The following is a template of what I used to get MeshCentral up and running on Ubuntu 22.04 as a container on Proxmox VE 7.4. Get that container running, create your Ansible user, then initiate the SSH connection with your Ansible host. This setup is beyond the scope of this document.
Replace “password” in the following script with your relevant passwords.
Create a local file on your Ansible host which will be transmitted to the client as the systemd service file meshcentral.service. Have it in the same directory as this script, otherwise change the path below under the “src” below.
Also note, the meshcentral user created below needs to be in the same group as your Ansible user on the client system, otherwise the Ansible host cannot execute commands as that user. Since MeshCentral needs to be run as a normal user, it was necessary to add it to that common group, “ansible”.
deploymeshcentral.yaml:
- hosts: meshcentral
become: true
vars:
ansible_become_password: "password"
tasks:
- name: Update and upgrade apt packages
apt:
upgrade: dist
update_cache: yes
cache_valid_time: 86400
- name: Check if a reboot is required.
ansible.builtin.stat:
path: /var/run/reboot-required
get_md5: no
register: reboot_required_file
- name: Reboot the server (if required).
ansible.builtin.reboot:
when: reboot_required_file.stat.exists == true
- name: Remove dependencies that are no longer required.
ansible.builtin.apt:
autoremove: yes
- name: Install npm, gpg, gnupg, nodeJS
apt:
pkg:
- gnupg
- gpg
- nodejs
- npm
- name: Copy MongoDB GPG key
get_url:
url: "https://pgp.mongodb.com/server-6.0.asc"
dest: /etc/apt/trusted.gpg.d/server-6.0.asc
mode: '0644'
force: true
- name: Install MongoDB Repo
apt_repository:
repo: deb [signed-by=/etc/apt/trusted.gpg.d/server-6.0.asc] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse
state: present
- name: Update and upgrade apt packages
apt:
upgrade: yes
update_cache: yes
cache_valid_time: 86400
- name: Install MongoDB
apt:
pkg:
- mongodb-org
- name: Start and Enable MongoDB
service:
name: mongod
enabled: yes
state: started
- name: Allow access for NodeJS to use ports below 1024
command: setcap cap_net_bind_service=+ep /usr/bin/node
- name: Add meshcentral user
user:
name: meshcentral
password: "password"
groups: ansible
expires: -1
shell: /bin/bash
home: /home/meshcentral
- name: Copy meshcentral.service to host
copy:
src: meshcentral.service
dest: /etc/systemd/system/meshcentral.service
mode: 0666
owner: root
group: root
- hosts: meshcentral
become: true
become_method: su
become_user: meshcentral
vars:
ansible_become_password: "password"
ansible_common_remote_group: "ansible"
tasks:
- name: Install MeshCentral from NPM
community.general.npm:
name: meshcentral
path: ~/node_modules/
state: present
- hosts: meshcentral
become: true
vars:
ansible_become_password: "password"
tasks:
- name: Enable and start meshcentral.service
service:
name: meshcentral
enabled: yes
state: restartedmeshcentral.service:
[Unit]
Description=MeshCentral Server
[Service]
Type=simple
LimitNOFILE=1000000
ExecStart=/usr/bin/node /home/meshcentral/node_modules/meshcentral
WorkingDirectory=/home/meshcentral
Environment=NODE_ENV=production
User=meshcentral
Group=meshcentral
Restart=always
# Restart service after 10 seconds if node service crashes
RestartSec=10
# Set port permissions capability
AmbientCapabilities=cap_net_bind_service
[Install]
WantedBy=multi-user.targetReferences:
https://meshcentral.com/info/docs/MeshCentral2InstallGuide.pdf
https://docs.ansible.com/ansible/latest/collections/community/general/npm_module.html
https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/service_module.html
https://dev.to/kkentzo/deploying-a-service-using-ansible-and-systemd-4n11