gaschz/ansible-qubes
1
0
Fork 0
mirror of https://github.com/Rudd-O/ansible-qubes.git synced 2025-03-01 14:22:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
ansible-qubes/doc/Enhance your Ansible with Ansible Qubes.md
Manuel Amador (Rudd-O) c28f2cdb0b Documentation improvements
2016-10-12 17:05:11 +00:00

1.5 KiB
Raw Blame History

Enhance your Ansible with Ansible Qubes

Integrate this software into your Ansible setup by:

  1. setting up a connections_plugin = <directory> in your ansible.cfg file, pointing it to a directory you control, then
  2. placing the qubes.py connection plugin in your Ansible connection_plugins directory as defined above, then
  3. placing the qrun and bombshell-client executables in one of two locations:
  • Anywhere on your Ansible machine's PATH.
  • In a ../../bin directory relative to the qubes.py file.

After having done that, you can add Qubes VMs to your Ansible hosts file:

# The next line declares a simple connection to a domU on the same system.
workvm          ansible_connection=qubes
# The next line has a parameter which indicates to Ansible to first
# connect to the domU SSH at 1.2.3.4 before attempting to use
# bombshell-client to manage other VMs on the same system.
# See below for instructions to enable remoting.
vmonremotehost  ansible_connection=qubes management_proxy=1.2.3.4

You are now free to run ansible-playbook or ansible against those hosts. So long as those programs can find your ansible.cfg file, and your hosts file, it will work. Note that Qubes OS will bother you every time you run commands with the prompt to allow qubes.VMShell on the target VM you're managing, unless you set said permission to default to yes (the pertinent file to edit is in the dom0 of the target Qubes OS machine, path /etc/qubes-rpc/policy/qubes.VMShell).