ini + # hosts.ini + [managed_hosts] + target_host1 ansible_host=192.168.1.1 ansible_user=prometheus + target_host2 ansible_host=192.168.1.2 ansible_user=prometheus + ``` + +4. **Create Ansible configuration file**: + ```ini + # ansible.cfg + [defaults] + inventory = hosts.ini + remote_user = prometheus + host_key_checking = False + private_key_file = /home/prometheus/.ssh/id_rsa + + [privilege_escalation] + become = True + become_method = sudo + become_user = root + ``` + +#### Step 6: Create a Basic Playbook + +1. **Create the playbook file**: + ```yaml + # setup_playbook.yml + --- + - name: Setup Ansible environment + hosts: managed_hosts + vars: + ssh_public_key_path: "/home/prometheus/.ssh/id_rsa.pub" + ansible_user: prometheus + + tasks: + - name: Ensure SSH directory exists for the user + file: + path: "/home/{{ ansible_user }}/.ssh" + state: directory + owner: "{{ ansible_user }}" + group: "{{ ansible_user }}" + mode: "0700" + + - name: Copy SSH public key to authorized_keys file + authorized_key: + user: "{{ ansible_user }}" + key: "{{ lookup('file', ssh_public_key_path) }}" + state: present + + - name: Ping the target hosts + ping: + ``` + +#### Step 7: Commit and Push Your Changes to GitHub + +1. **Add all files to the staging area**: + ```bash + git add . + ``` + +2. **Commit your changes**: + ```bash + git commit -m "Initial commit: Set up Ansible environment and SSH key management for prometheus user" + ``` + +3. **Push your changes to GitHub**: + ```bash + git push origin main + ``` + +#### Step 8: Test the Setup + +1. **Test the connection to the managed hosts**: + ```bash + ansible all -m ping + ``` + Verify that you can connect to the managed hosts and that the SSH key authentication works as expected. + +#### Step 9: Run the Playbook + +1. **Navigate to your Ansible directory** (if not already there): + ```bash + cd ~/ansible + ``` + +2. **Run the playbook**: + ```bash + ansible-playbook setup_playbook.yml + ``` + +### Summary + +1. **Generate SSH Keys**: Create an SSH key pair specifically for GitHub access. +2. **Add SSH Key to GitHub**: Add the public key to your GitHub account. +3. **Configure SSH**: Set up the SSH configuration to use the new key for GitHub. +4. **Clone Repository**: Clone your GitHub repository to your control node. +5. **Configure Ansible**: Set up inventory, configuration files, and playbook. +6. **Commit and Push to GitHub**: Add, commit, and push your changes to the repository. +7. **Test the Setup**: Verify that you can connect to the managed hosts using Ansible and that the SSH key authentication works as expected. +8. **Run the Playbook**: Execute the playbook to configure the managed hosts. + +By following these streamlined steps, you'll have a properly set up Ansible control node with secure SSH key management for GitHub, and all required components for SSH key management, playbooks, and version control via GitHub. If you have any further questions or need additional assistance, feel free to ask!