Пофиксил униерсальность и добавил centos и ubuntu

.ansible-lint

@@ -0,0 +1,5 @@
+skip_list:
+  - fqcn
+  - yaml[new-line-at-end-of-file]
+  - yaml[truthy]
+  - var-naming[no-role-prefix]

.idea/AnsibleTemplate.iml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+  <component name="TemplatesService">
+    <option name="TEMPLATE_FOLDERS">
+      <list>
+        <option value="$MODULE_DIR$/roles/role/templates" />
+      </list>
+    </option>
+  </component>
+</module>

.idea/inspectionProfiles/Project_Default.xml

@@ -0,0 +1,47 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="HtmlUnknownAttribute" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="myValues">
+        <value>
+          <list size="1">
+            <item index="0" class="java.lang.String" itemvalue="setup" />
+          </list>
+        </value>
+      </option>
+      <option name="myCustomValuesEnabled" value="true" />
+    </inspection_tool>
+    <inspection_tool class="HtmlUnknownTag" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="myValues">
+        <value>
+          <list size="7">
+            <item index="0" class="java.lang.String" itemvalue="nobr" />
+            <item index="1" class="java.lang.String" itemvalue="noembed" />
+            <item index="2" class="java.lang.String" itemvalue="comment" />
+            <item index="3" class="java.lang.String" itemvalue="noscript" />
+            <item index="4" class="java.lang.String" itemvalue="embed" />
+            <item index="5" class="java.lang.String" itemvalue="script" />
+            <item index="6" class="java.lang.String" itemvalue="router-view" />
+          </list>
+        </value>
+      </option>
+      <option name="myCustomValuesEnabled" value="true" />
+    </inspection_tool>
+    <inspection_tool class="PyInterpreterInspection" enabled="false" level="WARNING" enabled_by_default="false" />
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="false" level="WARNING" enabled_by_default="false">
+      <option name="ignoredPackages">
+        <value>
+          <list size="0" />
+        </value>
+      </option>
+    </inspection_tool>
+    <inspection_tool class="PyUnresolvedReferencesInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredIdentifiers">
+        <list>
+          <option value="app.main.*" />
+        </list>
+      </option>
+    </inspection_tool>
+  </profile>
+</component>

.idea/inspectionProfiles/profiles_settings.xml

@@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>

.idea/misc.xml

@@ -1,6 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
-  <component name="YamllintSettings">
-    <option name="binPath" value="yamllint" />
+  <component name="Black">
+    <option name="sdkName" value="Python 3.9 (Test)" />
   </component>
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.9 (Test)" project-jdk-type="Python SDK" />
 </project>

.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/AnsibleTemplate.iml" filepath="$PROJECT_DIR$/.idea/AnsibleTemplate.iml" />
+    </modules>
+  </component>
+</project>

.idea/vcs.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+  </component>
+</project>

Dockerfile

@@ -16,6 +16,7 @@ RUN apt-get update && \
     make \
     sudo \
     sshpass \
+    openssh-client \
     nano \
     less \
     && rm -rf /var/lib/apt/lists/*
@@ -48,6 +49,10 @@ RUN pip install --upgrade pip && \
     docker
 
 
+# Копируем ssh ключ
+COPY id_rsa /root/.ssh/id_rsa
+RUN chmod 600 /root/.ssh/id_rsa
+
 # Set the working directory
 WORKDIR /ansible
 

Makefile

@@ -1,86 +1,59 @@
-# Переменные
-ROLE_NAME ?= my_new_role
-VAULT_PASSWORD_FILE ?= vault_password_file
-INVENTORY ?= /workspace/inventory/hosts  # Путь к инвентори внутри контейнера
-PLAYBOOK ?= /workspace/role/playbook.yml  # Путь к playbook внутри контейнера
+
+view create edit show delete test lint deploy:
+	@true
 
 ####################################################################################################
 # Управление контейнерами с помощью docker compose
 ####################################################################################################
 # Сборка docker-образов
 build:
+	cp ~/.ssh/id_rsa .
 	docker compose build $(c)
+	rm id_rsa
 
 # Пересборка docker-образов
 rebuild:
+	cp ~/.ssh/id_rsa .
 	docker compose build --no-cache $(c)
-	docker compose down
-#	docker compose up -d
-
-# Создание и запуск docker-контейнеров
-up:
-	docker compose up -d
-
-# Остановка и УДАЛЕНИЕ docker-контейнеров
-down:
-	docker compose down
-
-# Остановка docker-контейнеров
-stop:
-	docker compose stop $(c)
-
-# Запуск docker-контейнеров
-start:
-	docker compose start $(c)
-
-# Перезапуск docker-контейнеров
-restart: down up
-
-# Удаление docker-контейнеров с вольюмами
-destroy:
-	docker compose down --volumes --remove-orphans && rm -rf data/*/
+	rm id_rsa
 
 # Удаление docker-контейнеров с полной очисткой неактивных контейнеров
 prune:
 	docker system prune -af
 
-# Показать список контейнеров
-ps:
-	docker compose ps
-
-# Все логи конейнеров
-logs:
-	docker compose logs --tail=100 -f $(c)
-
-shell:
-	docker compose exec ansible bash
 
 ####################################################################################################
 # Работа с ролью
 ####################################################################################################
-view create edit view delete test lint deploy:
-	@true
-
 vault:
 	@case "$(word 2, $(MAKECMDGOALS))" in \
-		view) docker compose run --rm ansible bash -c "ansible-vault view --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \
-		create) docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \
-		edit) docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \
-		delete) docker compose run --rm ansible bash -c "rm roles/role/vars/secrets.yml";; \
+		show) docker compose run --rm ansible bash -c "ansible-vault view --vault-password-file vault-password.txt roles/vars/secrets.yml";; \
+		create) docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/vars/secrets.yml";; \
+		edit) docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/vars/secrets.yml";; \
+		delete) docker compose run --rm ansible bash -c "rm roles/vars/secrets.yml";; \
 		*) echo "Unknown action";; \
 	esac
 
 role:
 	@case "$(word 2, $(MAKECMDGOALS))" in \
-		test) \
-		        echo "Running test roles..."; \
-		        docker compose run --rm ansible bash -c "molecule test";; \
 		lint) \
+                clear; \
                 echo "Check your role..."; \
-		        docker compose run --rm ansible bash -c "ansible-lint roles/role";; \
+                docker compose run --rm ansible bash -c "ansible-vault decrypt --vault-password-file vault-password.txt roles/vars/secrets.yml"; \
+		        docker compose run --rm ansible bash -c "ansible-lint roles/*"; \
+		        echo " "; \
+		        docker compose run --rm ansible bash -c "ansible-vault encrypt roles/vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
+		test) \
+		        clear; \
+		        echo "Running test roles..."; \
+                docker compose run --rm ansible bash -c "ansible-vault decrypt --vault-password-file vault-password.txt roles/vars/secrets.yml"; \
+		        docker compose run --rm ansible bash -c "molecule test --parallel"; \
+		        echo " "; \
+		        docker compose run --rm ansible bash -c "ansible-vault encrypt roles/vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
 		deploy) \
+                clear; \
                 echo "Deploying roles to production..."; \
-		        docker compose run --rm ansible /usr/bin/sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt";; \
+		        docker compose run --rm ansible bash -c "ansible-playbook /ansible/roles/deploy.yaml";; \
 		*) echo "Unknown action";; \
 	esac
 
@@ -88,8 +61,6 @@ role:
 # Работа с Git
 ####################################################################################################
 push:
-#	git config --global user.email "sergey@antropoff.ru"
-#	git config --global user.name "Sergey Antropoff"
 	git branch
 	@read -p "Выберите ветку для пуша: " BRANCH; \
 	read -p "Введите описание коммита: " COMMIT; \
@@ -101,9 +72,3 @@ push:
 
 pull:
 	git pull
-
-new-branch:
-	git checkout branch $(name)
-
-branch:
-	git checkout $(name)

ansible.cfg

@@ -1,7 +1,8 @@
 [defaults]
-inventory = /ansible/inventory
+inventory = /ansible/inventory/hosts
 vault_password_file = /ansible/vault_password.txt
-remote_user = ansible
+remote_user = devops
 host_key_checking = False
 enable_plugins = yaml, ini
 roles_path = /ansible/roles
+interpreter_python = auto

docker-compose.yaml

@@ -1,6 +1,9 @@
 services:
   ansible:
-    build: .
+    build:
+      context: .
+      ssh:
+        - default
     container_name: ansible
     volumes:
       - .:/ansible

inventory/hosts

@@ -0,0 +1,2 @@
+[all]
+10.14.246.9

molecule/default/converge.yml

@@ -2,4 +2,6 @@
 - name: Converge
   hosts: all
   roles:
-    - role: /ansible/roles/role
+    - /ansible/roles/role
+  vars_files:
+    - ../../roles/vars/secrets.yml

molecule/default/molecule.yml

@@ -4,16 +4,27 @@ dependency:
   enabled: true
   options:
     requirements-file: /ansible/requirements.yml
+
 driver:
   name: docker
+
 platforms:
-  - name: instance
+  - name: centos-instance
+    image: "quay.io/fedora/python-312"
+    privileged: true
+    pre_build_image: true
+
+  - name: ubuntu-instance
     image: "geerlingguy/docker-ubuntu2004-ansible:latest"
     privileged: true
     pre_build_image: true
+
 provisioner:
   name: ansible
+  env:
+    ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
   lint:
     name: ansible-lint
+
 verifier:
   name: ansible

molecule/default/no-prepare.yml

@@ -0,0 +1,43 @@
+- name: Prepare
+  hosts: all
+  tasks:
+    - name: Detect OS family
+      ansible.builtin.setup:
+        gather_subset:
+          - "min"
+
+    - name: Обновляем пакеты для работы с Ansible в RockyLinux (Centos/RedHat)
+      when: ansible_facts['os_family'] == "RedHat"
+      block:
+        - name: Устанавливаем репозиторий AppStream (если его нет)
+          ansible.builtin.raw: dnf config-manager --set-enabled appstream
+          changed_when: false
+
+        - name: Установить rsync
+          ansible.builtin.raw: dnf install -y rsync
+          changed_when: false
+
+        - name: Устанавливаем Python 3.8
+          ansible.builtin.raw: dnf install -y python38 python38-pip
+          changed_when: false
+
+        - name: Обновляем символическую ссылку python3
+          ansible.builtin.raw: alternatives --set python /usr/bin/python3.8
+          changed_when: false
+#        - name: Fix repository URLs
+#          ansible.builtin.command:
+#            cmd: sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
+#          changed_when: false
+
+#        - name: Update baseurl
+#          ansible.builtin.command:
+#            cmd: sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
+#          changed_when: false
+
+#        - name: Install required packages
+#          ansible.builtin.yum:
+#            name:
+#              - epel-release
+#              - python3
+#              - python3-pip
+#            state: present

molecule/default/no-verify.yml

@@ -0,0 +1,7 @@
+---
+- name: Prepare
+  hosts: all
+  tasks:
+    - name: Reun verify
+      debug:
+        msg: "Hello, Verify!"

molecule/default/prepare.yml

@@ -1,11 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  tasks:
-    - name: Install required packages
-      debug:
-        msg: "Hello, Prepare!"
-#      apt:
-#        name:
-#          - git
-#        state: present

molecule/default/verify.yml

@@ -1,7 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  tasks:
-    - name: Install required packages
-      debug:
-        msg: "Hello, Verify!"

requirements.yml

@@ -2,8 +2,3 @@
 collections:
   - name: maxhoesel.proxmox
     version: 5.0.1
-  - name: community.general
-    version: 6.0.0
-  - name: ansible.posix
-    version: 1.4.0
-

roles/deploy.yaml

@@ -0,0 +1,3 @@
+---
+- name: Import role
+  import_playbook: role/deploy.yaml

roles/role/deploy.yaml

@@ -1,6 +1,11 @@
 ---
 - name: Deploy roles
-  hosts: production
+  hosts: all
   become: true
+  become_user: root
+  become_method: ansible.builtin.sudo
+  gather_facts: true
   roles:
     - role
+  vars_files:
+    - ../vars/secrets.yml

roles/role/tasks/debian/main.yaml

@@ -0,0 +1,4 @@
+---
+- name: Пример таски
+  debug:
+    msg: "Привет! Я запустился на Debian/Ubuntu! Переменная role_test равна {{ role_test }}"

roles/role/tasks/main.yaml

@@ -1,4 +1,12 @@
 ---
-- name: Example task
-  debug:
-    msg: "Hello, Ansible!"
+- name: "Определяем ОС"
+  set_fact:
+    os_family: "{{ ansible_facts['os_family'] }}"
+
+- name: "Подключаем таски для RedHat совместимых"
+  include_tasks: "redhat/main.yaml"
+  when: os_family == "RedHat"
+
+- name: "Подключаем таски для Debian/Ubuntu совместимых"
+  include_tasks: "debian/main.yaml"
+  when: os_family == "Debian"

roles/role/tasks/redhat/main.yaml

@@ -0,0 +1,4 @@
+---
+- name: Пример таски
+  debug:
+    msg: "Привет! Я запустился на RedHat/CentOS/Fedora!"

roles/role/vars/secrets.yml

@@ -1,6 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-30363439326335316131303133653930363431336539356134363933656566663330366165616366
-6639353565306634613164636161353362643237353933610a323838666436363835303765323930
-62333364613535656138623233666635303934376234633937666131366239323436333334646666
-6364303839396532310a633636333665346538313931366666333665363163623966666236346666
-6464

roles/vars/secrets.yml

@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+33333461346434666539316330333661306537303234306132383733633635656139623330346339
+3735343834396131623436333737363436346137613337340a393633636663346131353135313332
+35656537663832366464316538346565313236306538343537343032373161653366353665366565
+3461316135353337640a613137383034663265306666353338326135613961646364373966353863
+37313731623164303566383431613131353331363035653630313630353130623066