Aman kant Mahto's Blog
Automating User Management, Permissions, Partitioning, Yum, and Server Configuration Using Ansible

Automating User Management, Permissions, Partitioning, Yum, and Server Configuration Using Ansible

Aman kant Mahto's photo
Aman kant Mahto
·

3 min read

Overview

Ansible is a powerful automation tool that simplifies IT management tasks, allowing you to streamline processes and enhance consistency across your infrastructure. This documentation provides a detailed guide on automating various IT management tasks, including user management, permissions, partition management, package management, and server configuration.

1. Automating User Management

Purpose

Managing user accounts is essential for security and access control within an organization. Ansible enables easy creation, modification, and deletion of user accounts across multiple servers.

Playbook Example

- hosts: all
  tasks:
    - name: Ensure user exists
      user:
        name: john_doe
        state: present
        shell: /bin/bash
        groups: wheel
        password: "{{ 'mypassword' | password_hash('sha512') }}"

    - name: Ensure user is removed
      user:
        name: temp_user
        state: absent

Explanation

  • Ensure user exists: This task creates a user named john_doe, assigns the /bin/bash shell, adds the user to the wheel group, and sets a hashed password.

  • Ensure user is removed: This task removes a temporary user called temp_user.

2. Managing Permissions

Purpose

Permissions control access to files and directories. Ansible automates the setting and modification of permissions to ensure only authorized users have access.

Playbook Example

- hosts: all
  tasks:
    - name: Set permissions on a directory
      file:
        path: /var/www/html
        owner: www-data
        group: www-data
        mode: '0755'
        state: directory

    - name: Set permissions on a file
      file:
        path: /var/www/html/index.html
        owner: www-data
        group: www-data
        mode: '0644'

Explanation

  • Set permissions on a directory: This task sets the ownership and permissions for the /var/www/html directory.

  • Set permissions on a file: This task sets the ownership and permissions for the index.html file.

3. Partition Management

Purpose

Ansible can automate disk partitioning, simplifying the management of storage on servers. This is particularly useful when setting up new servers or reconfiguring storage.

Playbook Example

- hosts: all
  tasks:
    - name: Create a new partition
      command: "parted /dev/sdb mkpart primary ext4 1GB 10GB"

    - name: Format the partition
      filesystem:
        fstype: ext4
        dev: /dev/sdb1

    - name: Mount the partition
      mount:
        path: /mnt/data
        src: /dev/sdb1
        fstype: ext4
        state: mounted

Explanation

  • Create a new partition: This command creates a new partition on /dev/sdb.

  • Format the partition: The filesystem module formats the new partition as ext4.

  • Mount the partition: This task mounts the partition to the specified directory (/mnt/data).

4. Automating Yum Package Management

Purpose

Yum is a widely used package manager for RPM-based distributions. Ansible can automate the installation, removal, and updating of packages.

Playbook Example

- hosts: all
  tasks:
    - name: Install httpd package
      yum:
        name: httpd
        state: present

    - name: Ensure all packages are up to date
      yum:
        name: '*'
        state: latest

Explanation

  • Install httpd package: This task installs the httpd package.

  • Ensure all packages are up to date: This task updates all installed packages to their latest versions.

5. Server Configuration

Purpose

Ansible can automate the overall configuration of servers, including setting up services, configurations, and security settings.

Playbook Example

- hosts: all
  tasks:
    - name: Start and enable httpd service
      service:
        name: httpd
        state: started
        enabled: true

    - name: Copy custom configuration file
      copy:
        src: /path/to/local/httpd.conf
        dest: /etc/httpd/conf/httpd.conf
        owner: root
        group: root
        mode: '0644'

Explanation

  • Start and enable httpd service: This task ensures that the httpd service is running and enabled to start on boot.

  • Copy custom configuration file: This task transfers a custom configuration file from the local machine to the server, setting the appropriate ownership and permissions.

Conclusion

Automating tasks such as user management, permissions, partition management, package management, and server configuration with Ansible enhances efficiency and consistency across your IT environment. By leveraging Ansible playbooks, you can maintain secure, well-organized, and easily manageable infrastructure.