ara | File #5400: /home/ssh-gateway/ansible/kuly/manage_solus

/home/ssh-gateway/ansible/kuly/manage_solus_access.yaml

Execution

Date 21 Jul 2025 15:56:19 +0100

Duration 00:00:00.14

Controller ssh-gw-4.layershift.com

User root

Versions

Ansible 2.16.11

ara 1.7.2 / 1.7.2

Python 3.10.10

Summary

0 Hosts

0 Tasks

0 Results

1 Plays

1 Files

0 Records

remote_user:root check:False tags:all subset:dev

Date
21 Jul 2025 15:56:19 +0100
Path
/home/ssh-gateway/ansible/kuly/manage_solus_access.yaml

Argument	Value
version	None
verbosity	0
private_key_file	/home/ssh-gateway/.ssh/id_rsa
remote_user	root
connection	ssh
timeout	None
ssh_common_args	None
sftp_extra_args	None
scp_extra_args	None
ssh_extra_args	None
ask_pass	False
connection_password_file	None
force_handlers	False
flush_cache	False
become	False
become_method	sudo
become_user	None
become_ask_pass	False
become_password_file	None
tags	['all']
skip_tags	[]
check	False
diff	False
inventory	['/home/ssh-gateway/ansible/kuly/solus-node.ini']
listhosts	False
subset	dev
extra_vars	Not saved by ARA as configured by 'ignored_arguments'
vault_ids	[]
ask_vault_pass	False
vault_password_files	[]
forks	20
module_path	None
syntax	False
listtasks	False
listtags	False
step	False
start_at_task	None
args	['manage_solus_access.yaml']

File: /home/ssh-gateway/ansible/kuly/manage_solus_access.yaml

---
- name: Playbook to allow and remove solus support access
  hosts: all
  vars:
    allow_access: false
    remove_access: false
  tasks:
    - name: Check if at least one of allow_access or remove_access is set
      ansible.builtin.assert:
        that:
          - "allow_access or remove_access"
        fail_msg: |
          Error: You must specify either allow_access or remove_access via -e.
          Example usage:
            ansible-playbook manage_solus_access.yaml -e allow_access=true/false
            ansible-playbook manage_solus_access.yaml -e remove_access=true/false
    - name: Execute Allow Access Commands
      ansible.builtin.shell: |
        set -o pipefail
        echo "Executing allow access commands..."
        ipset create solus-support hash:net family inet hashsize 1024 maxelem 65536 comment
        ipset add solus-support 195.214.233.0/24 comment "solus1"
        ipset add solus-support 91.204.24.0/22 comment "solus2"
        ipset add solus-support 91.204.25.0/22 comment "solus3"
        ipset add solus-support 203.32.4.0/26 comment "solus4"
        ipset add solus-support 203.214.176.0/24 comment "solus5"
        ipset add solus-support 80.237.178.180 comment "solus6"
        ipset add solus-support 81.184.0.141 comment "solus7"
        ipset add solus-support 95.170.131.46 comment "solus8"
        iptables -A INPUT -p tcp -m tcp --dport 22 -m set --match-set solus-support src -j ACCEPT
        curl -o /tmp/install_accesskey.sh https://raw.githubusercontent.com/solusvm-support/helpers/master/install_accesskey.sh
        chmod 751 /tmp/install_accesskey.sh
        /tmp/install_accesskey.sh add
        rm -f /tmp/install_accesskey.sh

      args:
        executable: /bin/bash
      when: allow_access | bool
      register: allow_result
      changed_when: allow_result.rc == 0
    - name: Debug Allow Access Output
      ansible.builtin.debug:
        var: allow_result
      when: allow_access | bool and allow_result is defined
    - name: Execute Remove Access Commands
      ansible.builtin.shell: |
        echo "Executing remove access commands..."
        curl -o /tmp/install_accesskey.sh https://raw.githubusercontent.com/solusvm-support/helpers/master/install_accesskey.sh
        chmod 751 /tmp/install_accesskey.sh
        /tmp/install_accesskey.sh remove
      args:
        executable: /bin/bash
      when: remove_access | bool
      register: remove_result
      changed_when: remove_result.rc == 0
    - name: Debug Remove Access Output
      ansible.builtin.debug:
        var: remove_result
      when: remove_access | bool and remove_result is defined

Playbook #3280

File: /home/ssh-gateway/ansible/kuly/manage_solus_access.yaml