Skip to content

Latest commit

 

History

History
145 lines (110 loc) · 5.11 KB

README.md

File metadata and controls

145 lines (110 loc) · 5.11 KB

JumpCloud Role for Ansible

This role installs the JumpCloud agent and restarts the JumpCloud agent service as required. It also make use of JumpCloud API to set JumpCloud System attributes.

Requirements

cURL and NTP should be installed as prerequisites.

Role Variables

[jumpcloud_api_key][jumpcloud-api-key]

Default: none Used to modify the attribute of a System on JC portal.

The API key as shown in the JumpCloud's API Settings. To be retrieved from JumpCloud portal by a JC Admin account

To be stored in an Ansible Vault. It's very high-sensitivity Information.

Testing

See README file in the tests directory

Requirements

create the file tests/test_variables.yml that must include your private jumpcloud_x_connect_key as follow:

---
enc_jumpcloud_x_connect_key: "xxxxxxxxxxxxxyyyyyyyyyyyyyyzzzzzzzzzz"
...

Make sure that on you JumpCloud account you have the following System Groups:

ansible_test_1
ansible_test_2

Run

cd tests/
ansible-playbook main.yml

jumpcloud_x_connect_key

Default: none

The X_Connect key as displayed on the Servers > Add screen. Mandatory.

jumpcloud_directory

Default: /opt/jc

Path to check if JumpCloud has been previously installed.

jumpcloud_x_connect_url

Default: 'https://kickstart.jumpcloud.com/Kickstart'

URL for the install script.

jumpcloud_force_install

Default: no

Used to determine whether or not to force installation of the client if it has been previously installed.

jumpcloud_agent_service

Default: jcagent

Name of the service to restart.

jumpcloud_use_sudo

Default: no

Whether or not to use sudo during installation.

[jumpcloud_tags]

The list of JC tags you want a host or a group of hosts to be part of

  • 'tag_one'
  • 'tag_two'

jumpcloud_displayName

Default: `{{ inventory_hostname }}``

jumpcloud_allowPublicKeyAuthentication

Default: 'true' This value must be contained in single quotes "'"

jumpcloud_allowSshPasswordAuthentication

Default: 'true' This value must be contained in single quotes "'"

jumpcloud_allowSshRootLogin

Default: 'true' This value must be contained in single quotes "'"

jumpcloud_allowMultiFactorAuthentication

Default: 'false' This value must be contained in single quotes "'"

Example Playbook

---
- hosts: production
  roles:
     - { role: inviqa.jumpcloud, jumpcloud_x_connect_key: 'abcdef012234343' }
  vars:
    jumpcloud_tags:
      - 'tag_one'
      - 'tag_two'
    jumpcloud_displayName: "a new displayName"
    jumpcloud_allowPublicKeyAuthentication: 'true'
    jumpcloud_allowSshPasswordAuthentication: 'false'
    jumpcloud_allowSshRootLogin: 'true'
    jumpcloud_allowMultiFactorAuthentication: 'false'
...

License

MIT

Author Information

Author Marco Massari Calderone at Inviq UK Ltd

Inspired by Barney Hanlon's Galaxy role ansible-jumpcloud