Ansible and 17 beta playbook

I am trying to learn myself Ansible. Being a developer and not really a system admin or netops guy for well over a decade I don’t get to play with a lot of the cool toys. In any case with the big disclaimer that I am new to Ansible and learning see the following image. Then if you care to there is a playbook below that for Installing the 17 beta on to a clean Debian 12 install



Grok’d quickly and your first draft appears to provide nice subset of functionality of the comparable pngnx23299 Role’s current release v0.23.40-alpha – happy to accept a PR there to add in the github developer-mode account and key setup portions, which is related to pending TODOs to incorporate clean git clones of each of the FreePBX modules to facilitate faster bug hunting, patch submission, and other post-Role testing/updates direct from git with no further Role involvement.

Some minor points to consider might be:

OP pngnx23299
all root install pngnx23299 uses “become” only when necessary eg. not when downloading URLs
EDGE download only pngnx23299 supports downloading each FreePBX module from github as a separate ZIP file, in addition to the EDGE download; also each module is installed separately to help identify issues, with options to limit from git or from edge to basic module list (instead of the less-granular “fwconsole ma installall” approach)
multiple brief Roles make for lots of cd’ing pngnx23299 is one Role with many Task files in the same tasks/ sublevel directory
does not follow current upstream recommendation to use Ansible FQCNs eg. “ansible.builtin.user” instead of “user” pngnx23299 uses FQCNs throughout
no firewall pngnx23299 locks things down with firewall-related Tasks for fail2ban, SSH, and UFW

Additional highlights provided by pngnx23299 include:

  • NGINX wrapper around Asterisk phoneprov module for a couple common phone models – test bench is currently some older Poly phones – which can help work around current lack of Endpoint Manager module in FreePBX 17 beta
  • More network parameter control, such as VLAN support with PBX acting as DHCP, DNS, HTTP and NTP server on the VLAN to facilitate said provisioning integration (with included sample showing minimal phone configuration file editing in /etc/asterisk/pjsip.endpoint_custom_post.conf file)
  • Reasonable logrotate template, and some more things in the README related to more customizable command-line options, idempotent considerations, etc.

I am not sure the current state of the devtools with them dumping both centos and bitbucket. There was a single command to pull all modules to their source version.

My current and manual workflow:

  1. Fork in github
  2. Pull to /usr/src/ and switch to the proper branch
  3. rm -f /var/www/admin/modules/rawname
  4. ln -s /usr/src/rawname /var/www/html/modules/
  5. fwconsole ma install rawname

I actually do this for official and third party modules I work on. I have thought about automating it but it is on my someday list.

Being that I do not have write access to the repos and have to fork each one I am not sure I want to fork every module just for giggles. I could likely do a quick script to fork a single/list of modules

1 Like

I automated this and you can put your github token to and other settings in your secrets and pass them as arguments… I haven’t put this in my playbook yet.