Initial commit

2025-12-31 16:22:27 +01:00
commit 9128166441
8 changed files with 136 additions and 0 deletions
--- a/ansible-controller/Dockerfile
+++ b/ansible-controller/Dockerfile
@@ -0,0 +1,23 @@
+FROM ubuntu:22.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        python3 python3-pip openssh-client vim git \
+        ansible && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN mkdir -p /ansible
+
+RUN useradd -ms /bin/bash uansible
+USER uansible
+WORKDIR /home/uansible
+
+RUN mkdir -p /home/uansible/.ssh && \
+    chmod 700 /home/uansible/.ssh && \
+    echo export ANSIBLE_CONFIG=/ansible/ansible.cfg>>~/.bashrc && \
+    echo cd /ansible>>~/.bashrc
+
+ENTRYPOINT ["/bin/bash", "-lc"]
+CMD ["bash"]
--- a/compose.yml
+++ b/compose.yml
@@ -0,0 +1,60 @@
+services:
+  controller:
+    build:
+      context: ./ansible-controller
+    container_name: ansible-controller
+    volumes:
+      - ./playbooks:/ansible:ro
+      - ./ssh/id_rsa:/home/uansible/.ssh/id_rsa:ro
+    depends_on:
+      - ubuntu
+      - rocky
+    networks:
+      - ansible-net
+    command: >
+      bash -lc "chmod 600 /home/uansible/.ssh/id_rsa"
+
+  ubuntu:
+    image: ubuntu:22.04
+    container_name: ubuntu_node
+    networks:
+      - ansible-net
+    tty: true
+    command: >
+      bash -lc "apt-get update &&
+                apt-get install -y openssh-server sudo python3 &&
+                mkdir -p /var/run/sshd &&
+                useradd -ms /bin/bash uansible &&
+                echo 'uansible ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers &&
+                mkdir -p /home/uansible/.ssh &&
+                cat /ssh/id_rsa.pub >> /home/uansible/.ssh/authorized_keys &&
+                chmod 700 /home/uansible/.ssh &&
+                chmod 600 /home/uansible/.ssh/authorized_keys &&
+                chown -R uansible:uansible /home/uansible/.ssh &&
+                /usr/sbin/sshd -D"
+    volumes:
+      - ./ssh/id_rsa.pub:/ssh/id_rsa.pub:ro
+
+  rocky:
+    image: rockylinux:9
+    container_name: rocky_node
+    networks:
+      - ansible-net
+    tty: true
+    command: >
+      bash -lc "dnf install -y openssh-server sudo python3 &&
+                /usr/bin/ssh-keygen -A &&
+                useradd -ms /bin/bash uansible &&
+                echo 'uansible ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers &&
+                mkdir -p /home/uansible/.ssh &&
+                cat /ssh/id_rsa.pub >> /home/uansible/.ssh/authorized_keys &&
+                chmod 700 /home/uansible/.ssh &&
+                chmod 600 /home/uansible/.ssh/authorized_keys &&
+                chown -R uansible:uansible /home/uansible/.ssh &&
+                /usr/sbin/sshd -D"
+    volumes:
+      - ./ssh/id_rsa.pub:/ssh/id_rsa.pub:ro
+
+networks:
+  ansible-net:
+    driver: bridge
--- a/playbooks/ansible.cfg
+++ b/playbooks/ansible.cfg
@@ -0,0 +1,4 @@
+[defaults]
+inventory = /ansible/inventory.ini
+host_key_checking = False
+remote_user = uansible
--- a/playbooks/inventory.ini
+++ b/playbooks/inventory.ini
@@ -0,0 +1,9 @@
+[ubuntu]
+ubuntu_node
+
+[rocky]
+rocky_node
+
+[all:vars]
+ansible_user=uansible
+ansible_ssh_private_key_file=/home/uansible/.ssh/id_rsa
--- a/playbooks/test.yml
+++ b/playbooks/test.yml
@@ -0,0 +1,7 @@
+---
+- name: Test connectivity
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Ping
+      ansible.builtin.ping:
--- a/readme.md
+++ b/readme.md
@@ -0,0 +1,25 @@
+## What it does
+The docker compose file creates two linux servers (ubuntu and rocky linux) and one controller with ansible installed.
+
+## What it's for
+The idea is to test ansible playbooks on temporary setups.
+The servers are configured with the right SSH key and config to allow connection from the controller to the servers.
+
+## How to use it
+Write your ansible playbooks then run this command to start the controller
+
+```bash
+docker compose run --build --rm controller bash
+```
+
+You can now test ansible ad hoc commands
+
+```bash
+ansible -m ping all
+```
+
+Or run a playbook
+
+```bash
+ansible-playbook test.yml
+```
--- a/ssh/id_rsa
+++ b/ssh/id_rsa
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACC1K948GL9b0CBkenqlKZxErPR3bQNB6lSLTKbsD+IuugAAAJhd7Th0Xe04
+dAAAAAtzc2gtZWQyNTUxOQAAACC1K948GL9b0CBkenqlKZxErPR3bQNB6lSLTKbsD+Iuug
+AAAECm/IA4MFHdTKdkz+goxxAITY7rzVo4JtETJAKZz7fcN7Ur3jwYv1vQIGR6eqUpnESs
+9HdtA0HqVItMpuwP4i66AAAADnJvb3RAUENOU0kyMDEwAQIDBAUGBw==
+-----END OPENSSH PRIVATE KEY-----
--- a/ssh/id_rsa.pub
+++ b/ssh/id_rsa.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILUr3jwYv1vQIGR6eqUpnESs9HdtA0HqVItMpuwP4i66 root@PCNSI2010
				`@@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILUr3jwYv1vQIGR6eqUpnESs9HdtA0HqVItMpuwP4i66 root@PCNSI2010`