node.yml

#!/usr/bin/env ansible-playbook
---
#==============================================================#
# File      :   node.yml
# Mtime     :   2021-04-19
# Mtime     :   2021-04-19
# Desc      :   initialize pigsty database node
# Path      :   node.yml
# Copyright (C) 2018-2021 Ruohang Feng
#==============================================================#


#------------------------------------------------------------------------------
# init node
#------------------------------------------------------------------------------
# node needs init before deploying database
# init procedure enable infrastructure and dcs agent on node

- name: Node Init
  become: yes
  hosts: all
  gather_facts: no
  roles:

    - role: node                            # init node
      tags: [ infra, node ]

    - role: consul                          # init consul
      tags: [ infra, dcs ]


    ###########################################################################
    # SSH & SUDO NOPASS SETUP TIPS
    ###########################################################################
    #
    # IT IS STRONGLY RECOMMEND TO CONFIGURE SSH KEY AND NOPASS SUDO ACCESS BEFORE DEPLOYING PIGSTY!
    # however if you already have ssh (password) access and sudo privileges (password)
    # you could use this playbook to create an admin user which has NOPASS ssh and sudo
    # NOTE THAT PUBLIC KEYs are defined in node_admin_pks
    # Use -e node_admin_pk_current=true to copy current user's admin pk to admin user
    #
    #       (1) current user already have nopass ssh and sudo
    #             ./node.yml -t node_admin
    #       (2) specific user have ssh access which require password
    #             ./node.yml  -t node_admin -e ansible_user=vonng -e ansible_password=ruohang   # non-interactive
    #             ./node.yml  -t node_admin -e ansible_user=vonng --ask-pass                    # interactive
    #       (3) specific user have sudo privilege but require password
    #             ./node.yml -t node_admin -e ansible_become_pass=ruohang                       # non-interactive
    #             ./node.yml -t node_admin -e --ask-become-pass                                 # interactive
    #       (4) add current user's ~/.ssh/id_rsa.pub to admin
    #             ./node.yml -t node_admin -e node_admin_pk_current=true
    #
    # or, you can write user, ssh-pass, sudo-pass below to avoid password being logged.
    #
    # ansible_user: root                 # which user is used for ssh connection? (current_user as default)
    # ansible_password: ssh-pass         # if ssh-key is not configured, use -e ansible_password=<pwd> to pass it (sshpass required!)
    # ansible_become_pass: sudo-pass     # if nopass sudo is not configured, use -e ansible_become_pass=<pwd> to pass sudo password
    #
    # admin user:
    # node_admin_uid: 88                 # uid and gid for admin user
    # node_admin_username: dba           # default admin user's name
    # node_admin_pks: []                 # public key list that will be installed to admin user
    ###########################################################################


...