dvirlabs/rsyslog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
125 Commits 2 Branches 2 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
dvirlabs c83725a027
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
Make this repo generic
2026-05-20 16:07:38 +03:00
ansible
Make this repo generic
2026-05-20 16:07:38 +03:00
files
Make this repo generic
2026-05-20 16:07:38 +03:00
.woodpecker.yml
test
2026-04-24 15:21:04 +03:00
ansible.cfg
test
2026-04-17 17:07:29 +03:00
README.md
Make this repo generic
2026-05-20 16:07:38 +03:00

README.md

File Deployment & GitOps Management

A simple, generic Ansible-based system to deploy and manage files on multiple servers using Git as the single source of truth.

Overview

This repository uses Ansible to:

  • Deploy files from Git to target servers
  • Check Drift to ensure servers stay in sync with the repository
  • Validate that deployed files are correct

No rsyslog-specific code. Just simple file deployment that works for any file or service.

Project Structure

.
├── README.md                          # This file
├── ansible.cfg                        # Ansible configuration
├── .woodpecker.yml                    # CI/CD pipeline configuration
│
├── ansible/
│   ├── inventory/
│   │   ├── hosts.yml                  # Define target servers
│   │   └── group_vars/
│   │       └── all.yml                # Global variables (SSH credentials, etc.)
│   │
│   └── playbooks/
│       ├── apply.yml                  # Deploy file to servers
│       ├── drift-check.yml            # Check if servers are in sync with repo
│       └── validate.yml               # Verify file exists on server
│
└── files/
    └── dvir.txt                       # The file to deploy (edit this to your needs)

How It Works (Simple Version)

  1. You edit the file in files/dvir.txt
  2. You commit to Git (the source of truth)
  3. Run apply.yml to deploy to all servers
  4. Run drift-check.yml anytime to verify servers match Git
  5. If drift is detected, run apply.yml again to fix it

That's it!

Quick Start

1. Edit the file you want to deploy

Open files/dvir.txt and add your content:

nano files/dvir.txt

To deploy a different file, rename it or update the paths in the playbooks.

2. Add target servers

Edit ansible/inventory/hosts.yml:

all:
  children:
    servers:
      hosts:
        server1:
          ansible_host: 192.168.10.161
        server2:
          ansible_host: 192.168.10.162

3. Run the playbooks

Deploy the file:

ansible-playbook ansible/playbooks/apply.yml

Check if servers are in sync:

ansible-playbook ansible/playbooks/drift-check.yml

Validate file on server:

ansible-playbook ansible/playbooks/validate.yml

Playbook Breakdown

apply.yml - Deploy Files

What it does:

  • Copies files/dvir.txt to /tmp/dvir.txt on all target servers
  • Sets file ownership to root:root with permissions 0644

When to use:

  • Initial deployment of the file
  • After updating the file in Git

Example:

ansible-playbook ansible/playbooks/apply.yml

drift-check.yml - Detect Configuration Drift

What it does:

  • Reads the file from the Git repository (local)
  • Reads the file from each target server (/tmp/dvir.txt)
  • Compares the content byte-for-byte
  • Reports SYNCED or OUT_OF_SYNC

When to use:

  • Verify servers match the repository state
  • Detect if someone manually changed the file on the server
  • Run periodically (via cron or CI/CD) to monitor compliance

Example:

ansible-playbook ansible/playbooks/drift-check.yml

Output:

✓ dvir.txt is synced     # Files match
✗ dvir.txt is out of sync  # Files differ or file missing

validate.yml - Validate Deployment

What it does:

  • Checks that /tmp/dvir.txt exists on the server
  • Verifies the file is readable
  • Fails if the file is missing or not readable

When to use:

  • After running apply.yml to verify success
  • To confirm the deployment was successful

Example:

ansible-playbook ansible/playbooks/validate.yml

Configuration

Inventory: ansible/inventory/hosts.yml

Define which servers to manage:

all:
  children:
    servers:
      hosts:
        server1:
          ansible_host: 192.168.10.161
        server2:
          ansible_host: 192.168.10.162

Global Variables: ansible/inventory/group_vars/all.yml

SSH and connection settings:

ansible_user: root
ansible_ssh_private_key_file: "~/.ssh/id_rsa"
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"

Ansible Config: ansible.cfg

Global Ansible settings (host checking, plugins, etc.)

Workflow Examples

Example 1: Deploy a new file

# 1. Edit the file
echo "new config content" > files/dvir.txt

# 2. Commit to Git
git add files/dvir.txt
git commit -m "Update deployment file"
git push

# 3. Deploy to servers
ansible-playbook ansible/playbooks/apply.yml

# 4. Verify success
ansible-playbook ansible/playbooks/validate.yml

Example 2: Monitor for drift (continuous compliance)

# Run drift check periodically (cron job)
0 */6 * * * cd /path/to/repo && ansible-playbook ansible/playbooks/drift-check.yml

Example 3: Detect and fix manual changes

# Someone manually edited /tmp/dvir.txt on server1
# Check for drift
ansible-playbook ansible/playbooks/drift-check.yml
# Output: ✗ dvir.txt is out of sync

# Restore from Git
ansible-playbook ansible/playbooks/apply.yml

# Verify it's fixed
ansible-playbook ansible/playbooks/drift-check.yml
# Output: ✓ dvir.txt is synced

Prerequisites

  • Ansible installed on your machine
  • SSH access to all target servers (password or key-based)
  • Root or sudo access on target servers (for writing to /tmp)

Install Ansible

# macOS
brew install ansible

# Ubuntu/Debian
apt-get install ansible

# RHEL/CentOS
yum install ansible

# Python pip
pip install ansible

Customization

Deploy to a different path

Edit ansible/playbooks/apply.yml:

- name: Copy file to destination
  copy:
    src: ../../files/dvir.txt
    dest: /your/custom/path/filename.txt  # ← Change this
    owner: root
    group: root
    mode: "0644"

Deploy multiple files

Add more tasks to apply.yml:

- name: Copy file 1
  copy:
    src: ../../files/dvir.txt
    dest: /tmp/dvir.txt

- name: Copy file 2
  copy:
    src: ../../files/another.txt
    dest: /tmp/another.txt

Use different target servers

Edit hosts.yml and use:

ansible-playbook ansible/playbooks/apply.yml -i ansible/inventory/hosts.yml --limit "server2"

Troubleshooting

"SSH connection refused"

  • Check ansible_host is correct in hosts.yml
  • Verify SSH key in group_vars/all.yml
  • Test manually: ssh -i ~/.ssh/id_rsa root@192.168.10.161

"Permission denied" on deployment

  • Ensure become: true is in the playbook
  • Verify user has sudo access
  • Check SSH key has correct permissions: chmod 600 ~/.ssh/id_rsa

Drift check shows "out of sync" but I didn't change anything

  • File permissions or ownership might have changed
  • Line endings (CRLF vs LF) might differ
  • The server file might be missing

Can't read file on server

  • Check /tmp/dvir.txt exists: ls -la /tmp/dvir.txt
  • Verify permissions: stat /tmp/dvir.txt
  • Ensure file is readable: cat /tmp/dvir.txt

Tips & Best Practices

  1. Always commit before deploying

    • Use Git as the single source of truth
    • Never manually edit /tmp/dvir.txt on servers

  2. Run drift-check regularly

    • Use cron or CI/CD to monitor compliance
    • Alert on OUT_OF_SYNC status

  3. Test in dev first

    • Add a dev group in hosts.yml
    • Test playbooks on dev servers before prod

  4. Use version control for everything

    • Keep all changes in Git
    • Easy rollback: just revert and re-run apply.yml

License

MIT (or your preferred license)

Description
No description provided
Readme 412 KiB
Languages
INI 100%