1.建立使用者和組
groupadd -g 666 www
useradd -u 666 -g 666 -s /sbin/nologin -m www
groupadd -g 53 tomcat
useradd -u 53 -g 53 -s /sbin/nologin -m tomcat
- name: create group
group:
name: "}"
gid: "}"
loop:
- -
- name: create user
user:
name: "}"
uid: "}"
group: "}"
createhome: no
shell: /sbin/nologin
loop:
- -
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/^selinux=enforcing/selinux=disabled/g' /etc/selinux/config
- name: stop firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: stop selinux
selinux:
state: disabled
# 配置epel源
yum -y install epel-release
# nginx源
echo '
[nginx-stable]
name=nginx stable repo
baseurl=
gpgcheck=1
enabled=1
gpgkey=
module_hotfixes=true
' > /etc/yum.repos.d/nginx.repo
# 配置php源
rpm -uvh
# 配置epel源
- name: configure epel
yum:
name: epel-release
state: installed
# 配置nginx源
- name: configure nginx.repo
yum_repository:
name: nginx_stable
description: nginx yum repo
baseurl:
gpgcheck: no
priority: '1'
# 此處判斷只有web主機名和nginx_proxy主機名的才執行此操作
when: ( ansible_hostname is match ( 'web*' ) ) or
( ansible_hostname is match ( 'nginx_proxy*' ) )
# 配置php源
- name: configure php.repo
yum_repository:
name: php_72
description: php yum repo
baseurl:
gpgcheck: no
priority: '1'
# 此處判斷只有web主機名時才執行此操作
when: ( ansible_hostname is match ('web*') )
yum install nfs-utils rsync wget unzip glances lrzsz vim net-tools \
bash-completion tree mysql-python chrony -y
- name: install base software
yum:
name: "}"
state: installed
vars:
base_packages:
- nfs-utils
- rsync
- wget
- unzip
- glances
- lrzsz
- vim
- net-tools
- chrony
- bash-completion
- tree
- mysql-python
# 取消ssh的dns反向解析
sed -i 's/#usedns yes/usedns no/g' /etc/ssh/sshd_config
# 設定系統檔案數量限制
echo '
#soft nofile 65535
hard nofile 65535
soft soft 102400
hard nproc 102400
' >> /etc/security/limits.conf
# 取消ssh的dns反向解析
- name: modify ssh configure
replace:
path: /etc/ssh/sshd_config
regexp: '^#usedns yes'
replace: 'usedns no'
# 設定系統檔案數量限制
- name: set sysctl file limits
pam_limits:
domain: '*'
limit_type: "}"
limit_item: "}"
value: "}"
loop:
- -
- -
ansible 基礎入門
開始自動化運維工具ansible學習之路 ansible管理工具使用 m選項指定使用的模組,預設使用的是command模組 ansible host hostgroups m ping ansible host hostgroups m command a date cron有兩種狀態 state ...
ansible 基礎命令
ansible 命令總結 1.ad hoc 適合臨時執行任務 2.playbook 適合一些複雜的部署和配置環境 一 ad hoc 適合臨時執行任務 ansible doc l 檢視ansible的可用模組 1.pnig 檢查是否能聯通 2.yum 選項 name 安裝包名字 state 可以寫一些...
ansible 基礎模組
1 service systemd centos7推薦用systemd模組 name name.service 類似mysqld,nginx等 state started stoped reloaded restarted 動作 ed enabled yes 代表加入開機啟動 daemon relo...