From 0af5ca03d459b19942072075ba44b67b120c7403 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Mon, 9 Oct 2017 14:59:49 +0200
Subject: [PATCH] Add ansible-managed and nameserver roles

---
 roles/ansible-managed/.kitchen.yml      | 28 +++++++++++++++++++++++++
 roles/ansible-managed/README.md         | 11 ++++++++++
 roles/ansible-managed/defaults/main.yml |  2 ++
 roles/ansible-managed/tasks/main.yml    |  6 ++++++
 roles/ansible-managed/templates/motd.j2 |  4 ++++
 roles/ansible-managed/tests/test.yml    |  4 ++++
 roles/nameserver/README.md              | 13 ++++++++++++
 roles/nameserver/tasks/main.yml         | 27 ++++++++++++++++++++++++
 8 files changed, 95 insertions(+)
 create mode 100644 roles/ansible-managed/.kitchen.yml
 create mode 100644 roles/ansible-managed/README.md
 create mode 100644 roles/ansible-managed/defaults/main.yml
 create mode 100644 roles/ansible-managed/tasks/main.yml
 create mode 100644 roles/ansible-managed/templates/motd.j2
 create mode 100644 roles/ansible-managed/tests/test.yml
 create mode 100644 roles/nameserver/README.md
 create mode 100644 roles/nameserver/tasks/main.yml

diff --git a/roles/ansible-managed/.kitchen.yml b/roles/ansible-managed/.kitchen.yml
new file mode 100644
index 0000000..b21cc3d
--- /dev/null
+++ b/roles/ansible-managed/.kitchen.yml
@@ -0,0 +1,28 @@
+---
+driver:
+  name: docker
+  privileged: true
+  use_sudo: false
+
+provisioner:
+  name: ansible_playbook
+  hosts: test-kitchen
+  roles_path: ../
+  ansible_verbose: true
+  require_ansible_source: false
+  require_chef_for_busser: false
+  idempotency_test: true
+
+platforms:
+  - name: debian
+    driver_config:
+      image: evolix/ansible:2.2.1
+
+suites:
+  - name: default
+    provisioner:
+      name: ansible_playbook
+      playbook: ./tests/test.yml
+
+transport:
+  max_ssh_sessions: 6
diff --git a/roles/ansible-managed/README.md b/roles/ansible-managed/README.md
new file mode 100644
index 0000000..5b0f0e9
--- /dev/null
+++ b/roles/ansible-managed/README.md
@@ -0,0 +1,11 @@
+# ansible-managed
+
+Set some indications that the server is managed by Ansible and extra care yshould be given not no mess with it manually.
+
+## Tasks
+
+Everything is in the `tasks/main.yml` file.
+
+## Available variables
+
+* `project_repository` : project URL for the repository.
diff --git a/roles/ansible-managed/defaults/main.yml b/roles/ansible-managed/defaults/main.yml
new file mode 100644
index 0000000..7d7ef4d
--- /dev/null
+++ b/roles/ansible-managed/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+project_repository: "/!\\ No repository set, contact Evolix"
diff --git a/roles/ansible-managed/tasks/main.yml b/roles/ansible-managed/tasks/main.yml
new file mode 100644
index 0000000..16e7b0d
--- /dev/null
+++ b/roles/ansible-managed/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Set message of the day
+  template:
+    src: motd.j2
+    dest: /etc/motd
+    force: yes
diff --git a/roles/ansible-managed/templates/motd.j2 b/roles/ansible-managed/templates/motd.j2
new file mode 100644
index 0000000..58b468d
--- /dev/null
+++ b/roles/ansible-managed/templates/motd.j2
@@ -0,0 +1,4 @@
+
+SERVER MANAGED BY EVOLIX VIA ANSIBLE
+------------------------------------
+{{ project_repository | mandatory }}
diff --git a/roles/ansible-managed/tests/test.yml b/roles/ansible-managed/tests/test.yml
new file mode 100644
index 0000000..f6e76a3
--- /dev/null
+++ b/roles/ansible-managed/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: test-kitchen
+  roles:
+    - role: ansible-managed
diff --git a/roles/nameserver/README.md b/roles/nameserver/README.md
new file mode 100644
index 0000000..dc5ead9
--- /dev/null
+++ b/roles/nameserver/README.md
@@ -0,0 +1,13 @@
+# nameserver
+
+Set nameserver in /etc/resolv.conf.
+
+## Tasks
+
+Everything is in the `tasks/main.yml` file.
+
+## Available variables
+
+Main variables are :
+
+* `nameservers` : list of IP addresses of DNS servers ;
diff --git a/roles/nameserver/tasks/main.yml b/roles/nameserver/tasks/main.yml
new file mode 100644
index 0000000..4623fff
--- /dev/null
+++ b/roles/nameserver/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Get actual nameserver
+  shell: grep nameserver /etc/resolv.conf | awk '{ print $2 }'
+  register: grep_nameserver
+  check_mode: no
+  changed_when: false
+  tags:
+  - nameserver
+
+- name: Set nameserver
+  lineinfile:
+    dest: /etc/resolv.conf
+    line: "nameserver {{ item }}"
+    state: present
+  with_items: "{{ nameservers }}"
+  tags:
+  - nameserver
+
+- name: Unset others nameserver
+  lineinfile:
+    dest: /etc/resolv.conf
+    line: "nameserver {{ item }}"
+    state: absent
+  with_items: "{{ grep_nameserver.stdout_lines }}"
+  when: item not in nameservers
+  tags:
+  - nameserver