Managing my Debian Systems with Ansible

Managing my Debian Systems with Ansible

Years ago, as a DevOps engineer, I managed systems using various automation tools. However, for managing my own workstations, I chose Ansible and found a streamlined way to keep my Debian systems consistent without turning the whole exercise into another full-time job.

What I like most about Ansible in this context is that it gives me structure without much friction. I can keep a clear separation between work and home machines; I can decide exactly which roles belong on which hosts through the inventory; and I get useful safeguards such as ansible-lint and dry runs before I touch a live system. I also find the tooling approachable. The command line is simple, the module ecosystem is broad, and the documentation is good enough that I rarely feel like I am fighting the tool.

The project itself is organised around small, isolated roles. Each role lives in its own directory under roles/, with its own tasks, files, and variables, so a change to something like vim does not leak into docker or another part of the machine. That separation matters once the role count starts climbing, because it keeps the system understandable even when the overall setup becomes fairly broad.

Project Structure

I do not enable every role on every host. Most of the control comes from inventory.yaml, which defines machines such as carbonx1 or geekom and groups them by capability. In site.yaml, the playbook then imports roles with conditions based on those group memberships. That means a host can gain a feature simply by joining the relevant group, and it can lose that feature just as cleanly when it leaves.

That is where the remove roles earn their keep. Alongside installation roles such as zoom, I keep companion roles such as zoom_remove whose job is to uninstall packages, remove configuration, and clean up components that are no longer needed. I find that especially useful when I stop using a feature and want the machine returned to a leaner state rather than carrying old software and stray configuration indefinitely. I also keep some roles in an archived state. These archived roles remain in the repository, and their corresponding inventory groups can remain defined, but they are not imported by site.yaml. That keeps them inactive during normal runs while still making them easy to reintroduce later if I decide a feature is worth bringing back.

The site.yaml file acts as the entry point for all of this. It defines the order in which roles are considered, gathers facts, and establishes a few shared assumptions so the same playbook behaves consistently across different Debian systems. Around that, the Makefile gives me a more convenient command surface for day-to-day use. Instead of typing the full ansible-playbook invocation each time, I can run make for the normal local configuration, make tags tags=git,vim when I only want a subset of roles, make resume task="Install git packages" when I need to continue from a failed task, and make lint when I want a quick quality check.

That combination of modular roles, inventory-driven selection, explicit remove roles, and a small Make-based interface has made the setup practical to live with. It gives me enough control to keep each machine purposeful, while still making it easy to add, remove, or revisit features as my workstation needs change.

Comments

Post a Comment

Popular posts from this blog

Linux Mint on HP Mini 110

Image
I have a little experimental machine for playing with different distributions.   Lately, the  HP Mini 110-1081TU  has been running MeeGo . Now it has been commissioned to run Linux Mint . This comes in a variety of flavours. The one reviewed here is Linx Mint Debian 201109 . While the download was a monstrous 1.1G, the installation is the fastest I've ever seen. It literally took 10 minutes!  Post Installation - Wireless This is where the fun begins. First off, I had trouble getting wireless to work.  Reading dmesg gave very helpful instructions.  Read the recommendations carefully! Doing so can save you much time and effort. The HP Mini 110 uses a Broadcom 4312 WLAN . Install the packages b43-fwcutter and firmware-b43-lpphy-installer . I recommend the  Linux Wireless page as it has exceptionally good documentation. Post Installation - Sound Sound quality is actually better than under previous Linux distributions I've tried. So I wa...
Read more

Installing MCE Remote for XBMC

The remote I purchased was a Media Center Remote Control / Receiver, RC118 / IR6065A / QIR606A / Q. This being a MCE certified device I thought it would be easy to set-up. However, it took a little more effort than expected. Fortunately the steps are easy, and it was a useful problem solving exercise.  System I am running Ubuntu 10.04 LTS with kernel 2.6.32-31-generic for use as a server for XBMC version 10.1.  I received advice from Jarod Wilson of lirc that, lirc_mceusb is obsolete. This device is already supported by the in-kernel mceusb driver. So hopefully you are much luckier than I was in setting this up! Getting the remote to work Even though dmesg reported that I had a infrared receiver, lirc failed to recognise it when testing with irw. dmesg reports: [ 23.721796] generic-usb 0003: 147A : E03E .0003: timeout initializing reports [ 23.722033] generic-usb 0003: 147A : E03E .0003: hiddev97,hidraw2: USB HID v1.00 Device [ Formosa21 eHome Infrared Transce...
Read more

Ubuntu Netbook Remix

Image
10" HP Mini 110-1081TU & 14" Compaq Presario Notebook Installation Guide A netbook is, by definition a mobile device.  You never know when you may lose or have the device stolen. So I recommend that no private information is retained on the machine.  If it must be present, encrypt it.  As you probably have other devices using web-centric email and documentation can overcome many but not all of these issues.  This installation is tailored with these security issues in mind. Installation Get Ubuntu Netbook Remix (UNR) from  http://www.ubuntu.com/GetUbuntu/download-netbook Use this guide to create a bootable USB stick. Post Installation After installation, the internal microphone and wireless networking probably won't be working, see section in Problems . For panel customisation see gconf . For additional software I highly recommend, see  Additional Software . Finally I've added a section on hardware . gconf Custom Date Format for Clock Applet To apply...
Read more