This Task will:
1.Install common packages (nginx, git, curl) on multiple Linux servers.
2.Identify the OS type (Debian or RedHat) and install appropriate packages using apt or yum/dnf.
3.Allow easy scaling by adding new servers to the inventory.
4.Log the installation process for verification.
Package Installation - Installs essential packages (nginx, git, curl).
Security Updates - Ensures the system is up-to-date with patches.
Configuration Management - Configures nginx with a sample webpage.
Monitoring Setup - Installs and configures Prometheus Node Exporter for system monitoring.
CI/CD Integration - Optionally triggers updates via Jenkins/GitHub Actions.
ansible-automation/
│── inventory.ini
│── playbook.yml
│── roles/
│ ├── common/
│ │ ├── tasks/
│ │ │ ├── main.yml
│ │ │ ├── security.yml
│ │ │ ├── monitoring.yml
│ │ │ ├── nginx.yml
│ │ ├── templates/
│ │ │ ├── nginx.conf.j2
│ │ ├── vars/
│ │ │ ├── main.yml
│── ansible.cfg
│── jenkinsfile (Optional for CI/CD)
Define your servers.
[debian]
debian-server-1 ansible_host=192.168.1.10 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/id_rsa
[redhat]
redhat-server-1 ansible_host=192.168.1.20 ansible_user=ec2-user ansible_ssh_private_key_file=~/.ssh/id_rsa---
- name: Automate package installation, security updates, configurations, user management, and monitoring
hosts: all
become: yes
roles:
- common
This installs essential packages.
---
- name: Install common packages on Debian-based systems
apt:
name: "{{ common_packages }}"
state: present
update_cache: yes
when: ansible_os_family == "Debian"
- name: Install common packages on Red Hat-based systems
yum:
name: "{{ common_packages }}"
state: present
when: ansible_os_family == "RedHat"
This applies security patches.
---
- name: Update and upgrade Debian-based systems
apt:
upgrade: dist
update_cache: yes
when: ansible_os_family == "Debian"
- name: Update and upgrade Red Hat-based systems
yum:
name: "*"
state: latest
when: ansible_os_family == "RedHat"
This configures nginx with a sample webpage.
---
- name: Copy Nginx configuration
template:
src: nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: Restart nginx
- name: Start and enable nginx service
service:
name: nginx
state: started
enabled: yes
A simple nginx configuration.
server {
listen 80;
server_name _;
location / {
root /usr/share/nginx/html;
index index.html;
}
}
This installs and configures Prometheus Node Exporter for system monitoring.
---
- name: Download Prometheus Node Exporter
get_url:
url: "https://github.com/prometheus/node_exporter/releases/latest/download/node_exporter-1.5.0.linux-amd64.tar.gz"
dest: "/tmp/node_exporter.tar.gz"
- name: Extract Prometheus Node Exporter
unarchive:
src: "/tmp/node_exporter.tar.gz"
dest: "/usr/local/bin/"
remote_src: yes
- name: Create systemd service for Node Exporter
copy:
dest: "/etc/systemd/system/node_exporter.service"
content: |
[Unit]
Description=Prometheus Node Exporter
After=network.target
[Service]
User=nobody
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
- name: Start and enable Node Exporter
systemd:
name: node_exporter
state: started
enabled: yes
Define package lists.
---
common_packages:
- nginx
- git
- curl
- htop
- net-tools
- unzip
Handlers restart services when configurations change.
---
- name: Restart nginx
service:
name: nginx
state: restarted
To execute:
ansible-playbook -i inventory.ini playbook.yml
This integrates with Jenkins.
pipeline {
agent any
stages {
stage('Checkout') {
steps {
git 'https://github.com/user/ansible-automation.git'
}
}
stage('Run Ansible') {
steps {
sh 'ansible-playbook -i inventory.ini playbook.yml'
}
}
}
}
Verify:
nginx -v
git --version
curl --version
systemctl status node_exporter
✅ Automated package installation, security updates, configuration, and monitoring.
✅ Ensures servers are secure and optimized.
✅ Ready for CI/CD pipeline integration.