Commit b253ce61 authored by julian.gethmann's avatar julian.gethmann

Update README.md

parent 8bbd9801
# [Ansible](https://docs.ansible.com/ansible/index.html) repository for LAS/CS NSQ computer
You need to have access to this repository (you need to add your public ssh-key (`ssh-keygen`) to your profile here).
Then you can clone the git repository to work on in locally.
`git clone git@git.scc.kit.edu:las/ansible.git`
You need to have access to this repository (you need to add your public ssh-key (`ssh-keygen; cat ~/.ssh/id_rsa.pub`) to your profile here).
Then you can clone the git repository to work on it locally.
`git clone git@git.scc.kit.edu:las-it-organisation/32-0-IT-InstructionsAndRules/ansible.git`
Add your computer to the `hosts` file or if you are just testing add it to the local file.
Add your computer to the `hosts` file or if you are just testing add it to a `local` file.
Add your ``hostname`` under each role name (the name in the square brackets) you want to be run on your computer.
Also create a new file which is named
after your [fully-qualified-domain-name](https://de.wikipedia.org/wiki/Domain_(Internet)#Fully_Qualified_Domain_Name_.28FQDN.29}) (FQDN) in the `host_vars` directory including a [yaml](https://docs.ansible.com/ansible/YAMLSyntax.html) list with some host specific configuration variables, e. g. copy another similar host and adjust it.
These files do not have the `.yml` extension and do not start with `---` as most of the other yaml files do.
Then create a file named after your FQDN with the extension ``.yml`` in the main directory of ansible which includes all the roles one want to run. This step needs root privileges and therefore makes only sense for the first installation of a computer.
Install ansible and some dependencies:
......@@ -24,12 +23,14 @@ sudo ansible-playbook --limit $(hostname -f) --vault-id @prompt sites.yml
```
* If you only want some parts of the roles to be run, you can use the option `-t TAGNAME` to run only those tasks with the given tag.
You might want to skip some tasks like the update (`--skip-tags update`). To find out what tags are available you can use `--list-tags`.
* The vault-password is known to the usual suspects.
Unfortunately you need to know the vault password to let ansible run.
If you have got root access to obelix, then you should try to run ansible from that host.
The repository is located at `/root/ansible` and you should pull before running ansible. The advantage is, that it is tested.
There might be a tmux running for that purpose anyway.
The repository is located at `/root/ansible` and you should `git pull` there before running ansible.
The advantage is, that it is tested and the ssh-keys are deployed to the workstations.
Maybe you want to run ansible from within a [tmux](https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/HowTo/-/blob/master/Running%20programs%20in%20the%20background%20and%20connect%20to%20them%20again.md#screen-and-tmux) session to avoid problems with breaking ssh-connections.
### Ask for new software
Open an issue in the GitLab issue tracker and use the template for softwarerequests.
......@@ -50,11 +51,11 @@ requst by adding the software name to the list of `extra_software` in the
* python.yml: basic python_stack for scientific Python usage (including fitting) ^1
* ipynb.yml: IPython/Jupyter notebook ^1
* nfs.yml:
* nfs-server: export /las-archiv1 to our network
* lasarchiv: client side mount las126/las-archiv1
* nfs-server: export /las-archiv1 to our network (currently not working, see issue #42)
* lasarchiv: client side mount obelix/las-archiv1
* admin.yml: tools for administrators
* chrome.yml: Google Chrome for Fedora (for Adobe Connect usage)
* dhcpd.yml: DHCPd primary and secondary server on Fedora
* dhcpd.yml: base role for DHCPd (as dependency or guide)
* elegant.yml: elegant (no Pelegant, yet)
* inovesa.yml: [Inovesa](https://github.com/Inovesa/Inovesa)
* kdev.yml: KDevelope (with Python PlugIn) ^1
......@@ -78,15 +79,16 @@ After installing Opera via ansible you must confirm the license agreement at fir
# Develop new roles, extend or modify existing ones and update roles for new software
## Branches
All roles in the master branch should work and should not brake on any of our systems (desktop, server, simulation, notebooks). The `site.yml` should always be runnable and include all roles that are stable and not explicitly for setup purposes only.
All roles in the master branch should work and should not brake on any of our systems (desktop, server, simulation, notebooks). The `sites.yml` should always be runnable and include all roles that are stable and not explicitly for setup purposes only.
For development and testing you should use development branches like `dev-latex`.
You can check the syntax of the files by running `ansible-playbook --check-syntax filename.yml` (or by using the pre-commit-hook from the Snipplets.
You can check the syntax of the files by running `ansible-playbook --check-syntax filename.yml` (or by using the pre-commit-hook from the Snipplets).
If you just want to install one or many packages you can use `kdev.yml` as a basis or if it is not interesting for others you might want to add it to your host file instead.
Be aware that the development branches here are not save and the owner might force push to them!
However they might be a good resource of hints and documentation!
# Run as admin
## Bootstraping
......@@ -115,6 +117,8 @@ The prompts `#` show that you are working at root.
and provide the root password for the new host.
You may also want to save and run the sudo rule for one user and computer (snippet $435) to grant someone access to that computer.
## Decommission/Uninstall a host
* edit the ``add_ipa_host.yml`` and uncomment the uninstall step in it.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment