2025-04-09 17:00:13 <@pboy:fedora.im> !startmeeting fedora-server 
2025-04-09 17:00:14 <@meetbot:fedora.im> Meeting started at 2025-04-09 17:00:13 UTC
2025-04-09 17:00:15 <@meetbot:fedora.im> The Meeting name is 'fedora-server '
2025-04-09 17:00:20 <@pboy:fedora.im> !topic Welcome / roll call
2025-04-09 17:00:28 <@pboy:fedora.im> As usual, let's wait a moment  for everybody to show up.
2025-04-09 17:00:28 <@pboy:fedora.im> I'll post the agenda in 2-3 minutes.
2025-04-09 17:04:19 <@jwhimpel:fedora.im> !hi
2025-04-09 17:04:21 <@zodbot:fedora.im> John Himpel (jwhimpel)
2025-04-09 17:04:31 <@pboy:fedora.im> Hi John!
2025-04-09 17:05:01 <@jwhimpel:fedora.im> Good afternoon from here.
2025-04-09 17:05:21 <@pboy:fedora.im> Yeah, good evening from Europe   :-)
2025-04-09 17:10:30 <@jwhimpel:fedora.im> Since it seems noone else is  going  be able to make it to this meeting, would you like me to work with you and get your ansible up and running?
2025-04-09 17:12:16 <@pboy:fedora.im> John, yes! I'm still unsure about the setup. I wrote a kind of Ansible setup guide as I understand various documentation. It is probably slightly different from the structure I found on pagure. See
2025-04-09 17:12:20 <@pboy:fedora.im> !link https://docs.stg.fedoraproject.org/en-US/fedora-server/services/ansible-support-intro/ 
2025-04-09 17:12:32 <@pboy:fedora.im> Maybe we can talk about that? 
2025-04-09 17:15:41 <@jwhimpel:fedora.im> Under ansible-admin directory s/b a directory named "roles".  Under "roles" s/b a directory for each role that you want to execute (nfs-server, mail-server, etc).
2025-04-09 17:17:07 <@jwhimpel:fedora.im> Under the "inventory" directory, you probably want a directory for each of the  "environments" that you wish ansible to run (production, testing, alpha, beta,....)
2025-04-09 17:20:14 <@pboy:fedora.im> Maybe, we have a term or wording problem. As I understood, Ansible provides playbooks, mostly one playbook for each service. It describes the specific action to perform,, so to speak the main proc. It uses roles, kind of sub procs or library items, that describe / perporm general properties of a service. E.g. you may have a mailservide playbook, that uses a prostfix role and a dovecot role to perform standard tasts, as the specification of a certificate, or the hostname.  
2025-04-09 17:22:17 <@jwhimpel:fedora.im> Playbooks for the most part are used for fairly simple things.  They are best used for either  execution of a single command line or for a very simple role with only one or two tasks and very few variables.
2025-04-09 17:25:26 <@jwhimpel:fedora.im> Role are for more "sophisticated requests (procedures).  They are started by using ansible-playbook command (from the command line) with a pointer to a yml file containing info about which role to execute and which hosts (clients) on which the tasks s/b executed.
2025-04-09 17:29:12 <@jwhimpel:fedora.im> A playbook might do something like "change a configuration file" or "start/stop a systemd service" on a list of hosts.  A role would do all of that plus probably worry about file/directory permissions, selinux, starting/stopping systemd services -- all in one run.
2025-04-09 17:29:51 <@pboy:fedora.im> Well, I found "Playbooks are automation blueprints, in YAML format, that Ansible uses to deploy and configure nodes in an inventory." (https://docs.ansible.com/ansible/latest/playbook_guide/index.html) And: 
2025-04-09 17:29:53 <@pboy:fedora.im> role is a collection of Ansible files, tasks, variables, and other automation content that can be reused across projects. Roles are a powerful feature that help make Ansible code more modular and scalable. 
2025-04-09 17:33:26 <@jwhimpel:fedora.im> An ansible playbook usually a shell script that calls a single yml file containing all the tasks and variables needed to define the desired state on the client.  A role has the tasks and variables (and other assorted functionality) spread out over a complete set of sub-directories.  Both playbooks and roles are started by using the ansible-playbook command.
2025-04-09 17:35:13 <@pboy:fedora.im> The Doku says: playbook in yaml format, that's not a shell script, I think. 
2025-04-09 17:35:23 <@pboy:fedora.im> But beyond the terminology, we need a “start file” for every service. Perhaps this should be easily identifiable, either directly as a file in ansible-admin, or directly under the service directory. But not further down in subdirectories.  
2025-04-09 17:38:29 <@jwhimpel:fedora.im> A shell script is needed to have ansible-playbook (a command) call a playbook file (.yml) file.  That file can completely contain the entire ansible tasks, variables, etc or that file can tell ansible-playbook to find what it needs in a sub-directory in the filesystem using the "roles" model for storing specific types of information in specific directories and files.
2025-04-09 17:38:38 <@pboy:fedora.im> I admit, I'm a fan of flat, non-redundant directory structures
2025-04-09 17:40:26 <@pboy:fedora.im> OK, then we could start with such a shell script on the ansible-admin level?
2025-04-09 17:40:38 <@jwhimpel:fedora.im> For smaller tasks, that works quite well.  But for larger efforts, the tasks, variables, roles, etc soon become inter-related.  Remember that ansible is not a procedural language, rather it is a state machine.
2025-04-09 17:41:45 <@jwhimpel:fedora.im> Yes, the shell script s/b on the ansible-admin level.  Along with the inventory and role directories.  I would also suggest at that level creating a playbook directory.
2025-04-09 17:44:02 <@jwhimpel:fedora.im> In addition to the shell script (mailservice.sh), I would also create a mailservice.yml file at the ansible-admin level (assuming execution of an ansible role).  Or you could create an mailservice.yml file (with everything that ansible needs to complete the state verification) under the ansible-admin/playbook directory.
2025-04-09 17:46:43 <@pboy:fedora.im> I think, I would prefer the latter. So we would have a mailservice.sh and the directories handlers, meta, tasks templates vars? Or a mailservice.sh script and a mailservice subdir, that contains various other dirs like meta, tasks, etc.? 
2025-04-09 17:47:07 <@pboy:fedora.im> and that structure for eachj service? 
2025-04-09 17:51:34 <@jwhimpel:fedora.im> I thought I created a document and put it in the git repo showing how I would suggest the various files be arranged and created.  I will look that up an about an hour and send it to you via email.  Also, we need to think about the placement of the configuration files for ansible itself.  Do we want the configuration files, log files, handlers, playbooks, etc stored under /etc so any user of the host can call them?  Or do we want to put them all under ${HOME} directories,, so each user can configure the ansible environment according to their own needs?
2025-04-09 17:55:26 <@pboy:fedora.im> Yes, we can proceed by email! I would really like to discuss and decide the basic structure. Regarding the configuration, I'm not sure about it. Probably it is best to provide a basic config in etc and include ~/ansible-admin/etc/config? So we have both?  I can't assess how important individual configurations are.   
2025-04-09 17:57:03 <@jwhimpel:fedora.im> I'm signing off now.  Look for followup via private email.
2025-04-09 17:57:39 <@pboy:fedora.im> jwhimpel: OK, I close now an watch my emails! Thanks for the discussion?
2025-04-09 17:57:53 <@pboy:fedora.im> !endmeeting