Ansible Playbooks
1. Simple Playbook to Install a Package
yaml
—
– name: Install Nginx web server
hosts: webservers
become: yes
tasks:
– name: Install nginx package
apt:
name: nginx
state: present
In this example, the playbook installs the Nginx web server on a group of hosts
called webservers.
2. Playbook to Start and Enable a Service
yaml
—
– name: Ensure Nginx is running
hosts: webservers
become: yes
tasks:
– name: Start Nginx service
service:
name: nginx
state: started
enabled: yes
This playbook ensures the Nginx service is started and enabled to start on boot.
3. Playbook to Configure a File
yaml
—
– name: Configure Nginx
hosts: webservers
become: yes
tasks:
– name: Copy the Nginx configuration file
template:
src: /path/to/nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify:
– restart nginx
handlers:
– name: restart nginx
service:
name: nginx
state: restarted
This playbook copies a customized Nginx configuration file using the template
module and restarts the Nginx service if the configuration changes.
4. Playbook to Install Multiple Packages
yaml
—
– name: Install common utilities
hosts: all
become: yes
tasks:
– name: Install packages
apt:
name:
– curl
– vim
– git
state: present
This playbook installs multiple packages (curl, vim, and git) on all specified hosts.
5. Playbook to Install Apache Web Server and Configure Virtual Host
yaml
—
– name: Install Apache Web Server and Configure Virtual Host
hosts: webservers
become: yes
tasks:
– name: Install Apache
apt:
name: apache2
state: present
– name: Copy virtual host configuration file
template:
src: /path/to/vhost.conf.j2
dest: /etc/apache2/sites-available/vhost.conf
notify:
– restart apache
– name: Enable the virtual host
command: a2ensite vhost.conf
notify:
– restart apache
handlers:
– name: restart apache
service:
name: apache2
state: restarted
This playbook installs Apache, configures a virtual host using a template, and
enables the virtual host configuration.
6. Playbook to Create Users and Set Permissions
yaml
—
– name: Create Users and Set Permissions
hosts: all
become: yes
tasks:
– name: Create a new user
user:
name: “{{ item.username }}”
state: present
shell: /bin/
loop:
– { username: “user1” }
– { username: “user2” }
– name: Create directory and set permissions
file:
path: “/home/{{ item.username }}/shared”
state: directory
mode: ‘0775’
owner: “{{ item.username }}”
group: “{{ item.username }}”
loop:
– { username: “user1” }
– { username: “user2” }
This playbook creates two users (user1 and user2), and it also sets up a shared
directory for each user with appropriate permissions.
7. Playbook to Backup a Directory
yaml
—
– name: Backup Directory
hosts: all
become: yes
tasks:
– name: Create backup directory
file:
path: “/backup”
state: directory
– name: Copy files to backup directory
copy:
src: “/path/to/important_data”
dest: “/backup/”
remote_src: yes
mode: ‘0644’
– name: Verify backup
stat:
path: “/backup/important_data”
register: backup_status
– name: Display backup status
debug:
msg: “Backup created successfully”
when: backup_status.stat.exists
This playbook creates a backup of a directory (/path/to/important_data) to a
/backup folder and verifies the backup.
8. Playbook to Set Up a MySQL Database
yaml
—
– name: Set up MySQL Database and User
hosts: dbservers
become: yes
vars:
b_name: mydatabase
db_user: dbuser
db_password: “secret”
tasks:
– name: Install MySQL server
apt:
name: mysql-server
state: present
– name: Start MySQL service
service:
name: mysql
state: started
enabled: yes
– name: Create a database
mysql_db:
name: “{{ db_name }}”
state: present
– name: Create a user and grant privileges
mysql_user:
name: “{{ db_user }}”
password: “{{ db_password }}”
priv: “{{ db_name }}.*:ALL”
state: present
This playbook installs MySQL, starts the MySQL service, creates a database
(mydatabase), and creates a user with privileges on the database.
9. Playbook to Update System Packages
yaml
—
– name: Update System Packages
hosts: all
become: yes
tasks:
– name: Update apt cache
apt:
update_cache: yes
– name: Upgrade all packages
apt:
upgrade: dist
This playbook updates the system’s package cache and performs a full system
upgrade.
10. Playbook to Manage a Firewall
yaml
—
– name: Manage Firewall Rules
hosts: all
become: yes
tasks:
– name: Ensure ufw is installed
apt:
name: ufw
state: present
– name: Allow SSH through firewall
ufw:
rule: allow
name: ‘OpenSSH’
– name: Deny all incoming traffic
ufw:
default: deny
direction: incoming
– name: Allow outgoing traffic
ufw:
default: allow
direction: outgoing
– name: Enable the firewall
ufw:
state: enabled
This playbook installs the ufw firewall, configures firewall rules to allow SSH and
deny incoming traffic by default while allowing outgoing traffic.
11. Playbook to Set Up a Node.js Application
yaml
—
– name: Set up Node.js Application
hosts: webservers
become: yes
tasks:
– name: Install Node.js
apt:
name: nodejs
state: present
– name: Install npm
apt:
name: npm
state: present
– name: Deploy application files
copy:
src: /path/to/app/
dest: /var/www/myapp/
mode: ‘0755’
– name: Install dependencies
npm:
path: /var/www/myapp/
state: present
– name: Start the application
shell: nohup node /var/www/myapp/app.js &
This playbook installs Node.js and npm, deploys the application files, installs
dependencies, and starts the Node.js application.
Advanced Features in Playbooks:
● Conditionals: Run tasks based on specific conditions, using when.
● Loops: Repeat tasks using loop.
● Includes and Imports: Organize playbooks using include or import to reuse common tasks.
● Templates: Use Jinja2 templates to dynamically generate configuration files.
12. Playbook to Deploy a Web Application (Using Git)
yaml
—
– name: Deploy a Web Application from Git
hosts: webservers
become: yes
vars:
app_repo: “https://github.com/username/repository.git”
app_dest: “/var/www/myapp”
tasks:
– name: Ensure git is installed
apt:
name: git
state: present
– name: Clone the web application from GitHub
git:
repo: “{{ app_repo }}”
dest: “{{ app_dest }}”
clone: yes
update: yes
– name: Install dependencies using npm
npm:
path: “{{ app_dest }}”
state: present
– name: Start the web application
shell: nohup node {{ app_dest }}/app.js &
This playbook clones a web application from a Git repository, installs
dependencies using npm, and starts the application.
13. Playbook to Install Docker and Run a Container
yaml
—
– name: Install Docker and Run a Container
hosts: all
become: yes
tasks:
– name: Install Docker
apt:
name: docker.io
state: present
– name: Start Docker service
service:
name: docker
state: started
enabled: yes
– name: Pull the Docker image
docker_image:
name: nginx
source: pull
– name: Run the Docker container
docker_container:
name: nginx_container
image: nginx
state: started
published_ports:
– “8080:80”
This playbook installs Docker, pulls an Nginx image, and runs it in a container,
exposing port 8080 on the host machine.
14. Playbook to Set Up a Python Virtual Environment
yaml
—
– name: Set up Python Virtual Environment
hosts: all
become: yes
tasks:
– name: Install python3 and pip
apt:
name:
– python3
– python3-pip
state: present
– name: Install virtualenv package
pip:
name: virtualenv
state: present
– name: Create a virtual environment
command:
cmd: python3 -m venv /home/{{ ansible_user }}/myenv
creates: /home/{{ ansible_user }}/myenv
– name: Install dependencies in the virtual environment
pip:
requirements: /path/to/requirements.txt
virtualenv: /home/{{ ansible_user }}/myenv
This playbook installs Python, pip, and the virtualenv package, creates a virtual
environment, and installs dependencies from a requirements.txt file.
15. Playbook to Secure a Server (SSH, Firewall, and Users)
yaml
—
– name: Secure the Server (SSH, Firewall, and Users)
hosts: all
become: yes
tasks:
– name: Disable root login over SSH
lineinfile:
path: /etc/ssh/sshd_config
regexp: ‘^#?PermitRootLogin’
line: ‘PermitRootLogin no’
notify:
– restart ssh
– name: Configure UFW to allow SSH
ufw:
rule: allow
name: ‘OpenSSH’
– name: Add a user for remote login
user:
name: “remoteuser”
state: present
shell: /bin/
– name: Disable password authentication in SSH
lineinfile:
path: /etc/ssh/sshd_config
regexp: ‘^#?PasswordAuthentication’
line: ‘PasswordAuthentication no’
notify:
– restart ssh
handlers:
– name: restart ssh
service:
name: ssh
state: restarted
This playbook improves server security by:
● Disabling root login via SSH.
● Setting up the UFW firewall to allow SSH traffic.
● Adding a user for secure login.
● Disabling password-based SSH authentication (requires SSH key authentication).
16. Playbook to Set Up Redis
yaml
—
– name: Install and Configure Redis
hosts: dbservers
become: yes
tasks:
– name: Install Redis
apt:
name: redis-server
state: present
– name: Start Redis service
service:
name: redis-server
state: started
enabled: yes
– name: Configure Redis to bind to all IP addresses
lineinfile:
path: /etc/redis/redis.conf
regexp: ‘^#?bind 127.0.0.1’
line: ‘bind 0.0.0.0’
notify:
– restart redis
handlers:
– name: restart redis
service:
name: redis-server
state: restarted
This playbook installs Redis, starts the service, and configures it to listen on all IP
addresses by modifying the configuration file.
17. Playbook to Create a Backup of MySQL Database
yaml
—
– name: Backup MySQL Database
hosts: dbservers
become: yes
tasks:
– name: Backup MySQL database to a file
command:
cmd: mysqldump -u root -p{{ mysql_root_password }} {{ mysql_db }} >
/backup/{{ mysql_db }}_backup.sql
args:
chdir: /tmp
environment:
MYSQL_PWD: “{{ mysql_root_password }}”
– name: Verify backup file
stat:
path: “/backup/{{ mysql_db }}_backup.sql”
register: backup_status
– name: Display backup status
debug:
msg: “Backup created successfully”
when: backup_status.stat.exists
This playbook creates a backup of a MySQL database using mysqldump and stores
it in a specified backup directory. It verifies the existence of the backup file and
prints a message.
18. Playbook to Install and Configure Postfix Mail Server
yaml
—
– name: Install and Configure Postfix Mail Server
hosts: mailservers
become: yes
tasks:
– name: Install Postfix
apt:
name: postfix
state: present
– name: Configure Postfix to relay emails
lineinfile:
path: /etc/postfix/main.cf
regexp: ‘^#?relayhost’
line: ‘relayhost = [smtp.example.com]:587’
notify:
– restart postfix
handlers:
– name: restart postfix
service:
name: postfix
state: restarted
This playbook installs the Postfix mail server, configures it to relay emails through
a remote SMTP server, and restarts the service.
19. Playbook to Perform System Cleanup
yaml
—
– name: System Cleanup
hosts: all
become: yes
tasks:
– name: Clean the apt cache
apt:
autoclean: yes
– name: Remove unused packages
apt:
autoremove: yes
– name: Clean old log files
file:
path: “/var/log/{{ item }}”
state: absent
loop:
– auth.log
– syslog
– dpkg.log
This playbook cleans up the system by:
● Autocleaning the APT cache.
● Removing unused packages.
● Deleting old log files.
20. Playbook to Set Up a Jenkins Server
yaml
—
– name: Set up Jenkins Server
hosts: jenkins_servers
become: yes
tasks:
– name: Install Java
apt:
name: openjdk-11-jdk
state: present
– name: Add Jenkins repository
apt_repository:
repo: “deb http://pkg.jenkins.io/debian/ stable main”
state: present
– name: Install Jenkins
apt:
name: jenkins
state: present
– name: Start Jenkins service
service:
name: jenkins
state: started
enabled: yes
This playbook installs Java, adds the Jenkins repository, installs Jenkins, and starts the Jenkins service.
Advanced Playbook Features:
● Conditionals with when: Used to run tasks based on conditions.
● Loops: Helps repeat a task multiple times with different variables.
● Templates: Use Jinja2 templating for dynamic file generation.
● Error Handling: Implement block, rescue, and always to manage error scenarios.