Deploying the Linux WAPT Agent with Ansible

To avoid mistakes and automate your WAPT agents deployment on Linux, we provide Ansible roles for installing WAPT agents on:

  • Debian logo

  • Ubuntu logo

  • Red Hat / CentOS logo

You can explore the role source code by visiting this link on Github.

Requirements

  • Debian Linux or CentOS hosts;

  • a sudoers user on these hosts;

  • Ansible 2.8;

Installing the Ansible role

  • install tranquilit.waptagent Ansible role;

    ansible-galaxy install tranquilit.waptagent
    
  • to install the role elsewhere, use the -p subcommand like this;

    ansible-galaxy install tranquilit.waptagent -p /path/to/role/directory/
    

Using the Ansible role

  • ensure you have a working ssh key deployed on your hosts, if not you can generate and copy one like below;

    ssh-keygen -t ed25519
    ssh-copy-id -i id_ed25519.pub user@computer1.mydomain.lan
    ssh user@computer1.mydomain.lan -i id_ed25519.pub
    
  • edit Ansible hosts inventory ( ./hosts ) and add the Linux hosts;

    [computers]
    computer1.mydomain.lan ansible_host=192.168.1.50
    computer1.mydomain.lan ansible_host=192.168.1.60
    
  • create a playbook with the following content in ./playbooks/deploywaptagent.yml;

    - hosts: computers
      roles:
        - { role: tranquilit.waptagent }
    
  • ensure all variables are correctly set (see wapt-get.ini variables);

    • wapt_server_url;

    • wapt_repo_url;

    • wapt_crt;

Important

Variables configuration is important as it will configure the behavior of the WAPT.

You must replace the default certificate with your Code-Signing public certificate.

  • run your playbook with the following command;

ansible-playbook -i ./hosts ./playbooks/deploywaptagent.yml -u user --become --become-method=sudo -K

Clapping hands Congratulations, you have installed your WAPT agent on your Linux hosts!

Role variables

Available variables are listed below, along with default values (see defaults/main.yml).

WAPT agent variables

  • version of WAPT that will be installed from WAPT Deb/RPM repository;

wapt_version: "1.8"
  • version of CentOS used for RPM repository address;

centos_version: "centos7"

wapt-get.ini variables

The wapt_server_url parameter points to your WAPT server and is used by default for the wapt_repo_url.

wapt_server_url: "https://srvwapt.mydomain.lan"
wapt_repo_url: "{{ wapt_server_url }}/wapt/"

You can override it like so:

wapt_server_url: "https://wapt.landomain.lan"
wapt_repo_url: "https://wapt.otherdomain.com/wapt/"

Certificate filename located in files/ subdirectory of the role:

wapt_crt: "wapt_ca.crt"

Example Ansible playbook

Here is an example of an Ansible playbook.

- hosts: hosts
  vars_files:
    - vars/main.yml
  roles:
    - tranquilit.waptagent