Fix escaping the '.' in the IPs using jinja2 directly and fix when to run what

Update the denyhosts plugin to a newer syntax and bug fix it
Move some things common to all staging hosts into the staging group_vars
2014-02-11 13:39:38 +00:00 · 2014-02-11 14:30:24 +01:00 · 2013-08-19 21:43:15 +00:00 · 2013-07-30 12:36:30 +02:00
4 changed files with 53 additions and 12 deletions
--- a/inventory/group_vars/staging
+++ b/inventory/group_vars/staging
@ -1,3 +1,9 @@
 ---
 freezes: false
 env: staging
+nm: 255.255.255.0
+gw: 10.5.126.254
+dns: 10.5.126.21
+ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
+ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
+datacenter: phx2
--- a/inventory/host_vars/badges-backend01.stg.phx2.fedoraproject.org
+++ b/inventory/host_vars/badges-backend01.stg.phx2.fedoraproject.org
@ -1,10 +1,4 @@
 ---
-nm: 255.255.255.0
-gw: 10.5.126.254
-dns: 10.5.126.21
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
-ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
 volgroup: /dev/vg_guests
 eth0_ip: 10.5.126.68
 vmhost: virthost12.phx2.fedoraproject.org
-datacenter: phx2
--- a/inventory/host_vars/badges-web01.stg.phx2.fedoraproject.org
+++ b/inventory/host_vars/badges-web01.stg.phx2.fedoraproject.org
@ -1,10 +1,4 @@
 ---
-nm: 255.255.255.0
-gw: 10.5.126.254
-dns: 10.5.126.21
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
-ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
 volgroup: /dev/vg_guests
 eth0_ip: 10.5.126.69
 vmhost: virthost12.phx2.fedoraproject.org
-datacenter: phx2
--- a/playbooks/denyhosts.yml
+++ b/playbooks/denyhosts.yml
@ -0,0 +1,47 @@
+# requires --extra-vars="target=somevhost ip=10.0.0.1 test={True,False}"
+
+# General overview:
+#  host provided via ``target`` argument on the CLI
+#  IP provided via ``ip`` argument on the CLI
+#  test provided via ``test`` argument on the CLI
+
+# Command:
+#  ansible-playbook .../playbook/denyhosts.yml --extra-vars="target=host ip=10.0.0.1 test=True"
+
+# Log onto $target
+# if test is True:
+#   grep on /etc/hosts.deny for the provided {{ ip }}
+# else:
+#   escape the '.' in the {{ ip }}
+#   remove {{ ip }} from /var/lib/denyhosts/*
+#   remove {{ ip }} from /etc/hosts.deny
+#   restart denyhosts
+
+# sop: http://infrastructure.fedoraproject.org/infra/docs/denyhosts.txt
+
+- name: Unban an IP from denyhosts
+  hosts: "{{ target }}"
+  user: root
+  gather_facts: False
+
+  vars:
+  - test: True
+  - ip: "{{ ip |replace('.', '\\.') }}"
+
+  tasks:
+  - name: Grep for the IP in the files
+    action: command grep {{ ip }} /etc/hosts.deny
+    when: test
+
+  - name: Remove IP from /var/lib/denyhosts/*
+    action: command sed -si "/^{{ ip }}$/d" /var/lib/denyhosts/*
+    notify:
+    - restart denyhosts
+    when: not test
+
+  - name: Remove IP from /etc/hosts.deny
+    action: command sed -si "/^{{ ip }}$/d" /etc/hosts.deny
+    notify:
+    - restart denyhosts
+    when: not test
+
Author	SHA1	Message	Date
Pierre-Yves Chibon	d8f01f8b08	Fix escaping the '.' in the IPs using jinja2 directly and fix when to run what	2014-02-11 13:39:38 +00:00
Pierre-Yves Chibon	f458aec69e	Update the denyhosts plugin to a newer syntax and bug fix it	2014-02-11 14:30:24 +01:00
Toshio くらとみ	755e5e81ae	Move some things common to all staging hosts into the staging group_vars	2013-08-19 21:43:15 +00:00
Pierre-Yves Chibon	c6cbf75e92	Add playbook to remove someone from denyhosts	2013-07-30 12:36:30 +02:00