Refactor ansible hosts.yml: Update hosts to include all servers

ansible/Playbooks/ansible-role-oh-my-zsh/defaults/main.yml

@@ -0,0 +1,34 @@
+---
+# Role vars.
+omz_install_zsh: false
+
+# User vars.
+omz_user: []
+#  - name: "someuser"
+#    group: "somegroup"
+#    settings: |
+#     export PATH="/usr/local/sbin:$path"
+#     alias l="ls -AF"
+
+# Oh My ZSH vars.
+omz_git_repository: "https://github.com/robbyrussell/oh-my-zsh.git"
+omz_install_directory: ".oh-my-zsh"
+
+# Oh My ZSH template vars.
+omz_zshrc_create: true
+omz_zshrc_template: "templates/zshrc.zsh-template.j2"
+omz_zshrc_backup: true
+omz_zshrc_force: true
+omz_zsh_theme: "robbyrussell"
+omz_case_sensitive: false
+omz_hyphen_insensitive: false
+omz_disable_auto_update: false
+omz_update_zsh_days: 13
+omz_disable_ls_colors: false
+omz_disable_auto_title: false
+omz_enable_correction: false
+omz_completion_waiting_dots: false
+omz_disable_untracked_files_dirty: false
+omz_hist_stamps: "mm/dd/yyyy"
+omz_zsh_custom: "$ZSH/custom"
+omz_plugins: []

ansible/Playbooks/ansible-role-oh-my-zsh/playbook.yaml

@@ -0,0 +1,26 @@
+---
+- name: Playbook
+  hosts: all
+  become: true
+
+  vars:
+    omz_install_zsh: true
+    users:
+      - name: "user"
+        group: "user"
+        settings: |
+          export PATH="/usr/local/sbin:$path"
+          alias l="ls -lah"
+  tasks:
+    - name: Run ansible-role-oh-my-zsh.
+      include_role:
+        name: "ansible-role-oh-my-zsh"
+      vars:
+        omz_user: "{{ item }}"
+        # Only create `.zshrc` for user 'lorem'; item.settings will be
+        # appended to `.zshrc` for the user 'ipsum'.
+        omz_zshrc_create: "{{ (item.name == 'user') | ternary(true, false) }}"
+        omz_plugins:
+          - "kubectl"
+          - "git"
+      with_items: "{{ users }}"

ansible/Playbooks/ansible-role-oh-my-zsh/readme.md

@@ -0,0 +1,127 @@
+# Ansible Role Oh My ZSH
+
+This is a basic Ansible role to enable and configure Oh My Zsh on Fedora,
+Ubuntu, or MacOS. It should also work on many other \*nix variants. It
+performs the following tasks:
+
+- Install and minimally configure Zsh:
+  - make sure it exists,
+  - set it as the default shell for the user specified by the role.
+- Install Oh My Zsh for each specified user (in `~/.oh-my-zsh` by default).
+- Configure (Oh My) Zsh by optionally creating a `.zshrc` file for each
+  specified user.
+- Alternately, configure Zsh by adding a block of lines to individual
+  users' `.zshrc` files.
+
+## Role variables
+
+| Variable name  | Default value | Description |
+|----------------|---------------|-------------|
+| `omz_install_zsh` | `false` | Defines whether or not the role should attempt to install Zsh. |
+| `omz_user` | `[]` | The user to install/configure (Oh My) Zsh for. See below for its properties. |
+| `omz_user.name` | `-` | The name of the user. |
+| `omz_user.group` | `-` | The group of the user |
+| `omz_user.settings` | `-` | Extra settings (as a mult-line string) such as variable exports or aliases to add to the user's `.zshrc` file. Only used if `omz_zshrc_create` is `true`. |
+| `omz_git_repository` | `https://github.com/robbyrussell/oh-my-zsh.git` | The git repo to clone Oh My Zsh from. |
+| `omz_install_directory` | `.oh-my-zsh` | The name of the directory to clone Oh My Zsh into. |
+| `omz_zshrc_create` | `true` | Whether or not to create `.zshrc`. If `true`, will create `.zshrc` from a template. |
+| `omz_zshrc_template` | `templates/zshrc.zsh-template.j2` | The template used to create the user's `.zshrc` file when `omz_zshrc_create` is `true`. |
+| `omz_zshrc_backup` | `true` | Whether or not to create backup the existing `.zshrc` files when the role changes it. |
+| `omz_zsh_theme` | `robbyrussell` | See `templates/zshrc.zsh-template`. |
+| `omz_case_sensitive` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_hyphen_insensitive` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_disable_auto_update` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_update_zsh_days` | `13` | See `templates/zshrc.zsh-template`. |
+| `omz_disable_ls_colors` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_disable_auto_title` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_enable_correction` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_completion_waiting_dots` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_disable_untracked_files_dirty` | `false` | See `templates/zshrc.zsh-template`. |
+| `omz_hist_stamps` | `mm/dd/yyyy` | See `templates/zshrc.zsh-template`. |
+| `omz_zsh_custom` | `$ZSH/custom` | See `templates/zshrc.zsh-template`. |
+| `omz_plugins` | `[]` | A list of Oh My Zsh plugins to enable. |
+
+## Role task files
+
+### `main.yml`: task coordination
+
+This file includes files that peform specific subsets of tasks.
+
+### `zsh.yml`: Zsh setup
+
+This task installs and sets zsh as the default shell for a user.
+
+#### Variables used
+
+- `omz_user`
+
+### `oh-my-zsh-install.yml`: Oh My Zsh installation
+
+This task clones the Oh My Zsh repository into the user directory of each
+specified user and sets the appropriate permissions on the directory.
+
+#### Variables used
+
+- `omz_user`
+- `omz_install_directory`
+- `omz_git_repository`
+- `omz_install_path`
+
+### `oh-my-zsh-zshrc.yml`: Oh My Zsh configuration
+
+This task creates the user a `.zshrc` file containing global values for various
+Oh My Zsh options based on [the `.zshrc` template in the oh-my-zsh repository](https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/templates/zshrc.zsh-template).
+The task can be configured to back up any existing `.zshrc` file.
+
+This task only runs when `omz_zshrc_create` is set to `true`.
+
+#### Variables used
+
+- `omz_user`
+- `omz_zshrc_template`
+- `omz_zshrc_backup`
+
+### `zsh-zshrc.yml`: final Zsh configuration
+
+This task adds individual lines to the `.zshrc` file. This is useful for adding
+Zsh settings on an already-existing `.zshrc` file without creating it
+from scratch.
+
+This task only runs when `omz_zshrc_create` is set to `false`.
+
+#### Variables used
+
+- `omz_user`
+- `omz_zshrc_backup`
+
+## Sample playbook
+
+    ---
+    - name: Playbook
+      hosts: all
+      become: true
+
+      vars:
+        omz_install_zsh: true
+        users:
+          - name: "lorem"
+            group: "lorem"
+            settings: ""
+          - name: "ipsum"
+            group: "ipsum"
+            settings: |
+              export PATH="/usr/local/sbin:$path"
+              alias l="ls -AF"
+      tasks:
+        - name: Run ansible-role-oh-my-zsh.
+          include_role:
+            name: "ansible-role-oh-my-zsh"
+          vars:
+            omz_user: "{{ item }}"
+            # Only create `.zshrc` for user 'lorem'; item.settings will be
+            # appended to `.zshrc` for the user 'ipsum'.
+            omz_zshrc_create: "{{ (item.name == 'lorem') | ternary(true, false) }}"
+            omz_plugins:
+              - "autojump"
+              - "git"
+          with_items: "{{ users }}"

ansible/Playbooks/ansible-role-oh-my-zsh/tasks/main.yml

@@ -0,0 +1,34 @@
+---
+# Make sure zsh is installed and set to the user's default shell.
+- name: "OMZ | include zsh.yml tasks."
+  include_tasks: "zsh.yml"
+  tags:
+    - "zsh"
+    - "configure"
+    - "configurezsh"
+
+# Install oh-my-zsh.
+- name: "OMZ | include oh-my-zsh.yml tasks."
+  include_tasks: oh-my-zsh-install.yml
+  tags:
+    - "oh-my-zsh"
+    - "install"
+    - "installohmyzsh"
+
+# Configure oh-my-zsh with a custom .zshrc template if omz_zshrc_create
+# is set to 'true'.
+- name: "OMZ | include oh-my-zsh-zshrc.yml tasks."
+  include_tasks: oh-my-zsh-zshrc.yml
+  tags:
+    - "oh-my-zsh"
+    - "configure"
+    - "configureohmyzsh"
+
+# Finally, add exports etc to .zshrc /last/ (i.e. so they get added to whaterver
+# .zshrc exists.
+- name: "OMZ | include zsh-zshrc.yml tasks."
+  include_tasks: zsh-zshrc.yml
+  tags:
+    - "zsh"
+    - "configure"
+    - "configurezsh"

ansible/Playbooks/ansible-role-oh-my-zsh/tasks/oh-my-zsh-install.yml

@@ -0,0 +1,21 @@
+---
+- name: "OMZ | establish install location."
+  set_fact:
+    omz_install_path: "/{{ omz_user_home_dir }}/{{ omz_user.name }}/{{ omz_install_directory }}"
+
+- name: "OMZ | clone Oh My ZSH repo for user."
+  git:
+    repo: "{{ omz_git_repository }}"
+    dest: "{{ omz_install_path }}"
+    update: "true"
+    accept_hostkey: "true"
+    version: "master"
+  register: "omz_clone"
+
+- name: "OMZ | set ownership on newly cloned repository."
+  file:
+    path: "{{ omz_install_path }}"
+    owner: "{{ omz_user.name }}"
+    group: "{{ omz_user.group }}"
+    recurse: "true"
+  when: "omz_clone is changed"

ansible/Playbooks/ansible-role-oh-my-zsh/tasks/oh-my-zsh-zshrc.yml

@@ -0,0 +1,14 @@
+---
+- name: "OMZ | derive user .zshrc path."
+  set_fact:
+    omz_user_zshrc_path: "/{{ omz_user_home_dir }}/{{ omz_user.name }}/.zshrc"
+
+- name: "OMZ | template .zshrc into place if required."
+  template:
+    src: "{{ omz_zshrc_template }}"
+    dest: "{{ omz_user_zshrc_path }}"
+    owner: "{{ omz_user.name }}"
+    group: "{{ omz_user.group }}"
+    backup: "{{ omz_zshrc_backup }}"
+    force: "{{ omz_zshrc_force }}"
+  when: "omz_zshrc_create"

ansible/Playbooks/ansible-role-oh-my-zsh/tasks/zsh-zshrc.yml

@@ -0,0 +1,14 @@
+---
+# Note that we assume this file exists! lineinfile will fail if the file is
+# not present.
+- name: "OMZ | export vars to .zshrc if required."
+  blockinfile:
+    dest: "{{ omz_user_zshrc_path }}"
+    block: "{{ omz_user.settings }}"
+    backup: "{{ omz_zshrc_backup }}"
+  when:
+    - "omz_user.settings is defined"
+    # Don't flag this line for checking if the value is empty--checking for an
+    # empty value makes perfect sense.
+    - "omz_user.settings != ''"  # noqa 602
+    - "not omz_zshrc_create"

ansible/Playbooks/ansible-role-oh-my-zsh/tasks/zsh.yml

@@ -0,0 +1,32 @@
+---
+- name: "OMZ | establish home directory."
+  set_fact:
+    omz_user_home_dir: "{{ (ansible_system == 'Darwin') | ternary('Users', 'home') }}"
+
+- name: "OMZ | ensure zsh is installed."
+  block:
+    - name: "OMZ | install zsh for Linux."
+      package:
+        name: "zsh"
+        state: "present"
+      when:
+        - "ansible_system == 'Linux'"
+        - "omz_install_zsh"
+
+    - name: "OMZ | install zsh for macOS."
+      homebrew:
+        name: "zsh"
+        state: "present"
+      when:
+        - "ansible_system == 'Darwin'"
+        - "omz_install_zsh"
+
+- name: "OMZ | get zsh installed path."
+  shell: "command -v zsh"
+  register: omz_zsh_installed_path
+  changed_when: "false"
+
+- name: "OMZ | get user shell to zsh."
+  user:
+    name: "{{ omz_user.name }}"
+    shell: "{{ omz_zsh_installed_path.stdout }}"

ansible/Playbooks/ansible-role-oh-my-zsh/templates/zshrc.zsh-template.j2

@@ -0,0 +1,89 @@
+# Managed by Ansible. This file may be overwritten when playbooks are run!
+
+# If you come from bash you might have to change your $PATH.
+# export PATH=$HOME/bin:/usr/local/bin:$PATH
+
+# Path to your oh-my-zsh installation.
+export ZSH=/{{ omz_user_home_dir }}/{{ omz_user.name }}/{{ omz_install_directory }}
+
+# Set name of the theme to load. Optionally, if you set this to "random"
+# it'll load a random theme each time that oh-my-zsh is loaded.
+# See https://github.com/robbyrussell/oh-my-zsh/wiki/Themes
+ZSH_THEME="{{ omz_zsh_theme }}"
+
+# Uncomment the following line to use case-sensitive completion.
+CASE_SENSITIVE="{{ omz_case_sensitive }}"
+
+# Uncomment the following line to use hyphen-insensitive completion. Case
+# sensitive completion must be off. _ and - will be interchangeable.
+HYPHEN_INSENSITIVE="{{ omz_hyphen_insensitive }}"
+
+# Uncomment the following line to disable bi-weekly auto-update checks.
+DISABLE_AUTO_UPDATE="{{ omz_disable_auto_update }}"
+
+# Uncomment the following line to change how often to auto-update (in days).
+export UPDATE_ZSH_DAYS={{ omz_update_zsh_days }}
+
+# Uncomment the following line to disable colors in ls.
+DISABLE_LS_COLORS="{{ omz_disable_ls_colors }}"
+
+# Uncomment the following line to disable auto-setting terminal title.
+DISABLE_AUTO_TITLE="{{ omz_disable_auto_title }}"
+
+# Uncomment the following line to enable command auto-correction.
+ENABLE_CORRECTION="{{ omz_enable_correction }}"
+
+# Uncomment the following line to display red dots whilst waiting for completion.
+COMPLETION_WAITING_DOTS="{{ omz_completion_waiting_dots }}"
+
+# Uncomment the following line if you want to disable marking untracked files
+# under VCS as dirty. This makes repository status check for large repositories
+# much, much faster.
+DISABLE_UNTRACKED_FILES_DIRTY="{{ omz_disable_untracked_files_dirty }}"
+
+# Uncomment the following line if you want to change the command execution time
+# stamp shown in the history command output.
+# The optional three formats: "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd"
+HIST_STAMPS="{{ omz_hist_stamps }}"
+
+# Would you like to use another custom folder than $ZSH/custom?
+ZSH_CUSTOM={{ omz_zsh_custom }}
+
+# Which plugins would you like to load? (plugins can be found in ~/.oh-my-zsh/plugins/*)
+# Custom plugins may be added to ~/.oh-my-zsh/custom/plugins/
+# Example format: plugins=(rails git textmate ruby lighthouse)
+# Add wisely, as too many plugins slow down shell startup.
+plugins=({{ omz_plugins | join(" ") }})
+
+source $ZSH/oh-my-zsh.sh
+
+# User configuration
+
+# export MANPATH="/usr/local/man:$MANPATH"
+
+# You may need to manually set your language environment
+# export LANG=en_US.UTF-8
+
+# Preferred editor for local and remote sessions
+# if [[ -n $SSH_CONNECTION ]]; then
+#   export EDITOR='vim'
+# else
+#   export EDITOR='mvim'
+# fi
+
+# Compilation flags
+# export ARCHFLAGS="-arch x86_64"
+
+# ssh
+# export SSH_KEY_PATH="~/.ssh/dsa_id"
+
+# Set personal aliases, overriding those provided by oh-my-zsh libs,
+# plugins, and themes. Aliases can be placed here, though oh-my-zsh
+# users are encouraged to define aliases within the ZSH_CUSTOM folder.
+# For a full list of active aliases, run `alias`.
+#
+# Example aliases
+# alias zshconfig="mate ~/.zshrc"
+# alias ohmyzsh="mate ~/.oh-my-zsh"
+
+{{ omz_user.settings }}

ansible/inventory/01-physical.yml

@@ -30,7 +30,11 @@ arm64:
       ansible_host: 192.168.50.205
       ansible_user: user
       ansible_become_method: sudo
-    dc08:
+    node07:
+      ansible_host: 192.168.50.207
+      ansible_user: user
+      ansible_become_method: sudo
+    node08:
       ansible_host: 192.168.50.208
       ansible_user: user
       ansible_become_method: sudo

ansible/playbook.yml

@@ -1,29 +0,0 @@
----
-- name: Update APT package list and upgrade packages
-  # hosts: "dc00,dc01,dc02,dc03,dc04,dc05,dc09"
-  hosts: prod
-  become: true
-  become_method: su
-
-  vars:
-    ansible_user: user
-
-  tasks:
-    - name: Update APT package list
-      ansible.builtin.apt:
-        update_cache: true
-        upgrade: dist
-
-    - name: Check if a reboot is required.
-      stat:
-        path: /var/run/reboot-required
-      register: reboot_required_file
-
-    - name: Reboot the server (if required).
-      debug:
-        msg: "Ansible Version: {{ reboot_required_file.stdout }}"
-      when: reboot_required_file.stat.exists == true
-
-    - name: Remove dependencies that are no longer required.
-      apt:
-        autoremove: yes

ansible/readme.md

@@ -2,6 +2,6 @@
 
 ## Update all packages
 ```bash
-ansible-playbook -i inventory playbooks/update/update-noreboot.yml -l '!dc08' -K
+ansible-playbook -i inventory playbooks/update/update-noreboot.yml -l '!node08' -K
 ansible-playbook -i inventory playbooks/update/update-noreboot.yml -l 'prod' -K
 ```