Lab 008 - Challenges¶
- This lab is a set of challenges that combine skills from the previous labs (000-007).
- You will practice creating users, building inventories, and managing Git repositories using Ansible.
- Each challenge has a clear goal - try to solve it yourself before checking the solution.
- Completing these challenges will reinforce your understanding of core Ansible concepts.
What will we learn?¶
- How to apply the
usermodule to create system accounts on remote hosts - How to write an inventory file that references the created users as
ansible_ssh_user - How to use the
gitmodule to clone and push to repositories on remote hosts - How to chain multiple modules in a single playbook to complete a real-world workflow
Prerequisites¶
- Complete all previous labs (000-007)
01. Challenge 1 - User Management¶
Goal¶
Create a user named after the hostname on each managed host, verify the user exists, then update the inventory to connect as that user.
Tasks¶
- Write a playbook that creates a user named
{{ inventory_hostname }}on all hosts. - Verify the user was created by displaying its name in a debug message.
- Add an SSH key for the user during creation.
- Update your inventory so the connection uses the new user:
server-1 ansible_host=server-1 ansible_ssh_user=server-1
server-2 ansible_host=server-2 ansible_ssh_user=server-2
server-3 ansible_host=server-3 ansible_ssh_user=server-3
Solution
---
- name: Challenge 1 - Create user per hostname
hosts: all
tasks:
- name: Create user named after the host
ansible.builtin.user:
name: "{{ inventory_hostname }}"
groups: root
shell: /bin/bash
state: present
generate_ssh_key: true
ssh_key_bits: 2048
ssh_key_file: .ssh/id_rsa
create_home: true
- name: Verify user was created
ansible.builtin.debug:
msg: "Created user: {{ inventory_hostname }}"
02. Challenge 2 - Git Repository Management¶
Goal¶
On a remote host, install git, clone a repository, make a change, commit it, and push it back to the remote.
Tasks¶
- Ensure
gitis installed on the target host using theaptmodule. - Clone a repository from GitHub or GitLab to
/tmp/ansible-git-demo. - Write a file to the cloned directory using the
copymodule. - Commit and push the change using the
shellmodule.
Solution
---
- name: Challenge 2 - Clone, modify, and push a git repository
hosts: server-2
gather_facts: false
tasks:
- name: Ensure git is installed
ansible.builtin.apt:
name: git
state: present
become: true
- name: Clone the repository
ansible.builtin.git:
repo: https://github.com/yourusername/yourrepository.git
dest: /tmp/ansible-git-demo
clone: true
update: true
- name: Write a change file
ansible.builtin.copy:
dest: /tmp/ansible-git-demo/ansible-change.txt
content: "Change made by Ansible on {{ ansible_date_time.iso8601 }}\n"
mode: "0644"
- name: Commit and push changes
ansible.builtin.shell: |
cd /tmp/ansible-git-demo
git config user.email "you@example.com"
git config user.name "Ansible Bot"
git add ansible-change.txt
git commit -m "Automated commit by Ansible"
git push origin main
args:
executable: /bin/bash
changed_when: true
03. Hands-on¶
- Run the user-creation playbook against all three lab servers.
- Verify each user exists by running
ansible all -m shell -a "id {{ inventory_hostname }}". - Update your inventory file to use the new users and re-run
ansible all -m pingto confirm connectivity. - Clone a public GitHub repo to
server-2using thegitmodule. - Add a file to the cloned repo and commit the change using a
shelltask.
04. Summary¶
- 🔹 The
ansible.builtin.usermodule can create, update, and remove system users, including SSH key generation - 🔹 Using
{{ inventory_hostname }}as a username ties each host’s account to its identity in the inventory - 🔹 Inventories can specify
ansible_ssh_userper host to control which account Ansible connects with - 🔹 The
ansible.builtin.gitmodule handles clone and update operations; push requires ashelltask - 🔹 Challenge labs combine multiple modules in sequence - this mirrors real automation workflows