Lab complete with basic source files

README.md

@@ -49,7 +49,8 @@ familiar with, then:
   traffic from anywhere (0.0.0.0/0).
 
   1. Create a VM instance with the following characteristics:
-    - OS: Ubuntu Server 20.04 LTS
+    - OS: any GNU/Linux distribution using the `apt` package manager. Tested
+      on Debian 11 (Bullseye) and Ubuntu Server 20.04 LTS
     - type: the smallest capable of running the above OS. 1 core, 1GB RAM,
       10GB virtual disk should be enough.
     - security group/policy: the one you created above
@@ -76,7 +77,7 @@ all:
   hosts:
     testserver:
       ansible_ssh_host: <VM-DNS-name-or-IP-address>
-      ansible_user: ubuntu
+      ansible_user: <SSH-user>
       ansible_ssh_private_key_file: <your-private-key>
 ```
 
@@ -110,7 +111,7 @@ configuration file `~/.ansible.cfg` with contents (`.ini` style):
 ``` ini
 [defaults]
 inventory = ~/ansible/hosts.yml
-remote_user = ubuntu
+remote_user = <SSH-user>
 private_key_file = <your-private-key>
 host_key_checking = false
 deprecation_warnings = false
@@ -255,9 +256,10 @@ a template, which has to be created as
 ``` html
 <html>
     <head>
-    <title>Welcome to ansible</title> </head>
+        <title>Welcome to Ansible</title> </head>
     <body>
         <h1>nginx, configured by Ansible</h1>
+        <h2>instance: {{ ansible_hostname }}</h2>
         <p>If you can see this, Ansible successfully installed nginx.</p>
         <p>{{ ansible_managed }}</p>
         <p>Some facts Ansible gathered about this machine:
@@ -269,6 +271,7 @@ a template, which has to be created as
         </p>
     </body>
 </html>
+
 ```
 
 Now, run the newly created playbook to install and configure nginx, and to
@@ -349,7 +352,8 @@ desired state as *ok*.
 **Goal:** improve the playbook by restarting nginx only when needed.
 
 The current version of the playbook restarts nginx every time the playbook is
-run, irrespective of the managed server's state. This goes indeed a bit too far.
+run, irrespective of the managed server's state. This goes indeed a bit too
+far.
 
 By putting the nginx restart command into a *handler*, instead of a task, its
 execution can be made conditional. The rationale is that nginx is restarted
@@ -363,3 +367,30 @@ potentially modify its configuration use *notify* to call the handler when
 needed.
 
 Copy the modified playbook into the lab report.
+
+
+### Task 7: Add more managed servers ###
+
+**Goal:** add more managed servers that will be configured by the same
+playbook.
+
+  1. Create another Cloud instance using the same parameters as before.
+  2. Extend the `webservers` group in your inventory file to include this new
+     managed host.
+  3. Re-run your web playbook. :question: What do you observe in Ansible's
+     output?
+  4. Test the new server by pointing your web browser to it.
+  5. :question: What happens if a server is not reachable? Shut down the
+     second instance and re-run the playbook.
+  6. Suppose you now have 10 web servers in production managed by Ansible. You
+     are working in the IT department of a company and some of your colleagues
+     sysadmins who don't use Ansible have logged manually into some of the
+     servers to fix certain things. You don't know what they did exactly.
+     1. :question: If the fixes are temporary, what do you need to do to bring
+     all 10 servers back to the *initial* state?
+     1. :question: If the fixes are to be permanently applied to *all* the
+     managed servers, what do you need to do to bring all 10 servers to the
+     new *fixed* state?
+     1. :question: If the fixes are to be permanently applied to a *subset* of
+     the managed servers, what do you need to do to bring only those servers
+     to the new *fixed* state and the rest back to the *initial* state?

ansible/ansible.cfg

+[defaults]
+inventory = ~/ansible/hosts.yml
+remote_user = <SSH-user>
+private_key_file = <your-private-key>
+host_key_checking = false
+deprecation_warnings = false
\ No newline at end of file

ansible/hosts.yml

+all:
+  hosts:
+    testserver:
+      ansible_ssh_host: <VM-DNS-name-or-IP-address>
+      ansible_user: <SSH-user>
+      ansible_ssh_private_key_file: <your-private-key>

ansible/playbooks/files/nginx.conf

+#
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server ipv6only=on;
+
+    root /usr/share/nginx/html;
+    index index.html index.htm;
+
+    server_name localhost;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}

ansible/playbooks/templates/index.html.j2

+<html>
+    <head>
+        <title>Welcome to Ansible</title> </head>
+    <body>
+        <h1>nginx, configured by Ansible</h1>
+        <h2>instance: {{ ansible_hostname }}</h2>
+        <p>If you can see this, Ansible successfully installed nginx.</p>
+        <p>{{ ansible_managed }}</p>
+        <p>Some facts Ansible gathered about this machine:
+            <table>
+                <tr><td>OS family:</td><td>{{ ansible_os_family }}</td></tr>
+                <tr><td>Distribution:</td><td>{{ ansible_distribution }}</td></tr>
+                <tr><td>Distribution version:</td><td>{{ ansible_distribution_version }}</td></tr>
+            </table>
+        </p>
+    </body>
+</html>

ansible/playbooks/web.yml

+---
+- name: Configure webserver with nginx
+  hosts: webservers
+  become: True
+  tasks:
+    - name: install nginx
+      apt: name=nginx update_cache=yes
+
+    - name: copy nginx config file
+      copy: src=files/nginx.conf dest=/etc/nginx/sites-available/default
+
+    - name: enable configuration
+      file: >
+        dest=/etc/nginx/sites-enabled/default
+        src=/etc/nginx/sites-available/default
+        state=link
+
+    - name: copy index.html
+      template: src=templates/index.html.j2 dest=/usr/share/nginx/html/index.html mode=0644
+
+    - name: restart nginx
+      service: name=nginx state=restarted