Setting Up Ubuntu Desktop Using Ansible: Part 2

Jul 16, 2022, by Rovshan Mirza

If you haven't created Ubuntu Desktop VM and installed Ansible yet, then go to Part 1 and complete the initial steps.

Note: I'm going to call Linux directories as folders here. Basically, they are the same. Folder and folders are just easier to say and write than directory and directories, unless there is a "directive" :).

Do you recall that we mounted a shared folder to our Ubuntu VM in Part 1? Now we are going to create Ansible Playbooks in it. It's always a good idea to keep Ansible Playbooks outside of your Ubuntu VM, in case the system fails and you lose access to the files. Besides, you may want a single location for all config files, which ideally you should always backup.

1. Create Ansible Playbook

In this part of the project, we will create 2 easy tasks to do the following.

  • Add user to sudoers for elevated privileges.
  • Install some apt packages.

So, let's start building the project.

  1. Boot into your Ubuntu VM.
  2. Create ansible-desktop project folder in the shared folder we created earlier.
  3. Open ansible-desktop in VS Code or any other text editor.
  4. Create below file and folder structure in it.
ansible-desktop
│   local1.yml
│   ansible.cfg
│   inventory

└───tasks
    │   update_users.yml
    │   install_apt_packages.yml
  • ansible-desktop and tasks are folders, the rest are files.

Update ansible.cfg file

Add below code inside the file. This defines inventory file name, which is also called inventory.

[defaults]
inventory = inventory

Update inventory file

Add below code inside the file. Here we tell Ansible that we want to run playbooks locally. No need for remote Ansible server or Github repository. Isn't it cool?

[local]
localhost ansible_connection=local

Update local1.yml file

This is our Ansible Playbook file. You can name the file whatever you want, but I added a number in the end in case I create multiple playbooks in the future. Also, I hope that you are familiar with YAML language, which is pretty easy to understand. The most important thing in YAML file is to keep indentations consistent.

Now, add below code inside local1.yml.

---

- hosts: localhost
  connection: local
  become: true

  tasks:
    - include_tasks: tasks/update_users.yml
    - include_tasks: tasks/install_apt_packages.yml
  • hosts and connection values are what we defined in inventory file above.
  • become:true means that Ansible will run as sudo.
  • include_tasks is used to import task files inside tasks folder.

Update update_users.yml file

In this file, I would add any operations related to provisioning, updating and deleting users. So, let's add our Ubuntu user to sudoers. And, don't forget to update the username, if you chose a different one.

- name: Add user to sudoers
  lineinfile:
    path: /etc/sudoers.d/walle
    line: 'walle ALL=(ALL) NOPASSWD: ALL'
    state: present
    mode: 0440
    create: yes
    validate: 'visudo -cf %s'
  • name is the task name. This will be displayed in Terminal when you run the playbook, so a short description will work.
  • lineinfile is one of many useful Ansible modules. It will create or update specified file in path with a line of content. Since there is no file named walle inside /etc/sudoers.d folder, it will create it and then add walle ALL=(ALL) NOPASSWD: ALL line into it, which will give sudo power to our user and won't ask for password when used with sudo.
  • mode is permission settings for the file.
  • validate: 'visudo -cf %s' is used to validate for errors to avoid losing access to Linux.

Update install_apt_packages.yml file

Add below code inside the file. This will install several apt packages, like curl, wget and etc.

- name: Install apt packages
  apt:
    name:
      - curl
      - wget
      - ubuntu-restricted-extras
      - ubuntu-restricted-addons
      - libdvd-pkg
      - vlc
      - python3-pip
  • apt is another Ansible module, which uses Debian package manager, apt.

2. Run Ansible Playbook

Now we are ready to run our Ansible Playbook, local1.yml. Simply execute below command inside ansible-desktop folder in Terminal and watch the output. You will be prompted for sudo password. It won't ask you to enter password next time you run a command with sudo, because Ansible will be adding sudoers file for the user now.

sudo ansible-playbook local1.yml

You should see below output when it's completed.

Green output means Ansible verified that no change is to be made or it gathered some information from the machine. Orange means Ansible made some changes. If you run the same playbook again, it should only display green (ok) outputs, unless there was an error before.

Tip: If you want to see what is happening behind the scene or get details of an error for troubleshooting purposes, you can add -v, -vv, -vvv or -vvvv at the end of the command. The more v's, the more details you will get in the output.

Congratualtions!!! You've just created and executed your first Ansible Playbook. I hope you can see how Ansible can be used to automate a lot things in setting up a Linux workstation or server.

Stay tuned for new parts where I will be adding more tasks to provision our Ubuntu Desktop VM.