Ansible Galaxy: Complete Guide to Finding and Using Roles
Teach me Ansible |
2025-02-12 |
22 min read
Discover how to leverage Ansible Galaxy to accelerate your automation journey. Learn to find, evaluate, install, and contribute community roles that can save you hundreds of hours of development time.
What is Ansible Galaxy?
Ansible Galaxy is the official hub for sharing and discovering Ansible content. It's a free service where the community shares over 25,000 pre-built roles covering everything from basic system configuration to complex application deployments.
Why Use Ansible Galaxy?
- Save Time - Don't reinvent the wheel; use battle-tested roles
- Learn - Study how experienced automation engineers solve problems
- Contribute - Share your work with the community
- Standards - Follow community best practices
- Quality - Find well-documented, tested automation code
Installing ansible-galaxy CLI
The ansible-galaxy command comes bundled with Ansible:
# Verify installation
ansible-galaxy --version
# Get help
ansible-galaxy --helpSearching for Roles
Search on the Website
Visit galaxy.ansible.com and use the search bar to find roles by:
- Keyword (e.g., "docker", "nginx", "postgresql")
- Author (e.g., "geerlingguy")
- Tags (e.g., "security", "web", "database")
- Platform (e.g., "Ubuntu", "CentOS")
Search from Command Line
# Search for nginx roles
ansible-galaxy search nginx
# Search with specific author
ansible-galaxy search nginx --author geerlingguy
# Search by platform
ansible-galaxy search nginx --platforms UbuntuEvaluating Roles
Key Quality Indicators
Before using a role, check these metrics:
- Download Count - Popular roles are often more reliable
- Star Rating - Community feedback indicator
- Recent Activity - Check last update date
- GitHub Stars - Source repository popularity
- Open Issues - Check for unresolved problems
- Documentation - README quality and examples
- Tests - Look for CI/CD integration
- Platform Support - Ensure it supports your OS
Top Trusted Authors
Some well-known, trusted role authors:
geerlingguy- 150+ high-quality rolesrobertdebock- 200+ comprehensive rolescloudalchemy- Monitoring and observabilityansible-community- Official community roles
Installing Roles
Install Individual Roles
# Install latest version
ansible-galaxy install geerlingguy.nginx
# Install specific version
ansible-galaxy install geerlingguy.nginx,3.1.4
# Install to custom path
ansible-galaxy install geerlingguy.nginx -p ./custom-roles/
# Force reinstall (overwrite existing)
ansible-galaxy install geerlingguy.nginx --forceInstall Multiple Roles with requirements.yml
Create a requirements.yml file:
---
# Install from Galaxy
- name: geerlingguy.nginx
version: "3.1.4"
- name: geerlingguy.php
version: "4.8.0"
- name: geerlingguy.mysql
version: "4.3.1"
# Install from GitHub directly
- src: https://github.com/geerlingguy/ansible-role-docker
name: docker
version: main
# Install from Git with specific branch
- src: git+https://github.com/username/custom-role.git
name: custom
version: develop
# Install from URL (tarball)
- src: https://example.com/roles/myrole.tar.gz
name: myroleInstall all requirements:
# Install from requirements.yml
ansible-galaxy install -r requirements.yml
# Install and force update
ansible-galaxy install -r requirements.yml --forceManaging Installed Roles
List Installed Roles
# List all installed roles
ansible-galaxy list
# List roles with version info
ansible-galaxy list -p ./roles/Role Information
# Get role details
ansible-galaxy info geerlingguy.nginx
# View role README
ansible-galaxy info geerlingguy.nginx | lessRemove Roles
# Remove specific role
ansible-galaxy remove geerlingguy.nginx
# Remove role from custom path
ansible-galaxy remove geerlingguy.nginx -p ./roles/Using Galaxy Roles in Playbooks
Basic Usage
---
- name: Setup web server
hosts: webservers
become: yes
roles:
- geerlingguy.nginx
- geerlingguy.php
- geerlingguy.mysqlWith Custom Variables
---
- name: Setup LEMP stack
hosts: webservers
become: yes
roles:
- role: geerlingguy.nginx
vars:
nginx_vhosts:
- listen: "80"
server_name: "example.com"
root: "/var/www/html"
- role: geerlingguy.mysql
vars:
mysql_root_password: "{{ vault_mysql_root_password }}"
mysql_databases:
- name: wordpress
mysql_users:
- name: wpuser
password: "{{ vault_wpuser_password }}"
priv: "wordpress.*:ALL"Popular Galaxy Roles by Category
Web Servers
geerlingguy.nginx- Nginx web servergeerlingguy.apache- Apache web servergeerlingguy.haproxy- HAProxy load balancer
Databases
geerlingguy.mysql- MySQL/MariaDBgeerlingguy.postgresql- PostgreSQLgeerlingguy.mongodb- MongoDBgeerlingguy.redis- Redis cache
Programming Languages
geerlingguy.php- PHP runtimegeerlingguy.nodejs- Node.jsgeerlingguy.java- Java JDKgeerlingguy.ruby- Ruby
Container & Orchestration
geerlingguy.docker- Docker enginegeerlingguy.kubernetes- Kubernetes clustergeerlingguy.helm- Helm package manager
Security & Monitoring
geerlingguy.security- Security hardeninggeerlingguy.firewall- Firewall configurationcloudalchemy.prometheus- Prometheus monitoringcloudalchemy.grafana- Grafana dashboards
Creating Your Own Galaxy Role
1. Initialize Role Structure
# Create role skeleton
ansible-galaxy init my-awesome-role
cd my-awesome-role
tree2. Develop Your Role
Follow best practices (see our Complete Roles Guide):
- Write comprehensive tasks
- Add proper defaults and variables
- Create templates and files
- Include handlers
- Write tests
3. Document Your Role
Create a detailed README.md:
# My Awesome Role
A brief description of what this role does.
## Requirements
- Ansible 2.9+
- Ubuntu 20.04+ / CentOS 8+
## Role Variables
```yaml
my_var: default_value # Description
another_var: 123 # Another description
```
## Dependencies
None
## Example Playbook
```yaml
- hosts: servers
roles:
- my-awesome-role
```
## License
MIT
## Author Information
Created by Your Name (your.email@example.com)4. Update meta/main.yml
---
galaxy_info:
role_name: my_awesome_role
author: Your Name
description: Brief description
company: Your Company (optional)
license: MIT
min_ansible_version: 2.9
platforms:
- name: Ubuntu
versions:
- focal
- jammy
- name: EL
versions:
- 8
- 9
galaxy_tags:
- system
- web
- security
dependencies: []5. Test Thoroughly
# Syntax check
ansible-playbook tests/test.yml --syntax-check
# Run with molecule
molecule test
# Manual test
ansible-playbook tests/test.yml --checkPublishing to Ansible Galaxy
Prerequisites
- GitHub account
- Ansible Galaxy account (login with GitHub)
- Git repository with your role
Step-by-Step Publishing
1. Create GitHub Repository
# Initialize git in role directory
cd my-awesome-role
git init
# Create repository on GitHub
# Repository name must start with 'ansible-role-'
# Example: ansible-role-my-awesome-role
# Add remote and push
git remote add origin git@github.com:username/ansible-role-my-awesome-role.git
git add .
git commit -m "Initial role commit"
git push -u origin main2. Import to Galaxy
# Login to Galaxy
ansible-galaxy login
# Import your role
ansible-galaxy role import username ansible-role-my-awesome-roleAlternatively, use the web interface at galaxy.ansible.com
3. Setup Automated Imports
Configure GitHub webhook to auto-import on push:
- Go to your role on Galaxy
- Click "Settings" → "Integrations"
- Enable GitHub integration
- Role will auto-update on git push
Advanced Galaxy Features
Collections vs Roles
Ansible Collections are the new packaging format:
# Install collection
ansible-galaxy collection install community.general
# List collections
ansible-galaxy collection list
# Install from requirements
ansible-galaxy collection install -r requirements.ymlCollection requirements.yml:
---
collections:
- name: community.general
version: ">=3.0.0"
- name: ansible.posix
version: "1.4.0"
- name: community.docker
source: https://galaxy.ansible.comUsing Private Galaxy Servers
# Install from private Galaxy
ansible-galaxy install myrole \
--server https://private-galaxy.company.com
# Configure in ansible.cfg
[galaxy]
server_list = company_galaxy, release_galaxy
[galaxy_server.company_galaxy]
url=https://private-galaxy.company.com
token=abc123xyz
[galaxy_server.release_galaxy]
url=https://galaxy.ansible.comBest Practices
1. Pin Role Versions
# Good - specific version
- name: geerlingguy.nginx
version: "3.1.4"
# Avoid - may break unexpectedly
- name: geerlingguy.nginx2. Use requirements.yml
Always define dependencies in version control:
# Track in git
git add requirements.yml
git commit -m "Add role dependencies"3. Review Role Code
Never blindly trust external code:
# Download and inspect before using
ansible-galaxy install geerlingguy.nginx -p ./temp-roles/
cat ./temp-roles/geerlingguy.nginx/tasks/main.yml4. Keep Roles Updated
# Update all roles
ansible-galaxy install -r requirements.yml --force
# Review changelog before updating
# Test in staging before production5. Namespace Your Roles
# Use fully qualified names
roles:
- role: geerlingguy.nginx # Clear origin
# Not: nginx # AmbiguousTroubleshooting Common Issues
Installation Failures
# Clear cache
rm -rf ~/.ansible/tmp/
# Verbose installation
ansible-galaxy install geerlingguy.nginx -vvv
# Check connectivity
curl https://galaxy.ansible.comVersion Conflicts
# Force specific version
ansible-galaxy install geerlingguy.nginx,3.1.4 --force
# List installed versions
ansible-galaxy listRole Not Found
# Check roles path
ansible-config dump | grep ROLES_PATH
# Specify custom path in ansible.cfg
[defaults]
roles_path = ./roles:~/.ansible/roles:/usr/share/ansible/rolesConclusion
Ansible Galaxy is an invaluable resource that can dramatically accelerate your automation projects. By leveraging community expertise, you can:
- Implement complex solutions in minutes, not days
- Learn from thousands of working examples
- Contribute back to help others
- Stay current with automation best practices
Start by exploring popular roles, understand how they work, then adapt them to your needs. As you gain experience, consider giving back by publishing your own roles to help the community grow.
Pro Tip
Create a personal requirements.yml template with your most-used roles. This makes new project setup lightning-fast and ensures consistency across your infrastructure.