Initial Ansible infrastructure setup

remove-server.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+set -euo pipefail
+
+if [ "$#" -ne 1 ]; then
+  echo "Gebruik: $0 <hostname>"
+  echo "Voorbeeld: $0 backup"
+  exit 1
+fi
+
+NAME="$1"
+ANSIBLE_DIR="/home/wouter/infra/ansible"
+INV="$ANSIBLE_DIR/inventories/lab.ini"
+MAINT_PUBKEY="$(cat /home/wouter/.ssh/id_ed25519.pub)"
+
+if ! grep -q "^$NAME " "$INV"; then
+  echo "FOUT: hostname '$NAME' staat niet in inventory."
+  exit 1
+fi
+
+IP="$(awk -v name="$NAME" '$1 == name { for (i=1;i<=NF;i++) if ($i ~ /^ansible_host=/) { split($i,a,"="); print a[2] } }' "$INV")"
+
+echo "Server verwijderen: $NAME ($IP)"
+
+echo "1. Maintenance SSH-key verwijderen van server..."
+if ssh -o BatchMode=yes -o ConnectTimeout=5 "wouter@$IP" "echo ok" >/dev/null 2>&1; then
+  ssh "wouter@$IP" "grep -vxF '$MAINT_PUBKEY' ~/.ssh/authorized_keys > ~/.ssh/authorized_keys.tmp && mv ~/.ssh/authorized_keys.tmp ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
+  echo "Maintenance-key verwijderd."
+else
+  echo "WAARSCHUWING: server niet bereikbaar of key werkt niet. Inventory wordt wel opgeschoond."
+fi
+
+echo "2. Inventory backup maken..."
+cp "$INV" "$INV.bak.$(date +%Y%m%d-%H%M%S)"
+
+echo "3. Server uit inventory halen..."
+sed -i "/^$NAME /d" "$INV"
+
+echo "4. Known_hosts opschonen..."
+ssh-keygen -R "$IP" >/dev/null 2>&1 || true
+ssh-keygen -R "$NAME" >/dev/null 2>&1 || true
+
+echo "Klaar: $NAME verwijderd."