【IT Notes】RHCE測驗第十二題 Create a web content directory

 Create a playbook called /home/student/ansible/webcontent.yml as follows:

• The playbook runs on managed nodes in the dev host group

• Create the directory /webdev with the following requirements:

  • it is owned by the webdev group
  • it has regular permissions: owner=read+write+execute, group=read+write+execute, other=read+execute
  • it has special permissions: set group ID

• Symbolically link /var/www/html/webdev to /webdev

• Create the file /webdev/index.html with a single line of text that reads: Development

• Browsing this directory on hosts in the dev host group (for example http://node1.example.com/webdev/) produces the following output:

  Development

【題前說明】

前面有幾題在webservers群組上作網站部署，這題則是回到dev群組，也就是node1上也部署一個網頁，而網頁路徑有指定一個資料夾名為/webdev(位於根目錄底下)，同時要設定群組、SELinux權限，再來於資料夾內新增index當作首頁，首頁內容為Devlopment，再透過軟連結的方式指向網頁伺服器的根目錄，最後則是開啟防火牆允許apache啟用。難度不算高，但是步驟多也就表示要背的指令及流程也多。

一．解題過程：

[student@workstation ansible]$ vim webcontent.yml

---
- name: config webcontent
  hosts: dev
  tasks:
    - name: install apache on dev           \\安裝網頁伺服器
      dnf:
        name: httpd
        state: present
    - name: create web group                  \\建立群組webdev
      group:
        name: webdev
    - name: create web dir                        \\根目錄建立webdev，並賦予訪問權限
      file:
        path: /webdev
        state: directory
        group: webdev
        mode: 2775
        setype: httpd_sys_content_t
    - name: link webdev　　　　　　　　\\建立軟連結，將/webdev連結到網站根目錄
      file:
        src: /webdev
        dest: /var/www/html/webdev
        state: link
    - name: config index                            \\編輯網站的首頁內容
      copy:
        content: "Development"
        dest: /webdev/index.html
        setype: httpd_sys_content_t
    - name: firewalld add apache port on dev      \\將http port加入防火牆
      firewalld:
        service: http
        state: enabled
        immediate: yes
        permanent: yes
    - name: restart apache serivce            \\重啟網頁伺服器
      service:
        name: httpd
        state: restarted
        enabled: yes

二．驗證結果

[student@workstation ansible]$ ansible-playbook -C webcontent.yml

測試跑看看有沒有噴錯

[student@workstation ansible]$ ansible-playbook webcontent.yml

沒問題就正式跑yml

開啟瀏覽器，從外部訪問看看，有出現內容就表示成功

三．恢復解題前的環境

用反向方式來編輯還原的yml，將dev上的網頁卸除

[student@workstation ansible]$ vim 12-lab-webcontent-stop.yml

---
- name: remove the website
  hosts: dev
  tasks:
    - name: remove group webdev
      group:
        name: webdev
        state: absent
    - name: remove directory
      file:
        path: /webdev
        state: absent
    - name: remove httpd
      yum:
        name: httpd
        state: absent
    - name: config firewalld
      firewalld:
        service: http
        permanent: no
        state: disabled
        immediate: no
    - name: remove index.html
      file:
        path: /webdev/index.html
        state: absent

- name: remove webcontent.yml
  hosts: 127.0.0.1
  tasks:
    - name: remove webcontent.yml
      file:
        path: /home/student/ansible/webcontent.yml
        state: absent

[student@workstation ansible]$ ansible-playbook 12-lab-webcontent-stop.yml