From 028e9b186c8d8bd5f3b7d371a728a23fee85b88c Mon Sep 17 00:00:00 2001 From: Justin Lamp Date: Wed, 12 Jan 2022 12:23:16 +0100 Subject: [PATCH] Cleanup --- group_vars/all/main.yml | 7 ++----- group_vars/{sys => webserver}/main.yml | 1 - hosts.ini | 13 ++++++++++--- main.yml | 2 +- requirements.txt | 24 ++++++++++++++++++++++++ roles/posthooks/defaults/main.yml | 25 +++++++++++++++++++------ roles/posthooks/tasks/main.yml | 21 +++++++++++++++++---- roles/vmware_snapshot/tasks/main.yml | 16 ++++++---------- 8 files changed, 79 insertions(+), 30 deletions(-) rename group_vars/{sys => webserver}/main.yml (94%) create mode 100644 requirements.txt diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index 2755989..a76c13e 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -69,7 +69,9 @@ updates_categories: posthooks_rollback: true # Automatically removes snapshot after update installation posthooks_autoremove: true +# Enables Mail delivery after playbook run mail_enabled: true +# Examples for the supported mail delivery settings: https://docs.ansible.com/ansible/latest/collections/community/general/mail_module.html mail: host: mail.local port: 25 @@ -78,8 +80,3 @@ mail: password: {} from: "ansible@mail.local (Ansible No-Reply)" to: User - subject: Patching of {{ inventory_hostname }} succeded - body: | - {{ inventory_hostname }} was successfully patched! - This is the status: - {{ win_update | default(mail_status_error) | to_nice_json }} \ No newline at end of file diff --git a/group_vars/sys/main.yml b/group_vars/webserver/main.yml similarity index 94% rename from group_vars/sys/main.yml rename to group_vars/webserver/main.yml index dc03ac5..fe75cef 100644 --- a/group_vars/sys/main.yml +++ b/group_vars/webserver/main.yml @@ -1,5 +1,4 @@ --- -ansible_user: Administrator ansible_password: !vault | $ANSIBLE_VAULT;1.1;AES256 32366635313164333337343535393261643030363537623364636436323133313139373331633964 diff --git a/hosts.ini b/hosts.ini index 97ac699..775c951 100644 --- a/hosts.ini +++ b/hosts.ini @@ -1,6 +1,13 @@ [local] localhost ansible_connection=local -[sys] -dc01 ansible_host=1.1.1.1 -dc02 ansible_host=2.2.2.2 +[sys:children] +dc +webserver + +[dc] +dc01 ansible_host=10.13.2.1 + +[webserver] +web01 ansible_host=10.13.1.123 ansible_user=svc-ansible +web02 ansible_host=10.13.1.221 ansible_user=other-ansible-user diff --git a/main.yml b/main.yml index 826878a..af18ded 100644 --- a/main.yml +++ b/main.yml @@ -14,7 +14,7 @@ role: vmware_snapshot tag: snapshot -- name: Windows Update +- name: Windows Update hosts: sys tags: updates gather_facts: false diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..87f034c --- /dev/null +++ b/requirements.txt @@ -0,0 +1,24 @@ +ansible==5.1.0 +ansible-core==2.12.1 +certifi==2021.10.8 +cffi==1.15.0 +charset-normalizer==2.0.10 +cryptography==36.0.1 +idna==3.3 +Jinja2==3.0.3 +lxml==4.7.1 +MarkupSafe==2.0.1 +ntlm-auth==1.5.0 +packaging==21.3 +pycparser==2.21 +pyOpenSSL==21.0.0 +pyparsing==3.0.6 +pyvmomi==7.0.3 +pywinrm==0.4.2 +PyYAML==6.0 +requests==2.27.1 +requests-ntlm==1.1.0 +resolvelib==0.5.4 +six==1.16.0 +urllib3==1.26.7 +xmltodict==0.12.0 diff --git a/roles/posthooks/defaults/main.yml b/roles/posthooks/defaults/main.yml index bae27ce..02fe1f2 100644 --- a/roles/posthooks/defaults/main.yml +++ b/roles/posthooks/defaults/main.yml @@ -9,12 +9,30 @@ vcenter_username: "Administrator@vsphere.local" vcenter_password: "password" posthooks_rollback: true -posthooks_autoremove: true +posthooks_autoremove: false mail_enabled: false mail_status_error: msg: No status available + +mail_success_subject: Patching of {{ inventory_hostname }} succeded +mail_success_message: | + {{ inventory_hostname }} was successfully patched! + This is the status: + {{ win_update | default(mail_status_error) | to_nice_json }} +mail_failure_subject: Patching of {{ inventory_hostname }} failed +mail_failure_message: | + {% if posthooks_rollback == true %} + {% set mail_msg = "As a result, the VM was reverted to the snapshot." %} + {% else %} + {% set mail_msg = "The VM was not changed, but it is strongly advised to roll back to the last Snapshot" %} + {% endif %} + {{ inventory_hostname }} failed to install updates. {{ mail_msg }} + + This is the status of Windows Update: + {{ win_update | default(mail_status_error) | to_nice_json }} + mail: host: mail.local port: 25 @@ -23,8 +41,3 @@ mail: password: {} from: "ansible@mail.local (Ansible No-Reply)" to: User - subject: Patching of {{ inventory_hostname }} succeded - body: | - {{ inventory_hostname }} was successfully patched! - This is the status: - {{ win_update | default("{'msg': 'No status available'}") | to_nice_json }} \ No newline at end of file diff --git a/roles/posthooks/tasks/main.yml b/roles/posthooks/tasks/main.yml index 26cea51..3ac446d 100644 --- a/roles/posthooks/tasks/main.yml +++ b/roles/posthooks/tasks/main.yml @@ -34,8 +34,8 @@ uuid: "{{ machine[0].uuid }}" snapshot_name: "{{ snapshot_name }}" state: absent -- name: Sending E-Mail - when: mail_enabled +- name: Sending E-Mail (unsuccessful) + when: mail_enabled and update_successful | default(true) == false delegate_to: localhost community.general.mail: host: "{{ mail.host }}" @@ -45,5 +45,18 @@ from: "{{ mail.from }}" secure: "{{ mail.secure }}" to: "{{ mail.to }}" - subject: "{{ mail.subject }}" - body: "{{ mail.body }}" \ No newline at end of file + subject: "{{ mail_failure_subject }}" + body: "{{ mail_failure_message }}" +- name: Sending E-Mail (successful) + when: mail_enabled and update_successful | default(true) + delegate_to: localhost + community.general.mail: + host: "{{ mail.host }}" + port: "{{ mail.port }}" + username: "{{ mail.username }}" + password: "{{ mail.password }}" + from: "{{ mail.from }}" + secure: "{{ mail.secure }}" + to: "{{ mail.to }}" + subject: "{{ mail_success_subject }}" + body: "{{ mail_success_message }}" \ No newline at end of file diff --git a/roles/vmware_snapshot/tasks/main.yml b/roles/vmware_snapshot/tasks/main.yml index 25c06a1..956b82b 100644 --- a/roles/vmware_snapshot/tasks/main.yml +++ b/roles/vmware_snapshot/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Gather Facts of all VMs in variable machines. when: inventory_hostname in groups['local'] - local_action: - module: vmware_vm_info + delegate_to: localhost + vmware_vm_info: hostname: "{{ vcenter_hostname }}" username: "{{ vcenter_username }}" password: "{{ vcenter_password }}" @@ -19,31 +19,27 @@ msg: "{{ machine[0].uuid }}" - name: Remove old VM-Snapshots when: inventory_hostname not in groups['local'] - local_action: - module: vmware_guest_snapshot + delegate_to: localhost + vmware_guest_snapshot: datacenter: "{{ vcenter_datacenter }}" hostname: "{{ vcenter_hostname }}" username: "{{ vcenter_username }}" password: "{{ vcenter_password }}" validate_certs: "{{ vcenter_certifcate_validation }}" uuid: "{{ machine[0].uuid }}" - #name: "{{ vcenter_vmname }}" - #folder: "/{{ datacenter }}/vm/" state: absent snapshot_name: "{{ snapshot_name }}" description: "{{ snapshot_description }}" - name: Create new VM-Snapshots when: inventory_hostname not in groups['local'] - local_action: - module: vmware_guest_snapshot + delegate_to: localhost + vmware_guest_snapshot: datacenter: "{{ vcenter_datacenter }}" hostname: "{{ vcenter_hostname }}" username: "{{ vcenter_username }}" password: "{{ vcenter_password }}" validate_certs: "{{ vcenter_certifcate_validation }}" uuid: "{{ machine[0].uuid }}" - #name: "{{ vcenter_vmname }}" - #folder: "/{{ datacenter }}/vm/" state: present snapshot_name: "{{ snapshot_name }}" description: "{{ snapshot_description }}" \ No newline at end of file