Ansible roles

These Ansible roles are simple in style and work well together on many distributions and many Ansible version.

Integration tests

A weekly test to verify if roles work well together.

Build Status ARA report.

Unit tests

A monthly test to see of the role still works on the current distributions. Some roles contain a version that requires frequent changes and tests.

4tr></tr>
#Role nameBuild statusVersion
1alternatives
2anaconda
3ansible
4ansible_lint
5apt_autostart
6ara
7artifactory
8at
9atom
10auditd
11awx
12backup
13bios_update
14bootstrap
15buildtools
16ca
17cargo
18clamav
19cloud9
20cntlm
21common
22container_docs
23cron
24dhcpd
25digitalocean-agent
26dns
27docker
28docker-ce
29dovecot
30dsvpn
31earlyoom
32environment
33epel
34etherpad
35firewall
36fail2ban
37git
38gitlab_runner
39glusterfs
40go
41gotop
42haproxy
43haveged
44httpd
45hostname
46investigate
47irslackd
48java
49jenkins
50kernel
51logrotate
52logwatch
53locale
54lynis
55mediawiki
56memcached
57mitogen
58molecule
59mssql
60mysql
61natrouter
62nginx
63npm
64ntp
65obsproject
66openssh
67openvas
68openvpn
69owncloud
70packer
71php
72php_fpm
73phpmyadmin
74postfix
75postgres
76powertop
77python_pip
78reboot
79redis
80release
81remi
82restore
83revealmd
84rpmfusion
85roundcubemail
86rsyslog
87ruby
88rundeck
89scl
90selinux
91service
92skeletonnot tested
93snort
94sosreport
95spamassassin
96squid
97storage
98stratis
99subversion
100sudo-pair
101sysctl
102sysstat
103terraform
104tftpd
105tomcat
106travis
107update
108update_package_cache
109ulimit
110users
111vagrant
112xinetd
113y
114zabbix
115zabbix_repository
116zabbix_server
117zabbix_agent
118zabbix_proxy
119zabbix_web

Dependencies

Most roles have a “soft dependency” described in requirements.yml. You can choose to use those roles if you like them. Here is an overview of these soft dependencies.

Overview of dependencies

The dependencies are soft for these reasons:

Because these dependecies are loose, you have to include them in your playbook yourself:

- name: make the best machine ever
  hosts: all
  become: yes

  roles:
    - role: robertdebock.bootstrap
    - role: robertdebock.java
    - role: robertdebock.tomcat

Some roles have a hard dependecies” on another role, mainy for a shared handler or variables set in the parent role, used in the child role. More details on how to use these roles. These hard dependencies are describe in meta/main.yml under dependencies.

Role Depends on Reason
ca httpd inherited variable
common reboot A reboot is used in tasks/main.yml with include_role.
openvpn selinux SELinux is configured in tasks/main.yml with include_role.
openvpn ca OpenSSL keys are created in tasks/main.yml with include_role.
php httpd handler
phpmyadmin httpd handler
roundcubemail httpd handler
selinux reboot A reboot is used in tasks/main.yml with include_role.
spamassassin rsyslog handler
tftpd xinetd handler
update reboot A reboot is used in tasks/main.yml with include_role.
zabbix httpd handler & inherited variable

Here is an overview of the hard dependencies:

Overview of hard dependencies

Tests

Unit tests and integration tests are use to verify the quality of the roles, read more about testing

Distributions

The goal is to let all Ansible roles work on as many distributions as possible, but this is sometimes not possible. For each distribution, the current and previous release is tested. A role may work on diferent distributions, like Red Hat Enterprise Linux (RHEL), but it’s not tested against it. By default these Linux distributions are included in the tests:

Distribution Version(s)
Archlinux latest
Alpine latest & edge*
CentOS 6 & latest
Debian stable & unstable*
Fedora latest & rawhide*
OpenSUSE leap & tumbleweed
Ubuntu latest, devel* & rolling

Exceptions in distributions

Some Ansible roles do not work on all distributions. This table lists why.

Ansible role Excepted Linux distribution(s) Reasoning
ara CentOS 6 Depends on Ansible role python_pip.
awx CentOS 6 Depends on Ansible role python_pip.
cargo Alpine & CentOS 6 Weird error & rust is too old.
cloud9 Alpine npm: exec: line 2: /home/cloud9/.c9/node/bin/node: not found.
cloud9 ArchLinux, CentOS 6 Python version 2.7 is required to install pty.js..
cloud9 OpenSUSE configure: error: "curses not found".
digitalocean-agent Alpine, ArchLinux, OpenSUSE Not supported by DigitalOcean.
digitalocean-agent Debian, Ubuntu Package attempts to start service which is not possible in Docker.
docker CentOS 6 Depends on Ansible role python_pip.
docker_ce Many Docker CE has limited support for distributions.
glusterfs Alpine GlusterFS is not available.
httpd CentOS 6 the SNI (Subject Name Indication) extension to TLS is not available on this platform.
mitogen CentOS 6 Depends on Ansible role python_pip.
mssql Alpine, ArchLinux, CentOS 6, Debian, Fedora, OpenSUSE Tumbleweed & Ubuntu latest Not supported by Microsoft.
openvas Archlinux, CentOS 6 Depends on Ansible role python_pip and selinux.
owncloud CentOS 6 Depends on Ansible role python_pip.
php CentOS 6 Depends on Ansible role httpd.
phpmyadmin CentOS 6 Depends on Ansible role httpd.
phpmyadmin Alpine There is no MySQL, only mariadb.
python_pip CentOS 6 No package matching 'python-pip' found available.
redis CentOS 6 Depends on Ansible role python_pip.
revealmd OpenSUSE Tumbleweed No JSON object could be decoded.
roundcubemail CentOS 6 Depends on Ansible role httpd.
rsyslog ArchLinux Package is only available in AUR.
selinux ArchLinux Package is only available in AUR.
spamassassin Archlinux Depends on Ansible role rsyslog.
sudo_pair Alpine & CentOS 6 Depends on Ansible role cargo.
tftpd Alpine Depends on Ansible role xinetd.
tftpd Archlinux The package tftpd is not available.
xinetd Alpine The package xinetd is not available.
zabbix ArchLinux, Alpine, Debian, Fedora & OpenSUSE Zabbix has limited OS support.

Ansible version

The goal is to let all roles work on these Ansible version:

See errors? Please help and make a merge request on git.