How to provide a su password when running ansible playbook

You need to use the following syntax in your command

ansible-playbook -i hosts site.yml –ask-become-pass

Advertisements

How to install multiple packages with Ansible

The below is my task example used in ansible-playbook of how you can install multiple packages in Debian use ‘yum’ in redthat/centos distros.

The below install bind (Dns) packages and it’s making sure that the bind9 is started


# This playbook contains common plays that will be run on all nodes.

- name: Is Bind Installed?
  apt: name={{ item }} state=installed
  with_items:
   - bind9
   - bind9-doc
   - dnsutils

- name: Is Bind Started?
  service: name=bind9 state=started

How to create directory and make sure that the permission are correct using Ansible

The below is an example of what you can enter in your task/main.yml file if you are using ansible-playbook command

The below will create multiple directories if does not exist and it will make sure that the permission are correct.


---
### This is main task for DNS Slave servers

- name: Make sure that directories for Slave servers exists
  file:
   path: '{{ item }}'
   state: directory
  with_items:
   - /var/cache/bind/Data
   - /var/cache/bind/Slave
   - /var/cache/bind/Slave.rev
   - /var/log/named

- name: Make sure that directory have got correct permissions
  file:
   path: '{{ item }}'
   owner: bind
   group: bind
  with_items:
   - /var/cache/bind/Data
   - /var/cache/bind/Slave
   - /var/cache/bind/Slave.rev
   - /var/log/named

 

 

How to select default editor in Linux / MC

 

Make sure that your choose editor exist or install apt-get install vim / yum install vim

then

export EDITOR=vim

Open up MC (Midnight Commander) if you are using then

$mc

then F9 -> Option -> Configuration and untick – select internal edit for view and edit.

The next time you will edit f4/or view f3 file in mc it will open in VIM or your selected editor

Ansible – Getting Started

Generate a key on your local host

ssh-keygen -t rsa -b 4096 -C “youruser@myemail”

Add your public key id_rsa.pub into the remote host under the .ssh folder into authorized_keys

Create a hosts file

[all]

192.168.1.1

Run ansible to check

ansible -i (for inventory) hosts all -m ping – Check ping for all host in the all group.

Testing Postfix after installation with Clamav and Spamassasin

Tools

http://www.jetmore.org/john/code/swaks/latest/doc/ref.txt

http://www.postfix.org/

http://spamassassin.apache.org/

https://www.clamav.net/

Test files

http://www.eicar.org/86-0-Intended-use.html

touch sample-virus-simple.txt

http://spamassassin.apache.org/gtube/gtube.txt

touch sample-spam-GTUBE-junk.txt

Normal Message test

swaks –to testuser@yourdomain.com –server localhost

amavis[1486]: (01486-02) Passed CLEAN {RelayedInternal}, LOCAL [127.0.0.1]:50268

(testuser@yourdomain.com – This is where you would like a test message to be delivered)

Testing VIRUS checking

swaks -t root@localhost –server localhost -d sample-virus-simple.txt

amavis[1488]: (01488-02) Blocked INFECTED (Eicar-Test-Signature) {DiscardedOutbound,Quarantined}, LOCAL [127.0.0.1]:50314

TESTING CLAMAV

Install test files:

sudo apt-get install clamav-testfiles

Then test it:

sudo clamdscan /usr/share/clamav-testfiles/

Once tested you can remove them:

sudo apt-get remove clamav-testfiles

Testing SPAM checking

swaks -t root@localhost –server localhost -d sample-spam-GTUBE-junk.txt

amavis[1487]: (01487-02) Blocked SPAM {DiscardedInternal,Quarantined}, LOCAL [127.0.0.1]:50238

File Examples:

sample-spam-GTUBE-junk.txt

Subject: Test spam mail (GTUBE)
Message-ID: <GTUBE1.1010101@example.net>
Date: Wed, 23 Jul 2003 23:30:00 +0200
From: Sender <sender@example.net>
To: Recipient <recipient@example.net>
Precedence: junk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

This is the GTUBE, the
Generic
Test for
Unsolicited
Bulk
Email

If your spam filter supports it, the GTUBE provides a test by which you
can verify that the filter is installed correctly and is detecting incoming
spam. You can send yourself a test mail containing the following string of
characters (in upper case and with no white spaces and line breaks):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

You should send this test mail from an account outside of your network.

sample-virus-simple.txt

From: virus-tester
To: undisclosed-recipients:;
Subject: amavisd test – simple – virus scanner test pattern

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Statistics

On Debian you can use: pflogsumm

sudo apt-get install pflogsumm

sudo pflogsumm -d today /var/log/mail.log

Postfix log summaries for Oct 3

Grand Totals
————
messages

16 received
16 delivered
0 forwarded
0 deferred
0 bounced
2 rejected (11%)
0 reject warnings
0 held
0 discarded (0%)

14189 bytes received
14189 bytes delivered
3 senders
2 sending hosts/domains
3 recipients
2 recipient hosts/domains

…..

How to use wget to test user agents blocking

You need to use the following syntax

Testing if the site is blocking empty user agent

{ ~ } » wget –user-agent=”” http://www.exampple.co.uk ~ 8
HTTP request sent, awaiting response… 403 Forbidden: Access is denied.
2017-09-26 12:21:36 ERROR 403: Forbidden: Access is denied..

Specific user agent

» wget –user-agent=”PriceDrone-Bot+(http://www.pricedrone.co.uk/index.php/pricedrone-bot/)” http://www.example.co.uk