diff options
| author | luisgulo <luisgulo@gmail.com> | 2025-10-24 18:01:10 +0200 |
|---|---|---|
| committer | luisgulo <luisgulo@gmail.com> | 2025-10-24 18:01:10 +0200 |
| commit | 533e79ba959143f0459431a486bfb85c56c72ddc (patch) | |
| tree | 91974de1bbbdc4c51c76ed591fc5c6e02a3342b6 /examples | |
| parent | 45019c81cfd0fc1d18dce18cdfd5f127c6d61073 (diff) | |
Releasing code version 1.8.0
Diffstat (limited to 'examples')
70 files changed, 936 insertions, 0 deletions
diff --git a/examples/api.yaml b/examples/api.yaml new file mode 100644 index 0000000..057dd22 --- /dev/null +++ b/examples/api.yaml @@ -0,0 +1,9 @@ +tasks: + - name: Crear producto de prueba + module: api + args: + method: post + url: https://fakestoreapi.com/products + body: '{"title":"Producto ShFlow","price":99.99,"description":"Generado desde módulo api.sh","image":"https://example.com/img.png","category":"electronics"}' + parse: json + diff --git a/examples/api_body_test.yaml b/examples/api_body_test.yaml new file mode 100644 index 0000000..fe0578f --- /dev/null +++ b/examples/api_body_test.yaml @@ -0,0 +1,62 @@ +tasks: + - name: POST simple con campos planos + module: api + args: + method: post + url: https://reqres.in/api/users + body: | + {"name":"Luis","job":"ShFlow tester"} + headers: x-api-key:reqres-free-v1,Content-Type:application/json + parse: json + + - name: POST con estructura anidada + module: api + args: + method: post + url: https://httpbin.org/post + body: | + { + "title": "Test", + "tags": ["bash", "api", "flow"], + "meta": { + "author": "Luis", + "version": "1.0" + } + } + headers: Content-Type:application/json + parse: json + + - name: POST con cuerpo vacío + module: api + args: + method: post + url: https://httpbin.org/post + body: "" + headers: Content-Type:application/json + parse: json + + - name: POST con caracteres especiales + module: api + args: + method: post + url: https://httpbin.org/post + body: | + {"mensaje":"¡Hola desde ShFlow! 🎉 Ñandú con tilde y ñ"} + headers: Content-Type:application/json + parse: json + + - name: POST con array de objetos + module: api + args: + method: post + url: https://httpbin.org/post + body: | + { + "usuarios": [ + {"nombre": "Luis", "rol": "admin"}, + {"nombre": "Ana", "rol": "tester"} + ] + } + headers: Content-Type:application/json + parse: json + diff --git a/examples/api_get-json.yaml b/examples/api_get-json.yaml new file mode 100644 index 0000000..eb3619c --- /dev/null +++ b/examples/api_get-json.yaml @@ -0,0 +1,7 @@ +tasks: + - name: Obtener producto fake + module: api + args: + method: get + url: https://fakestoreapi.com/products/1 + parse: json diff --git a/examples/api_post-json.yaml b/examples/api_post-json.yaml new file mode 100644 index 0000000..20710dd --- /dev/null +++ b/examples/api_post-json.yaml @@ -0,0 +1,8 @@ +- name: Crear usuario + module: api + args: + method: post + url: https://api.example.com/users + headers: Content-Type:application/json + body: '{"name":"Luis","role":"admin"}' + parse: json diff --git a/examples/api_post.yaml b/examples/api_post.yaml new file mode 100644 index 0000000..87c640d --- /dev/null +++ b/examples/api_post.yaml @@ -0,0 +1,10 @@ +tasks: + - name: Crear producto de prueba + module: api + args: + method: post + url: https://fakestoreapi.com/products +body: | + {"title":"Producto ShFlow","price":99.99,"description":"Generado desde módulo api.sh","image":"https://example.com/img.png","category":"electronics"} + parse: json + diff --git a/examples/api_reqres.yaml b/examples/api_reqres.yaml new file mode 100644 index 0000000..d261ff8 --- /dev/null +++ b/examples/api_reqres.yaml @@ -0,0 +1,11 @@ +tasks: + - name: Crear usuario de prueba + module: api + args: + method: post + url: https://reqres.in/api/users + body: | + {"name":"Luis","job":"ShFlow tester"} + headers: x-api-key:reqres-free-v1,Content-Type:application/json + parse: json + diff --git a/examples/api_soap-xml.yaml b/examples/api_soap-xml.yaml new file mode 100644 index 0000000..7517a65 --- /dev/null +++ b/examples/api_soap-xml.yaml @@ -0,0 +1,14 @@ +tasks: + - name: Consulta SOAP de prueba + module: api + args: + method: soap + url: http://demo1144442.mockable.io/ + headers: Content-Type:text/xml + body: | + <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> + <soapenv:Body> + <ns:getStatus xmlns:ns="http://demo1144442.mockable.io/"/> + </soapenv:Body> + </soapenv:Envelope> + parse: xml diff --git a/examples/apt-update.yaml b/examples/apt-update.yaml new file mode 100644 index 0000000..7663dcd --- /dev/null +++ b/examples/apt-update.yaml @@ -0,0 +1,13 @@ +tasks: + - name: Actualizar datos del Repo + module: run + args: + command: "apt-get -y update" + become: true + + - name: Actualizar SO + module: run + args: + command: "apt-get -y upgrade" + become: true + diff --git a/examples/archive-compress-tar.gz.yaml b/examples/archive-compress-tar.gz.yaml new file mode 100644 index 0000000..c52ab8c --- /dev/null +++ b/examples/archive-compress-tar.gz.yaml @@ -0,0 +1,9 @@ +tasks: + - name: Comprimir logs + module: archive + args: + action: compress + format: tar + files: /var/log/boot.log,/var/log/lastlog + output: /tmp/logs.tar.gz + become: true diff --git a/examples/archive-decompress-zip.yaml b/examples/archive-decompress-zip.yaml new file mode 100644 index 0000000..fa6d436 --- /dev/null +++ b/examples/archive-decompress-zip.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Descomprimir ZIP + module: archive + args: + action: decompress + format: zip + archive: /tmp/project.zip + dest: /tmp/destino/project diff --git a/examples/archive-extract-bootlog.yaml b/examples/archive-extract-bootlog.yaml new file mode 100644 index 0000000..7816a86 --- /dev/null +++ b/examples/archive-extract-bootlog.yaml @@ -0,0 +1,11 @@ +tasks: + - name: Extraer solo boot.log desde logs.tar.gz + module: archive + args: + action: extract + format: tar + archive: /tmp/logs.tar.gz + dest: /tmp/extraccion/ + files: var/log/boot.log + become: true + diff --git a/examples/archive-extract-tar.gz.yaml b/examples/archive-extract-tar.gz.yaml new file mode 100644 index 0000000..3e8863b --- /dev/null +++ b/examples/archive-extract-tar.gz.yaml @@ -0,0 +1,9 @@ +tasks: + - name: Extraer backup + module: archive + args: + action: extract + format: tar + archive: /tmp/logs.tar.gz + dest: /tmp/restore + become: true diff --git a/examples/basic_conditions.yaml b/examples/basic_conditions.yaml new file mode 100644 index 0000000..655b800 --- /dev/null +++ b/examples/basic_conditions.yaml @@ -0,0 +1,15 @@ +hosts: localhost +parallelism: false + +tasks: + - name: Pausa si el host es localhost + module: wait + args: + seconds: 1 + condition: '[ "{{ name }}" = "localhost" ]' + + - name: Pausa solo si existe el archivo /tmp/flag.txt + module: wait + args: + seconds: 2 + condition: 'test -f /tmp/flag.txt' diff --git a/examples/block-in-file.yaml b/examples/block-in-file.yaml new file mode 100644 index 0000000..2cdd7eb --- /dev/null +++ b/examples/block-in-file.yaml @@ -0,0 +1,10 @@ +- name: Añadir bloque de configuración a NGINX + module: blockinfile + args: + path: /etc/nginx/nginx.conf + block: | + server_tokens off; + keepalive_timeout 65; + marker: NGINX_CONF + backup: true + become: true diff --git a/examples/clone-and-configure.yaml b/examples/clone-and-configure.yaml new file mode 100644 index 0000000..5de2669 --- /dev/null +++ b/examples/clone-and-configure.yaml @@ -0,0 +1,24 @@ +tasks: + - name: Clonar repo de configuración + module: git + args: + action: clone + repo: "https://github.com/luisgulo/configs.git" + dest: "/opt/configs" + become: true + + - name: Copiar archivo de configuración + module: git + args: + action: fetch-file + repo: "https://github.com/luisgulo/configs.git" + branch: "main" + file_path: "nginx/nginx.conf" + dest: "/etc/nginx/nginx.conf" + become: true + + - name: Reiniciar nginx + module: run + args: + command: "systemctl restart nginx" + become: true diff --git a/examples/cron_root.yaml b/examples/cron_root.yaml new file mode 100644 index 0000000..e54f00f --- /dev/null +++ b/examples/cron_root.yaml @@ -0,0 +1,46 @@ +hosts: localhost +parallelism: false + +tasks: + - name: Crear cron ver_df cada hora + module: cron + args: + alias: ver_df + user: root + state: present + schedule: "0 * * * *" + command: "df -h > /tmp/filesize.txt" + + - name: Listar cron de root (tras creación) + module: cron + args: + user: root + state: list + + - name: Modificar cron ver_df a cada 3 horas + module: cron + args: + alias: ver_df + user: root + state: present + schedule: "0 */3 * * *" + command: "df -h > /tmp/filesize.txt" + + - name: Listar cron de root (tras modificación) + module: cron + args: + user: root + state: list + + - name: Eliminar cron ver_df + module: cron + args: + alias: ver_df + user: root + state: absent + + - name: Listar cron de root (tras eliminación) + module: cron + args: + user: root + state: list diff --git a/examples/deploy-nginx.yaml b/examples/deploy-nginx.yaml new file mode 100644 index 0000000..d2c9c31 --- /dev/null +++ b/examples/deploy-nginx.yaml @@ -0,0 +1,24 @@ +tasks: + - name: Crear directorio web + module: file + args: + path: "/var/www/html" + state: present + type: directory + mode: "0755" + become: true + + - name: Ejecutar contenedor nginx + module: docker + args: + action: present + name: nginx_web + image: nginx:latest + become: true + + - name: Habilitar servicio docker + module: service + args: + name: docker + state: enable + become: true diff --git a/examples/docker_and_ldapsearch.yaml b/examples/docker_and_ldapsearch.yaml new file mode 100644 index 0000000..50cf48e --- /dev/null +++ b/examples/docker_and_ldapsearch.yaml @@ -0,0 +1,31 @@ +tasks: + - name: Lanzar contenedor LDAP + module: docker + args: + action: present + name: test-ldap + image: osixia/openldap:latest + run_args: "-p 389:389 -p 636:636 -e LDAP_ORGANISATION='Test Org' -e LDAP_DOMAIN='test.local' -e LDAP_ADMIN_PASSWORD='secreta'" + + - name: Esperar 5 segundos para que LDAP esté listo + module: wait + args: + seconds: 5 + + - name: Buscar usuarios en OpenLDAP + module: ldap_openldap + args: + state: search + server: ldap://localhost + port: 389 + base_dn: "dc=test,dc=local" + filter: "(objectClass=*)" + attributes: "cn,mail,uid" + bind_dn: "cn=admin,dc=test,dc=local" + password: "secreta" + + #- name: Eliminar LDAP + # module: docker + # args: + # action: absent + # name: test-ldap diff --git a/examples/docker_build-shflow.yaml b/examples/docker_build-shflow.yaml new file mode 100644 index 0000000..f72ebd3 --- /dev/null +++ b/examples/docker_build-shflow.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Construir imagen test-shflow desde debian:trixie + module: docker + args: + action: build + image: test-shflow + path: /tmp/shflow-build/ + become: true diff --git a/examples/docker_hello-world.yaml b/examples/docker_hello-world.yaml new file mode 100644 index 0000000..cabc9d6 --- /dev/null +++ b/examples/docker_hello-world.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Probar imagen hello-world + module: docker + args: + action: present + name: test-hello + image: hello-world + detach: false diff --git a/examples/download.yaml b/examples/download.yaml new file mode 100644 index 0000000..ce1276e --- /dev/null +++ b/examples/download.yaml @@ -0,0 +1,9 @@ +tasks: + - name: Descargar binario de servicio + module: download + args: + url: https://example.com/binario.tar.gz + dest: /tmp/manual.pdf + proxy: http://proxy.local:3128 + continue: true + become: true diff --git a/examples/echo_capture.yaml b/examples/echo_capture.yaml new file mode 100644 index 0000000..fa44030 --- /dev/null +++ b/examples/echo_capture.yaml @@ -0,0 +1,32 @@ +parallelism: false +hosts: localhost + +tasks: + - name: Ejecutar comando simple + module: run + args: + command: "ls -L /tmpAAA" + become: false + capture_log: ls_resultado + capture_err: ls_error + + - name: Mostrar capture_log con modulo echo + module: echo + args: + message: "{{ ls_resultado }}" + become: false + condition: "[ {{ ls_error }} -eq 0 ]" + + - name: Mostrar capture_err con modulo echo + module: echo + args: + message: "{{ ls_error }}" + become: false + + - name: Prueba sustitucion en modulo echo + module: echo + args: + variableA: "Texto de variable A" + variableB: "Texto de variable B" + message: "Mostramos A: {{ variableA }} y B: {{ variableB }}" + become: false diff --git a/examples/euvd_check.yaml b/examples/euvd_check.yaml new file mode 100644 index 0000000..5a52dc4 --- /dev/null +++ b/examples/euvd_check.yaml @@ -0,0 +1,17 @@ +hosts: servidor_pruebas +tasks: + - name: Verificar vulnerabilidad openssl EUVD + module: euvd_check + args: + state: check + enisa_id: EUVD-2025-31120 + package: openssl + become: true + + - name: Verificar vulnerabilidad sudo EUVD + module: euvd_check + args: + state: check + enisa_id: EUVD-2025-19673 + package: sudo + become: true diff --git a/examples/facts_key-value.yaml b/examples/facts_key-value.yaml new file mode 100644 index 0000000..8e18977 --- /dev/null +++ b/examples/facts_key-value.yaml @@ -0,0 +1,6 @@ +tasks: + - name: IPs del host + module: facts + args: + field: ip_addresses + format: kv diff --git a/examples/facts_markdown.yaml b/examples/facts_markdown.yaml new file mode 100644 index 0000000..83bd82f --- /dev/null +++ b/examples/facts_markdown.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Inventario de servidores + module: facts + args: + format: md + output: /tmp/informe.md + append: true + host_label: servidor-01 diff --git a/examples/file_read_apache-config.yaml b/examples/file_read_apache-config.yaml new file mode 100644 index 0000000..d402c51 --- /dev/null +++ b/examples/file_read_apache-config.yaml @@ -0,0 +1,10 @@ +hosts: localhost +parallelism: false + +tasks: + - name: Leer configuración de Apache sin comentarios + module: file_read + args: + path: "/etc/apache2/apache2.conf" + grep: "^[^#]" + become: true diff --git a/examples/fs-copy.yaml b/examples/fs-copy.yaml new file mode 100644 index 0000000..83dffbd --- /dev/null +++ b/examples/fs-copy.yaml @@ -0,0 +1,6 @@ +- name: Copiar config + module: fs + args: + action: copy + src: /etc/nginx/nginx.conf + dest: /tmp/nginx.conf.bak diff --git a/examples/fs-delete-multiple.yaml b/examples/fs-delete-multiple.yaml new file mode 100644 index 0000000..37d90b7 --- /dev/null +++ b/examples/fs-delete-multiple.yaml @@ -0,0 +1,5 @@ +- name: Eliminar temporales + module: fs + args: + action: delete + files: /tmp/debug.log,/tmp/test.out diff --git a/examples/fs-delete.yaml b/examples/fs-delete.yaml new file mode 100644 index 0000000..48bc035 --- /dev/null +++ b/examples/fs-delete.yaml @@ -0,0 +1,5 @@ +- name: Eliminar temporal + module: fs + args: + action: delete + path: /tmp/debug.log diff --git a/examples/fs-move-multiple.yaml b/examples/fs-move-multiple.yaml new file mode 100644 index 0000000..45c09f0 --- /dev/null +++ b/examples/fs-move-multiple.yaml @@ -0,0 +1,6 @@ +- name: Mover logs antiguos + module: fs + args: + action: move + files: /var/log/app1.log,/var/log/app2.log + dest: /tmp/logs diff --git a/examples/fs-move.yaml b/examples/fs-move.yaml new file mode 100644 index 0000000..34144dd --- /dev/null +++ b/examples/fs-move.yaml @@ -0,0 +1,6 @@ +- name: Mover log + module: fs + args: + action: move + src: /var/log/app.log + dest: /tmp/app.log diff --git a/examples/fs-rename.yaml b/examples/fs-rename.yaml new file mode 100644 index 0000000..ef5eb20 --- /dev/null +++ b/examples/fs-rename.yaml @@ -0,0 +1,6 @@ +- name: Renombrar backup + module: fs + args: + action: rename + src: /home/user/backup.tar.gz + dest: /home/user/backup_old.tar.gz diff --git a/examples/fs-truncate-multiple.yaml b/examples/fs-truncate-multiple.yaml new file mode 100644 index 0000000..033418f --- /dev/null +++ b/examples/fs-truncate-multiple.yaml @@ -0,0 +1,5 @@ +- name: Vaciar logs + module: fs + args: + action: truncate + files: /var/log/app1.log,/var/log/app2.log diff --git a/examples/fs-truncate.yaml b/examples/fs-truncate.yaml new file mode 100644 index 0000000..986b8b9 --- /dev/null +++ b/examples/fs-truncate.yaml @@ -0,0 +1,5 @@ +- name: Vaciar log + module: fs + args: + action: truncate + path: /var/log/app.log diff --git a/examples/full-stack.yaml b/examples/full-stack.yaml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/full-stack.yaml diff --git a/examples/groups_minimal.yaml b/examples/groups_minimal.yaml new file mode 100644 index 0000000..882ad61 --- /dev/null +++ b/examples/groups_minimal.yaml @@ -0,0 +1,6 @@ +tasks: + - name: Crear grupo de servicio + module: groups + args: + groupname: servicio + become: true diff --git a/examples/install-tools.yaml b/examples/install-tools.yaml new file mode 100644 index 0000000..98d4ecf --- /dev/null +++ b/examples/install-tools.yaml @@ -0,0 +1,14 @@ +tasks: + - name: Instalar curl + module: package + args: + name: curl + state: present + become: true + + - name: Instalar vim + module: package + args: + name: vim + state: present + become: true diff --git a/examples/ldap_search.yaml b/examples/ldap_search.yaml new file mode 100644 index 0000000..11d3bab --- /dev/null +++ b/examples/ldap_search.yaml @@ -0,0 +1,24 @@ +tasks: + - name: Buscar usuarios en OpenLDAP + module: ldap_openldap + args: + state: search + server: ldap://ldap.example.com + port: 389 + base_dn: "dc=example,dc=com" + filter: "(objectClass=person)" + attributes: "cn,mail,uid" + bind_dn: "cn=admin,dc=example,dc=com" + password: "secreta" + + - name: Buscar usuarios en Active Directory + module: ldap_ad + args: + state: search + server: ldap://ad.example.local + port: 389 + base_dn: "dc=example,dc=local" + filter: "(sAMAccountName=luisgulo)" + attributes: "cn,mail,sAMAccountName" + bind_dn: "CN=Administrador,CN=Users,DC=example,DC=local" + password: "secreta" diff --git a/examples/line-in-file.yaml b/examples/line-in-file.yaml new file mode 100644 index 0000000..3a874ba --- /dev/null +++ b/examples/line-in-file.yaml @@ -0,0 +1,8 @@ +- name: Asegurar configuración de NGINX + module: lineinfile + args: + path: /etc/nginx/nginx.conf + line: 'client_max_body_size 20M;' + regexp: '^client_max_body_size' + backup: true + become: true diff --git a/examples/log-shflow.yaml b/examples/log-shflow.yaml new file mode 100644 index 0000000..0166271 --- /dev/null +++ b/examples/log-shflow.yaml @@ -0,0 +1,15 @@ +tasks: + - name: Crear directorio temporal + module: file + args: + path: "/tmp/shflow" + state: present + type: directory + mode: "0755" + become: true + + - name: Mostrar fecha en remoto + module: run + args: + command: "date" + become: false diff --git a/examples/lookup_password.yaml b/examples/lookup_password.yaml new file mode 100644 index 0000000..eb5e3b8 --- /dev/null +++ b/examples/lookup_password.yaml @@ -0,0 +1,18 @@ +hosts: localhost +parallelism: false + +# Nota: Crear clave con: shflow-vault add smtp_pass +vars: + clave_email: "{{ vault('smtp_pass') }}" + +tasks: + - name: Mostrar clave recogida del vault + module: echo + args: + message: "🔐 Secreto descifrado: {{ clave_email }}" + + - name: Mostrar valor directamente desde el vault + module: echo + args: + message: "Valor directo del vault: {{ vault('smtp_pass') }}" + diff --git a/examples/loop.yaml b/examples/loop.yaml new file mode 100644 index 0000000..474eb38 --- /dev/null +++ b/examples/loop.yaml @@ -0,0 +1,9 @@ +- name: Crear usuarios + module: loop + args: + items: alice,bob,carol + module: useradd + args: + name: {{item}} + shell: /bin/bash + become: true diff --git a/examples/loop_cartesian-values.yaml b/examples/loop_cartesian-values.yaml new file mode 100644 index 0000000..bfb2c4b --- /dev/null +++ b/examples/loop_cartesian-values.yaml @@ -0,0 +1,9 @@ +- name: Asignar permisos cruzados + module: loop + args: + items: alice,bob + secondary: read,write + module: permission + args: + user: {{item}} + mode: {{secondary_item}} diff --git a/examples/loop_fail-fast.yaml b/examples/loop_fail-fast.yaml new file mode 100644 index 0000000..200f1ca --- /dev/null +++ b/examples/loop_fail-fast.yaml @@ -0,0 +1,10 @@ +- name: Crear usuarios sin detenerse ante errores + module: loop + args: + items: alice,bob,carol + module: useradd + fail_fast: false + args: + name: {{item}} + shell: /bin/bash + become: true diff --git a/examples/loop_key-value.yaml b/examples/loop_key-value.yaml new file mode 100644 index 0000000..d1d54de --- /dev/null +++ b/examples/loop_key-value.yaml @@ -0,0 +1,10 @@ +- name: Asignar usuarios a grupos + module: loop + args: + items: alice:sudo,bob:docker,carol:admin + module: useradd + args: + name: {{item_key}} + groups: {{item_value}} + shell: /bin/bash + become: true diff --git a/examples/loop_matrix.yaml b/examples/loop_matrix.yaml new file mode 100644 index 0000000..35253db --- /dev/null +++ b/examples/loop_matrix.yaml @@ -0,0 +1,14 @@ +hosts: localhost +parallelism: false + +tasks: + - name: Probar conectividad entre múltiples orígenes y destinos + module: loop + args: + items: "equipo1:192.168.1.1,equipo2:10.0.0.1" + secondary: "8.8.8.8,1.1.1.1" + module: ping + count: 2 + timeout: 3 + target: "{{secondary_item}}" + become: true diff --git a/examples/ls.yaml b/examples/ls.yaml new file mode 100644 index 0000000..e9ba61e --- /dev/null +++ b/examples/ls.yaml @@ -0,0 +1,13 @@ +tasks: + - name: Listar directorios tmp + module: run + args: + command: "ls -l /tmp" + become: false + + - name: Listar directorios /root + module: run + args: + command: "ls -l /root" + become: true + diff --git a/examples/minimal.yaml b/examples/minimal.yaml new file mode 100644 index 0000000..fb04e0f --- /dev/null +++ b/examples/minimal.yaml @@ -0,0 +1,15 @@ +tasks: + - name: Crear directorio de logs + module: file + args: + path: "/var/log/shflow" + state: present + type: directory + mode: "0755" + become: true + + - name: Mostrar fecha en remoto + module: run + args: + command: "date" + become: false diff --git a/examples/openssl_autogen.yaml b/examples/openssl_autogen.yaml new file mode 100644 index 0000000..8c02e70 --- /dev/null +++ b/examples/openssl_autogen.yaml @@ -0,0 +1,46 @@ +hosts: localhost +parallelism: false + +tasks: + - name: Generar certificado autofirmado en /tmp + module: run + args: + command: | + openssl req -x509 -newkey rsa:2048 -keyout /tmp/test.key -out /tmp/test.crt \ + -days 365 -nodes -subj "/CN=example.com" && \ + openssl pkcs12 -export -out /tmp/certificado.pfx \ + -inkey /tmp/test.key -in /tmp/test.crt \ + -name "Certificado de Prueba" -password pass:secreta + become: false + + - name: Convertir PFX a PEM + module: openssl + args: + state: convert + src: /tmp/certificado.pfx + dest: /tmp/certificado.pem + format: pem + password: "secreta" + + - name: Inspeccionar certificado convertido + module: openssl + args: + state: inspect + src: /tmp/certificado.pem + + - name: Instalar certificado como CA confiable + module: openssl + args: + state: trust + src: /tmp/certificado.pem + alias: mi_certificado + trust_path: /usr/local/share/ca-certificates/ + become: true + + - name: Eliminar certificado como CA + module: openssl + args: + state: untrust + alias: mi_certificado + trust_path: /usr/local/share/ca-certificates/ + become: true diff --git a/examples/ping.yaml b/examples/ping.yaml new file mode 100644 index 0000000..b541256 --- /dev/null +++ b/examples/ping.yaml @@ -0,0 +1,7 @@ +tasks: + - name: Verificar conectividad con servidor + module: ping + args: + count: 3 + timeout: 5 + become: false diff --git a/examples/remote-ping.yaml b/examples/remote-ping.yaml new file mode 100644 index 0000000..075c628 --- /dev/null +++ b/examples/remote-ping.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Verificar acceso a gateway desde web01 + module: ping + args: + target: 192.168.1.12 + count: 4 + timeout: 5 + become: true diff --git a/examples/remote_user.yaml b/examples/remote_user.yaml new file mode 100644 index 0000000..ffda478 --- /dev/null +++ b/examples/remote_user.yaml @@ -0,0 +1,9 @@ +vars: + remote_user: other + +tasks: + - name: listar directorio de root desde el usuario "other" que tiene sudo + module: run + args: + command: "ls -l /root" + become: true diff --git a/examples/replace-string.yaml b/examples/replace-string.yaml new file mode 100644 index 0000000..97f8c9e --- /dev/null +++ b/examples/replace-string.yaml @@ -0,0 +1,8 @@ +- name: Reemplazar puerto en archivo de configuración + module: replace + args: + path: /etc/nginx/sites-available/default + regexp: 'listen\s+80' + replace: 'listen 8080' + backup: true + become: true diff --git a/examples/smtp_send_test.yaml b/examples/smtp_send_test.yaml new file mode 100644 index 0000000..7c350f1 --- /dev/null +++ b/examples/smtp_send_test.yaml @@ -0,0 +1,12 @@ +tasks: + - name: Enviar correo de prueba + module: smtp_send + args: + smtp_server: smtp.example.com + smtp_port: 587 + smtp_user: usuario@example.com + smtp_pass: ClaveSuperSecreta123 + from: usuario@example.com + to: destino@correo.com + subject: Prueba desde ShFlow + body: Este es un correo de prueba enviado desde el módulo smtp_send. diff --git a/examples/template.yaml b/examples/template.yaml new file mode 100644 index 0000000..99d7fb2 --- /dev/null +++ b/examples/template.yaml @@ -0,0 +1,8 @@ +- name: Generar configuración de NGINX + module: template + args: + src: nginx.conf.tmpl + dest: /etc/nginx/nginx.conf + port: 8080 + user: www-data + become: true diff --git a/examples/update_datetime.yaml b/examples/update_datetime.yaml new file mode 100644 index 0000000..3dde6a1 --- /dev/null +++ b/examples/update_datetime.yaml @@ -0,0 +1,43 @@ +parallelism: false + +tasks: + - name: Verificar disponibilidad de chronyc + module: run + args: + command: "command -v chronyc >/dev/null" + capture_err: chrony_err + + - name: Abortar si chronyc no está disponible + module: run + args: + command: "echo '{{ chrony_err }}' | grep -q '1' && echo '❌ Chrony no está instalado. No se puede ajustar la hora.' && exit 1 || true" + + - name: Sincronizar hora con Chrony + module: run + args: + command: "chronyc -a makestep" + become: true + capture_log: sync_result + capture_err: sync_err + + - name: Mostrar valores de sincronizacion + module: echo + args: + message: "Cod.Err: {{ sync_err }} - {{ sync_result }}" + + - name: Validar sincronización + module: run + args: + command: "echo '{{ sync_result }}' | grep -q '200 OK' && echo '✅ Hora sincronizada correctamente' || echo '❌ Fallo en sincronización'" + + + - name: Verificar estado del reloj + module: run + args: + command: "timedatectl status" + + - name: ls en root + module: run + args: + command: "ls -l /root" + become: true diff --git a/examples/update_so.yaml b/examples/update_so.yaml new file mode 100644 index 0000000..5ed8432 --- /dev/null +++ b/examples/update_so.yaml @@ -0,0 +1,10 @@ +parallelism: false + +tasks: + - name: Actualizar sistema completo + module: package + args: + state: system-update + update_type: full + become: true + diff --git a/examples/update_so_security.yaml b/examples/update_so_security.yaml new file mode 100644 index 0000000..09c0054 --- /dev/null +++ b/examples/update_so_security.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Aplicar parches de seguridad (solo RPM) + module: package + args: + state: system-update + update_type: security + become: true + diff --git a/examples/user_create.yaml b/examples/user_create.yaml new file mode 100644 index 0000000..e0bf6be --- /dev/null +++ b/examples/user_create.yaml @@ -0,0 +1,12 @@ +hosts: localhost +parallelism: false +tasks: + - name: Crear usuario de servicio + module: users + args: + state: create + username: servicio + home: /home/servicio + groups: docker + shell: /usr/sbin/nologin + become: true
\ No newline at end of file diff --git a/examples/user_delete.yaml b/examples/user_delete.yaml new file mode 100644 index 0000000..db5cc19 --- /dev/null +++ b/examples/user_delete.yaml @@ -0,0 +1,12 @@ +hosts: localhost +parallelism: false +tasks: + - name: Eliminar usuario de servicio + module: users + args: + state: absent + username: servicio + home: /home/servicio + groups: docker + shell: /bin/bash + become: true diff --git a/examples/user_modify.yaml b/examples/user_modify.yaml new file mode 100644 index 0000000..35e629c --- /dev/null +++ b/examples/user_modify.yaml @@ -0,0 +1,12 @@ +hosts: localhost +parallelism: false +tasks: + - name: Modificar shell de servicio + module: users + args: + state: modify + username: servicio + home: /home/servicio + groups: docker + shell: /bin/bash + become: true diff --git a/examples/user_test.yaml b/examples/user_test.yaml new file mode 100644 index 0000000..77d278e --- /dev/null +++ b/examples/user_test.yaml @@ -0,0 +1,32 @@ +hosts: localhost +parallelism: false +tasks: + - name: Crear usuario de servicio + module: users + args: + state: create + username: servicio + home: /home/servicio + groups: docker + shell: /usr/sbin/nologin + become: true + + - name: Modificar shell de servicio + module: users + args: + state: modify + username: servicio + home: /home/servicio + groups: docker + shell: /bin/bash + become: true + + - name: Eliminar usuario de servicio + module: users + args: + state: absent + username: servicio + home: /home/servicio + groups: docker + shell: /bin/bash + become: true diff --git a/examples/useradd.yaml b/examples/useradd.yaml new file mode 100644 index 0000000..0f86ba3 --- /dev/null +++ b/examples/useradd.yaml @@ -0,0 +1,8 @@ +- name: Crear usuario técnico + module: useradd + args: + name: devops + shell: /bin/bash + home: /srv/devops + groups: sudo,docker + become: true diff --git a/examples/vault-demo.yaml b/examples/vault-demo.yaml new file mode 100644 index 0000000..44d3860 --- /dev/null +++ b/examples/vault-demo.yaml @@ -0,0 +1,7 @@ +tasks: + - name: Acceder a API con token seguro + module: run + args: + command: "curl -H \"Authorization: Bearer \$TOKEN\" https://api.example.com/status" + vault_key: "api_token" + become: false diff --git a/examples/vault-sync.yaml b/examples/vault-sync.yaml new file mode 100644 index 0000000..6335379 --- /dev/null +++ b/examples/vault-sync.yaml @@ -0,0 +1,23 @@ +tasks: + - name: Enviar secreto 'api_token' al host remoto + module: vault-remote + args: + action: push + key: api_token + remote_path: "/etc/shflow/vault" + become: true + + - name: Recuperar secreto 'db_password' desde el host remoto + module: vault-remote + args: + action: pull + key: db_password + remote_path: "/etc/shflow/vault" + become: true + + - name: Sincronizar todos los secretos locales al host remoto + module: vault-remote + args: + action: sync + remote_path: "/etc/shflow/vault" + become: true diff --git a/examples/wait.yaml b/examples/wait.yaml new file mode 100644 index 0000000..87c9bb4 --- /dev/null +++ b/examples/wait.yaml @@ -0,0 +1,5 @@ +tasks: + - name: Pausa breve + module: wait + args: + seconds: 1.5 diff --git a/examples/winremote_check_test.yaml b/examples/winremote_check_test.yaml new file mode 100644 index 0000000..518e73d --- /dev/null +++ b/examples/winremote_check_test.yaml @@ -0,0 +1,11 @@ +# Playbook: winremote_check_test.yml +# Descripción: Verifica acceso remoto a un equipo Windows mediante SSH y ejecución de PowerShell +# Autor: Luis GuLo + +tasks: + - name: Verificar acceso remoto a Windows + module: winremote_check + args: + winuser: guillermo + winpassword: "{{ vault('winpass') }}" + port: 2222 diff --git a/examples/winremote_detect.yaml b/examples/winremote_detect.yaml new file mode 100644 index 0000000..4eca690 --- /dev/null +++ b/examples/winremote_detect.yaml @@ -0,0 +1,8 @@ +tasks: + - name: Detectar protocolos remotos en equipo Windows + module: winremote_detect + args: + ssh_port: 22 + winrm_port: 5985 + + diff --git a/examples/winremote_exec.yaml b/examples/winremote_exec.yaml new file mode 100644 index 0000000..967f122 --- /dev/null +++ b/examples/winremote_exec.yaml @@ -0,0 +1,10 @@ +tasks: + + - name: Ejecutar comando remoto en Windows vía SSH + module: winremote_exec + args: + winuser: guillermo + winpassword: puertas + port: 2222 + #command: "Get-Process | Where-Object {$_.CPU -gt 1}" + command: "whoami" diff --git a/examples/winremote_exec_winrm.yml b/examples/winremote_exec_winrm.yml new file mode 100644 index 0000000..28e6afb --- /dev/null +++ b/examples/winremote_exec_winrm.yml @@ -0,0 +1,9 @@ +tasks: + + - name: Ejecutar comando remoto en Windows vía WinRM (WS-Manager) + module: winremote_exec_winrm + args: + winuser: guillermo + winpassword: puertas + command: "cmd.exe /c echo hola > C:\\salida.txt" + |