18 January 2019

System-Update und Paket-Deployment mit opkg mit ansible

Auf der Enigma2-Box:

opkg install python-pkgutil

Ansible Host:

ansible und opkg modul installieren

apt-get install ansible
ansible-galaxy collection install community.general

ssh-key erstellen und auf allen Boxen verteilen

ssh-keygen
ssh-copy-id <IP-der-vubox>

ansible.cfg erstellen

[defaults]
host_key_checking = False
interpreter_python = auto_legacy_silent

[ssh_connection]
scp_if_ssh = true
transfer_method = scp

Ansible hosts eintragen

/etc/ansible/hosts:

[vti]
vuplus1.local
vuplus2.local

[vti:vars]
ansible_user=root
ansible_password=GeheimesPasswort

Playbook erstellen

Beispiel: /etc/ansible/playbook.yml

- hosts: vti
  gather_facts: False
  tasks:
  - name: upgrade all packages
    shell: software-update
    register: opkg_result
    changed_when: "'Upgrading' in opkg_result.stdout"
    failed_when: "'Collected errors' in opkg_result.stdout"
    become: yes
    become_method: su

  - name: install common pakages (mc, htop,...)
    community.general.opkg:
      name: mc,htop
      state: present

  - name: disable ftp and telnet
    replace:
      path: /etc/inetd.conf
      regexp: '^(ftp|telnet)'
      replace: '#\1'
      backup: no
      owner: root
      group: root
      mode: 0644
    register: inetd_result

  - name: Reload inetd
    service:
      name: inetd.busybox
      state: reloaded
    when: inetd_result.changed

Test

ansible -m ping vti
ansible-playbook playbook.yml