added examples

Signed-off-by: Marc Ahlgrim <marc@onemarcfifty.com>

examples/inventory/10-static.yaml

@@ -0,0 +1,42 @@
+all:
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+    ansible_connection: ssh
+    ansible_user: ansiblessh
+  hosts:
+  children:
+    Windows:
+      hosts:
+        sampleWindowsHost:
+      vars:
+        ansible_user: "ansibleWin"
+        ansible_password: {{ansibleWinPassword}}
+        ansible_connection: winrm
+        ansible_winrm_transport: credssp
+        ansible_winrm_server_cert_validation: ignore
+    Dropbear:
+      vars:
+        ansible_user: root
+    Routers:
+      hosts:
+        sampleOpenWrtRouter:
+          ansible_host: 192.168.1.1 
+      vars:
+        ansible_user: root
+    nopython:
+      vars:
+        ansible_python_interpreter: /usr/bin/false
+    cloud:
+      hosts:
+        sampleCloudHost:
+          ansible_host: sdsgfdaflhksh.online-server.cloud
+        sampleCloudHost2: 
+          ansible_host: v6823468956489275648763.happysrv.de
+      vars:
+          ansible_user: ansiblessh
+          ansible_port: 4444
+    rundeckhost:
+      hosts:
+        rundeck: 
+      vars:
+        ansible_connection: local

examples/inventory/20-nmap.yaml

@@ -0,0 +1,5 @@
+plugin: community.general.nmap
+strict: False
+address: 192.168.1.0/24
+sudo: yes
+cache: yes

examples/inventory/30-pve-proxmox.yaml

@@ -0,0 +1,9 @@
+plugin: community.general.proxmox
+url: https://yourproxmoxserver:8006
+user: api@pve
+token_id: apitoken
+token_secret: YOUR-API-TOKEN-SECRET-HERE
+want_facts: true
+want_proxmox_nodes_ansible_host: true
+#compose:
+#  ansible_host: proxmox_ipconfig0.ip | default(proxmox_net0.ip) | ipaddr('address')

examples/inventory/50-zabbix_inventory.yaml

@@ -0,0 +1,21 @@
+plugin: community.zabbix.zabbix_inventory
+server_url: http://yourzabbixserver/zabbix
+login_user: api
+login_password: YOUR-ZABBIX-API-PASSWORD-HERE
+host_zapi_query:
+  selectApplications: ['name', 'applicationid']
+  selectParentTemplates: ['name']
+  selectGroups: ['name']
+validate_certs: false
+groups:
+  zbx_enabled: zbx_status == "0"
+  zbx_disabled: zbx_status == "1"
+  Debian: "'ansible.Debian' in (zbx_groups | join)"
+  zbx_Ansible: "'ansible' in (zbx_groups | join)"
+  NoAnsible: "'ansible' not in (zbx_groups | join)"
+  Dropbear: "'ansible.Dropbear' in (zbx_groups | join)"
+  nopython: "'ansible.NoPython' in (zbx_groups | join)"
+  Routers: "'ansible.Routers' in (zbx_groups | join)"
+  MultiMedia: "'Multimedia' in (zbx_groups | join)"
+  kodi: "'Kodi' in (zbx_groups | join)"
+

examples/inventory/99-construct.yaml

@@ -0,0 +1,14 @@
+plugin: constructed
+strict: False
+
+groups:
+  Routers: "'router' in inventory_hostname"
+  sandbox: "'sandbox' in inventory_hostname"
+  nmap: "ports is defined"
+  Dropbear: "'archerc7' in inventory_hostname"
+  nopython: "'archerc7' in inventory_hostname"
+  Servers: "'pve' in inventory_hostname"
+  kodi: "'kodi' in inventory_hostname"
+  Windows: "'win' in inventory_hostname"
+  
+  

examples/playbooks/deploy-ansible.yaml

@@ -0,0 +1,61 @@
+---
+
+# ##############################################
+# this is a playbook I use in order to deploy
+# ansible to target nodes.
+# ##############################################
+
+
+# ##############################################
+# first we use a raw ssh connection in order to 
+# install python3
+# so that we can use ansible modules for the
+# next steps
+# ##############################################
+
+  - name: make sure python is installed
+    hosts: all
+    gather_facts: false
+    become: false
+
+    tasks:
+    - name: Install python3
+      raw: "apt update && apt install python3"
+
+# ##############################################
+# Now we can - still as root or whatever user
+# we use for the first connection - do the 
+# following tasks with ansible already.
+# the variables for this are defined in rundeck.
+# ##############################################
+
+
+  - name: set up user and ssh environment
+    hosts: all
+    gather_facts: false
+    become: true
+
+    tasks:
+
+    - name: Install sudo apt on debianish hosts
+      apt:
+        name: sudo
+        update_cache: yes
+#      when: "'debian' in group_names"
+ 
+    - name: Add a new user named ansiblessh
+      user:
+          name=ansiblessh
+          password={{ ansiblessh_password }}
+ 
+    - name: Add ansiblessh user to the sudoers
+      copy:
+          dest:    "/etc/sudoers.d/ansiblessh"
+          content: "ansiblessh  ALL=(ALL)  NOPASSWD: ALL"
+ 
+    - name: Deploy SSH Key
+      authorized_key: user=ansiblessh
+                      key="{{ lookup('id_rsa', '/var/lib/rundeck/.ssh') }}"
+                      state=present
+ 
+ 

examples/playbooks/lockdownssh.yaml

@@ -0,0 +1,42 @@
+---
+
+# ##############################################
+# this is a playbook I use in order to lock down
+# ssh access, i.e. disable root login and
+# force ssh key usage for everyone else
+# ##############################################
+
+
+  - name: disable password auth
+    hosts: all
+    become: true
+    gather_facts: false
+        
+    tasks:
+
+    - name: Disable Password Authentication
+      lineinfile:
+           dest=/etc/ssh/sshd_config
+           regexp='^PasswordAuthentication'
+           line="PasswordAuthentication no"
+           state=present
+           backup=yes
+      notify:
+       - restart ssh
+ 
+    - name: Disable Root Login
+      lineinfile:
+           dest=/etc/ssh/sshd_config
+           regexp='^PermitRootLogin'
+           line="PermitRootLogin no"
+           state=present
+           backup=yes
+      notify:
+       - restart ssh
+ 
+    handlers:
+    - name: restart ssh
+      service:
+       name=sshd
+       state=restarted
+

examples/playbooks/show_ansible_facts.yaml

@@ -0,0 +1,33 @@
+---
+
+# ##############################################
+# Show ansible facts
+# ##############################################
+
+
+# ##########################
+  - name: show facts
+    hosts: all:!Windows
+    gather_facts: true
+    become: true
+# ##########################
+
+    tasks:
+
+    - name: Print all available facts
+      ansible.builtin.debug:
+#        var: ansible_facts
+        msg: "{{ ansible_facts | dict2items | selectattr('value.macaddress', 'defined') | map(attribute='value') | list }}"
+
+# ##########################
+  - name: show facts
+    hosts: Windows
+    gather_facts: true
+    become: false
+# ##########################
+
+    tasks:
+
+    - name: Print all available facts
+      ansible.builtin.debug:
+        var: ansible_facts.interfaces

examples/playbooks/windows_samples.yaml

@@ -0,0 +1,31 @@
+---
+
+# ##############################################
+# Some samples how to use ansible on Windows 
+# targets see here for documentation:
+# https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html
+# ##############################################
+
+  - name: Some Windows Tests
+    hosts: all
+    become: false
+    gather_facts: true
+    tasks:
+
+    - name: send message to users
+      win_msg:
+        msg: "hello from Ansible !"
+        update_cache: yes
+
+    - name: Print all available facts
+      ansible.builtin.debug:
+        var: ansible_facts
+
+    - name: Speech Test
+      win_say:
+        start_sound_path: C:\Windows\Media\Windows Balloon.wav
+        msg: "Nur ein Test für die Sprachausgabe"
+        end_sound_path: C:\Windows\Media\chimes.wav
+
+    - name: Get whoami information
+      win_whoami:

install_ansible_rundeck.sh

@@ -14,7 +14,7 @@ USERPASSWORD=onemarcfifty
 
 apt update
 apt -y upgrade
-apt install -y python3 pip sudo wget curl
+apt install -y python3 pip sudo wget curl git nmap
 
 # now let's add the rundeck user