Latest revision as of 14:25, 4 July 2023

1 Setup Rundeck

Install Rocky Linux 9 Minimal
4vCPU
8 GB Memory
50 GB HDD

1.1 Setup Ansible

curl -L ansible.bitbull.ch | bash
ansible-galaxy collection install ansible.posix community.mysql community.general
dnf upgrade
reboot

1.2 Install Rundeck

ansible-galaxy install joe-speedboat.virt_tools joe-speedboat.rundeck joe-speedboat.mariadb

vi /etc/ansible/playbooks/install_rundeck.yml
---------------------------------
---
- hosts: localhost
  become: True
  vars:
    rundeck_install_ansible: False
    rundeck_admin_pass: ***
    mariadb_root_password: ***
    mariadb_user_password: ***
  roles:
  - role: joe-speedboat.rundeck
  - role: joe-speedboat.virt_tools
  tasks:
  - name: install firewalld
    yum:
      name: firewalld
      state: present
  - name: start firewalld
    service:
      name: firewalld
      enabled: yes
      state: started
  - name: open https port on firewalld
    firewalld:
      service: https
      permanent: true
      state: enabled
  - name: enable firewalld
    service:
      name: firewalld
      enabled: yes
      state: restarted
...
---------------------------------

chmod 600 /etc/ansible/playbooks/install_rundeck.yml
ansible-playbook /etc/ansible/playbooks/install_rundeck.yml

Now test rundeck login as admin with your WebBrowser

1.3 General settings

echo '#!/bin/sh
cp -av "$1" "$1.$(date +%Y%m%H%M%S)"
' > /usr/local/bin/backup
chmod 755 /usr/local/bin/backup

1.4 Ansible configuration

# root user
dnf -y install git wget curl rsync vim sshpass

# root user
chown -R rundeck.rundeck /etc/ansible
chmod -R u+rwX,go-rwx /etc/ansible

# rundeck user
cd /etc/ansible
sed -i 's#^inventory=.*#inventory=/etc/ansible/inventory#' /etc/ansible/ansible.cfg
rm -f hosts
mkdir -p /etc/ansible/inventory/group_vars
vim /etc/ansible/inventory/group_vars/all.yml
----------
ansible_become: True
ansible_user: deploy_rundeck_prod
----------

2 Advanced Rundeck/Ansible config

2.1 Protect vars and ssh key

# root user
dnf -y install keyutils

# we do not start this services after reboot, we do this with vault unlock
systemctl disable rundeckd nginx

vim /usr/local/sbin/init-rundeck-and-ansible.sh
----------
#!/bin/bash
echo
echo Feed the ssh private key passphrase for rundeck
echo "Hashi Vault > linuxeng_kv > application_user > ansible_vault_pw@srundeck01.domain.local"

sudo -u rundeck --login echo
echo
echo INFO: re/starting rundeck + nginx service
systemctl restart rundeckd nginx
echo
echo
echo All done
echo Now login to rundeck webUI:
echo .Test the inventory 
echo .Test AdHoc command
----------
chmod 700 /usr/local/sbin/init-rundeck-and-ansible.sh

echo '
#FEED ANSIBLE VAULT AND SSH-KEY PASSWORD after reboot
   cmd: init-rundeck-and-ansible.sh
' >> /etc/motd

# rundeck user
cd
cp -av /etc/skel/.bash* .
chown rundeck.rundeck .bash*
chmod go-rwx .bash*

echo '. $HOME/bin/vault-unlock.sh -b' >> ~/.bashrc
echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc
echo 'alias via="ansible-vault edit"' >> ~/.bashrc
echo 'alias cda="cd /etc/ansible"' >> ~/.bashrc

mkdir bin
curl https://raw.githubusercontent.com/joe-speedboat/linux.scripts/master/ansible/vault-unlock.sh > $HOME/bin/vault-unlock.sh
chown rundeck.rundeck $HOME/bin/vault-unlock.sh
chmod 700 $HOME/bin/vault-unlock.sh
sed -i "s#^.vault_password_file=.*#vault_password_file=$HOME/bin/vault-unlock.sh#" /etc/ansible/ansible.cfg

ssh-keygen -p #feed new passphrase, which is vault-pw as well
. ~/.bashrc
# feed password

# encrypt setup playbook
ansible-vault encrypt  /etc/ansible/playbooks/install_rundeck.yml
cat  /etc/ansible/playbooks/install_rundeck.yml # it is encrypted now
via  /etc/ansible/playbooks/install_rundeck.yml # you see it clear now

reboot and test unlock as mentioned in motd

3 Additional Settings

3.1 FreeIPA Inventory

# rundeck user
curl https://raw.githubusercontent.com/joe-speedboat/linux.scripts/master/ansible/ansible_dynamic_inventory_freeipa_with_vars.py > inventory/freeipa.py
chmod 700 inventory/freeipa.py
python -m pip install --user python_freeipa

echo '# FreeIPA Ansible Inventory Auth
# FreeIPA Ansible Inventory Auth
export freeipaserver=freeipa01.domain.local
export freeipauser='svc_bind_rundeck_prod'
export freeipapassword='******'
' >> $HOME/.bashrc

3.2 Rundeck FreeIPA Auth


vim /etc/rundeck/multiauth.conf
--------------------------------
multiauth {

  com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
    debug="true"
    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
    providerUrl="ldaps://freeipa01.domain.local:636 ldaps://freeipa02.domain.local:636"
    ldapsVerifyHostname="false"
    bindDn="uid=svc_bind_rundeck_prod,cn=users,cn=accounts,dc=domain,dc=local"
    bindPassword="******"
    authenticationMethod="simple"
    forceBindingLogin="true"
    userBaseDn="cn=users,cn=accounts,dc=domain,dc=local"
    userRdnAttribute="uid"
    userIdAttribute="uid"
    userPasswordAttribute="userPassword"
    userObjectClass="posixAccount"
    userLastNameAttribute="sn"
    userFirstNameAttribute="givenName"
    userEmailAttribute="mail"
    roleBaseDn="cn=groups,cn=accounts,dc=domain,dc=local"
    roleNameAttribute="cn"
    roleMemberAttribute="member"
    roleObjectClass="groupOfNames"
    cacheDurationMillis="300000"
    reportStatistics="true";

  org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
    debug="true"
    file="/etc/rundeck/realm.properties";
};
--------------------------------

chown root.rundeck /etc/rundeck/multiauth.conf
chmod 640 /etc/rundeck/multiauth.conf


vim /etc/rundeck/rundeck-config.properties
--------------------------------
rundeck.security.syncLdapUser=true
--------------------------------

vim /etc/sysconfig/rundeckd
--------------------------------
JAAS_LOGIN=true
LOGIN_MODULE=multiauth
JAAS_CONF=/etc/rundeck/multiauth.conf
--------------------------------



vim /etc/rundeck/ansibleadm.aclpolicy
-------------------------------
description: FreeIPA Rundeck Admin, all access.
context:
  project: '.*' # all projects
for:
  resource:
    - allow: '*' # allow read/create all kinds
  adhoc:
    - allow: '*' # allow read/running/killing adhoc jobs
  job: 
    - allow: '*' # allow read/write/delete/run/kill of all jobs
  node:
    - allow: '*' # allow read/run for all nodes
by:
  group: rundeckadm
---
description: FreeIPA Rundeck Admin, all access.
context:
  application: 'rundeck'
for:
  resource:
    - allow: '*' # allow create of projects
  project:
    - allow: '*' # allow view/admin of all projects
  project_acl:
    - allow: '*' # allow admin of all project-level ACL policies
  storage:
    - allow: '*' # allow read/create/update/delete for all /keys/* storage content
by:
  group: rundeckadm
-----------------------------
chown root.rundeck /etc/rundeck/ansibleadm.aclpolicy
chmod 640 /etc/rundeck/ansibleadm.aclpolicy

echo | openssl s_client -showcerts -connect freeipa01.domain.local:636 > /etc/rundeck/ssl/idm.pem
vim /etc/rundeck/ssl/idm.pem # remove comments
cp -av /etc/pki/ca-trust/extracted/java/cacerts /etc/pki/ca-trust/extracted/java/cacerts.orig
keytool -import -alias idm -file /etc/rundeck/ssl/idm.pem -keystore /etc/pki/ca-trust/extracted/java/cacerts -storepass changeit

keytool -import -alias idm -file /etc/rundeck/ssl/idm.pem -keystore /etc/rundeck/ssl/truststore -storepass adminadmin
chown rundeck.rundeck /etc/rundeck/ssl/*

3.3 Rundeck Ansible Project example

PROJECT: ansible
--------------------------------------------------------
Detail:
   Project Name: ansible
   Label: ansible_linux_ssh
Execution History Clean: 
   Enable: [X]
User Interface :
   Job Group Expansion Level: 9
Default Node Executor:
  Type: Ansible Ad-Hoc Node Executor
     Executable: /bin/bash
     Windows Executable: powershell.exe
     Ansible config file path: /etc/ansible/ansible.cfg
Default File Copier:
  Type: local
  We just use native ansible, this is not needed


PROJECT: ansible > Edit Nodes > Sources > Add
--------------------------------------------------------
Type: Ansible Resource Model Source
Ansible config file path: /etc/ansible/ansible.cfg

4 BUGS & FIXES

Error Msg: /bin/sh: /tmp/0-1-localhost-dispatch-script.tmp.sh: Permission denied

echo '
# ----------------------------------------------------------------
# CUSTOM VALUES
# ----------------------------------------------------------------
framework.file-copy-destination-dir = ~/
' >> /etc/rundeck/framework.properties

systemctl restart rundeckd

4.1 service.log not rotated

Problem: /var/log/rundeck/service.log grows and get not rotated

 cat << EOF > /etc/logrotate.d/rundeck_service
 /var/log/rundeck/service.log {
  su root root
  copytruncate
  daily
  missingok
  rotate 7
  compress
  delaycompress
  notifempty
  create 640 root adm
 }
 EOF

logrotate -fv /etc/logrotate.d/rundeck_service

4.2 gelf remote logging

https://github.com/tseeker/rundeck-gelf-plugin

$ cd /var/lib/rundeck/libext
$ wget https://raw.githubusercontent.com/tseeker/rundeck-gelf-plugin/master/GelfPlugin.groovy
$ cd /etc/rundeck

# set values as default, since (by bug) framework.properties get not honored
$ grep default /var/lib/rundeck/libext/GelfPlugin.groovy
        host defaultValue:"syslog.domain.local", required:true, description: "Hostname to connect to"
        port defaultValue:2222, required:true, description: "Port to connect to", type: 'Integer'

$ grep Gelf rundeck-config.properties
rundeck.execution.logs.streamingWriterPlugins=GelfPlugin

Difference between revisions of "Install Rundeck on RockyLinux with Ansible"

Latest revision as of 14:25, 4 July 2023

Contents

1 Setup Rundeck

1.1 Setup Ansible

1.2 Install Rundeck

1.3 General settings

1.4 Ansible configuration

2 Advanced Rundeck/Ansible config

2.1 Protect vars and ssh key

3 Additional Settings

3.1 FreeIPA Inventory

3.2 Rundeck FreeIPA Auth

3.3 Rundeck Ansible Project example

4 BUGS & FIXES

4.1 service.log not rotated

4.2 gelf remote logging

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Linux

Help

Tools

@@ Line 1: / Line 1: @@
-Install rundeck on Alma Linux 8
+=Setup Rundeck=
+* Install Rocky Linux 9 Minimal
-=HARDWARE=
+* 4vCPU
-* CPU: 2
+* 8 GB Memory
-* MEM: 4GB
+* 50 GB HDD
-* DISK: 50GB
-* INSTALL TYPE: MINIMAL
-* SELINUX: ENFORCED
-=SETUP NOTES=
 ==Setup Ansible==
-You will need this as well to integrate ansible in your rundeck env.
+  curl -L ansible.bitbull.ch | bash
-  curl -L ansible.bitbull.ch | sh
+ ansible-galaxy collection install ansible.posix community.mysql community.general
+ dnf upgrade
+ reboot
-==INSTALL ANSIBLE ROLES FOR SETUP==
+==Install Rundeck==
 <pre>
-ansible-galaxy install joe-speedboat.rundeck
+ansible-galaxy install joe-speedboat.virt_tools joe-speedboat.rundeck joe-speedboat.mariadb
-for r in /etc/ansible/roles/*/roles/requirements.yml ; do ansible-galaxy role install -r $r ; done
-for c in /etc/ansible/roles/*/collections/requirements.yml ; do ansible-galaxy collection install -r $c ; done
-</pre>
-==Prepair Rundeck Setup Playbook==
+vi /etc/ansible/playbooks/install_rundeck.yml
-<pre>
+---------------------------------
-genpasswd() {
-   local l=$1
-   [ "$l" == "" ] && l=16
-   tr -dc A-Za-z0-9_=., < /dev/urandom | head -c ${l} | xargs
-}
-echo "
 ---
 - hosts: localhost
+  become: True
+  vars:
+    rundeck_install_ansible: False
+    rundeck_admin_pass: ***
+    mariadb_root_password: ***
+    mariadb_user_password: ***
    roles:
    - role: joe-speedboat.rundeck
-   vars:
+   - role: joe-speedboat.virt_tools
-    mariadb_root_password: '$(genpasswd)'
-    mariadb_user_password: '$(genpasswd)'
-    rundeck_admin_pass: '$(genpasswd)'
    tasks:
-   - yum: name=firewalld
+   - name: install firewalld
-   - service: name=firewalld enabled=true state=started
+    yum:
-   - firewalld: service={{ item }} permanent=true immediate=true state=enabled
+      name: firewalld
-     with_items:
+      state: present
-       - http
+   - name: start firewalld
-       - https
+    service:
+      name: firewalld
+      enabled: yes
+      state: started
+   - name: open https port on firewalld
+    firewalld:
+      service: https
+      permanent: true
+      state: enabled
+  - name: enable firewalld
+     service:
+      name: firewalld
+       enabled: yes
+       state: restarted
 ...
-" > /etc/ansible/install_rundeck.yml
+---------------------------------
-chmod 600 /etc/ansible/install_rundeck.yml
+chmod 600 /etc/ansible/playbooks/install_rundeck.yml
+ansible-playbook /etc/ansible/playbooks/install_rundeck.yml
+</pre>
+* Now test rundeck login as admin with your WebBrowser
+==General settings==
+ echo '#!/bin/sh
+ cp -av "$1" "$1.$(date +%Y%m%H%M%S)"
+ ' > /usr/local/bin/backup
+ chmod 755 /usr/local/bin/backup
+==Ansible configuration==
+<pre>
+# root user
+dnf -y install git wget curl rsync vim sshpass
+# root user
+chown -R rundeck.rundeck /etc/ansible
+chmod -R u+rwX,go-rwx /etc/ansible
+# rundeck user
+cd /etc/ansible
+sed -i 's#^inventory=.*#inventory=/etc/ansible/inventory#' /etc/ansible/ansible.cfg
+rm -f hosts
+mkdir -p /etc/ansible/inventory/group_vars
+vim /etc/ansible/inventory/group_vars/all.yml
+----------
+ansible_become: True
+ansible_user: deploy_rundeck_prod
+----------
+</pre>
+=Advanced Rundeck/Ansible config=
+==Protect vars and ssh key==
+<pre>
+# root user
+dnf -y install keyutils
+# we do not start this services after reboot, we do this with vault unlock
+systemctl disable rundeckd nginx
+vim /usr/local/sbin/init-rundeck-and-ansible.sh
+----------
+#!/bin/bash
+echo
+echo Feed the ssh private key passphrase for rundeck
+echo "Hashi Vault > linuxeng_kv > application_user > ansible_vault_pw@srundeck01.domain.local"
+sudo -u rundeck --login echo
+echo
+echo INFO: re/starting rundeck + nginx service
+systemctl restart rundeckd nginx
+echo
+echo
+echo All done
+echo Now login to rundeck webUI:
+echo .Test the inventory
+echo .Test AdHoc command
+----------
+chmod 700 /usr/local/sbin/init-rundeck-and-ansible.sh
+echo '
+#FEED ANSIBLE VAULT AND SSH-KEY PASSWORD after reboot
+   cmd: init-rundeck-and-ansible.sh
+' >> /etc/motd
+# rundeck user
+cd
+cp -av /etc/skel/.bash* .
+chown rundeck.rundeck .bash*
+chmod go-rwx .bash*
+echo '. $HOME/bin/vault-unlock.sh -b' >> ~/.bashrc
+echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc
+echo 'alias via="ansible-vault edit"' >> ~/.bashrc
+echo 'alias cda="cd /etc/ansible"' >> ~/.bashrc
+mkdir bin
+curl https://raw.githubusercontent.com/joe-speedboat/linux.scripts/master/ansible/vault-unlock.sh > $HOME/bin/vault-unlock.sh
+chown rundeck.rundeck $HOME/bin/vault-unlock.sh
+chmod 700 $HOME/bin/vault-unlock.sh
+sed -i "s#^.vault_password_file=.*#vault_password_file=$HOME/bin/vault-unlock.sh#" /etc/ansible/ansible.cfg
+ssh-keygen -p #feed new passphrase, which is vault-pw as well
+. ~/.bashrc
+# feed password
+# encrypt setup playbook
+ansible-vault encrypt  /etc/ansible/playbooks/install_rundeck.yml
+cat  /etc/ansible/playbooks/install_rundeck.yml # it is encrypted now
+via  /etc/ansible/playbooks/install_rundeck.yml # you see it clear now
+</pre>
+* reboot and test unlock as mentioned in motd
+=Additional Settings=
+==FreeIPA Inventory==
+<pre>
+# rundeck user
+curl https://raw.githubusercontent.com/joe-speedboat/linux.scripts/master/ansible/ansible_dynamic_inventory_freeipa_with_vars.py > inventory/freeipa.py
+chmod 700 inventory/freeipa.py
+python -m pip install --user python_freeipa
+echo '# FreeIPA Ansible Inventory Auth
+# FreeIPA Ansible Inventory Auth
+export freeipaserver=freeipa01.domain.local
+export freeipauser='svc_bind_rundeck_prod'
+export freeipapassword='******'
+' >> $HOME/.bashrc
+</pre>
+==Rundeck FreeIPA Auth==
+<pre>
+vim /etc/rundeck/multiauth.conf
+--------------------------------
+multiauth {
+  com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
+    debug="true"
+    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
+    providerUrl="ldaps://freeipa01.domain.local:636 ldaps://freeipa02.domain.local:636"
+    ldapsVerifyHostname="false"
+    bindDn="uid=svc_bind_rundeck_prod,cn=users,cn=accounts,dc=domain,dc=local"
+    bindPassword="******"
+    authenticationMethod="simple"
+    forceBindingLogin="true"
+    userBaseDn="cn=users,cn=accounts,dc=domain,dc=local"
+    userRdnAttribute="uid"
+    userIdAttribute="uid"
+    userPasswordAttribute="userPassword"
+    userObjectClass="posixAccount"
+    userLastNameAttribute="sn"
+    userFirstNameAttribute="givenName"
+    userEmailAttribute="mail"
+    roleBaseDn="cn=groups,cn=accounts,dc=domain,dc=local"
+    roleNameAttribute="cn"
+    roleMemberAttribute="member"
+    roleObjectClass="groupOfNames"
+    cacheDurationMillis="300000"
+    reportStatistics="true";
+  org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
+    debug="true"
+    file="/etc/rundeck/realm.properties";
+};
+--------------------------------
+chown root.rundeck /etc/rundeck/multiauth.conf
+chmod 640 /etc/rundeck/multiauth.conf
+vim /etc/rundeck/rundeck-config.properties
+--------------------------------
+rundeck.security.syncLdapUser=true
+--------------------------------
+vim /etc/sysconfig/rundeckd
+--------------------------------
+JAAS_LOGIN=true
+LOGIN_MODULE=multiauth
+JAAS_CONF=/etc/rundeck/multiauth.conf
+--------------------------------
+vim /etc/rundeck/ansibleadm.aclpolicy
+-------------------------------
+description: FreeIPA Rundeck Admin, all access.
+context:
+  project: '.*' # all projects
+for:
+  resource:
+    - allow: '*' # allow read/create all kinds
+  adhoc:
+    - allow: '*' # allow read/running/killing adhoc jobs
+  job:
+    - allow: '*' # allow read/write/delete/run/kill of all jobs
+  node:
+    - allow: '*' # allow read/run for all nodes
+by:
+  group: rundeckadm
+---
+description: FreeIPA Rundeck Admin, all access.
+context:
+  application: 'rundeck'
+for:
+  resource:
+    - allow: '*' # allow create of projects
+  project:
+    - allow: '*' # allow view/admin of all projects
+  project_acl:
+    - allow: '*' # allow admin of all project-level ACL policies
+  storage:
+    - allow: '*' # allow read/create/update/delete for all /keys/* storage content
+by:
+  group: rundeckadm
+-----------------------------
+chown root.rundeck /etc/rundeck/ansibleadm.aclpolicy
+chmod 640 /etc/rundeck/ansibleadm.aclpolicy
+echo | openssl s_client -showcerts -connect freeipa01.domain.local:636 > /etc/rundeck/ssl/idm.pem
+vim /etc/rundeck/ssl/idm.pem # remove comments
+cp -av /etc/pki/ca-trust/extracted/java/cacerts /etc/pki/ca-trust/extracted/java/cacerts.orig
+keytool -import -alias idm -file /etc/rundeck/ssl/idm.pem -keystore /etc/pki/ca-trust/extracted/java/cacerts -storepass changeit
+keytool -import -alias idm -file /etc/rundeck/ssl/idm.pem -keystore /etc/rundeck/ssl/truststore -storepass adminadmin
+chown rundeck.rundeck /etc/rundeck/ssl/*
 </pre>
-==Install Rundeck==
+==Rundeck Ansible Project example==
- ansible-playbook /etc/ansible/install_rundeck.yml
+<pre>
+PROJECT: ansible
+--------------------------------------------------------
+Detail:
+   Project Name: ansible
+   Label: ansible_linux_ssh
+Execution History Clean:
+   Enable: [X]
+User Interface :
+   Job Group Expansion Level: 9
+Default Node Executor:
+  Type: Ansible Ad-Hoc Node Executor
+     Executable: /bin/bash
+     Windows Executable: powershell.exe
+     Ansible config file path: /etc/ansible/ansible.cfg
+Default File Copier:
+  Type: local
+  We just use native ansible, this is not needed
+PROJECT: ansible > Edit Nodes > Sources > Add
+--------------------------------------------------------
+Type: Ansible Resource Model Source
+Ansible config file path: /etc/ansible/ansible.cfg
+</pre>
+=BUGS & FIXES=
+* Error Msg: <tt>/bin/sh: /tmp/0-1-localhost-dispatch-script.tmp.sh: Permission denied</tt>
+<pre>
+echo '
+# ----------------------------------------------------------------
+# CUSTOM VALUES
+# ----------------------------------------------------------------
+framework.file-copy-destination-dir = ~/
+' >> /etc/rundeck/framework.properties
+systemctl restart rundeckd
+</pre>
+==service.log not rotated==
+* Problem: /var/log/rundeck/service.log grows and get not rotated
+<pre>
+ cat << EOF > /etc/logrotate.d/rundeck_service
+ /var/log/rundeck/service.log {
+  su root root
+  copytruncate
+  daily
+  missingok
+  rotate 7
+  compress
+  delaycompress
+  notifempty
+  create 640 root adm
+ }
+ EOF
+logrotate -fv /etc/logrotate.d/rundeck_service
+</pre>
+==gelf remote logging==
+* https://github.com/tseeker/rundeck-gelf-plugin
+<pre>
+$ cd /var/lib/rundeck/libext
+$ wget https://raw.githubusercontent.com/tseeker/rundeck-gelf-plugin/master/GelfPlugin.groovy
+$ cd /etc/rundeck
+# set values as default, since (by bug) framework.properties get not honored
+$ grep default /var/lib/rundeck/libext/GelfPlugin.groovy
+        host defaultValue:"syslog.domain.local", required:true, description: "Hostname to connect to"
+        port defaultValue:2222, required:true, description: "Port to connect to", type: 'Integer'
-==First Steps==
+$ grep Gelf rundeck-config.properties
-Now you can login into rundeck.
+rundeck.execution.logs.streamingWriterPlugins=GelfPlugin
-Everything is setup now.
-* Username: admin
-* Password: see playbook
-===This Links may help you to get a start===
+</pre>
-* https://docs.rundeck.com/docs/manual/workflow-steps/builtin.html
-* https://docs.rundeck.com/docs/administration/projects/
-[[Category:Linux]]
 [[Category:Alma8]]
 [[Category:Ansible]]
+[[Category:Linux]]