Merge pull request 'Added ansible update script, service and timer' (#1) from testing into prod

Reviewed-on: #1

README.md

@@ -1,7 +1,7 @@
 role-ansible-update
 =========
 
-A brief description of the role goes here.
+This role sets up a systemd service/timer and bash script to run ansible daily - staggers hosts hourly based on ansibleid
 
 Requirements
 ------------
@@ -23,8 +23,8 @@ Example Playbook Template
 
 Playbook creation should be handled by playbook-builder. To include role in a playbook, add one of these lines (changing version/branch as needed) to the template with other core entries:
 
-role:mount:v1.0:core,mount
-role:mount:testing:core,mount
+role:ansible-update:v1.0:core,ansible
+role:ansible-update:testing:core,ansible
 
 License
 -------

defaults/main.yml

@@ -1,3 +1,3 @@
 #SPDX-License-Identifier: MIT-0
 ---
-# defaults file for ${REPO_NAME}
+# defaults file for ansible-update

files/ansible-update.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Runs ansible playbook
+
+[Service]
+Type=oneshot
+RemainAfterExit=no
+ExecStart=/bin/bash /scripts/ansible-update.sh
+
+[Install]
+WantedBy=multi-user.target

files/ansible-update.sh

@@ -0,0 +1,4 @@
+
+#! /bin/bash
+cd /ansible
+/bin/bash build_ansible.sh

handlers/main.yml

@@ -1,3 +1,3 @@
 #SPDX-License-Identifier: MIT-0
 ---
-# handlers file for ${REPO_NAME}
+# handlers file for ansible-update

tasks/main.yml

@@ -1,3 +1,27 @@
 #SPDX-License-Identifier: MIT-0
 ---
-# tasks file for ${REPO_NAME}
+# tasks file for ansible-update
+- name: deploy ansible update script
+  ansible.builtin.copy:
+    src: files/ansible-update.sh
+    dest: /scripts/ansible-update.sh
+    mode: '0754'
+
+- name: deploy ansible update service
+  ansible.builtin.copy:
+    src: files/ansible-update.service
+    dest: /usr/lib/systemd/system/ansible-update.service
+    mode: '0644'
+
+- name: deploy ansible update timer
+  ansible.builtin.template:
+    src: templates/ansible-update.timer
+    dest: /usr/lib/systemd/system/ansible-update.timer
+    mode: '0644'
+
+- name: ensure ansible update script is running
+  service:
+    name: ansible-update.timer
+    state: started
+    daemon_reload: true
+    enabled: yes

templates/ansible-update.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Runs run ansible playbook once per day (hour is determined based on ansible id)
+
+[Timer]
+OnCalendar=*-*-* {{ansible_machine_id | int(base=16) % 24}}:00:00
+Unit=ansible-update.service
+
+[Install]
+WantedBy=multi-user.target

tests/test.yml

@@ -3,4 +3,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - ${REPO_NAME}
+    - ansible-update

vars/main.yml

@@ -1,3 +1,3 @@
 #SPDX-License-Identifier: MIT-0
 ---
-# vars file for ${REPO_NAME}
+# vars file for ansible-update