Ansible For Security by Examples 9788090853676, 9788090853683
Ansible is an Open Source IT automation tool. This book contains all of the obvious and not-so-obvious best practices of
209 49 1MB
English Pages 954 Year 2022
Table of contents :
Cover Page
Ansible For Security by Examples
Introduction
Whois Luca Berton
Ansible For Beginners With Examples
What is Ansible
Getting Started
Inventory
Playbook
Variables
Facts and Magic Variables
Vault
Conditional
Loop
Handler
Role
Ansible Best Practices
Install Ansible
Ansible terminology - ansible vs ansible-core packages
How to install Ansible in RedHat Enterprise Linux (RHEL) 8 with Ansible Engine
How to install Ansible in Ubuntu 20.04
How to install Ansible in Fedora 35
How to install Ansible in CentOS 9 Stream
How to install Ansible in Windows 11 WSL Windows Subsystem for Linux
How to install Ansible in SUSE Linux Enterprise Server (SLES) 15 SP3
How to install Ansible with PIP
How to install Ansible in RedHat Enterprise Linux 9 Beta
How to install Ansible in Amazon Linux 2 (AWS EC2)
How to install Ansible in Debian 11
Ansible For Linux
Ansible terminology - ansible_hostname vs inventory_hostname vs ansible_fqdn
Three options to Safely Limit Ansible Playbooks Execution to a Single Machine
Ansible modules - command vs shell
Test host availability - Ansible module ping
How to print a text or a variable during the execution with Ansible
Edit single-line text - Ansible module lineinfile
Edit multi-line text - Ansible module blockinfile
Pause execution - Ansible module pause
Execute command on the Ansible host - Ansible localhost
Read a file into a variable on host - Ansible lookup plugin file
Reboot remote hosts - Ansible module reboot
Checkout git repository via HTTPS - Ansible module git
Checkout git repository via SSH - Ansible module git
Copy files to remote hosts - Local to Remote - Ansible module copy
Copy files from remote hosts - Remote to Local - Ansible module fetch
Start and enable services on boot on Linux remote hosts - Ansible module service_facts, service
Restart services on remote hosts - Ansible module service
Stop and disable services on boot on remote hosts - Ansible module service_facts, service
Apply a file template - Ansible module template - HTML placeholder
Loop in file template - Ansible module template - Generate hosts file
Schedule a Cron Job task in Linux - Ansible module cron
How to Pass Variables to Ansible Playbook in command line? - Ansible extra variables
Break a string over multiple lines - Ansible Literal and Folded Block Scalar operators
Read a file from remote hosts - Ansible module slurp
Read an environment variable - Ansible lookup plugin env”
Set remote environment per task or play - Ansible environment statement
Permanently Set Remote System Wide Environment Variables on Linux - /etc/environment - Ansible module lineinfile
Ansible Code reuse: Roles and Collections with Ansible Galaxy
Download and Use Ansible Galaxy Role - ansible-galaxy and requirements.yml
Download and Use Ansible Galaxy Collection - ansible-galaxy and requirements.yml
Ansible for Linux Filesystem
Create an empty file - Ansible module file
Create a text file - Ansible module copy
Check if a file exists - Ansible module stat
How to create a directory with Ansible?
How to check if a directory exists in Ansible?
How to rename a file or directory using an Ansible task on a remote system?
Change file permission - Ansible module file
Add Execute Permission 755 Linux file - Ansible module file
Delete file or directory - Ansible module file
Download a file - Ansible module get_url
Extract an archive - Ansible module unarchive
Create a symbolic link (also symlink or soft link) in Linux - Ansible module file
Create a hard link in Linux - Ansible module file
Mount a Windows share in Linux SMB/CIFS - Ansible module mount
Mount an NFS share in Linux - Ansible module mount
Concatenate multiple files in a specific order - Ansible module template and YAML
Backup With Rsync - Local to Remote - Ansible module synchronize
Ansible For Linux User Management
Ansible create a user account
Ansible remove user account
Ansible change user password
Ansible disable user account
Ansible enable user account
Ansible user password expiration
Ansible creates a group
Ansible deletes a group account
Ansible changes the User Primary Group on Linux
Ansible adds a user to a secondary group(s)
Ansible Playbook Code interact with Web Services API
Submit a GET request to a REST API endpoint - Interact with web services - Ansible module uri
Token-Based Authentication in REST API - Interact with web-service - Ansible module uri - Authentication request using the REST API token
Ansible For Containers
Ansible install Docker in Debian-like systems
Ansible install Docker in RedHat-like systems
Install Docker in Windows-like systems - Ansible module win_chocolatey
Install Red Hat CodeReady Containers to run OpenShift 4 in macOS
Create Kubernetes K8s or OpenShift OCP namespace project - Ansible module k8s
Install Zoom flatpak in Debian-like systems - Ansible module flatpak
Install Zoom flatpak in RedHat-like systems - Ansible module flatpak
Update Zoom flatpak(s) in Linux systems - Ansible module command
Install Spotify snap in Debian-like systems - Ansible module snap
Install Spotify snap in RedHat-like systems - Ansible module snap
Deploy Apache Web Server in a Docker Container for Debian-like systems - Ansible modules docker_image and docker_container
Deploy Apache Web Server in a Podman Container for RedHat-like systems - Ansible modules podman_image and podman_container
Ansible For Linux Security
Set sysctl kernel parameters - Ansible module sysctl
Load and Unload Kernel Modules in Linux - Ansible module modprobe
Set the SELinux Policy States and Modes on Linux - Ansible module selinux
Configure Kernel Parameters in RedHat-like Linux systems - Ansible system role
Enable or Disable SELinux Boolean on Linux - Ansible module seboolean
Enable or Disable Permissive Domain in SELinux policy on Linux - Ansible module selinux_permissive
Vulnerability Scanner/Detector Log4Shell Remote Code Execution Log4j (CVE-2021–44228) — Ansible log4j-cve-2021–44228
Ansible Playbook Code for RedHat-like systems
Register a system with Red Hat Subscription-Manager - Ansible module redhat_subscription
Install a package in RedHat like systems - Ansible module yum
Rolling Update RedHat like systems - Ansible module yum
Open firewall ports in RedHat like systems - Ansible module firewalld
Install Google Chrome in RedHat-like systems - Ansible module rpm_key, yum_repos
Install Microsoft Edge in RedHat-like systems - Ansible module rpm_key, yum_repository and yum
NFS Server - Export an NFS Share in RedHat-like systems: RHEL, CentOS, CentOS Stream, Fedora - Ansible modules yum, file, lineinfile, command, firewalld, service
Deploy a web server apache httpd on RedHat-like systems - Ansible modules yum, copy, service firewalld
Deploy a proxy server squid on RedHat-like systems - Ansible modules yum, template, service and firewalld
Deploy a web server apache httpd virtualhost on RedHat-like systems - Ansible modules yum, file, copy, template, service and firewalld
Ansible Playbook Code for Debian-like systems
Install a package in Debian like systems - Ansible module apt
Rolling Update Debian-like systems - Ansible module apt
Open firewall ports in Debian like systems - Ansible module ufw
Install Google Chrome in Debian-like systems - Ansible module apt_key, apt_repos
Deploy a web server apache httpd on Debian-like systems - Ansible modules apt, copy, service and ufw
Deploy a web server apache httpd virtual host on Debian-like systems - Ansible modules apt, file, copy, template, command, ufw and service
Ansible Playbook Code for Suse-like systems
Install a package in Suse-like systems - Ansible module zypper
Install Google Chrome in Suse-like systems - Ansible module rpm_key, zypper_repo
Ansible Troubleshooting The Most Common Errors
Ansible troubleshooting - connection failed
Ansible troubleshooting - macOS fork error
Ansible troubleshooting - indentation error
Ansible troubleshooting - syntax error
Ansible troubleshooting - undefined variable
Ansible troubleshooting - invalid argument
Ansible troubleshooting - privilege escalation error
Ansible troubleshooting - missing sudo password and incorrect sudo password
Ansible troubleshooting - missing module parameter
Ansible troubleshooting - failure downloading
Ansible troubleshooting - chgrp failed
Ansible troubleshooting - not a valid attribute for a Play error
Ansible troubleshooting - fatal template error while templating string
Ansible troubleshooting - PowerShell incompatible with the sudo become plugin
Ansible troubleshooting - passwordless account
Ansible troubleshooting - user module password_expiry_min bug
Ansible troubleshooting - Windows 10 Error 0x80370102 WSL: Windows Subsystem for Linux
Ansible troubleshooting - Windows 11 Error 0x80370102 WSL: Windows Subsystem for Linux
Ansible troubleshooting - urlopen error
Ansible troubleshooting - destination does not exist
Ansible troubleshooting - “role not found” error
Ansible troubleshooting - permission denied Errno 13
Ansible troubleshooting - VARIABLE IS NOT DEFINED! ansible_hostname
Ansible troubleshooting - This command has to be run under the root user
Thank you
