Added new roles to split things up.

roles/mariadb/README.md

@@ -0,0 +1,16 @@
+# mariadb
+
+An Ansible role that installs MariaDB, changes mysql root password, and makes sure it runs on startup.
+
+## Requirements
+
+No specific requirements, just CC7 and Yum.
+
+## Dependencies
+
+None.
+
+## Role Variables
+
+mysql_root_password: password for mysql user root (new one to be set)
+mysql_root_old_password: current password for mysql user root (will be changed)

roles/mariadb/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+mysql_root_password:
+mysql_root_old_password:

roles/mariadb/tasks/main.yml

@@ -0,0 +1,44 @@
+---
+- name: Ensure mariadb is installed
+  yum:
+    name: mariadb-server
+    state: latest
+    update_cache: yes
+  tags: installation
+
+- name: "Ensure mariadb service runs immediately and on startup"
+  systemd:
+    name: mariadb
+    enabled: yes
+    state: started
+    daemon_reload: yes
+  tags: installation
+
+- name: Ensure MySQL-python is installed
+  yum:
+    name: MySQL-python
+    state: latest
+    update_cache: yes
+  tags: installation
+
+- name: Ensure database ports are open
+  firewalld:
+    permanent: true
+    immediate: true
+    port: "{{ item }}/tcp"
+    zone: public
+    state: enabled
+  ignore_errors: yes
+  with_items:
+    - "3306"
+  tags: installation
+
+- name: Set root user password
+  mysql_user: name=root
+              host=localhost
+              password="{{ mysql_root_password }}"
+              check_implicit_admin=yes
+              login_user="root"
+              login_password="{{ mysql_root_old_password }}"
+              state=present
+  tags: configuration

roles/nginx/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+nginx_port: 80

roles/nginx/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Restart nginx
+  service:
+    name: nginx
+    state: restarted

roles/nginx/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: basevars }

roles/nginx/tasks/main.yml

@@ -0,0 +1,38 @@
+---
+- name: Ensure nginx {{ nginx_version }} is present
+  package:
+    name: "https://nginx.org/packages/rhel/7/x86_64/RPMS/nginx-{{ nginx_version }}-1.el7.ngx.x86_64.rpm"
+    state: present
+    update_cache: yes
+  notify: Restart nginx
+  tags: installation
+
+- name: Copy main page
+  copy:
+    src: "{{ role_path }}/files/index.html"
+    dest: /var/www/html/
+  tags: installation
+
+- name: Deploy main configuration file
+  template:
+    src: default.conf.j2
+    dest: /etc/nginx/conf.d/default.conf
+  notify: Restart nginx
+  tags: configuration
+
+- name: Start nginx on boot
+  systemd:
+    name: nginx
+    enabled: yes
+    state: restarted
+    daemon_reload: yes
+  tags: configuration
+
+- name: Open port {{ nginx_port }} in firewall
+  firewalld:
+    port: "{{ nginx_port }}/tcp"
+    permanent: true
+    state: enabled
+    immediate: yes
+  ignore_errors: yes
+  tags: configuration

roles/nginx/templates/default.conf.j2

@@ -0,0 +1,10 @@
+server {
+  listen {{ nginx_port }} default_server;
+  listen [::]:{{ nginx_port }} default_server;
+  root /var/www/html;
+  index index.html;
+  server_name {{ ansible_fqdn }};
+  location / {
+    try_files $uri $uri/ =404;
+  }
+}

roles/nodejs/README.md

@@ -0,0 +1,11 @@
+# nodejs
+
+An Ansible role that installs and configures [nodejs](https://nodejs.org).
+By default:
+ - Installs NodeJS
+
+## Host Variables (optional)
+
+| Variable             | Default value  | Notes                  |
+|----------------------|----------------|------------------------|
+| nodejs_major_version |                | -                      |

roles/nodejs/tasks/main.yml

@@ -0,0 +1,28 @@
+---
+- name: Download NodeJS {{ nodejs_major_version }} repo configuration
+  get_url:
+    url: https://rpm.nodesource.com/setup_{{ nodejs_major_version }}
+    dest: /tmp/setup_{{ nodejs_major_version }}
+    validate_certs: False
+  tags: installation
+
+- name: Remove old version of NodeJS
+  yum:
+    name: npm
+    state: absent
+  tags: installation
+
+- name: Configure NodeJS repo
+  shell: bash /tmp/setup_{{ nodejs_major_version }}
+  tags: installation
+
+- name: Install NodeJS
+  package:
+    name: nodejs
+    state: latest
+  tags: installation
+
+- name: Configure npm proxy
+  shell: npm config set proxy {{ ansible_env.http_proxy }} && npm config set https-proxy {{ ansible_env.https_proxy }}
+  when: "'http_proxy' in ansible_env"
+  tags: configurationn

roles/nodejs/vars/main.yml

@@ -0,0 +1,2 @@
+---
+nodejs_major_version: 10.x

roles/ntp-client/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+ntp_servers:
+  - "137.138.18.69"
+  - "137.138.16.69"
+  - "137.138.17.69"

roles/ntp-client/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+- name: Install NTP
+  yum:
+    name: ntp
+    state: present
+  tags: installation
+
+- name: Configure NTP
+  template:
+    src: ntp.conf.j2
+    dest: /etc/ntp.conf
+    owner: root
+    group: root
+    mode: 0644
+  tags: configuration
+
+- name: Enable NTP client
+  systemd:
+    name: ntpd
+    state: started
+    enabled: yes
+    daemon_reload: yes
+  tags: configuration

roles/ntp-client/templates/ntp.conf.j2

@@ -0,0 +1,9 @@
+restrict default nomodify notrap noquery
+restrict 127.0.0.1
+driftfile /var/lib/ntp/drift
+logfile /var/log/ntp.log
+# --- Lab Timeservers -----
+{% for srv in ntp_servers %}
+server {{ srv }}
+{% endfor %}
+#