gaschz/ansible-qubes
1
0
Fork 0
mirror of https://github.com/Rudd-O/ansible-qubes.git synced 2025-10-31 03:28:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

More docs.

Browse Source
This commit is contained in:
Manuel Amador (Rudd-O) 2016-10-12 17:14:20 +00:00
parent c28f2cdb0b
commit 8093ac554f
2 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
doc/Enhance your Ansible with Ansible Qubes.md
View File

@ -1,5 +1,7 @@
# Enhance your Ansible with Ansible Qubes # Enhance your Ansible with Ansible Qubes
## Deploy the software to the right places
Integrate this software into your Ansible setup by: Integrate this software into your Ansible setup by:
1. setting up a `connections_plugin = <directory>` in your `ansible.cfg` 1. setting up a `connections_plugin = <directory>` in your `ansible.cfg`
@ -12,6 +14,21 @@ Integrate this software into your Ansible setup by:
* Anywhere on your Ansible machine's `PATH`. * Anywhere on your Ansible machine's `PATH`.
* In a `../../bin` directory relative to the `qubes.py` file. * In a `../../bin` directory relative to the `qubes.py` file.
## Test `qrun` works
Test that `qrun` does the job. In the VM where you integrated your
Ansible setup, run:
```
path/to/qrun <some VM> hostname
```
This should immediately return with the hostname of `<some VM>`,
indicating that `qrun` successfully invoked `bombshell-client` on it,
requesting the execution of `hostname` on `exp-net`.
## Register VMs on your Ansible inventory
After having done that, you can add Qubes VMs to your Ansible `hosts` file: After having done that, you can add Qubes VMs to your Ansible `hosts` file:
``` ```
@ -20,7 +37,7 @@ workvm ansible_connection=qubes
# The next line has a parameter which indicates to Ansible to first # The next line has a parameter which indicates to Ansible to first
# connect to the domU SSH at 1.2.3.4 before attempting to use # connect to the domU SSH at 1.2.3.4 before attempting to use
# bombshell-client to manage other VMs on the same system. # bombshell-client to manage other VMs on the same system.
# See below for instructions to enable remoting. # See README.md for pointers to enabling remote management of Qubes servers.
vmonremotehost ansible_connection=qubes management_proxy=1.2.3.4 vmonremotehost ansible_connection=qubes management_proxy=1.2.3.4
``` ```

12
doc/Remote management of Qubes OS servers.md
View File

@ -48,6 +48,18 @@ like you did before.
Assuming you have set up Ansible on your manager machine, [integrate Assuming you have set up Ansible on your manager machine, [integrate
Ansible Qubes into your setup](./Enhance your Ansible with Ansible Qubes.md). Ansible Qubes into your setup](./Enhance your Ansible with Ansible Qubes.md).
Now test that you can run commands using `qrun`. In your manager
machine, run in a terminal:
```
qrun --proxy=x.y.z.w exp-net hostname
```
This should immediately return with `exp-net` as output on the terminal,
indicating that `qrun` successfully connected to `exp-manager` and then
invoked `bombshell-client` on it, requesting the execution of `hostname`
on `exp-net`.
Now, to your Ansible `hosts` file, add an inventory entry: Now, to your Ansible `hosts` file, add an inventory entry:
``` ```