ssh-copy-id root@10.66.10.29
ssh-copy-id root@10.66.10.29You should now be able to SSH into the host without a password you can try this
ssh root@10.66.10.29Configure your ansible host these are in /etc/ansible/hosts
[testserver]
10.66.10.29
cd to /etc/ansible/playbook place the below in this directory, along with index.html
INDEX.HTML
<html>
<head>
<title>Welcome to ansible</title>
</head>
<body>
<h1>nginx, configured by Ansible</h1>
<p>If you can see this, Ansible successfully installed nginx.</p>
<p>{{ ansible_managed }}</p>
</body>
</html>
---
- name: Install nginx
hosts: testserver
become: true
tasks:
- name: Add epel-release repo
yum:
name: epel-release
state: present
- name: Install nginx
yum:
name: nginx
state: present
- name: Insert Index Page
template:
src: index.html
dest: /usr/share/nginx/html/index.html
- name: Start NGiNX
service:
name: nginx
state: started
- firewalld:
service: https
permanent: yes
state: enabled
- firewalld:
zone: public
service: http
permanent: yes
state: enabled
- name: Bounce firewalld
service:
name: firewalld
state: restartedRun your playbook with
ansible-playbook build-nginx-firewalld.yml
We can verity on the remote machine that the above has been configured on the remote machine
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: dhcpv6-client http https ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# systemctl status nginx
● nginx.service – The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset : disabled)
Active: active (running) since Wed 2020-08-26 11:10:27 BST; 3h 38min ago
Process: 18598 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 18595 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 18594 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status =0/SUCCESS)
Main PID: 18600 (nginx)
CGroup: /system.slice/nginx.service
├─18600 nginx: master process /usr/sbin/nginx
└─18601 nginx: worker process
Aug 26 11:10:27 localhost.localdomain systemd[1]: Starting The nginx HTTP and…
Aug 26 11:10:27 localhost.localdomain nginx[18595]: nginx: the configuration …
Aug 26 11:10:27 localhost.localdomain nginx[18595]: nginx: configuration file…
Aug 26 11:10:27 localhost.localdomain systemd[1]: Failed to parse PID from fi…
Aug 26 11:10:27 localhost.localdomain systemd[1]: Started The nginx HTTP and …
Hint: Some lines were ellipsized, use -l to show in full
This verifies that the firewalld configuration has been applied to the remote host as configured in our playbook
You can also web browser to your NGINX server via the IP, index.html should then be shown as below.
