ansible/infra-automation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2ef8dfd6ed53a042464c9260344ac36aa5e7ea54
infra-automation/plays/test-deploy-linux-vm-role.yml
Infrastructure Team 82796a18e4 Add test playbook for deploy_linux_vm role 
- Test configuration for Debian 12 with LVM enabled
- Validates LVM configuration compliance
- Tests SSH hardening (GSSAPI disabled)
- Verifies security features (firewall, audit, updates)
- Includes post-test validation checklist
- Documents expected test output and verification steps
2025-11-10 22:51:57 +01:00

60 lines
2.4 KiB
YAML
Raw Blame History

---
# =============================================================================
# Test Playbook for deploy_linux_vm Role
# =============================================================================
# This playbook tests the deploy_linux_vm role with LVM and security hardening
- name: Test Deploy Linux VM Role
hosts: grokbox
gather_facts: yes
become: yes
vars:
# Test VM Configuration
deploy_linux_vm_name: "test-lvm-vm"
deploy_linux_vm_hostname: "test-lvm"
deploy_linux_vm_domain: "test.local"
deploy_linux_vm_os_distribution: "debian-12"
deploy_linux_vm_vcpus: 2
deploy_linux_vm_memory_mb: 2048
deploy_linux_vm_disk_size_gb: 20
# Enable LVM
deploy_linux_vm_use_lvm: true
deploy_linux_vm_lvm_vg_name: "vg_system"
deploy_linux_vm_lvm_pv_device: "/dev/vdb"
# SSH Hardening (GSSAPI disabled)
deploy_linux_vm_ssh_gssapi_authentication: "no"
deploy_linux_vm_ssh_gssapi_cleanup_credentials: "no"
# Security Features
deploy_linux_vm_enable_firewall: true
deploy_linux_vm_enable_selinux: true
deploy_linux_vm_enable_auditd: true
deploy_linux_vm_enable_automatic_updates: true
roles:
- deploy_linux_vm
post_tasks:
- name: Display test completion message
debug:
msg:
- "╔════════════════════════════════════════════════════════════════╗"
- "║ Role Test Completed Successfully ║"
- "╚════════════════════════════════════════════════════════════════╝"
- ""
- "VM deployed with:"
- " ✓ LVM Configuration (CLAUDE.md compliant)"
- " ✓ SSH Hardening (GSSAPI disabled)"
- " ✓ Security Features (Firewall, Audit, Auto-updates)"
- " ✓ Multi-distribution support"
- ""
- "Next steps:"
- " 1. SSH to VM: ssh -J grokbox ansible@{{ deploy_linux_vm_ip }}"
- " 2. Verify GSSAPI: sudo sshd -T | grep -i gssapi"
- " 3. Check LVM: sudo vgs && sudo lvs"
- " 4. Reboot for LVM: sudo reboot"
- " 5. After reboot verify: df -h && lsblk"
Reference in New Issue View Git Blame Copy Permalink