commit 30fdad3be5b3ee354f62e9c558ae06db219025fd Author: root Date: Fri Jul 12 12:58:40 2024 +0200 first commit diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..d0a735a --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,5 @@ +{ + "yaml.schemas": { + "https://raw.githubusercontent.com/ansible-community/schemas/main/f/ansible.json#/$defs/tasks": "file:///Users/bramvandendaele/Documents/aperam/ansible/automation/roles/windows_install_files/tasks/main.yml" + } +} \ No newline at end of file diff --git a/OnboardingArc.yml b/OnboardingArc.yml new file mode 100644 index 0000000..3c6d5eb --- /dev/null +++ b/OnboardingArc.yml @@ -0,0 +1,46 @@ +--- +- name: "Onboard Windows Servers to Azure Arc-enabled servers with Public endpoint connectivity" + hosts: all + vars: + azure: + service_principal_id: 'ced53ad3-2832-4e85-8034-14d0e30896a3' + service_principal_secret: '{{ secret_arc }}' + resource_group: 'ape-platform-management-arc-prd-rg' + tenant_id: '26845d4f-0cf4-4d08-b717-06b6b7824ec4' + subscription_id: '831ece7a-8318-4861-9a74-789d4d221dd9' + location: 'westeurope' + tasks: + - name: flushdns + ansible.windows.win_command: + cmd: ipconfig /flushdns + + - name: Download the Connected Machine Agent on Windows servers + win_get_url: + url: https://aka.ms/AzureConnectedMachineAgent + dest: C:\AzureConnectedMachineAgent.msi + # proxy_url: 10.245.143.7:3128 + # when: (ansible_os_family == 'Windows') and (not azcmagent_win_downloaded.stat.exists) + + - name: Install the Connected Machine Agent on Windows servers + win_package: + path: C:\AzureConnectedMachineAgent.msi + # when: (ansible_os_family == 'Windows') and (not azcmagent_win_downloaded.stat.exists) + + - name: Check if the Connected Machine Agent has already been connected on Windows + win_command: azcmagent check + register: azcmagent_win_connected + # when: ansible_os_family == 'Windows' + ignore_errors: yes + failed_when: (azcmagent_win_connected.rc not in [ 0, 16 ]) + changed_when: False + + - name: Connect the Connected Machine Agent on Windows servers to Azure Arc + win_shell: azcmagent.exe connect --service-principal-id "{{ azure.service_principal_id }}" --service-principal-secret "{{ azure.service_principal_secret }}" --resource-group "{{ azure.resource_group }}" --tenant-id "{{ azure.tenant_id }}" --location "{{ azure.location }}" --subscription-id "{{ azure.subscription_id }}" + args: + chdir: 'C:\Program Files\AzureConnectedMachineAgent' + # when: (azcmagent_win_connected.rc is defined and azcmagent_win_connected.rc != 0) + # when: (ansible_os_family == 'Windows') and + + + + diff --git a/README.md b/README.md new file mode 100644 index 0000000..f178301 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +##test diff --git a/TKM b/TKM new file mode 100644 index 0000000..61c0a19 --- /dev/null +++ b/TKM @@ -0,0 +1,27 @@ +all: + hosts: + children: + windows: + children: + WIN: + hosts: + apeappddc620: + awe-acc-001: + awe-acc-004: + awe-acc-005: + awe-acc-007: + awe-acc-012: + awe-acc-013: + awe-acc-014: + awe-acc-015: + awe-acc-019: + awe-acc-020: + awe-acc-029: + awe-acc-030: + awe-acc-031: + + linux: + children: + LIN: + hosts: + awe-app-043: \ No newline at end of file diff --git a/arc_stage-updates.yml b/arc_stage-updates.yml new file mode 100644 index 0000000..04cea93 --- /dev/null +++ b/arc_stage-updates.yml @@ -0,0 +1,18 @@ +--- +- name: Stage updates arc + become_method: runas + hosts: all + tasks: + - name: stage all updates without installing them + ansible.windows.win_updates: + category_names: + - SecurityUpdates + - CriticalUpdates + - DefinitionUpdates + state: downloaded + server_selection: "windows_update" + reboot: false + ignore_unreachable: true + + + \ No newline at end of file diff --git a/aruba_first-playbook.yml b/aruba_first-playbook.yml new file mode 100644 index 0000000..db1af51 --- /dev/null +++ b/aruba_first-playbook.yml @@ -0,0 +1,171 @@ +# FILEPATH: /Users/bramvandendaele/Documents/aperam/ansible/automation/aruba_first-playbook.yml + +# This playbook prepares a switch for REST API, copies the primary image to the secondary slot, +# checks the boot info after the copy, downloads a new image to the primary slot, and reboots the switch. + +# This section of the playbook is responsible for downloading a new firmware image to the primary slot of the switch. +# The `arubaoss_file_transfer` module is used to download the firmware from a specified URL. +# The `file_type` is set to "FTT_FIRMWARE" indicating that the file being transferred is a firmware image. +# The `action` is set to "FTA_DOWNLOAD" to download the file. +# SSL is used for the file transfer (`use_ssl: true`) but certificate validation is disabled (`validate_certs: false`). +# The file is downloaded to the primary boot image slot (`boot_image: BI_PRIMARY_IMAGE`). +# This task is only executed if the current boot image is the primary image, the switch type is "YC", and the primary version is not "16.11.0016". +# If the task fails, the playbook continues due to `ignore_errors: true`. + +# The next section of the playbook disables the REST interface on the switch and clears the certificate for upgrade. +# The `arubaoss_command` module is used to execute a series of commands on the switch. +# These tasks are only executed if the current boot image is the primary image. + +# The playbook then retrieves the boot information after the new firmware has been downloaded using the `aruba_get-boot-info` role. + +# Finally, the playbook saves the running configuration to memory using the `write memory` command. +# The switch is scheduled to reload at a specified time and date. +# This task is only executed if the current boot image is the primary image, the primary version is "16.11.0016", and the NTP status is "Synchronized". +# The output of this task is saved to the `output` variable. + +--- +- name: Setup hosts + #become: true + #become_user: root + #become_method: su + hosts: localhost + roles: + - awx_import-hosts-from-list +### PREPARE SWITCH FOR REST API + OUTPUT BOOT INFO" +- hosts: aruba_hosts + gather_facts: false + collections: + - arubanetworks.aos_switch + - ansible.netcommon + vars: + ansible_connection: network_cli + ansible_command_timeout: 180 + # ansible_connection: local + environment: + NETWORK_GROUP_MODULES: arubaoss + ANSIBLE_CONFIG: config/ansible.cfg + roles: + - aruba_prepare-rest + - aruba_get-boot-info + - aruba_get-ntp-info + tasks: + - name: Copy primary to secondary + arubaoss_command: + commands: ['config', + 'copy flash flash Secondary'] + when: boot == "Primary" and primary_version != "16.11.0016" + # This task copies the primary configuration to the secondary device + # if the boot mode is set to "Primary" and the primary version is not "16.11.0016" + +###CHECK BOOT INFO AFTER COPY OF PRIMARY TO SECONDARY### +- hosts: all + gather_facts: false + collections: + - arubanetworks.aos_switch + - ansible.netcommon + vars: + ansible_connection: network_cli + # ansible_connection: local + environment: + NETWORK_GROUP_MODULES: arubaoss + tasks: + - name: Get boot info after copy primary to secondary + ansible.builtin.include_role: + name: aruba_get-boot-info + - name: save running config + arubaoss_command: + commands: ['write memory'] + when: boot == "Primary" + +###DOWNLOAD NEW IMAGE TO PRIMARY SLOT AND REBOOT### +- hosts: all + collections: + - arubanetworks.aos_switch + - ansible.netcommon + vars: + ansible_connection: local + ansible_command_timeout: 180 + environment: + NETWORK_GROUP_MODULES: arubaoss + tasks: + - name: Download and install YA firmware to primary + arubaoss_file_transfer: + file_url: "http://10.245.3.54/test/YA_16_11_0016.swi" + file_type: "FTT_FIRMWARE" + action: "FTA_DOWNLOAD" + use_ssl: true + validate_certs: false + port: 443 + boot_image: BI_PRIMARY_IMAGE + ignore_errors: true + when: boot == "Primary" and type == "YA" and primary_version != "16.11.0016" + - name: Download and install YB firmware to primary + arubaoss_file_transfer: + file_url: "http://10.245.3.54/test/YB_16_11_0016.swi" + file_type: "FTT_FIRMWARE" + action: "FTA_DOWNLOAD" + use_ssl: true + validate_certs: false + port: 443 + boot_image: BI_PRIMARY_IMAGE + ignore_errors: true + when: boot == "Primary" and type == "YB" and primary_version != "16.11.0016" + - name: Download and install YC firmware to primary + arubaoss_file_transfer: + file_url: "http://10.245.3.54/test/YC_16_11_0016.swi" + file_type: "FTT_FIRMWARE" + action: "FTA_DOWNLOAD" + use_ssl: true + validate_certs: false + port: 443 + retries: 3 + boot_image: BI_PRIMARY_IMAGE + ignore_errors: true + when: boot == "Primary" and type == "YC" and primary_version != "16.11.0016" +- hosts: all + gather_facts: false + collections: + - arubanetworks.aos_switch + - ansible.netcommon + vars: + ansible_connection: network_cli + ansible_command_timeout: 180 + environment: + NETWORK_GROUP_MODULES: arubaoss + tasks: + - name: disable rest + arubaoss_command: + commands: [ 'conf', + 'no rest-interface', + 'no web-management ssl', + 'aaa authentication rest login local none', + 'aaa authentication rest enable local none'] + when: boot == "Primary" + - name: clear cert + arubaoss_command: + commands: + - command: "conf" + - command: 'crypto pki clear certificate-name upgrade' + prompt: + - '.*Continue.*' + answer: + - y + when: boot == "Primary" + - name: Get boot info after download of new firmware + ansible.builtin.include_role: + name: aruba_get-boot-info + - name: write config to memory and reload on specified timeslot + arubaoss_command: + commands: + - command: 'write memory' + # - command: 'reload after {{reload_time}} {{ reload_date }}' + - command: 'reload at {{reload_time}} {{ reload_date }}' + prompt: + - '.*reboot.*' + answer: + - y + # - command: 'no reload' + when: boot == "Primary" and primary_version == "16.11.0016" and ntp_status == "Synchronized" + register: output + # changed_when: boot == "Primary" and primary_version != "16.11.0016" + #when: boot == "Primary" and primary_version != "16.11.0016" diff --git a/awx_import-hosts-from-list.yml b/awx_import-hosts-from-list.yml new file mode 100644 index 0000000..0fd68c1 --- /dev/null +++ b/awx_import-hosts-from-list.yml @@ -0,0 +1,64 @@ +--- +- name: Setup hosts + #become: true + #become_user: root + #become_method: su + hosts: localhost + roles: + - awx_import-hosts-from-list + tasks: + - name: + debug: + var: output + # - name: create list + # set_fact: + # namen: [] + + # - name: add hosts to list + # set_fact: + # namen: "{{ aruba_devices | split('\n') }}" + + # - name: + # debug: + # var: namen + # - name: make host group from survey hosts list + # add_host: + # hostname: "{{ item }}" + # groups: aruba_hosts + # ansible_user: sys-switchupgrade + # ansible_password: "{{aruba_pass}}" + # ansible_network_os: arubanetworks.aos_switch.arubaoss + # with_items: "{{namen}}" + + + + + + + + # - name: Add inventory + # awx.awx.inventory: + # name: "Aruba hosts (dynamic)" + # description: "Hosts imported from playbook" + # organization: "Aperam" + # state: present + # controller_host: https://awx-prd.aperam.internal + # controller_oauthtoken: "{{oauth}}" + # validate_certs: false + + # - name: add hosts to inventory + # awx.awx.host: + # inventory: "Azure Arc enabled hosts (dynamic)" + # name: "{{item}}" + # state: present + # controller_host: https://awx-prd.aperam.internal + # controller_oauthtoken: "{{oauth}}" + # validate_certs: false + # enabled: true + # with_items: "{{namen}}" + + + + + + \ No newline at end of file diff --git a/azure_create-clean-room.yml b/azure_create-clean-room.yml new file mode 100644 index 0000000..48e75d2 --- /dev/null +++ b/azure_create-clean-room.yml @@ -0,0 +1,133 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + tasks: + ## create the resource group + - name: create resource_group + azure_rm_resourcegroup: + name: "rg-clean_room" + location: westeurope + ## create the vnet with subnets + - name: Create virtual network vnet-clean_room + azure_rm_virtualnetwork: + resource_group: "rg-clean_room" + name: vnet-clean_room + address_prefixes: + - "10.10.0.0/24" + - "10.245.140.0/22" + dns_servers: + - "10.245.142.82" + - "10.245.142.83" + + - name: create nsg + azure.azcollection.azure_rm_securitygroup: + resource_group: "rg-clean_room" + name: nsg-clean-room + rules: + - name: DENYOUTBOUNDINTERNET + protocol: "*" + access: Deny + priority: 100 + destination_address_prefix: Internet + direction: Outbound + state: present + - name: Add subnet clean_room + azure_rm_subnet: + resource_group: "rg-clean_room" + name: sn-clean_room + address_prefix: "10.245.140.0/24" + virtual_network: vnet-clean_room + security_group: + name: nsg-clean-room + resource_group: rg-clean_room + - name: Add subnet clean_room1 + azure_rm_subnet: + resource_group: "rg-clean_room" + name: sn-clean_room1 + address_prefix: "10.245.141.0/24" + virtual_network: vnet-clean_room + security_group: + name: nsg-clean-room + resource_group: rg-clean_room + - name: Add subnet clean_room2 + azure_rm_subnet: + resource_group: "rg-clean_room" + name: sn-clean_room2 + address_prefix: "10.245.142.0/24" + virtual_network: vnet-clean_room + security_group: + name: nsg-clean-room + resource_group: rg-clean_room + - name: Add subnet clean_room3 + azure_rm_subnet: + resource_group: "rg-clean_room" + name: sn-clean_room3 + address_prefix: "10.245.143.0/24" + virtual_network: vnet-clean_room + security_group: + name: nsg-clean-room + resource_group: rg-clean_room + - name: Add subnet Azure Bastion + azure_rm_subnet: + resource_group: "rg-clean_room" + name: AzureBastionSubnet + address_prefix: "10.10.0.0/26" + virtual_network: vnet-clean_room + register: bastion_subnet + ## create Bastion + - name: Create a public ip address + azure_rm_publicipaddress: + resource_group: "rg-clean_room" + name: bastion_pub_ip + sku: "Standard" + allocation_method: static + - name: get pubip info + azure_rm_publicipaddress_info: + resource_group: "rg-clean_room" + name: bastion_pub_ip + register: pub_ip + #domain_name: foobar + - name: check if bastion host exists + azure.azcollection.azure_rm_bastionhost_info: + name: "Bastion-clean_room" + resource_group: rg-clean_room + register: bastion + - name: Create Bastion host + azure.azcollection.azure_rm_bastionhost: + name: "Bastion-clean_room" + resource_group: "rg-clean_room" + ip_configurations: + - name: bastion-cr_ipconfig + public_ip_address: + id: "{{ pub_ip.publicipaddresses[0].id }}" + subnet: + id: "{{bastion_subnet.state.id}}" + sku: + name: "Standard" + state: present + when: bastion == None + ## create staging storage account + - name: create staging storage account + azure_rm_storageaccount: + resource_group: "rg-clean_room" + name: sacleanroomstaging + type: "Standard_LRS" + kind: "StorageV2" + location: westeurope + public_network_access: "Enabled" + - name: Create container VHDS + azure_rm_storageblob: + resource_group: "rg-clean_room" + storage_account_name: sacleanroomstaging + container: vhds + + + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" \ No newline at end of file diff --git a/azure_create-lin-vm-without-rg.yml b/azure_create-lin-vm-without-rg.yml new file mode 100644 index 0000000..bed843f --- /dev/null +++ b/azure_create-lin-vm-without-rg.yml @@ -0,0 +1,45 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createlinvm + tasks: + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + groups: new_group + ansible_connection: ssh + # become: true + become_method: sudo + ansible_user: ApeAdmin + ansible_ssh_pass: "{{password}}" + + environment: + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6 + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 + + +- name: ping vm + gather_facts: true + # become: false + hosts: new_group + tasks: + - name: ping vm + ansible.builtin.ping: +- name: Onboard vm + gather_facts: true + become: true + become_method: sudo + become_user: root + hosts: new_group + roles: + - role: linux_onboard-adagility + - role: linux_install-checkmk + - role: linux_install-sentinelone + + \ No newline at end of file diff --git a/azure_create-nsg.yml b/azure_create-nsg.yml new file mode 100644 index 0000000..cac7d98 --- /dev/null +++ b/azure_create-nsg.yml @@ -0,0 +1,19 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: azure_createRG + - role: azure_create-vnet + - role: azure_createwindowsvm + + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + + \ No newline at end of file diff --git a/azure_create-rg.yml b/azure_create-rg.yml new file mode 100644 index 0000000..3e30f9b --- /dev/null +++ b/azure_create-rg.yml @@ -0,0 +1,18 @@ +--- +- name: azure create resource group + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: azure_createRG + + environment: + #aperam.com + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: "{{((sub_id | split(':'))[1]) | trim }}" + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 + + \ No newline at end of file diff --git a/azure_create-vm-with-rg-demo.yml b/azure_create-vm-with-rg-demo.yml new file mode 100644 index 0000000..f217568 --- /dev/null +++ b/azure_create-vm-with-rg-demo.yml @@ -0,0 +1,81 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createRG + - role: azure_createwindowsvm-demo + tasks: + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + #hostname: "{{ hostname }}.adagility.net" + groups: new_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: ApeAdmin + ansible_password: "{{password}}" + ansible_winrm_transport: ntlm + #ansible_user: "{{ansible_user}}" + #ansible_password: "{{ansible_password}}" + - name: create hostgroup for ad group creation + add_host: + hostname: awe-mps-006.adagility.net + groups: ad_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + ansible_winrm_transport: kerberos + + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + +- name: Onboard vm + gather_facts: no + hosts: new_group + roles: + - role: win_ping + - role: windows_install-check-mk + - role: windows_install-sentinelone + - role: windows_install-windirstat + - role: windows_domain-join + - role: windows_finalize + +- name: Create admin group + gather_facts: + hosts: ad_group + tasks: + - name: Create ad security group for Devices + community.windows.win_domain_group: + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + state: present + scope: global + +- name: Destroy demo RG + become: true + become_user: root +# become_method: runas + hosts: localhost + tasks: + - name: delete RG + azure_rm_resourcegroup: + name: "{{ RG_name }}" + force_delete_nonempty: yes + state: absent + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + diff --git a/azure_create-vm-with-rg.yml b/azure_create-vm-with-rg.yml new file mode 100644 index 0000000..d8d9e27 --- /dev/null +++ b/azure_create-vm-with-rg.yml @@ -0,0 +1,83 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createRG + - role: azure_createwindowsvm + + tasks: + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + #hostname: "{{ hostname }}.adagility.net" + groups: new_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: ApeAdmin + ansible_password: "{{password}}" + ansible_winrm_transport: ntlm + #ansible_user: "{{ansible_user}}" + #ansible_password: "{{ansible_password}}" + + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + +- name: Onboard vm + gather_facts: no + hosts: new_group + roles: + - role: win_ping + - role: windows_domain-join + - role: windows_install-check-mk + - role: windows_install-sentinelone + - role: windows_install-laps + - role: windows_install-windirstat + - role: windows_finalize +- name: add host to checkmk + hosts: localhost + become: true + become_user: root + tasks: + - name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{ hostname }}.adagility.net" + validate_certs: false + folder: / + state: present + with_inventory_hostnames: + - checkmk_hosts + + - name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{ hostname }}.adagility.net" + state: "new" + validate_certs: false + with_inventory_hostnames: + - checkmk_hosts + + - name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' + + \ No newline at end of file diff --git a/azure_create-vm-without-rg-workgroup.yml b/azure_create-vm-without-rg-workgroup.yml new file mode 100644 index 0000000..2b80029 --- /dev/null +++ b/azure_create-vm-without-rg-workgroup.yml @@ -0,0 +1,93 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createwindowsvm + + tasks: + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + #hostname: "{{ hostname }}.adagility.net" + groups: new_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: ApeAdmin + ansible_password: "{{password}}" + ansible_winrm_transport: ntlm + #ansible_user: "{{ansible_user}}" + #ansible_password: "{{ansible_password}}" + - name: create hostgroup for ad group creation + add_host: + hostname: awe-mps-006.adagility.net + groups: ad_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + ansible_winrm_transport: kerberos + + + environment: + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6 + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 + +- name: Onboard vm + gather_facts: no + hosts: new_group + roles: + - role: win_ping + - role: windows_install-check-mk + - role: windows_install-sentinelone + - role: windows_install-windirstat + # - role: windows_domain-join + - role: windows_finalize +# - role: windows_install-laps +- name: add host to checkmk + hosts: localhost + become: true + become_user: root + tasks: + - name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{hostname}}.adagility.net" + validate_certs: false + folder: / + state: present + with_inventory_hostnames: + - new_group + + - name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{ hostname }}.adagility.net" + state: "new" + validate_certs: false + with_inventory_hostnames: + - new_group + + - name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' + + \ No newline at end of file diff --git a/azure_create-vm-without-rg.yml b/azure_create-vm-without-rg.yml new file mode 100644 index 0000000..ccb8fd1 --- /dev/null +++ b/azure_create-vm-without-rg.yml @@ -0,0 +1,133 @@ +--- + +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createwindowsvm + environment: + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: "{{((sub_id | split(':'))[1]) | trim }}" + # - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6 + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 + tasks: + - name: output subscriptionID + debug: + var: "AZURE_SUBSCRIPTION_ID" + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + #hostname: "{{ hostname }}.adagility.net" + groups: new_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: ApeAdmin + ansible_password: "{{password}}" + ansible_winrm_transport: ntlm + #ansible_user: "{{ansible_user}}" + #ansible_password: "{{ansible_password}}" + - name: create hostgroup for ad group creation + add_host: + hostname: awe-mps-006.adagility.net + groups: ad_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + ansible_winrm_transport: kerberos + + +- name: Onboard vm + gather_facts: no + hosts: new_group + roles: + - role: win_ping + - role: windows_install-check-mk + - role: windows_install-sentinelone + - role: windows_install-windirstat + - role: windows_domain-join + - role: windows_finalize + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" +# - role: windows_install-laps +- name: Create admin group + gather_facts: + hosts: ad_group + tasks: + - name: Create ad security group for Devices + community.windows.win_domain_group: + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + domain_server: awe-dcw-004.adagility.net + state: present + scope: global + ignore_errors: true + # - name: add host to security group to use azure updates + # community.windows.win_domain_group_membership: + # identity: GG-GPO-APERAM-SERVERS-AZUREUPDATES + # members: "{{hostname}}$" + # domain_username: "{{domain_admin}}" + # domain_password: "{{domain_password}}" + # domain_server: awe-dcw-004.adagility.net + # state: present + # scope: global + # ignore_errors: true + - name: add host to azure updates group + microsoft.ad.group: + name: GG-GPO-APERAM-SERVERS-AZUREUPDATES + identity: GG-GPO-APERAM-SERVERS-AZUREUPDATES + members: + add: + - "{{hostname}}$" + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + domain_server: awe-dcw-004.adagility.net + scope: global + ignore_errors: true +- name: add host to checkmk + hosts: localhost + become: true + become_user: root + tasks: + - name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{hostname}}.adagility.net" + validate_certs: false + folder: / + state: present + with_inventory_hostnames: + - new_group + + - name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{ hostname }}.adagility.net" + state: "new" + validate_certs: false + with_inventory_hostnames: + - new_group + + - name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' + diff --git a/azure_create-win10vm-without-rg.yml b/azure_create-win10vm-without-rg.yml new file mode 100644 index 0000000..438716c --- /dev/null +++ b/azure_create-win10vm-without-rg.yml @@ -0,0 +1,69 @@ +--- + +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + - role: azure_createwindowsvm + environment: + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: "{{((sub_id | split(':'))[1]) | trim }}" + # - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6 + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 + tasks: + - name: output subscriptionID + debug: + var: "AZURE_SUBSCRIPTION_ID" + - name: make host group from survey hosts list + add_host: + hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + groups: new_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: ApeAdmin + ansible_password: "{{password}}" + ansible_winrm_transport: ntlm + no_log: True + - name: create hostgroup for ad group creation + add_host: + hostname: awe-mps-006.adagility.net + groups: ad_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + ansible_winrm_transport: kerberos + no_log: True + + +- name: Onboard vm + gather_facts: no + hosts: new_group + roles: + - role: win_ping + - role: windows_domain-join + - role: windows_finalize + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + + +- name: Create admin group + gather_facts: + hosts: ad_group + tasks: + - name: Create ad security group for Devices + community.windows.win_domain_group: + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + domain_server: awe-dcw-004.adagility.net + state: present + scope: global + ignore_errors: true + no_log: true \ No newline at end of file diff --git a/azure_delete-rg.yml b/azure_delete-rg.yml new file mode 100644 index 0000000..75548cc --- /dev/null +++ b/azure_delete-rg.yml @@ -0,0 +1,17 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: azure_delete-rg + + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + + \ No newline at end of file diff --git a/azure_delete-vm.yml b/azure_delete-vm.yml new file mode 100644 index 0000000..59feadd --- /dev/null +++ b/azure_delete-vm.yml @@ -0,0 +1,38 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + tasks: + - name: Remove a VM and all resources that were autocreated in azure + azure_rm_virtualmachine: + resource_group: "{{RG_name}}" + name: "{{VM_name}}" + state: absent + environment: + - AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6 + - AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4 +- name: remove computer object with devadm group + become_method: runas + hosts: all + vars: + ansible_user: "{{sysawxuser}}" + ansible_password: "{{sysawxpass}}" + tasks: + - name: delete devadm group + community.windows.win_domain_group: + name: CN=G-MGMT-LA-DEVADM-{{ VM_name |upper }}, OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{sysaduser}}" + domain_password: "{{sysadpass}}" + state: absent + ignore_protection: yes + - name: delete computer account + community.windows.win_domain_computer: + name: "{{ VM_name |upper }}" + domain_username: "{{sysaduser}}" + domain_password: "{{sysadpass}}" + state: absent + ignore_protection: yes diff --git a/azure_get-expiring-secrets.yml b/azure_get-expiring-secrets.yml new file mode 100644 index 0000000..140809d --- /dev/null +++ b/azure_get-expiring-secrets.yml @@ -0,0 +1,17 @@ +--- +- name: azure get app secrets + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: azure_get-expiring-tokens-az + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + \ No newline at end of file diff --git a/azure_get-rg-facts.yml b/azure_get-rg-facts.yml new file mode 100644 index 0000000..40ecf11 --- /dev/null +++ b/azure_get-rg-facts.yml @@ -0,0 +1,21 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: azure_get-rg-facts + + environment: + #aperam.com + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + + + + \ No newline at end of file diff --git a/azure_get-stopped-vms.yml b/azure_get-stopped-vms.yml new file mode 100644 index 0000000..738e229 --- /dev/null +++ b/azure_get-stopped-vms.yml @@ -0,0 +1,55 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + # roles: + # - role: azure_createRG + # - role: azure_createwindowsvm-demo + tasks: + - name: get all resource groups + azure_rm_resourcegroup_info: + register: resource_groups + - name: create list + set_fact: + rgs: [] + - name: add rg to list + set_fact: + rgs: "{{rgs + [item.name]}}" + with_items: "{{resource_groups.resourcegroups}}" + when: (item.name != "rg-project-testdeploy" or item.name != "databricks-rg-adb_tobias-gfw3cjeh6ynr6" or item.name != "rg-data-datamanagement-prd-02-databricks") and item.location == "westeurope" + - name: Get all facts + azure_rm_virtualmachine_info: + resource_group: "{{item}}" + with_items: "{{ rgs }}" + register: all_facts + ignore_errors: true + # no_log: true + - name: init list + set_fact: + lijstje: [] + - name: set RG name + set_fact: + rg_name: "{{item.resource_group}}" + vm_name: "{{item.name}}" + power_state: "{{item.power_state}}" + textje: "The vm {{ item.name }} has power state: {{ item.power_state}}" + lijstje: "{{ lijstje + ['The vm' + item.name + ' has power state:' + item.power_state] }}" + # when: item.name == "{{ vmname }}" + with_items: "{{all_facts.vms}}" + register: output + # no_log: true + - name: get rg_info + debug: + msg: "{{lijstje}}" + # with_items: "{{all_facts.vms}}" + + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + diff --git a/azure_get-vminfo.yml b/azure_get-vminfo.yml new file mode 100644 index 0000000..02f3bed --- /dev/null +++ b/azure_get-vminfo.yml @@ -0,0 +1,34 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + gather_facts: no + tasks: + - name: Get all facts + azure_rm_virtualmachine_info: + register: all_facts + no_log: true + - name: set RG name + set_fact: + rg_name: "{{item.resource_group}}" + when: item.name == "{{ vmname }}" + with_items: "{{all_facts.vms}}" + no_log: true + + - name: get rg_info + debug: + msg: "The vm {{vmname}} is located in the resource group {{rg_name}}" + + environment: + #aperam.com + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + + + + \ No newline at end of file diff --git a/azure_restore-to-clean-room.yml b/azure_restore-to-clean-room.yml new file mode 100644 index 0000000..ca8cbb3 --- /dev/null +++ b/azure_restore-to-clean-room.yml @@ -0,0 +1,31 @@ +--- +- name: Get resource group info + become: true + # become_user: root +# become_method: runas + hosts: all + tasks: + - name: Copy VHD from WORM sa to corporate sa + ansible.windows.win_command: powershell.exe - + args: + stdin: | + C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive + "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" + "https://sacleanroomstaging.blob.core.windows.net/vhds/?sv=2021-12-02&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-04-25T16:39:57Z&st=2023-04-25T08:39:57Z&spr=https&sig=o3huUH3%2F0xBXu0FBPuhvKacitPWrLRf7oLYGY9SqYLc%3D" + --include-pattern 'OG_{{ host }}*{{ day }}-{{ month }}-{{ year }}.vhd' + register: output + # async: 1200 + # poll: 120 + when: sa == 'coapewormsaweprd0' + + - name: Copy VHD from WORM sa to corporate sa + ansible.windows.win_command: powershell.exe - + args: + stdin: C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "https://saapewormlaweprd1.blob.core.windows.net/coapewormlaweprd1-0?sp=rl&st=2023-05-25T11:09:20Z&se=2024-05-25T19:09:20Z&spr=https&sv=2022-11-02&sr=c&sig=p4wInyNdaS3dkmuMyqZEB%2BkrHYtT1diM0eEgqE%2FmqY4%3D" "https://sacleanroomstaging.blob.core.windows.net/vhds/?sv=2021-12-02&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-04-25T16:39:57Z&st=2023-04-25T08:39:57Z&spr=https&sig=o3huUH3%2F0xBXu0FBPuhvKacitPWrLRf7oLYGY9SqYLc%3D" --include-pattern 'OG_{{ host }}*{{ day }}-{{ month }}-{{ year }}.vhd' + register: output + # async: 1200 + # poll: 120 + when: sa == 'saapewormlaweprd1' + - name: Debug output + ansible.builtin.debug: + var: output.stdout diff --git a/azure_restore-vm-from-disk.yml b/azure_restore-vm-from-disk.yml new file mode 100644 index 0000000..feca86a --- /dev/null +++ b/azure_restore-vm-from-disk.yml @@ -0,0 +1,40 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + tasks: + # ## create the resource group + # - name: create resource_group + # azure_rm_resourcegroup: + # name: "rg-clean_room" + # location: westeurope + # ## create the vnet with subnets + # - name: Create virtual network vnet-clean_room + # azure_rm_virtualnetwork: + # resource_group: "rg-clean_room" + # name: vnet-clean_room + # address_prefixes: + # - "10.10.0.0/24" + # - "10.245.140.0/22" + # dns_servers: + # - "10.245.142.82" + # - "10.245.142.83" + - name: Create managed operating system disk from page blob + azure_rm_manageddisk: + name: awe-tst-003-osdisk + location: westeurope + resource_group: rg-clean_room + create_option: import + source_uri: https://sacleanroomstaging.blob.core.windows.net/vhds/OG_awe-tst-003_OSDISK_Snapshot_MSS-3RD-SUN-0200-AM-LT0_16-4-2023.vhd + storage_account_id: "/subscriptions/5639f350-6bf6-4f6c-b084-52a060aa1f99/resourceGroups/rg-clean_room/providers/Microsoft.Storage/storageAccounts/sacleanroomstaging" + os_type: windows + storage_account_type: Premium_LRS +# disk_size_gb: 128 + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" \ No newline at end of file diff --git a/azure_sync-azure-arc-to-local.yml b/azure_sync-azure-arc-to-local.yml new file mode 100644 index 0000000..729d9b9 --- /dev/null +++ b/azure_sync-azure-arc-to-local.yml @@ -0,0 +1,61 @@ +--- +- name: get resource group info + become: true + become_user: root +# become_method: runas + hosts: localhost + tasks: + - name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: "ape-platform-management-arc-prd-rg" + list_resources: yes + register: rg_info + - name: create list + set_fact: + namen: [] + + - name: add to list + set_fact: + namen: "{{namen + (rg_info.resourcegroups[0].resources | selectattr('type', 'eq', 'Microsoft.HybridCompute/machines') | map(attribute='name') | list )}}" + + - name: + debug: + var: namen + - name: Add inventory + awx.awx.inventory: + name: "Azure Arc enabled hosts (dynamic)" + description: "Hosts synced from the azure arc prd resource group" + organization: "Aperam" + state: present + controller_host: https://awx-prd.aperam.internal + controller_oauthtoken: "{{oauth}}" + validate_certs: false + + - name: add hosts to inventory + awx.awx.host: + inventory: "Azure Arc enabled hosts (dynamic)" + name: "{{item}}" + state: present + controller_host: https://awx-prd.aperam.internal + controller_oauthtoken: "{{oauth}}" + validate_certs: false + enabled: true + with_items: "{{namen}}" + #roles: + # - role: linux_update + # - role: azure_get-rg-facts + # - role: awx_create-inventory-from-list + + #environment: + #aperam.com + # - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + # - AZURE_SECRET: "{{AZURE_SECRET}}" + # - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + # - AZURE_TENANT: "{{AZURE_TENANT}}" + vars: + - RG_name: ape-platform-management-arc-prd-rg + + + + + \ No newline at end of file diff --git a/central_fs-ISB-sync.yml b/central_fs-ISB-sync.yml new file mode 100644 index 0000000..66db0b6 --- /dev/null +++ b/central_fs-ISB-sync.yml @@ -0,0 +1,5 @@ +--- +- name: push data to WORM + hosts: all + roles: + - role: windows_push-ISB-to-SA diff --git a/central_fs-bootstrap.yml b/central_fs-bootstrap.yml new file mode 100644 index 0000000..db35c61 --- /dev/null +++ b/central_fs-bootstrap.yml @@ -0,0 +1,18 @@ +--- +- name: Create needed folders for the central file server + hosts: all + tasks: + - name: set folders + ansible.builtin.set_fact: + folders: ['\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Infra\', + '\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Middleware\', + '\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Infra\Configs\', + '\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Infra\Configs\AZ_VMINFO\', + '\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Infra\Configs\PRINTER\', + '\\awe-mps-006.adagility.net\cor$\{{ "%Y%m%d" | strftime( ( ansible_date_time.epoch | int ))}}\Infra\Configs\DHCP\'] + + - name: create daily folder + ansible.windows.win_file: + path: "{{ item }}" + state: directory + with_items: "{{ folders }}" diff --git a/central_fs-cleanup.yml b/central_fs-cleanup.yml new file mode 100644 index 0000000..0828a08 --- /dev/null +++ b/central_fs-cleanup.yml @@ -0,0 +1,120 @@ +--- +- name: push data to WORM + hosts: all + tasks: + # - name: check if folder isn't empty + # ansible.windows.win_stat: + # path: F:\Data\PON + # register: folderinfo + # environment: + # ponfolder: folderinfo.stat.size + + # - name: set fact + # set_fact: ponfolder="{{folderinfo.stat.size}}" + + - name: make host group from survey hosts list + add_host: + hostname: "awe-mgt-050.adagility.net" + groups: new_group + ansible_connection: ssh + ansible_port: 22 + ansible_user: sys-awx-srvautomate@ADAGILITY.NET + become_user: root + become: yes + ansible_ssh_pass: "{{pass}}" + ansible_sudo_pass: "{{pass}}" + # ponfolder: "{{folderinfo.stat.size}}" + delegate_to: localhost + +- name: mount + hosts: new_group + tasks: + - name: mount central file server + ansible.posix.mount: + src: //awe-mps-006.adagility.net/COR$ + path: /mnt/smbshare + fstype: cifs + opts: "username=adm-bvandendaele,password={{ passcor }}" + state: mounted + boot: no + become_method: sudo + become: true + - name: check if folder exists + ansible.builtin.stat: + path: /mnt/smbshare + register: state + + + # - name: check folder content + # ansible.builtin.find: + # paths: "/mnt/smbshare/{{'%Y%m%d' | strftime((ansible_date_time['epoch']|int)-(86400*(item | int))) }}" + # file_type: any + # recurse: no + # with_sequence: start=60 end=30 stride=-1 + # register: output + + - name: Delete content & directory + ansible.builtin.file: + state: absent + path: "/mnt/smbshare/{{'%Y%m%d' | strftime((ansible_date_time['epoch']|int)-(86400*(item | int))) }}" + with_sequence: start=20 end=3 stride=-1 + become: true + + + # - name: get folder + # ansible.builtin.debug: + # var: output + # - name: create list + # set_fact: + # paths: [] + + # - name: append paths to list + # set_fact: + # paths: "{{paths + [item.path]}}" + # with_items: "{{output.files}}" + # - name: get items + # debug: + # var: paths + + + # - name: upload files to blob + # azure.azcollection.azure_rm_storageblob: + # resource_group: rg-project-wormbackup-prd + # storage_account_name: saapewormsprd2prd + # container: coapewormsprd2prd-0 + # batch_upload_dst: Data/PON/{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}/test/ + # batch_upload_src: /mnt/smbshare/{{ item }} + # auth_source: env + # force: false + # with_items: paths + # when: ponfolder != 0 + + # - name: clean local folder + # ansible.builtin.file: + # path: "{{item}}" + # state: absent + # with_items: "{{paths}}" + # when: ponfolder != 0 + # become: true + + + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + + + # - name: Copy local folder to WORM + # ansible.windows.win_powershell: + # script: | + # C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "F:\Data\COR\$((get-date).AddDays(-1).ToString("yyyyMMdd"))" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-03-03T15:34:11Z&st=2023-03-03T07:34:11Z&spr=https&sig=X4o7LwIgrctnl5M9C%2B4VrI%2FwFp3Ahk049YVN0fgAauU%3D" + + # - name: Copy local google drive folder to WORM + # ansible.windows.win_powershell: + # script: | + # C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "E:\Shared drives\Global IT Infrastructure Library\Design Documentation\Network" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/$((get-date).AddDays(-1).ToString("yyyyMMdd"))/GDrive/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-03-03T15:34:11Z&st=2023-03-03T07:34:11Z&spr=https&sig=X4o7LwIgrctnl5M9C%2B4VrI%2FwFp3Ahk049YVN0fgAauU%3D" --include-pattern '*.vsd;*.vsdx;*.pdf;*.png;*.jpg' + + diff --git a/central_fs-sync-pon.yml b/central_fs-sync-pon.yml new file mode 100644 index 0000000..bba4995 --- /dev/null +++ b/central_fs-sync-pon.yml @@ -0,0 +1,120 @@ +--- +- name: push data to WORM + hosts: all + tasks: + - name: check if folder isn't empty + ansible.windows.win_stat: + path: F:\Data\PON + register: folderinfo + environment: + ponfolder: folderinfo.stat.size + + - name: set fact + set_fact: ponfolder="{{folderinfo.stat.size}}" + + - name: get folder stats + ansible.windows.win_stat: + path: F:\Data\GUE + register: folderinfo1 + + - name: Copy local folder to WORM + ansible.windows.win_powershell: + script: | + C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "F:\Data\PON\" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/PON/{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-03-03T15:34:11Z&st=2023-03-03T07:34:11Z&spr=https&sig=X4o7LwIgrctnl5M9C%2B4VrI%2FwFp3Ahk049YVN0fgAauU%3D" + when: ponfolder != 0 + - name: make host group from survey hosts list + add_host: + hostname: "awe-mgt-050.adagility.net" + groups: new_group + ansible_connection: ssh + ansible_port: 22 + ansible_user: sys-awx-srvautomate@ADAGILITY.NET + become_user: root + become: yes + ansible_ssh_pass: "{{pass}}" + ansible_sudo_pass: "{{pass}}" + ponfolder: "{{folderinfo.stat.size}}" + delegate_to: localhost + +- name: mount + hosts: new_group + tasks: + - name: mount central file server + ansible.posix.mount: + src: //awe-mps-006.adagility.net/PON$ + path: /mnt/smbshare + fstype: cifs + opts: "username=sys-cfscopier4pon,password={{ passpon }}" + state: mounted + boot: no + become_method: sudo + become: true + - name: check if folder exists + ansible.builtin.stat: + path: /mnt/smbshare + register: state + + - name: + debug: + var: ponfolder + + - name: check folder content + ansible.builtin.find: + paths: /mnt/smbshare + file_type: any + recurse: yes + register: output + - name: create list + set_fact: + paths: [] + + - name: append paths to list + set_fact: + paths: "{{paths + [item.path]}}" + with_items: "{{output.files}}" + - name: get items + debug: + var: paths + + + # - name: upload files to blob + # azure.azcollection.azure_rm_storageblob: + # resource_group: rg-project-wormbackup-prd + # storage_account_name: saapewormsprd2prd + # container: coapewormsprd2prd-0 + # batch_upload_dst: Data/PON/{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}/test/ + # batch_upload_src: /mnt/smbshare/{{ item }} + # auth_source: env + # force: false + # with_items: paths + # when: ponfolder != 0 + + - name: clean local folder + ansible.builtin.file: + path: "{{item}}" + state: absent + with_items: "{{paths}}" + when: ponfolder != 0 + become: true + + + + environment: + - AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}" + - AZURE_SECRET: "{{AZURE_SECRET}}" + - AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}" + - AZURE_TENANT: "{{AZURE_TENANT}}" + + + + # - name: Copy local folder to WORM + # ansible.windows.win_powershell: + # script: | + # C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "F:\Data\COR\$((get-date).AddDays(-1).ToString("yyyyMMdd"))" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-03-03T15:34:11Z&st=2023-03-03T07:34:11Z&spr=https&sig=X4o7LwIgrctnl5M9C%2B4VrI%2FwFp3Ahk049YVN0fgAauU%3D" + + # - name: Copy local google drive folder to WORM + # ansible.windows.win_powershell: + # script: | + # C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "E:\Shared drives\Global IT Infrastructure Library\Design Documentation\Network" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/$((get-date).AddDays(-1).ToString("yyyyMMdd"))/GDrive/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2024-03-03T15:34:11Z&st=2023-03-03T07:34:11Z&spr=https&sig=X4o7LwIgrctnl5M9C%2B4VrI%2FwFp3Ahk049YVN0fgAauU%3D" --include-pattern '*.vsd;*.vsdx;*.pdf;*.png;*.jpg' + + diff --git a/central_fs-sync.yml b/central_fs-sync.yml new file mode 100644 index 0000000..e8d4741 --- /dev/null +++ b/central_fs-sync.yml @@ -0,0 +1,5 @@ +--- +- name: push data to WORM + hosts: all + roles: + - role: windows_push-to-SA diff --git a/checkmk_move-host-to-folder.yml b/checkmk_move-host-to-folder.yml new file mode 100644 index 0000000..69fca89 --- /dev/null +++ b/checkmk_move-host-to-folder.yml @@ -0,0 +1,64 @@ +--- +- name: run automation for windows + gather_facts: yes + hosts: all + become_method: runas +# roles: +# - windows_install-check-mk + tasks: + - name: Add all hosts running this playbook to the done group + ansible.builtin.add_host: + name: '{{ item }}.adagility.net' + groups: checkmk_hosts + loop: "{{ ansible_play_hosts }}" + + +- name: Onboard host to checkmk GUI + become: true + become_user: root + hosts: localhost + tasks: + - name: + debug: + var: item + with_inventory_hostnames: + - checkmk_hosts + + - name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{item}}" + validate_certs: false + folder: "/{{foldername}}" + state: present + with_inventory_hostnames: + - checkmk_hosts + - name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{item}}" + state: "new" + validate_certs: false + with_inventory_hostnames: + - checkmk_hosts + - name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' + + + + + + diff --git a/cisco_test.yml b/cisco_test.yml new file mode 100644 index 0000000..6b12342 --- /dev/null +++ b/cisco_test.yml @@ -0,0 +1,39 @@ +--- +- name: test connection and automation for cisco acl + # ansible_connection: ansible.netcommon.network_cli + # ansible_network_os: cisco.ios.ios + # ansible_user: "{{USERNAME}}" + # ansible_password: "{{PASSWORD}}" + # ansible_become: yes + # ansible_become_method: enable + # ansible_become_password: "{{BECOME_PASSWORD}}" + hosts: all + tasks: + # - name: Backup current switch config (ios) + # cisco.ios.ios_config: + # backup: yes + # register: backup_ios_location + # when: ansible_network_os == 'cisco.ios.ios' + + - name: Gather all legacy facts + cisco.ios.ios_facts: + gather_subset: all + register: ios_info + + - name: output info + debug: + var: "ios_info" + + - name: test interface acl ip_configuration + cisco.ios.ios_acl_interfaces: + config: + - name: GigabitEthernet 1/0/10 + access_groups: + - afi: ipv4 + acls: + - name: PG_to_PLC2 + direction: in + state: merged + + + \ No newline at end of file diff --git a/collections/requirements.yaml b/collections/requirements.yaml new file mode 100644 index 0000000..aa969f1 --- /dev/null +++ b/collections/requirements.yaml @@ -0,0 +1,15 @@ +--- +collections: + # - ansible.windows + - name: microsoft.ad + version: 1.3.0 + - ansible.netcommon + - arubanetworks.aos_switch + #- community.windows + # - community.general + # - tribe29.checkmk + # - ansible.posix + # - azure.azcollection +roles: + # - eduardolmedeiros.azcopy + # - arubanetworks.aoscx \ No newline at end of file diff --git a/config/ansible.cfg b/config/ansible.cfg new file mode 100644 index 0000000..5208341 --- /dev/null +++ b/config/ansible.cfg @@ -0,0 +1,11 @@ +[galaxy] +server_list = galaxy + +[galaxy_server.galaxy] +url=https://galaxy.ansible.com/ + + +[defaults] +NETWORK_GROUP_MODULES=arubaoss +host_key_checking = false +stdout_callback = actionable \ No newline at end of file diff --git a/hosts b/hosts new file mode 100644 index 0000000..b11051f --- /dev/null +++ b/hosts @@ -0,0 +1,53 @@ +# [onpremwin] + + +# [onpremlin] +# 10.245.142.148 +# 10.245.142.150 + +# [stage1win] + + + + +# [stage2lin] + +# [linuxadjoin] +# 10.245.142.77 + + +# [switches] +# 10.231.32.100 + +# [switches:vars] +# ansible_python_interpreter=/usr/bin/python3 + +all: + hosts: + children: + onpremwin: + hosts: + awe-mgt-044.adagility.net + vars: + become_method: runas + become: yes + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_transport: kerberos + ansible_winrm_server_cert_validation: ignore + onpremlin: + hosts: + 10.245.142.148 + 10.245.142.150 + stage1win: + hosts: + stage2lin: + hosts: + linuxadjoin: + hosts: + 10.245.142.77 + switches: + hosts: + 10.231.32.100 + vars: + ansible_python_interpreter: /usr/bin/python3 \ No newline at end of file diff --git a/hp.yml b/hp.yml new file mode 100644 index 0000000..1e56aa6 --- /dev/null +++ b/hp.yml @@ -0,0 +1,41 @@ +--- + + - name: VLAN Automation with Ansible on HP Com7 Devices + hosts: switches + gather_facts: no + connection: local + + tasks: + # - name: ensure VLAN 10 exists + # comware_vlan: + # vlanid: 10 + # name: VLAN10_WEB + # descr: LOCALSEGMENT + # username: "{{ username }}" + # password: "{{ password }}" + # hostname: "{{ inventory_hostname }}" + + + - name: get gather_facts + comware_facts: + username: "acladmin" + password: "0V0FKgngLeLqkPvklm9S" + hostname: "{{ inventory_hostname }}" + + + - name: enable acl + comware_acl: + aclid: "{{ aclid }}" + state: "{{ state }}" + groupcg: advanced + name: "{{interface}}" + appdirec: "{{ appdirec }}" + username: "acladmin" + password: "0V0FKgngLeLqkPvklm9S" + hostname: "{{ inventory_hostname }}" + + - name: save running config + comware_save: + username: "{{ username }}" + password: "{{ password }}" + hostname: "{{ inventory_hostname }}" \ No newline at end of file diff --git a/linux.yml b/linux.yml new file mode 100644 index 0000000..ae6f50e --- /dev/null +++ b/linux.yml @@ -0,0 +1,9 @@ +--- +- name: run automation for linux +# become: true +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: linux_install-sentinelone + # - role: linux_install-checkmk \ No newline at end of file diff --git a/linux_add-host-to-checkmk.yml b/linux_add-host-to-checkmk.yml new file mode 100644 index 0000000..0b3f80a --- /dev/null +++ b/linux_add-host-to-checkmk.yml @@ -0,0 +1,13 @@ +--- +- name: run automation for windows + gather_facts: yes + hosts: all + become_method: runas + roles: + - role: linux_add-host-to-checkmk + vars: + hostname: "{{host_name}}" + + + + diff --git a/linux_az-sa-sync.yml b/linux_az-sa-sync.yml new file mode 100644 index 0000000..8a9d3bd --- /dev/null +++ b/linux_az-sa-sync.yml @@ -0,0 +1,14 @@ +--- +- name: sync storage account + become: true + become_user: root +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: linux_sync-sa + vars: + vmhostname: "{{ host }}" + dag: "{{day}}" + maand: "{{month}}" + jaar: "{{year}}" diff --git a/linux_get-az-rginfo.yml b/linux_get-az-rginfo.yml new file mode 100644 index 0000000..548ea47 --- /dev/null +++ b/linux_get-az-rginfo.yml @@ -0,0 +1,17 @@ +--- +- name: get resource group info + # become: true +# become_user: root +# become_method: runas + hosts: localhost + roles: + # - role: linux_update + - role: linux_get-az-rginfo + + environment: + - AZURE_CLIENT_ID: 141cd3f9-e466-4086-bfe9-9d6873a84084 + - AZURE_SECRET: "{{secret}}" + - AZURE_SUBSCRIPTION_ID: dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd + - AZURE_TENANT: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 + + \ No newline at end of file diff --git a/linux_install-checkmk.yml b/linux_install-checkmk.yml new file mode 100644 index 0000000..43bcef5 --- /dev/null +++ b/linux_install-checkmk.yml @@ -0,0 +1,29 @@ +--- +- name: run automation for windows + gather_facts: yes + hosts: all + become_method: sudo + roles: + - role: linux_install-checkmk + tasks: + - name: Add all hosts running this playbook to the done group + ansible.builtin.add_host: + name: '{{ item }}.adagility.net' + groups: checkmk_hosts + loop: "{{ ansible_play_hosts }}" + + + + +- name: Onboard host to checkmk GUI + become: false + # become_user: root + hosts: localhost + roles: + - role: linux_add-host-to-checkmk + tasks: + - name: + debug: + var: item + with_inventory_hostnames: + - checkmk_hosts \ No newline at end of file diff --git a/linux_onboard.yml b/linux_onboard.yml new file mode 100644 index 0000000..f7d726b --- /dev/null +++ b/linux_onboard.yml @@ -0,0 +1,27 @@ +--- +- name: dynamically add ip of target + become: true + hosts: localhost + gather_facts: no + tasks: + - name: make host group from survey hosts list + add_host: + hostname: "{{ipaddr|trim}}" + groups: new_group + +- name: linux Onboard + become: true +# become_method: runas + hosts: new_group,!localhost + roles: + # - role: linux_update + - role: linux_onboard-adagility + vars: + ansible_user: "{{user}}" + ansible_ssh_pass: "{{pass}}" + ansible_become_pass: "{{pass}}" + admin_account: "{{ admin_acc }}" + admin_password: "{{ admin_pass }}" + hostname: "{{ host }}" + tstaccprd: "{{ stage }}" + \ No newline at end of file diff --git a/linux_update.yml b/linux_update.yml new file mode 100644 index 0000000..19da323 --- /dev/null +++ b/linux_update.yml @@ -0,0 +1,7 @@ +--- +- name: run updates for linux + become: true + become_method: sudo + hosts: all + roles: + - role: linux_update diff --git a/roles/aruba_copy-primary-to-secondary/README.md b/roles/aruba_copy-primary-to-secondary/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/aruba_copy-primary-to-secondary/defaults/main.yml b/roles/aruba_copy-primary-to-secondary/defaults/main.yml new file mode 100644 index 0000000..8226a27 --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for aruba_copy-primary-to-secondary diff --git a/roles/aruba_copy-primary-to-secondary/handlers/main.yml b/roles/aruba_copy-primary-to-secondary/handlers/main.yml new file mode 100644 index 0000000..25c8ee1 --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for aruba_copy-primary-to-secondary diff --git a/roles/aruba_copy-primary-to-secondary/meta/main.yml b/roles/aruba_copy-primary-to-secondary/meta/main.yml new file mode 100644 index 0000000..badc164 --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/meta/main.yml @@ -0,0 +1,55 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. +collections: + - arubanetworks.aos_switch + - ansible.netcommon \ No newline at end of file diff --git a/roles/aruba_copy-primary-to-secondary/tasks/main.yml b/roles/aruba_copy-primary-to-secondary/tasks/main.yml new file mode 100644 index 0000000..002f83e --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for aruba_copy-primary-to-secondary diff --git a/roles/aruba_copy-primary-to-secondary/tests/inventory b/roles/aruba_copy-primary-to-secondary/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/aruba_copy-primary-to-secondary/tests/test.yml b/roles/aruba_copy-primary-to-secondary/tests/test.yml new file mode 100644 index 0000000..bddbfbf --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - aruba_copy-primary-to-secondary diff --git a/roles/aruba_copy-primary-to-secondary/vars/main.yml b/roles/aruba_copy-primary-to-secondary/vars/main.yml new file mode 100644 index 0000000..cc81103 --- /dev/null +++ b/roles/aruba_copy-primary-to-secondary/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for aruba_copy-primary-to-secondary diff --git a/roles/aruba_get-boot-info/README.md b/roles/aruba_get-boot-info/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/aruba_get-boot-info/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/aruba_get-boot-info/defaults/main.yml b/roles/aruba_get-boot-info/defaults/main.yml new file mode 100644 index 0000000..1042385 --- /dev/null +++ b/roles/aruba_get-boot-info/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for aruba_get-boot-info diff --git a/roles/aruba_get-boot-info/handlers/main.yml b/roles/aruba_get-boot-info/handlers/main.yml new file mode 100644 index 0000000..97c5990 --- /dev/null +++ b/roles/aruba_get-boot-info/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for aruba_get-boot-info diff --git a/roles/aruba_get-boot-info/meta/main.yml b/roles/aruba_get-boot-info/meta/main.yml new file mode 100644 index 0000000..badc164 --- /dev/null +++ b/roles/aruba_get-boot-info/meta/main.yml @@ -0,0 +1,55 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. +collections: + - arubanetworks.aos_switch + - ansible.netcommon \ No newline at end of file diff --git a/roles/aruba_get-boot-info/tasks/main.yml b/roles/aruba_get-boot-info/tasks/main.yml new file mode 100644 index 0000000..f9c69bb --- /dev/null +++ b/roles/aruba_get-boot-info/tasks/main.yml @@ -0,0 +1,29 @@ +--- + # tasks file for aruba_get-boot-info + - name: Execute show flash on the switch + arubaoss_command: + commands: ['show flash'] + register: flash + - name: set facts for boot images + ansible.builtin.set_fact: + primary: "{{ (flash.stdout_lines[0][2] | split(':'))[1] | trim }}" + primary_version: "{{ (((((flash.stdout_lines[0][2] | split(':'))[1]) | split(' '))[6]) | split('.'))[1:] | join('.') }}" + secondary: "{{ (flash.stdout_lines[0][3] | split(':'))[1] | trim }}" + boot: "{{ (flash.stdout_lines[0][9] | split(':'))[1] | trim }}" + type: "{{ (((((flash.stdout_lines[0][2] | split(':'))[1]) | split(' '))[6]) | split('.'))[0] }}" + + - name: show primary boot image version + debug: + var: primary + - name: show secondary boot image version + debug: + var: secondary + - name: show default boot + debug: + var: boot + - name: show type + debug: + var: type + - name: show primary version + debug: + var: primary_version \ No newline at end of file diff --git a/roles/aruba_get-boot-info/tests/inventory b/roles/aruba_get-boot-info/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/aruba_get-boot-info/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/aruba_get-boot-info/tests/test.yml b/roles/aruba_get-boot-info/tests/test.yml new file mode 100644 index 0000000..4f5e2c7 --- /dev/null +++ b/roles/aruba_get-boot-info/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - aruba_get-boot-info diff --git a/roles/aruba_get-boot-info/vars/main.yml b/roles/aruba_get-boot-info/vars/main.yml new file mode 100644 index 0000000..a2cd215 --- /dev/null +++ b/roles/aruba_get-boot-info/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for aruba_get-boot-info diff --git a/roles/aruba_get-ntp-info/README.md b/roles/aruba_get-ntp-info/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/aruba_get-ntp-info/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/aruba_get-ntp-info/defaults/main.yml b/roles/aruba_get-ntp-info/defaults/main.yml new file mode 100644 index 0000000..7e4c87c --- /dev/null +++ b/roles/aruba_get-ntp-info/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for aruba_get-ntp-info diff --git a/roles/aruba_get-ntp-info/handlers/main.yml b/roles/aruba_get-ntp-info/handlers/main.yml new file mode 100644 index 0000000..316f6f8 --- /dev/null +++ b/roles/aruba_get-ntp-info/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for aruba_get-ntp-info diff --git a/roles/aruba_get-ntp-info/meta/main.yml b/roles/aruba_get-ntp-info/meta/main.yml new file mode 100644 index 0000000..badc164 --- /dev/null +++ b/roles/aruba_get-ntp-info/meta/main.yml @@ -0,0 +1,55 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. +collections: + - arubanetworks.aos_switch + - ansible.netcommon \ No newline at end of file diff --git a/roles/aruba_get-ntp-info/tasks/main.yml b/roles/aruba_get-ntp-info/tasks/main.yml new file mode 100644 index 0000000..b8c5098 --- /dev/null +++ b/roles/aruba_get-ntp-info/tasks/main.yml @@ -0,0 +1,13 @@ +--- + # tasks file for aruba_get-boot-info + - name: Execute show ntp on the switch + arubaoss_command: + commands: ['show ntp status'] + register: ntp + - name: set facts for boot images + ansible.builtin.set_fact: + ntp_status: "{{ ((((ntp.stdout_lines[0][3]) | split(':'))[1]) | split(' '))[1] }}" + + - name: show primary boot image version + debug: + var: ntp_status diff --git a/roles/aruba_get-ntp-info/tests/inventory b/roles/aruba_get-ntp-info/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/aruba_get-ntp-info/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/aruba_get-ntp-info/tests/test.yml b/roles/aruba_get-ntp-info/tests/test.yml new file mode 100644 index 0000000..8e1cb3a --- /dev/null +++ b/roles/aruba_get-ntp-info/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - aruba_get-ntp-info diff --git a/roles/aruba_get-ntp-info/vars/main.yml b/roles/aruba_get-ntp-info/vars/main.yml new file mode 100644 index 0000000..f84785f --- /dev/null +++ b/roles/aruba_get-ntp-info/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for aruba_get-ntp-info diff --git a/roles/aruba_prepare-rest/README.md b/roles/aruba_prepare-rest/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/aruba_prepare-rest/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/aruba_prepare-rest/defaults/main.yml b/roles/aruba_prepare-rest/defaults/main.yml new file mode 100644 index 0000000..d125ddc --- /dev/null +++ b/roles/aruba_prepare-rest/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for aruba_prepare-rest diff --git a/roles/aruba_prepare-rest/handlers/main.yml b/roles/aruba_prepare-rest/handlers/main.yml new file mode 100644 index 0000000..2d04d81 --- /dev/null +++ b/roles/aruba_prepare-rest/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for aruba_prepare-rest diff --git a/roles/aruba_prepare-rest/meta/main.yml b/roles/aruba_prepare-rest/meta/main.yml new file mode 100644 index 0000000..badc164 --- /dev/null +++ b/roles/aruba_prepare-rest/meta/main.yml @@ -0,0 +1,55 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. +collections: + - arubanetworks.aos_switch + - ansible.netcommon \ No newline at end of file diff --git a/roles/aruba_prepare-rest/tasks/main.yml b/roles/aruba_prepare-rest/tasks/main.yml new file mode 100644 index 0000000..7377541 --- /dev/null +++ b/roles/aruba_prepare-rest/tasks/main.yml @@ -0,0 +1,16 @@ +--- +# tasks file for aruba_prepare-rest + +- name: Enable rest api + arubaoss_command: + commands: [ 'config', + 'crypto pki identity-profile sys-switchupgrade subject common-name sys-switchupgrade', + 'crypto pki enroll-self-signed certificate-name upgrade', + 'web-management ssl', + 'rest-interface', + 'aaa authentication rest login radius local', + 'aaa authentication rest enable radius local', + 'ip dns domain-name "adagility.net"', + 'ip dns server-address priority 1 10.245.142.82', + 'ip dns server-address priority 2 10.245.3.40'] + diff --git a/roles/aruba_prepare-rest/tests/inventory b/roles/aruba_prepare-rest/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/aruba_prepare-rest/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/aruba_prepare-rest/tests/test.yml b/roles/aruba_prepare-rest/tests/test.yml new file mode 100644 index 0000000..146a6ef --- /dev/null +++ b/roles/aruba_prepare-rest/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - aruba_prepare-rest diff --git a/roles/aruba_prepare-rest/vars/main.yml b/roles/aruba_prepare-rest/vars/main.yml new file mode 100644 index 0000000..7e519b2 --- /dev/null +++ b/roles/aruba_prepare-rest/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for aruba_prepare-rest diff --git a/roles/awx_create-inventory-from-list/.travis.yml b/roles/awx_create-inventory-from-list/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/awx_create-inventory-from-list/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/awx_create-inventory-from-list/README.md b/roles/awx_create-inventory-from-list/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/awx_create-inventory-from-list/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/awx_create-inventory-from-list/defaults/main.yml b/roles/awx_create-inventory-from-list/defaults/main.yml new file mode 100644 index 0000000..3665734 --- /dev/null +++ b/roles/awx_create-inventory-from-list/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for awx_create-inventory-from-list diff --git a/roles/awx_create-inventory-from-list/handlers/main.yml b/roles/awx_create-inventory-from-list/handlers/main.yml new file mode 100644 index 0000000..90dc4db --- /dev/null +++ b/roles/awx_create-inventory-from-list/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for awx_create-inventory-from-list diff --git a/roles/awx_create-inventory-from-list/meta/main.yml b/roles/awx_create-inventory-from-list/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/awx_create-inventory-from-list/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/awx_create-inventory-from-list/tasks/main.yml b/roles/awx_create-inventory-from-list/tasks/main.yml new file mode 100644 index 0000000..1bcab81 --- /dev/null +++ b/roles/awx_create-inventory-from-list/tasks/main.yml @@ -0,0 +1,22 @@ +--- +# tasks file for awx_create-inventory-from-list +- name: Add inventory + awx.awx.inventory: + name: "Azure Arc enabled hosts (dynamic)" + description: "Hosts synced from the azure arc prd resource group" + organization: "Aperam" + state: present + controller_host: https://awx-prd.aperam.internal + controller_oauthtoken: "{{oauth}}" + validate_certs: false + +- name: add hosts to inventory + awx.awx.host: + inventory: "Azure Arc enabled hosts (dynamic)" + name: "{{item}}" + state: present + controller_host: https://awx-prd.aperam.internal + controller_oauthtoken: "{{oauth}}" + validate_certs: false + enabled: true + with_items: "{{namen}}" diff --git a/roles/awx_create-inventory-from-list/tests/inventory b/roles/awx_create-inventory-from-list/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/awx_create-inventory-from-list/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/awx_create-inventory-from-list/tests/test.yml b/roles/awx_create-inventory-from-list/tests/test.yml new file mode 100644 index 0000000..f8caac9 --- /dev/null +++ b/roles/awx_create-inventory-from-list/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - awx_create-inventory-from-list diff --git a/roles/awx_create-inventory-from-list/vars/main.yml b/roles/awx_create-inventory-from-list/vars/main.yml new file mode 100644 index 0000000..5c010c5 --- /dev/null +++ b/roles/awx_create-inventory-from-list/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for awx_create-inventory-from-list diff --git a/roles/awx_import-hosts-from-list/README.md b/roles/awx_import-hosts-from-list/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/awx_import-hosts-from-list/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/awx_import-hosts-from-list/defaults/main.yml b/roles/awx_import-hosts-from-list/defaults/main.yml new file mode 100644 index 0000000..c5a8473 --- /dev/null +++ b/roles/awx_import-hosts-from-list/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for awx_import-hosts-from-list diff --git a/roles/awx_import-hosts-from-list/handlers/main.yml b/roles/awx_import-hosts-from-list/handlers/main.yml new file mode 100644 index 0000000..df9ce14 --- /dev/null +++ b/roles/awx_import-hosts-from-list/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for awx_import-hosts-from-list diff --git a/roles/awx_import-hosts-from-list/meta/main.yml b/roles/awx_import-hosts-from-list/meta/main.yml new file mode 100644 index 0000000..ea68190 --- /dev/null +++ b/roles/awx_import-hosts-from-list/meta/main.yml @@ -0,0 +1,34 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/awx_import-hosts-from-list/tasks/main.yml b/roles/awx_import-hosts-from-list/tasks/main.yml new file mode 100644 index 0000000..a96c19c --- /dev/null +++ b/roles/awx_import-hosts-from-list/tasks/main.yml @@ -0,0 +1,22 @@ +--- +# tasks file for awx_import-hosts-from-list + - name: create list + set_fact: + namen: [] + + - name: add hosts to list + set_fact: + namen: "{{ aruba_devices | split('\n') }}" + + - name: + debug: + var: namen + - name: make host group from survey hosts list + add_host: + hostname: "{{ item }}" + groups: aruba_hosts + ansible_user: sys-switchupgrade + ansible_password: "{{aruba_pass}}" + ansible_network_os: arubanetworks.aos_switch.arubaoss + with_items: "{{namen}}" + no_log: true \ No newline at end of file diff --git a/roles/awx_import-hosts-from-list/tests/inventory b/roles/awx_import-hosts-from-list/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/awx_import-hosts-from-list/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/awx_import-hosts-from-list/tests/test.yml b/roles/awx_import-hosts-from-list/tests/test.yml new file mode 100644 index 0000000..1aca3b3 --- /dev/null +++ b/roles/awx_import-hosts-from-list/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - awx_import-hosts-from-list diff --git a/roles/awx_import-hosts-from-list/vars/main.yml b/roles/awx_import-hosts-from-list/vars/main.yml new file mode 100644 index 0000000..d4858ca --- /dev/null +++ b/roles/awx_import-hosts-from-list/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for awx_import-hosts-from-list diff --git a/roles/azure_create-vnet/.travis.yml b/roles/azure_create-vnet/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_create-vnet/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_create-vnet/README.md b/roles/azure_create-vnet/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_create-vnet/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_create-vnet/defaults/main.yml b/roles/azure_create-vnet/defaults/main.yml new file mode 100644 index 0000000..9184a3b --- /dev/null +++ b/roles/azure_create-vnet/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for azure_create-vnet diff --git a/roles/azure_create-vnet/handlers/main.yml b/roles/azure_create-vnet/handlers/main.yml new file mode 100644 index 0000000..a554b15 --- /dev/null +++ b/roles/azure_create-vnet/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure_create-vnet diff --git a/roles/azure_create-vnet/meta/main.yml b/roles/azure_create-vnet/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_create-vnet/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_create-vnet/tasks/main.yml b/roles/azure_create-vnet/tasks/main.yml new file mode 100644 index 0000000..a82dd58 --- /dev/null +++ b/roles/azure_create-vnet/tasks/main.yml @@ -0,0 +1,14 @@ +--- +# tasks file for azure_create-vnet + - name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{RG_name}}" + name: vNet + address_prefixes: "10.0.0.0/16" + + - name: Add subnet + azure_rm_subnet: + resource_group: "{{RG_name}}" + name: subnet + address_prefix: "10.0.1.0/24" + virtual_network: vNet \ No newline at end of file diff --git a/roles/azure_create-vnet/tests/inventory b/roles/azure_create-vnet/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_create-vnet/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_create-vnet/tests/test.yml b/roles/azure_create-vnet/tests/test.yml new file mode 100644 index 0000000..2f4eedb --- /dev/null +++ b/roles/azure_create-vnet/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure_create-vnet diff --git a/roles/azure_create-vnet/vars/main.yml b/roles/azure_create-vnet/vars/main.yml new file mode 100644 index 0000000..f8fd2c3 --- /dev/null +++ b/roles/azure_create-vnet/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure_create-vnet diff --git a/roles/azure_createRG/.travis.yml b/roles/azure_createRG/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_createRG/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_createRG/README.md b/roles/azure_createRG/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_createRG/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_createRG/defaults/main.yml b/roles/azure_createRG/defaults/main.yml new file mode 100644 index 0000000..031cd49 --- /dev/null +++ b/roles/azure_createRG/defaults/main.yml @@ -0,0 +1,8 @@ +--- +# defaults file for azure-createRG +tag_division: "Corporate" +tag_scope: "Europe" +tag_organizational: "ITInfrastructure" +tag_environment: "TST" +tag_businessapplicationowner: bram.vandendaele@aperam.com +tag_applicationname: "demo" diff --git a/roles/azure_createRG/handlers/main.yml b/roles/azure_createRG/handlers/main.yml new file mode 100644 index 0000000..6828ff1 --- /dev/null +++ b/roles/azure_createRG/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure-createRG diff --git a/roles/azure_createRG/meta/main.yml b/roles/azure_createRG/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_createRG/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_createRG/tasks/main.yml b/roles/azure_createRG/tasks/main.yml new file mode 100644 index 0000000..c0b2a90 --- /dev/null +++ b/roles/azure_createRG/tasks/main.yml @@ -0,0 +1,13 @@ +--- +# tasks file for azure-createRG +- name: Create a resource group + azure.azcollection.azure_rm_resourcegroup: + name: "{{ RG_name }}" + location: westeurope + tags: + Division: "{{ tag_division }}" + Scope: "{{ tag_scope }}" + Organizational: "{{ tag_organizational }}" + ApplicationName: "{{ tag_applicationname }}" + Environment: "{{ tag_environment }}" + BusinessApplicationOwner: "{{ tag_businessapplicationowner }}" diff --git a/roles/azure_createRG/tests/inventory b/roles/azure_createRG/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_createRG/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_createRG/tests/test.yml b/roles/azure_createRG/tests/test.yml new file mode 100644 index 0000000..01bdd83 --- /dev/null +++ b/roles/azure_createRG/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure-createRG diff --git a/roles/azure_createRG/vars/main.yml b/roles/azure_createRG/vars/main.yml new file mode 100644 index 0000000..f3333db --- /dev/null +++ b/roles/azure_createRG/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure-createRG diff --git a/roles/azure_createlinvm/.travis.yml b/roles/azure_createlinvm/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_createlinvm/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_createlinvm/README.md b/roles/azure_createlinvm/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_createlinvm/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_createlinvm/defaults/main.yml b/roles/azure_createlinvm/defaults/main.yml new file mode 100644 index 0000000..2c676d9 --- /dev/null +++ b/roles/azure_createlinvm/defaults/main.yml @@ -0,0 +1,3 @@ +--- +# defaults file for azure-createwindowsvm +vmsize: Standard_DS1_v2 \ No newline at end of file diff --git a/roles/azure_createlinvm/handlers/main.yml b/roles/azure_createlinvm/handlers/main.yml new file mode 100644 index 0000000..63cb507 --- /dev/null +++ b/roles/azure_createlinvm/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure-createwindowsvm diff --git a/roles/azure_createlinvm/meta/main.yml b/roles/azure_createlinvm/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_createlinvm/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_createlinvm/tasks/main.yml b/roles/azure_createlinvm/tasks/main.yml new file mode 100644 index 0000000..c78ac4f --- /dev/null +++ b/roles/azure_createlinvm/tasks/main.yml @@ -0,0 +1,79 @@ +--- +# tasks file for azure-createwindowsvm + # - name: Create public IP address + # azure_rm_publicipaddress: + # resource_group: "{{RG_name}}" + # allocation_method: Static + # name: "{{hostname}}-pip" + # register: output_ip_address + + # - name: Output public IP + # debug: + # msg: "The public IP is {{ output_ip_address.state.ip_address }}" + + + - name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: "{{RG_name}}" + register: rginfo + - name: Create a network interface + azure_rm_networkinterface: + name: "{{hostname}}-nic" + resource_group: "{{RG_name}}" + location: westeurope + virtual_network: "/subscriptions/a7f4215b-c8f8-45ac-8fdd-062c940b02f6/resourceGroups/rg-network-glb-02/providers/Microsoft.Network/virtualNetworks/vnet-awe-glb-02" + subnet_name: "{{subnetname}}" + enable_accelerated_networking: True + security_group: "/subscriptions/a7f4215b-c8f8-45ac-8fdd-062c940b02f6/resourceGroups/rg-network-glb-02/providers/Microsoft.Network/networkSecurityGroups/nsg-glb-02-green" + ip_configurations: + - name: default + # public_ip_address_name: "{{hostname}}-pip" + primary: True + register: new_nic + + - name: Get private IP of NIC + azure_rm_networkinterface_info: + resource_group: "{{RG_name}}" + name: "{{hostname}}-nic" + register: nic_info + + - name: Display private IP of NIC + debug: + var: "nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address" + - name: Get facts by name + azure_rm_virtualmachine_info: + resource_group: "{{RG_name}}" + name: "{{hostname}}" + register: vmexist + + - name: Create VM + azure_rm_virtualmachine: + resource_group: "{{RG_name}}" + name: "{{hostname}}" + vm_size: "{{vmsize}}" + admin_username: ApeAdmin + admin_password: "{{ password }}" + network_interfaces: "{{hostname}}-nic" + os_type: Linux + boot_diagnostics: + enabled: false + managed_disk_type: "Premium_LRS" + os_disk_name: "{{hostname}}-osdisk" + os_disk_size_gb: 128 + image: + offer: "{{lin_offer}}" + publisher: Canonical + sku: "{{lin_sku}}" + version: latest + tags: + Dexcare: "{{tag_dexcare}}" + ApplicationITContact: "{{tag_ApplicationITContact}}" + DexMach_Protection: "ManagedByOther" + Schedule: "{{tag_Schedule}}" + ServiceHours: "{{tag_ServiceHours}}" + Criticality: "{{tag_Criticality}}" + UpdateSchedule: "{{tag_UpdateSchedule}}" + TeamSpecialist: "{{tag_TeamSpecialist}}" + no_log: false + when: vmexist is failed + \ No newline at end of file diff --git a/roles/azure_createlinvm/tests/inventory b/roles/azure_createlinvm/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_createlinvm/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_createlinvm/tests/test.yml b/roles/azure_createlinvm/tests/test.yml new file mode 100644 index 0000000..7492cf4 --- /dev/null +++ b/roles/azure_createlinvm/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure-createlinvm diff --git a/roles/azure_createlinvm/vars/main.yml b/roles/azure_createlinvm/vars/main.yml new file mode 100644 index 0000000..8adab0d --- /dev/null +++ b/roles/azure_createlinvm/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure-createwindowsvm diff --git a/roles/azure_createwindowsvm-demo/.travis.yml b/roles/azure_createwindowsvm-demo/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_createwindowsvm-demo/README.md b/roles/azure_createwindowsvm-demo/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_createwindowsvm-demo/defaults/main.yml b/roles/azure_createwindowsvm-demo/defaults/main.yml new file mode 100644 index 0000000..2c676d9 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/defaults/main.yml @@ -0,0 +1,3 @@ +--- +# defaults file for azure-createwindowsvm +vmsize: Standard_DS1_v2 \ No newline at end of file diff --git a/roles/azure_createwindowsvm-demo/handlers/main.yml b/roles/azure_createwindowsvm-demo/handlers/main.yml new file mode 100644 index 0000000..63cb507 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure-createwindowsvm diff --git a/roles/azure_createwindowsvm-demo/meta/main.yml b/roles/azure_createwindowsvm-demo/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_createwindowsvm-demo/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_createwindowsvm-demo/tasks/main.yml b/roles/azure_createwindowsvm-demo/tasks/main.yml new file mode 100644 index 0000000..43d8459 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/tasks/main.yml @@ -0,0 +1,123 @@ +--- +# tasks file for azure-createwindowsvm + # - name: Create public IP address + # azure_rm_publicipaddress: + # resource_group: "{{RG_name}}" + # allocation_method: Static + # name: "{{hostname}}-pip" + # register: output_ip_address + + # - name: Output public IP + # debug: + # msg: "The public IP is {{ output_ip_address.state.ip_address }}" + + + - name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: "{{RG_name}}" + register: rginfo + - name: Create a network interface + azure_rm_networkinterface: + name: "{{hostname}}-nic" + resource_group: "{{RG_name}}" + location: westeurope + virtual_network: "/subscriptions/dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd/resourceGroups/rg-network-tst-01/providers/Microsoft.Network/virtualNetworks/vnet-awe-tst-01" + subnet_name: "{{subnetname}}" + enable_accelerated_networking: True + security_group: "/subscriptions/dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd/resourceGroups/rg-network-tst-01/providers/Microsoft.Network/networkSecurityGroups/nsg-tst-01-green" + ip_configurations: + - name: default + # public_ip_address_name: "{{hostname}}-pip" + primary: True + register: new_nic + + - name: Get private IP of NIC + azure_rm_networkinterface_info: + resource_group: "{{RG_name}}" + name: "{{hostname}}-nic" + register: nic_info + + - name: Display private IP of NIC + debug: + var: "nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address" + + - name: Create VM + azure_rm_virtualmachine: + resource_group: "{{RG_name}}" + name: "{{hostname}}" + vm_size: "{{vmsize}}" + admin_username: ApeAdmin + admin_password: "{{ password }}" + network_interfaces: "{{hostname}}-nic" + os_type: Windows + boot_diagnostics: + enabled: false + managed_disk_type: "Premium_LRS" + os_disk_name: "{{hostname}}-osdisk" + os_disk_size_gb: 128 + image: + offer: WindowsServer + publisher: MicrosoftWindowsServer + sku: "{{win_sku}}" + version: latest + tags: + Dexcare: "{{tag_dexcare}}" + ApplicationITContact: "{{tag_ApplicationITContact}}" + DexMach_Protection: "ManagedByOther" + Schedule: "{{tag_Schedule}}" + ServiceHours: "{{tag_ServiceHours}}" + Criticality: "{{tag_Criticality}}" + UpdateSchedule: "{{tag_UpdateSchedule}}" + TeamSpecialist: "{{tag_TeamSpecialist}}" + no_log: false + + # - name: Create VM script extension to enable HTTPS WinRM listener + # azure_rm_virtualmachineextension: + # name: winrm-extension + # resource_group: "{{RG_name}}" + # virtual_machine_name: "{{hostname}}" + # publisher: Microsoft.Compute + # virtual_machine_extension_type: CustomScriptExtension + # type_handler_version: '1.9' + # settings: '{"fileUris": ["https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"],"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ConfigureRemotingForAnsible.ps1"}' + # auto_upgrade_minor_version: true + + - name: Enable winrm + azure_rm_virtualmachineextension: + name: winrm-extension + resource_group: "{{RG_name}}" + virtual_machine_name: "{{hostname}}" + publisher: Microsoft.Compute + virtual_machine_extension_type: CustomScriptExtension + type_handler_version: '1.9' + settings: '{"commandToExecute": "powershell winrm quickconfig -force"}' + auto_upgrade_minor_version: true + + - name: Open port + azure_rm_virtualmachineextension: + name: winrm-extension + resource_group: "{{RG_name}}" + virtual_machine_name: "{{hostname}}" + publisher: Microsoft.Compute + virtual_machine_extension_type: CustomScriptExtension + type_handler_version: '1.9' + settings: {"commandToExecute": "powershell New-NetFirewallRule -DisplayName 'Winrm' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 5985"} + auto_upgrade_minor_version: true + + + +# - name: Get facts for one Public IP +# azure_rm_publicipaddress_info: +# resource_group: "{{RG_name}}" +# name: "{{hostname}}-pip" +# register: publicipaddresses + +# - name: set public ip address fact +# set_fact: publicipaddress="{{ publicipaddresses | json_query('publicipaddresses[0].ip_address')}}" + + - name: wait for the WinRM port to come online + wait_for: + port: 5985 + host: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + timeout: 6 + \ No newline at end of file diff --git a/roles/azure_createwindowsvm-demo/tests/inventory b/roles/azure_createwindowsvm-demo/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_createwindowsvm-demo/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_createwindowsvm-demo/tests/test.yml b/roles/azure_createwindowsvm-demo/tests/test.yml new file mode 100644 index 0000000..17a69f5 --- /dev/null +++ b/roles/azure_createwindowsvm-demo/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure-createwindowsvm diff --git a/roles/azure_createwindowsvm-demo/vars/main.yml b/roles/azure_createwindowsvm-demo/vars/main.yml new file mode 100644 index 0000000..8adab0d --- /dev/null +++ b/roles/azure_createwindowsvm-demo/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure-createwindowsvm diff --git a/roles/azure_createwindowsvm/.travis.yml b/roles/azure_createwindowsvm/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_createwindowsvm/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_createwindowsvm/README.md b/roles/azure_createwindowsvm/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_createwindowsvm/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_createwindowsvm/defaults/main.yml b/roles/azure_createwindowsvm/defaults/main.yml new file mode 100644 index 0000000..f108f72 --- /dev/null +++ b/roles/azure_createwindowsvm/defaults/main.yml @@ -0,0 +1,4 @@ +--- +# defaults file for azure-createwindowsvm +vmsize: Standard_DS1_v2 +location: westeurope \ No newline at end of file diff --git a/roles/azure_createwindowsvm/handlers/main.yml b/roles/azure_createwindowsvm/handlers/main.yml new file mode 100644 index 0000000..63cb507 --- /dev/null +++ b/roles/azure_createwindowsvm/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure-createwindowsvm diff --git a/roles/azure_createwindowsvm/meta/main.yml b/roles/azure_createwindowsvm/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_createwindowsvm/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_createwindowsvm/tasks/main.yml b/roles/azure_createwindowsvm/tasks/main.yml new file mode 100644 index 0000000..7a157fe --- /dev/null +++ b/roles/azure_createwindowsvm/tasks/main.yml @@ -0,0 +1,153 @@ +--- +# This Ansible playbook is designed to create a Windows virtual machine (VM) in Azure and perform several setup tasks on it. +# The tasks are executed on the localhost and are divided into several parts: +# +# 1. Get facts for one resource group: The playbook starts by gathering information about the Azure resource group where the VM will be created. +# 2. Create a network interface: The playbook then creates a network interface for the VM. The network interface is associated with a specific virtual network and subnet. +# 3. Get private IP of NIC: The playbook retrieves the private IP address of the newly created network interface. +# 4. Create VM: The playbook creates the VM. The VM is associated with the previously created network interface. The VM is configured with a specific size, admin username and password, OS type, managed disk type, and image. The VM is also tagged with several key-value pairs. +# 5. Enable WinRM and Open Port 5985: The playbook enables Windows Remote Management (WinRM) on the VM and opens port 5985. This is done using a VM extension that runs a PowerShell command. +# 6. Wait for WinRM HTTP Port to Come Online: The playbook waits for the WinRM HTTP port (5985) to come online. This is done using the wait_for module. +# 7. Get VM Facts: The playbook retrieves information about the newly created VM. +# 8. Set the Correct Recovery Service Vault: The playbook sets the recovery service vault for the VM. The recovery service vault is set to 'backupvault-awe-01' if the accdevtest variable is set to 'PRD', and 'backupvault-awe-03' otherwise. +# +# In all tasks, the resource_group parameter is set to the RG_name variable, and the name parameter is set to the hostname variable. The playbook uses the azure_rm modules to interact with Azure. + +# tasks file for azure-createwindowsvm + - name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: "{{RG_name}}" + register: rginfo + - name: Create a network interface + azure_rm_networkinterface: + name: "{{hostname}}-nic" + resource_group: "{{RG_name}}" + location: "{{location}}" + # virtual_network: "/subscriptions/a7f4215b-c8f8-45ac-8fdd-062c940b02f6/resourceGroups/rg-network-glb-02/providers/Microsoft.Network/virtualNetworks/vnet-awe-glb-02" + virtual_network: "{{ vnetid }}" + subnet_name: "{{subnetname}}" + enable_accelerated_networking: True + create_with_security_group: false + #security_group: "/subscriptions/a7f4215b-c8f8-45ac-8fdd-062c940b02f6/resourceGroups/rg-network-glb-02/providers/Microsoft.Network/networkSecurityGroups/nsg-glb-02-green" + ip_configurations: + - name: default + # public_ip_address_name: "{{hostname}}-pip" + primary: True + register: new_nic + + - name: Get private IP of NIC + azure_rm_networkinterface_info: + resource_group: "{{RG_name}}" + name: "{{hostname}}-nic" + register: nic_info + + - name: Display private IP of NIC + debug: + var: "nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address" + + - name: Create VM + azure_rm_virtualmachine: + resource_group: "{{RG_name}}" + name: "{{hostname}}" + vm_size: "{{vmsize}}" + admin_username: ApeAdmin + admin_password: "{{ password }}" + network_interfaces: "{{hostname}}-nic" + os_type: Windows + boot_diagnostics: + enabled: false + managed_disk_type: "Premium_LRS" + os_disk_name: "{{hostname}}-osdisk" + os_disk_size_gb: 128 + os_disk_caching: "ReadWrite" + image: + offer: "{{ vm_offer }}" + publisher: "{{ vm_publisher }}" + sku: "{{win_sku}}" + version: latest + license_type: Windows_Server + tags: + Dexcare: "{{tag_dexcare}}" + ApplicationITContact: "{{tag_ApplicationITContact}}" + DexMach_IaaSOperations: "NoMDEAgent,NoProtection" + Schedule: "{{tag_Schedule}}" + ServiceHours: "{{tag_ServiceHours}}" + Criticality: "{{tag_Criticality}}" + UpdateSchedule: "{{tag_UpdateSchedule}}" + TeamSpecialist: "{{tag_TeamSpecialist}}" + NotificationTeam: "{{tag_NotificationTeam}}" + no_log: true + + # - name: Create VM script extension to enable HTTPS WinRM listener + # azure_rm_virtualmachineextension: + # name: winrm-extension + # resource_group: "{{RG_name}}" + # virtual_machine_name: "{{hostname}}" + # publisher: Microsoft.Compute + # virtual_machine_extension_type: CustomScriptExtension + # type_handler_version: '1.9' + # settings: '{"fileUris": ["https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"],"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ConfigureRemotingForAnsible.ps1"}' + # auto_upgrade_minor_version: true + +# - name: Get facts for one Public IP +# azure_rm_publicipaddress_info: +# resource_group: "{{RG_name}}" +# name: "{{hostname}}-pip" +# register: publicipaddresses + +# - name: set public ip address fact +# set_fact: publicipaddress="{{ publicipaddresses | json_query('publicipaddresses[0].ip_address')}}" + + # - name: wait for the WinRM HTTP port to come online + # wait_for: + # port: 5985 + # host: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + # timeout: 60 + # ignore_errors: true + + - name: Enable winrm + open port 5985 + azure_rm_virtualmachineextension: + name: winrm-extension + resource_group: "{{RG_name}}" + virtual_machine_name: "{{hostname}}" + publisher: Microsoft.Compute + virtual_machine_extension_type: CustomScriptExtension + type_handler_version: '1.9' + settings: {"commandToExecute": "powershell winrm quickconfig -force; New-NetFirewallRule -DisplayName 'Winrm' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 5985"} + auto_upgrade_minor_version: true + + - name: wait for the WinRM HTTP port to come online + wait_for: + port: 5985 + host: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}" + timeout: 60 + ignore_errors: true + + + - name: get vm facts + azure_rm_virtualmachine_info: + resource_group: "{{RG_name}}" + name: "{{hostname}}" + register: vminfo + - name: Display vm id + debug: + var: "vminfo.vms[0].id" + - name: set the correct recovery service vault + azure.azcollection.azure_rm_backupazurevm: + resource_group: "{{vaultRg}}" + recovery_vault_name: "{{vaultName}}" + resource_id: "{{vminfo.vms[0].id}}" + backup_policy_id: "{{vaultId}}" + + #when: accdevtest == 'PRD' + ignore_errors: true + + # - name: set the correct recovery service vault if not PRD + # azure.azcollection.azure_rm_backupazurevm: + # resource_group: 'rg-management-awe' + # recovery_vault_name: 'backupvault-awe-03' + # resource_id: "{{vminfo.vms[0].id}}" + # backup_policy_id: '/subscriptions/a7f4215b-c8f8-45ac-8fdd-062c940b02f6/resourceGroups/rg-management-awe/providers/Microsoft.RecoveryServices/vaults/backupvault-awe-03/backupPolicies/Daily-Ret3M-Schedule' + # when: accdevtest != 'PRD' + # ignore_errors: true + diff --git a/roles/azure_createwindowsvm/tests/inventory b/roles/azure_createwindowsvm/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_createwindowsvm/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_createwindowsvm/tests/test.yml b/roles/azure_createwindowsvm/tests/test.yml new file mode 100644 index 0000000..17a69f5 --- /dev/null +++ b/roles/azure_createwindowsvm/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure-createwindowsvm diff --git a/roles/azure_createwindowsvm/vars/main.yml b/roles/azure_createwindowsvm/vars/main.yml new file mode 100644 index 0000000..8adab0d --- /dev/null +++ b/roles/azure_createwindowsvm/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure-createwindowsvm diff --git a/roles/azure_delete-rg/.travis.yml b/roles/azure_delete-rg/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_delete-rg/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_delete-rg/README.md b/roles/azure_delete-rg/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_delete-rg/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_delete-rg/defaults/main.yml b/roles/azure_delete-rg/defaults/main.yml new file mode 100644 index 0000000..c91a5ad --- /dev/null +++ b/roles/azure_delete-rg/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for azure_delete-rg diff --git a/roles/azure_delete-rg/handlers/main.yml b/roles/azure_delete-rg/handlers/main.yml new file mode 100644 index 0000000..c170b62 --- /dev/null +++ b/roles/azure_delete-rg/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure_delete-rg diff --git a/roles/azure_delete-rg/meta/main.yml b/roles/azure_delete-rg/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_delete-rg/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_delete-rg/tasks/main.yml b/roles/azure_delete-rg/tasks/main.yml new file mode 100644 index 0000000..fef9f49 --- /dev/null +++ b/roles/azure_delete-rg/tasks/main.yml @@ -0,0 +1,7 @@ +--- +# tasks file for azure_delete-rg +- name: Delete a resource group including resources it contains + azure_rm_resourcegroup: + name: "{{RG_name}}" + force_delete_nonempty: yes + state: absent \ No newline at end of file diff --git a/roles/azure_delete-rg/tests/inventory b/roles/azure_delete-rg/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_delete-rg/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_delete-rg/tests/test.yml b/roles/azure_delete-rg/tests/test.yml new file mode 100644 index 0000000..3e3825e --- /dev/null +++ b/roles/azure_delete-rg/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure_delete-rg diff --git a/roles/azure_delete-rg/vars/main.yml b/roles/azure_delete-rg/vars/main.yml new file mode 100644 index 0000000..89060ea --- /dev/null +++ b/roles/azure_delete-rg/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure_delete-rg diff --git a/roles/azure_get-expiring-tokens-az/.travis.yml b/roles/azure_get-expiring-tokens-az/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_get-expiring-tokens-az/README.md b/roles/azure_get-expiring-tokens-az/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_get-expiring-tokens-az/defaults/main.yml b/roles/azure_get-expiring-tokens-az/defaults/main.yml new file mode 100644 index 0000000..fcff69d --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_get-expiring-tokens-az diff --git a/roles/azure_get-expiring-tokens-az/handlers/main.yml b/roles/azure_get-expiring-tokens-az/handlers/main.yml new file mode 100644 index 0000000..6a0b7d3 --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_get-expiring-tokens-az diff --git a/roles/azure_get-expiring-tokens-az/meta/main.yml b/roles/azure_get-expiring-tokens-az/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_get-expiring-tokens-az/tasks/main.yml b/roles/azure_get-expiring-tokens-az/tasks/main.yml new file mode 100644 index 0000000..1a774df --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/tasks/main.yml @@ -0,0 +1,48 @@ +--- +# tasks file for linux_get-expiring-tokens-az + # - name: Get list of expiring app registration secret keys + # uri: + # url: https://graph.microsoft.com/v1.0/applications + # headers: + # Authorization: "Bearer {{ access_token }}" + # Content-Type: "application/json" + # return_content: yes + # register: app_registrations + + +# - name: Get all Azure app registrations +# azure.azcollection.azure_rm_adserviceprincipal_info: +# tenant: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15 +# register: service_principals + +# - name: Get expiring secrets +# set_fact: +# expiring_secrets: "{{ service_principals | json_query(query) }}" +# vars: +# query: "[?has(passwordCredentials[?endDate<=`{{ date_to_check }}`])].{displayName: displayName, objectId: objectId, expiring_secrets: passwordCredentials[?endDate<=`{{ date_to_check }}`].{startDate: startDate, endDate: endDate}}" + +# - name: Print expiring secrets +# debug: +# var: expiring_secrets +# when: expiring_secrets | length > 0 + + + + - name: get az app regs + azure.azcollection.azure_rm_adserviceprincipal_info: + tenant: "{{AZURE_TENANT}}" + register: service_principals + + + - name: try to print all sp's + debug: + var: service_principals + + - name: get ad password info + azure.azcollection.azure_rm_adpassword_info: + app_id: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b + tenant: "{{AZURE_TENANT}}" + #key_id: c13469d5-46bd-4faa-b9dc-b18cbacd144e + app_object_id: b1d67282-fc59-4a7d-8aab-178a6e3a8e2f + + diff --git a/roles/azure_get-expiring-tokens-az/tests/inventory b/roles/azure_get-expiring-tokens-az/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_get-expiring-tokens-az/tests/test.yml b/roles/azure_get-expiring-tokens-az/tests/test.yml new file mode 100644 index 0000000..dd68688 --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_get-expiring-tokens-az diff --git a/roles/azure_get-expiring-tokens-az/vars/main.yml b/roles/azure_get-expiring-tokens-az/vars/main.yml new file mode 100644 index 0000000..e6e5ae6 --- /dev/null +++ b/roles/azure_get-expiring-tokens-az/vars/main.yml @@ -0,0 +1,4 @@ +--- +# vars file for linux_get-expiring-tokens-az +days_until_expiry: 500 +date_to_check: "{{ (ansible_date_time.epoch|int + (days_until_expiry * 86400)) * 1000000000 }}" \ No newline at end of file diff --git a/roles/azure_get-rg-facts/.travis.yml b/roles/azure_get-rg-facts/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_get-rg-facts/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_get-rg-facts/README.md b/roles/azure_get-rg-facts/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_get-rg-facts/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_get-rg-facts/defaults/main.yml b/roles/azure_get-rg-facts/defaults/main.yml new file mode 100644 index 0000000..f1df8c8 --- /dev/null +++ b/roles/azure_get-rg-facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for azure_get-rg-facts diff --git a/roles/azure_get-rg-facts/handlers/main.yml b/roles/azure_get-rg-facts/handlers/main.yml new file mode 100644 index 0000000..80a85d4 --- /dev/null +++ b/roles/azure_get-rg-facts/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure_get-rg-facts diff --git a/roles/azure_get-rg-facts/meta/main.yml b/roles/azure_get-rg-facts/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_get-rg-facts/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_get-rg-facts/tasks/main.yml b/roles/azure_get-rg-facts/tasks/main.yml new file mode 100644 index 0000000..8606160 --- /dev/null +++ b/roles/azure_get-rg-facts/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# tasks file for azure_get-rg-facts +- name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: "{{RG_name}}" + list_resources: yes + register: rg_info +- name: Display info + debug: + var: "rg_info" + + diff --git a/roles/azure_get-rg-facts/tests/inventory b/roles/azure_get-rg-facts/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_get-rg-facts/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_get-rg-facts/tests/test.yml b/roles/azure_get-rg-facts/tests/test.yml new file mode 100644 index 0000000..c46d2c9 --- /dev/null +++ b/roles/azure_get-rg-facts/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure_get-rg-facts diff --git a/roles/azure_get-rg-facts/vars/main.yml b/roles/azure_get-rg-facts/vars/main.yml new file mode 100644 index 0000000..18cd888 --- /dev/null +++ b/roles/azure_get-rg-facts/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure_get-rg-facts diff --git a/roles/azure_remove-vm/.travis.yml b/roles/azure_remove-vm/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/azure_remove-vm/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/azure_remove-vm/README.md b/roles/azure_remove-vm/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/azure_remove-vm/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/azure_remove-vm/defaults/main.yml b/roles/azure_remove-vm/defaults/main.yml new file mode 100644 index 0000000..8e79a10 --- /dev/null +++ b/roles/azure_remove-vm/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for azure_remove-vm diff --git a/roles/azure_remove-vm/handlers/main.yml b/roles/azure_remove-vm/handlers/main.yml new file mode 100644 index 0000000..6c94b71 --- /dev/null +++ b/roles/azure_remove-vm/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for azure_remove-vm diff --git a/roles/azure_remove-vm/meta/main.yml b/roles/azure_remove-vm/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/azure_remove-vm/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/azure_remove-vm/tasks/main.yml b/roles/azure_remove-vm/tasks/main.yml new file mode 100644 index 0000000..8b86f81 --- /dev/null +++ b/roles/azure_remove-vm/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# tasks file for azure_remove-vm +- name: Remove a VM and all resources that were autocreated + azure_rm_virtualmachine: + resource_group: "{{RG_name}}" + name: "{{vm_name}}" + remove_on_absent: all_autocreated + state: absent diff --git a/roles/azure_remove-vm/tests/inventory b/roles/azure_remove-vm/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/azure_remove-vm/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/azure_remove-vm/tests/test.yml b/roles/azure_remove-vm/tests/test.yml new file mode 100644 index 0000000..a823afe --- /dev/null +++ b/roles/azure_remove-vm/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - azure_remove-vm diff --git a/roles/azure_remove-vm/vars/main.yml b/roles/azure_remove-vm/vars/main.yml new file mode 100644 index 0000000..bacc41f --- /dev/null +++ b/roles/azure_remove-vm/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for azure_remove-vm diff --git a/roles/checkmk_join/README.md b/roles/checkmk_join/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/checkmk_join/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/checkmk_join/defaults/main.yml b/roles/checkmk_join/defaults/main.yml new file mode 100644 index 0000000..34e489c --- /dev/null +++ b/roles/checkmk_join/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for checkmk_join diff --git a/roles/checkmk_join/handlers/main.yml b/roles/checkmk_join/handlers/main.yml new file mode 100644 index 0000000..2c578bf --- /dev/null +++ b/roles/checkmk_join/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for checkmk_join diff --git a/roles/checkmk_join/meta/main.yml b/roles/checkmk_join/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/checkmk_join/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/checkmk_join/tasks/main.yml b/roles/checkmk_join/tasks/main.yml new file mode 100644 index 0000000..d216e1f --- /dev/null +++ b/roles/checkmk_join/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for checkmk_join diff --git a/roles/checkmk_join/tests/inventory b/roles/checkmk_join/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/checkmk_join/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/checkmk_join/tests/test.yml b/roles/checkmk_join/tests/test.yml new file mode 100644 index 0000000..305e2a0 --- /dev/null +++ b/roles/checkmk_join/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - checkmk_join diff --git a/roles/checkmk_join/vars/main.yml b/roles/checkmk_join/vars/main.yml new file mode 100644 index 0000000..55c5fe5 --- /dev/null +++ b/roles/checkmk_join/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for checkmk_join diff --git a/roles/linux_add-host-to-checkmk/.travis.yml b/roles/linux_add-host-to-checkmk/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_add-host-to-checkmk/README.md b/roles/linux_add-host-to-checkmk/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_add-host-to-checkmk/defaults/main.yml b/roles/linux_add-host-to-checkmk/defaults/main.yml new file mode 100644 index 0000000..68ff036 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_add-host-to-checkmk diff --git a/roles/linux_add-host-to-checkmk/handlers/main.yml b/roles/linux_add-host-to-checkmk/handlers/main.yml new file mode 100644 index 0000000..e2b5837 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_add-host-to-checkmk diff --git a/roles/linux_add-host-to-checkmk/meta/main.yml b/roles/linux_add-host-to-checkmk/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_add-host-to-checkmk/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_add-host-to-checkmk/tasks/main.yml b/roles/linux_add-host-to-checkmk/tasks/main.yml new file mode 100644 index 0000000..7b37100 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/tasks/main.yml @@ -0,0 +1,58 @@ +--- +# tasks file for linux_add-host-to-checkmk +- name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{item}}" + validate_certs: false + folder: / + state: present + with_inventory_hostnames: + - checkmk_hosts + +- name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{item}}" + state: "new" + validate_certs: false + with_inventory_hostnames: + - checkmk_hosts +- name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{item}}" + state: "refresh" + validate_certs: false + with_inventory_hostnames: + - checkmk_hosts +- name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{item}}" + state: "fix_all" + validate_certs: false + with_inventory_hostnames: + - checkmk_hosts + +- name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' \ No newline at end of file diff --git a/roles/linux_add-host-to-checkmk/tests/inventory b/roles/linux_add-host-to-checkmk/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_add-host-to-checkmk/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_add-host-to-checkmk/tests/test.yml b/roles/linux_add-host-to-checkmk/tests/test.yml new file mode 100644 index 0000000..4c89e5f --- /dev/null +++ b/roles/linux_add-host-to-checkmk/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_add-host-to-checkmk diff --git a/roles/linux_add-host-to-checkmk/vars/main.yml b/roles/linux_add-host-to-checkmk/vars/main.yml new file mode 100644 index 0000000..d997220 --- /dev/null +++ b/roles/linux_add-host-to-checkmk/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_add-host-to-checkmk diff --git a/roles/linux_apt-install-package/.travis.yml b/roles/linux_apt-install-package/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_apt-install-package/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_apt-install-package/README.md b/roles/linux_apt-install-package/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_apt-install-package/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_apt-install-package/defaults/main.yml b/roles/linux_apt-install-package/defaults/main.yml new file mode 100644 index 0000000..166a001 --- /dev/null +++ b/roles/linux_apt-install-package/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_apt-install-package diff --git a/roles/linux_apt-install-package/handlers/main.yml b/roles/linux_apt-install-package/handlers/main.yml new file mode 100644 index 0000000..18e700b --- /dev/null +++ b/roles/linux_apt-install-package/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_apt-install-package diff --git a/roles/linux_apt-install-package/meta/main.yml b/roles/linux_apt-install-package/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_apt-install-package/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_apt-install-package/tasks/main.yml b/roles/linux_apt-install-package/tasks/main.yml new file mode 100644 index 0000000..cf40111 --- /dev/null +++ b/roles/linux_apt-install-package/tasks/main.yml @@ -0,0 +1,7 @@ +--- +# tasks file for linux_apt-install-package +- name: Install packages + apt: + name: "{{ packages }}" + state: present + update_cache: yes \ No newline at end of file diff --git a/roles/linux_apt-install-package/tests/inventory b/roles/linux_apt-install-package/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_apt-install-package/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_apt-install-package/tests/test.yml b/roles/linux_apt-install-package/tests/test.yml new file mode 100644 index 0000000..d720f4c --- /dev/null +++ b/roles/linux_apt-install-package/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_apt-install-package diff --git a/roles/linux_apt-install-package/vars/main.yml b/roles/linux_apt-install-package/vars/main.yml new file mode 100644 index 0000000..066b245 --- /dev/null +++ b/roles/linux_apt-install-package/vars/main.yml @@ -0,0 +1,3 @@ +--- +# vars file for linux_apt-install-package +packages: \ No newline at end of file diff --git a/roles/linux_azure-arc/.travis.yml b/roles/linux_azure-arc/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_azure-arc/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_azure-arc/README.md b/roles/linux_azure-arc/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_azure-arc/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_azure-arc/defaults/main.yml b/roles/linux_azure-arc/defaults/main.yml new file mode 100644 index 0000000..c3240fb --- /dev/null +++ b/roles/linux_azure-arc/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_azure-arc diff --git a/roles/linux_azure-arc/handlers/main.yml b/roles/linux_azure-arc/handlers/main.yml new file mode 100644 index 0000000..21b14a4 --- /dev/null +++ b/roles/linux_azure-arc/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_azure-arc diff --git a/roles/linux_azure-arc/meta/main.yml b/roles/linux_azure-arc/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_azure-arc/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_azure-arc/tasks/main.yml b/roles/linux_azure-arc/tasks/main.yml new file mode 100644 index 0000000..158a785 --- /dev/null +++ b/roles/linux_azure-arc/tasks/main.yml @@ -0,0 +1,48 @@ +--- +# tasks file for linux_azure-arc +- name: Onboard Linux and Windows Servers to Azure Arc-enabled servers with public endpoint connectivity + hosts: all + # vars: + # azure: + # service_principal_id: 'INSERT-SERVICE-PRINCIPAL-CLIENT-ID' + # service_principal_secret: 'INSERT-SERVICE-PRINCIPAL-SECRET' + # resource_group: 'INSERT-RESOURCE-GROUP' + # tenant_id: 'INSERT-TENANT-ID' + # subscription_id: 'INSERT-SUBSCRIPTION-ID' + # location: 'INSERT-LOCATION' + tasks: + - name: Check if the Connected Machine Agent has already been downloaded on Linux servers + stat: + path: /usr/bin/azcmagent + get_attributes: False + get_checksum: False + register: azcmagent_lnx_downloaded + when: ansible_system == 'Linux' + + - name: Download the Connected Machine Agent on Linux servers + become: yes + get_url: + url: https://aka.ms/azcmagent + dest: ~/install_linux_azcmagent.sh + mode: '700' + when: (ansible_system == 'Linux') and (azcmagent_lnx_downloaded.stat.exists == false) + + - name: Install the Connected Machine Agent on Linux servers + become: yes + shell: bash ~/install_linux_azcmagent.sh + when: (ansible_system == 'Linux') and (not azcmagent_lnx_downloaded.stat.exists) + + - name: Check if the Connected Machine Agent has already been connected + become: true + command: + cmd: azcmagent check + register: azcmagent_lnx_connected + ignore_errors: yes + when: ansible_system == 'Linux' + failed_when: (azcmagent_lnx_connected.rc not in [ 0, 16 ]) + changed_when: False + + - name: Connect the Connected Machine Agent on Linux servers to Azure Arc + become: yes + shell: azcmagent connect --service-principal-id "{{ azure.service_principal_id }}" --service-principal-secret "{{ azure.service_principal_secret }}" --resource-group "{{ azure.resource_group }}" --tenant-id "{{ azure.tenant_id }}" --location "{{ azure.location }}" --subscription-id "{{ azure.subscription_id }}" + when: (ansible_system == 'Linux') and (azcmagent_lnx_connected.rc is defined and azcmagent_lnx_connected.rc != 0) \ No newline at end of file diff --git a/roles/linux_azure-arc/tests/inventory b/roles/linux_azure-arc/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_azure-arc/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_azure-arc/tests/test.yml b/roles/linux_azure-arc/tests/test.yml new file mode 100644 index 0000000..09951f5 --- /dev/null +++ b/roles/linux_azure-arc/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_azure-arc diff --git a/roles/linux_azure-arc/vars/main.yml b/roles/linux_azure-arc/vars/main.yml new file mode 100644 index 0000000..ace3b58 --- /dev/null +++ b/roles/linux_azure-arc/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_azure-arc diff --git a/roles/linux_get-az-rginfo/.travis.yml b/roles/linux_get-az-rginfo/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_get-az-rginfo/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_get-az-rginfo/README.md b/roles/linux_get-az-rginfo/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_get-az-rginfo/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_get-az-rginfo/defaults/main.yml b/roles/linux_get-az-rginfo/defaults/main.yml new file mode 100644 index 0000000..c765225 --- /dev/null +++ b/roles/linux_get-az-rginfo/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_get-az-rginfo diff --git a/roles/linux_get-az-rginfo/handlers/main.yml b/roles/linux_get-az-rginfo/handlers/main.yml new file mode 100644 index 0000000..fccfa40 --- /dev/null +++ b/roles/linux_get-az-rginfo/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_get-az-rginfo diff --git a/roles/linux_get-az-rginfo/meta/main.yml b/roles/linux_get-az-rginfo/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_get-az-rginfo/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_get-az-rginfo/tasks/main.yml b/roles/linux_get-az-rginfo/tasks/main.yml new file mode 100644 index 0000000..0e719dc --- /dev/null +++ b/roles/linux_get-az-rginfo/tasks/main.yml @@ -0,0 +1,5 @@ +--- +# tasks file for linux_get-az-rginfo +- name: Get facts for one resource group + azure_rm_resourcegroup_info: + name: rg-test-bram-terraform \ No newline at end of file diff --git a/roles/linux_get-az-rginfo/tests/inventory b/roles/linux_get-az-rginfo/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_get-az-rginfo/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_get-az-rginfo/tests/test.yml b/roles/linux_get-az-rginfo/tests/test.yml new file mode 100644 index 0000000..b5548e4 --- /dev/null +++ b/roles/linux_get-az-rginfo/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_get-az-rginfo diff --git a/roles/linux_get-az-rginfo/vars/main.yml b/roles/linux_get-az-rginfo/vars/main.yml new file mode 100644 index 0000000..3e12ae3 --- /dev/null +++ b/roles/linux_get-az-rginfo/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_get-az-rginfo diff --git a/roles/linux_install-checkmk/.travis.yml b/roles/linux_install-checkmk/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_install-checkmk/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_install-checkmk/README.md b/roles/linux_install-checkmk/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_install-checkmk/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_install-checkmk/defaults/main.yml b/roles/linux_install-checkmk/defaults/main.yml new file mode 100644 index 0000000..abe7a2e --- /dev/null +++ b/roles/linux_install-checkmk/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_install-checkmk diff --git a/roles/linux_install-checkmk/files/check-mk-agent_2.1.0p20-1_all.deb b/roles/linux_install-checkmk/files/check-mk-agent_2.1.0p20-1_all.deb new file mode 100644 index 0000000..0680c7b Binary files /dev/null and b/roles/linux_install-checkmk/files/check-mk-agent_2.1.0p20-1_all.deb differ diff --git a/roles/linux_install-checkmk/handlers/main.yml b/roles/linux_install-checkmk/handlers/main.yml new file mode 100644 index 0000000..753754a --- /dev/null +++ b/roles/linux_install-checkmk/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_install-checkmk diff --git a/roles/linux_install-checkmk/meta/main.yml b/roles/linux_install-checkmk/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_install-checkmk/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_install-checkmk/tasks/main.yml b/roles/linux_install-checkmk/tasks/main.yml new file mode 100644 index 0000000..454d628 --- /dev/null +++ b/roles/linux_install-checkmk/tasks/main.yml @@ -0,0 +1,54 @@ +--- +# tasks file for linux_install-checkmk +- name: Install dpkg + ansible.builtin.apt: + name: dpkg + state: present + + +- name: Download checkmk and put in tmp + ansible.builtin.get_url: + url: https://monitoringeu.aperam.internal/monaperam/check_mk/agents/check-mk-agent_2.1.0p43-1_all.deb + dest: /tmp/checkmk.deb + validate_certs: no + + +- name: Install checkmk + ansible.builtin.apt: + deb: /tmp/checkmk.deb + become: true + +- name: Add host + tribe29.checkmk.host: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + name: "{{hostname}}.adagility.net" + validate_certs: false + folder: / + state: present + with_inventory_hostnames: + - new_group + +- name: "Add newly discovered services on host." + tribe29.checkmk.discovery: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + host_name: "{{ hostname }}.adagility.net" + state: "new" + validate_certs: false + with_inventory_hostnames: + - new_group + +- name: "Activate changes on all sites." + tribe29.checkmk.activation: + server_url: "https://monitoringeu.aperam.internal/" + site: "monaperam" + automation_user: "ansible" + automation_secret: "TJXTVH@GFYPRNCJCWUMY" + force_foreign_changes: 'true' + validate_certs: false + run_once: 'true' diff --git a/roles/linux_install-checkmk/tests/inventory b/roles/linux_install-checkmk/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_install-checkmk/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_install-checkmk/tests/test.yml b/roles/linux_install-checkmk/tests/test.yml new file mode 100644 index 0000000..6614270 --- /dev/null +++ b/roles/linux_install-checkmk/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_install-checkmk diff --git a/roles/linux_install-checkmk/vars/main.yml b/roles/linux_install-checkmk/vars/main.yml new file mode 100644 index 0000000..bc632f6 --- /dev/null +++ b/roles/linux_install-checkmk/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_install-checkmk diff --git a/roles/linux_install-sentinelone/.travis.yml b/roles/linux_install-sentinelone/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_install-sentinelone/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_install-sentinelone/README.md b/roles/linux_install-sentinelone/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_install-sentinelone/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_install-sentinelone/defaults/main.yml b/roles/linux_install-sentinelone/defaults/main.yml new file mode 100644 index 0000000..fc8d7cc --- /dev/null +++ b/roles/linux_install-sentinelone/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_install-sentinelone diff --git a/roles/linux_install-sentinelone/files/SentinelAgent-linux-v22-3-1-7-x86-64_linux_v22_3_1_7.deb b/roles/linux_install-sentinelone/files/SentinelAgent-linux-v22-3-1-7-x86-64_linux_v22_3_1_7.deb new file mode 100644 index 0000000..e08c695 Binary files /dev/null and b/roles/linux_install-sentinelone/files/SentinelAgent-linux-v22-3-1-7-x86-64_linux_v22_3_1_7.deb differ diff --git a/roles/linux_install-sentinelone/files/SentinelAgent-v24.1.2.6-linux_x86_64.rpm b/roles/linux_install-sentinelone/files/SentinelAgent-v24.1.2.6-linux_x86_64.rpm new file mode 100644 index 0000000..11232b4 Binary files /dev/null and b/roles/linux_install-sentinelone/files/SentinelAgent-v24.1.2.6-linux_x86_64.rpm differ diff --git a/roles/linux_install-sentinelone/handlers/main.yml b/roles/linux_install-sentinelone/handlers/main.yml new file mode 100644 index 0000000..d324b3b --- /dev/null +++ b/roles/linux_install-sentinelone/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_install-sentinelone diff --git a/roles/linux_install-sentinelone/meta/main.yml b/roles/linux_install-sentinelone/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_install-sentinelone/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_install-sentinelone/tasks/main.yml b/roles/linux_install-sentinelone/tasks/main.yml new file mode 100644 index 0000000..ac60c3d --- /dev/null +++ b/roles/linux_install-sentinelone/tasks/main.yml @@ -0,0 +1,61 @@ +--- +# tasks file for linux_install-sentinelone +- name: Check that the sentinelctl exists + stat: + path: /opt/sentinelone/bin/sentinelctl + become: true + register: sentinelctl_exists + +- name: copy sentinelone to target + ansible.builtin.copy: + src: SentinelAgent-linux-v22-3-1-7-x86-64_linux_v22_3_1_7.deb + dest: /tmp/sentinelone_installer.deb + follow: yes + when: ansible_distribution_file_variety != "SUSE" + + +- name: copy sentinelone to target (SUSE) + ansible.builtin.copy: + src: SentinelAgent-v24.1.2.6-linux_x86_64.rpm + dest: /tmp/sentinelone_installer.rpm + follow: yes + when: ansible_distribution_file_variety == "SUSE" + +- name: Install the Linux Agent on Debian based distro + command: dpkg -i /tmp/sentinelone_installer.deb + become: true + when: sentinelctl_exists.stat.exists == False and ansible_distribution_file_variety != "SUSE" + + + +- name: Install local sentinelone rpm file + command: rpm -i /tmp/sentinelone_installer.rpm + become: true + when: sentinelctl_exists.stat.exists == False and ansible_distribution_file_variety == "SUSE" + +- name: Apply the registration token to the agent + command: /opt/sentinelone/bin/sentinelctl management token set eyJ1cmwiOiAiaHR0cHM6Ly9ldWNlMS0xMDQuc2VudGluZWxvbmUubmV0IiwgInNpdGVfa2V5IjogIjNiOGI1MDlhY2I5OGU5MmYifQ== + become_user: root + become_method: sudo + become: true + when: sentinelctl_exists.stat.exists == False + +- name: Start the SentinelOne agent + command: /opt/sentinelone/bin/sentinelctl control start + become_user: root + become_method: sudo + become: true + +# - name: Stop microsoft defender service +# ansible.builtin.systemd: +# name: mdatp +# state: stopped +# enabled: no +# - name: reload systemctl daemon +# ansible.builtin.systemd: +# daemon_reload: yes +# - name: remove defender client +# ansible.builtin.apt: +# name: mdatp +# state: absent +# purge: yes diff --git a/roles/linux_install-sentinelone/tests/inventory b/roles/linux_install-sentinelone/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_install-sentinelone/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_install-sentinelone/tests/test.yml b/roles/linux_install-sentinelone/tests/test.yml new file mode 100644 index 0000000..fb8f5c7 --- /dev/null +++ b/roles/linux_install-sentinelone/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_install-sentinelone diff --git a/roles/linux_install-sentinelone/vars/main.yml b/roles/linux_install-sentinelone/vars/main.yml new file mode 100644 index 0000000..5337243 --- /dev/null +++ b/roles/linux_install-sentinelone/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_install-sentinelone diff --git a/roles/linux_onboard-adagility/.travis.yml b/roles/linux_onboard-adagility/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_onboard-adagility/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_onboard-adagility/README.md b/roles/linux_onboard-adagility/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_onboard-adagility/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_onboard-adagility/defaults/main.yml b/roles/linux_onboard-adagility/defaults/main.yml new file mode 100644 index 0000000..688b6cd --- /dev/null +++ b/roles/linux_onboard-adagility/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_onboard-adagility diff --git a/roles/linux_onboard-adagility/files/krb5.conf b/roles/linux_onboard-adagility/files/krb5.conf new file mode 100644 index 0000000..78a1f74 --- /dev/null +++ b/roles/linux_onboard-adagility/files/krb5.conf @@ -0,0 +1,3 @@ +[libdefaults] + default_realm = ADAGILITY.NET + rdns=false \ No newline at end of file diff --git a/roles/linux_onboard-adagility/handlers/main.yml b/roles/linux_onboard-adagility/handlers/main.yml new file mode 100644 index 0000000..bf0564f --- /dev/null +++ b/roles/linux_onboard-adagility/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_onboard-adagility diff --git a/roles/linux_onboard-adagility/meta/main.yml b/roles/linux_onboard-adagility/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_onboard-adagility/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_onboard-adagility/tasks/main.yml b/roles/linux_onboard-adagility/tasks/main.yml new file mode 100644 index 0000000..d5d1169 --- /dev/null +++ b/roles/linux_onboard-adagility/tasks/main.yml @@ -0,0 +1,105 @@ +--- +# tasks file for linux_onboard-adagility +- name: Install packages + apt: + name: "{{ packages }}" + state: present + update_cache: yes + when: ansible_distribution_file_variety != "SUSE" +- name: install packages (SUSE) + package: + name: realmd + state: present + when: ansible_distribution_file_variety == "SUSE" + +- name: install dnspython + ansible.builtin.pip: + name: dnspython +- name: test reachability of kerberos realm + command: 'nslookup adagility.net' + register: pingresult +- name: ping result + debug: + msg: "{{pingresult}}" +- name: Install pexpect + pip: + name: pexpect + state: present +- name: replace or add krb5.conf + ansible.builtin.copy: + src: krb5.conf + dest: /etc/krb5.conf + follow: yes +- name: Discover realm + command: /bin/bash -c "/usr/sbin/realm discover adagility.net" + register: realm_discover_results + tags: ad + +- name: Discover realm debug + debug: + msg: "{{ realm_discover_results.stdout }}" + +- name: Create kerberos ticket + expect: + command: /bin/bash -c "/usr/bin/kinit -V {{admin_account}}" + responses: + (?i)Password: "{{admin_password}}" + tags: ad +- name: Checking to see if system is already joined to AD + command: /bin/bash -c "/usr/sbin/realm list" + register: realm_list_results + tags: ad + +- name: Debug realm_list_results + debug: var=realm_list_results.stdout +- name: join ad + ansible.builtin.expect: + command: /bin/bash -c "/usr/sbin/realm join adagility.net --computer-ou='OU={{ tstaccprd }},OU=GLB_{{department}},OU=Servers,OU=Aperam,DC=ADAGILITY,DC=NET' -U {{admin_account}}" + # command: /bin/bash -c "/usr/sbin/realm join adagility.net --computer-ou='OU=TST,OU=GLB_Infrastructure,OU=Servers,OU=Aperam,DC=ADAGILITY,DC=NET' -U {{admin_account}}" + responses: + (?i): "{{admin_password}}" + ignore_errors: yes + when: realm_list_results.stdout == "" + become: true + timeout: 10 +- name: remove history + command: /bin/bash -c "history -c" + +- name: set hostname + ansible.builtin.command: + cmd: hostnamectl set-hostname "{{ hostname }}.adagility.net" + register: hostname_command + +- name: edit /etc/sssd/sssd.conf + lineinfile: + path: /etc/sssd/sssd.conf + line: "{{ item }}" + with_items: + - "use_fully_qualified_names = True" + - "dyndns_update = true" + - "dyndns_refresh_interval = 43200" + - "dyndns_ttl = 3600" +- name: specify which ad group can login + ansible.builtin.command: + cmd: realm permit -g "G-MGMT-LA-DEVADM-{{ hostname|upper }}@adagility.net" +- name: change sudoers file + lineinfile: + path: /etc/sudoers + line: "%G-MGMT-LA-DEVADM-{{ hostname }}@adagility.net ALL=(ALL) ALL" +- name: change common-sessions + ansible.builtin.lineinfile: + path: /etc/pam.d/common-session + line: session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 + + + +# - name: add users to the domain group +# community.windows.win_domain_user: +# name: G-MGMT-LA-DEVADM-{{ hostname}} +# members: "{{ item }}" +# loop: "{{users.split('\n')}}" + + + + + \ No newline at end of file diff --git a/roles/linux_onboard-adagility/tests/inventory b/roles/linux_onboard-adagility/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_onboard-adagility/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_onboard-adagility/tests/test.yml b/roles/linux_onboard-adagility/tests/test.yml new file mode 100644 index 0000000..2937be0 --- /dev/null +++ b/roles/linux_onboard-adagility/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_onboard-adagility diff --git a/roles/linux_onboard-adagility/vars/main.yml b/roles/linux_onboard-adagility/vars/main.yml new file mode 100644 index 0000000..f71fa28 --- /dev/null +++ b/roles/linux_onboard-adagility/vars/main.yml @@ -0,0 +1,22 @@ +--- +# vars file for linux_onboard-adagility +# admin_account: +# admin_password: +# hostname: + +packages: + - realmd + - oddjob + - oddjob-mkhomedir + - python3-pip + - kinit + - krb5-user + - sssd + - adcli + - sssd-tools + - samba-common + - packagekit + - samba-common-bin + - samba-libs + - libnss-sss + - libpam-sss diff --git a/roles/linux_remove-sentinelone/.travis.yml b/roles/linux_remove-sentinelone/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_remove-sentinelone/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_remove-sentinelone/README.md b/roles/linux_remove-sentinelone/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_remove-sentinelone/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_remove-sentinelone/defaults/main.yml b/roles/linux_remove-sentinelone/defaults/main.yml new file mode 100644 index 0000000..fc8d7cc --- /dev/null +++ b/roles/linux_remove-sentinelone/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_install-sentinelone diff --git a/roles/linux_remove-sentinelone/handlers/main.yml b/roles/linux_remove-sentinelone/handlers/main.yml new file mode 100644 index 0000000..d324b3b --- /dev/null +++ b/roles/linux_remove-sentinelone/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_install-sentinelone diff --git a/roles/linux_remove-sentinelone/meta/main.yml b/roles/linux_remove-sentinelone/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_remove-sentinelone/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_remove-sentinelone/tasks/main.yml b/roles/linux_remove-sentinelone/tasks/main.yml new file mode 100644 index 0000000..cb60665 --- /dev/null +++ b/roles/linux_remove-sentinelone/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# tasks file for linux_install-sentinelone +- name: remove s1 + command: cd ~ ; systemctl stop sentinelone.service ; systemctl disable sentinelone.service ; rm -rf /usr/lib/systemd/system/sentinelone.service ; rm -rf /lib/systemd/system/sentinelone.service ; systemctl daemon-reload ; systemctl reset-failed ; ps aux | grep 's1-\|sentinelone-watchdog' | awk '{print $2}' | xargs kill -9 2> /dev/null ; umount -l /opt/sentinelone/mount ; umount -l /opt/sentinelone/cgroups/memory ; umount -l /opt/sentinelone/rpm_mount ; rm -rf /opt/sentinelone/ ; rm -rf /opt/sentinelone ; userdel -f sentinelone ; rm -rf /var/lib/dpkg/info/sentinelagent.* ; dpkg --purge --force-all sentinelagent ; echo "SentinelOne Agent Successfully Uninstalled" + become_user: root + become_method: sudo + become: true + diff --git a/roles/linux_remove-sentinelone/tests/inventory b/roles/linux_remove-sentinelone/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_remove-sentinelone/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_remove-sentinelone/tests/test.yml b/roles/linux_remove-sentinelone/tests/test.yml new file mode 100644 index 0000000..fb8f5c7 --- /dev/null +++ b/roles/linux_remove-sentinelone/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_install-sentinelone diff --git a/roles/linux_remove-sentinelone/vars/main.yml b/roles/linux_remove-sentinelone/vars/main.yml new file mode 100644 index 0000000..5337243 --- /dev/null +++ b/roles/linux_remove-sentinelone/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_install-sentinelone diff --git a/roles/linux_sync-sa/.travis.yml b/roles/linux_sync-sa/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_sync-sa/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_sync-sa/README.md b/roles/linux_sync-sa/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_sync-sa/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_sync-sa/defaults/main.yml b/roles/linux_sync-sa/defaults/main.yml new file mode 100644 index 0000000..8e640d0 --- /dev/null +++ b/roles/linux_sync-sa/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_push-to-SA diff --git a/roles/linux_sync-sa/handlers/main.yml b/roles/linux_sync-sa/handlers/main.yml new file mode 100644 index 0000000..43cbd28 --- /dev/null +++ b/roles/linux_sync-sa/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_push-to-SA diff --git a/roles/linux_sync-sa/meta/main.yml b/roles/linux_sync-sa/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_sync-sa/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_sync-sa/tasks/main.yml b/roles/linux_sync-sa/tasks/main.yml new file mode 100644 index 0000000..aa3047f --- /dev/null +++ b/roles/linux_sync-sa/tasks/main.yml @@ -0,0 +1,26 @@ +--- +# - name: Copy VHD from WORM sa to corporate sa +# ansible.windows.win_powershell: +# script: | +# C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" "https://saawewormrestores.blob.core.windows.net/test/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:12:47Z&st=2022-11-30T13:12:47Z&spr=https&sig=9216998FWWenz928iDfL8Lsqw%2BTYJY1ll1IlBoKspoI%3D" --include-pattern 'OG_{{vmhostname}}*{{dag}}-{{maand}}-{{jaar}}.vhd' +# register: output +# - name: Debug output +# debug: var=output.stdout +# 13-11-2022 is de template voor datum + +- name: Copy VHD from WORM sa to corporate sa + command: azcopy copy --recursive "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" "https://saawewormrestores.blob.core.windows.net/test/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:12:47Z&st=2022-11-30T13:12:47Z&spr=https&sig=9216998FWWenz928iDfL8Lsqw%2BTYJY1ll1IlBoKspoI%3D" --include-pattern 'OG_{{vmhostname}}*{{dag}}-{{maand}}-{{jaar}}.vhd' + # become: true + # become_user: root + async: 2000 + poll: 0 + register: azcopy_sleeper + + +# - name: check on async tasks +# ansible.builtin.async_status: +# jid: '{{ azcopy_sleeper.ansible_job_id }}' +# register: job_result +# until: job_result.finished +# retries: 100 +# delay: 10 \ No newline at end of file diff --git a/roles/linux_sync-sa/tests/inventory b/roles/linux_sync-sa/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_sync-sa/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_sync-sa/tests/test.yml b/roles/linux_sync-sa/tests/test.yml new file mode 100644 index 0000000..f357888 --- /dev/null +++ b/roles/linux_sync-sa/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_push-to-SA diff --git a/roles/linux_sync-sa/vars/main.yml b/roles/linux_sync-sa/vars/main.yml new file mode 100644 index 0000000..7064dd9 --- /dev/null +++ b/roles/linux_sync-sa/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_push-to-SA diff --git a/roles/linux_update/.travis.yml b/roles/linux_update/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/linux_update/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/linux_update/README.md b/roles/linux_update/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/linux_update/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/linux_update/defaults/main.yml b/roles/linux_update/defaults/main.yml new file mode 100644 index 0000000..f7e4b2d --- /dev/null +++ b/roles/linux_update/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for linux_update diff --git a/roles/linux_update/handlers/main.yml b/roles/linux_update/handlers/main.yml new file mode 100644 index 0000000..44a5717 --- /dev/null +++ b/roles/linux_update/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for linux_update diff --git a/roles/linux_update/meta/main.yml b/roles/linux_update/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/linux_update/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/linux_update/tasks/main.yml b/roles/linux_update/tasks/main.yml new file mode 100644 index 0000000..233fbe6 --- /dev/null +++ b/roles/linux_update/tasks/main.yml @@ -0,0 +1,33 @@ +--- +# tasks file for linux_update +- name: Update apt-get repo and cache + apt: + update_cache: true + force_apt_get: true + cache_valid_time: 3600 + +- name: Upgrade all apt packages + apt: + upgrade: safe + force_apt_get: yes + #clean: true + autoremove: true + retries: 3 + delay: 3 + +- name: Check if a reboot is needed for Debian and Ubuntu boxes + register: reboot_required_file + stat: path=/var/run/reboot-required get_md5=no + retries: 3 + delay: 3 + + +# - name: Reboot the Debian or Ubuntu server +# reboot: +# msg: "Reboot initiated by Ansible due to kernel updates" +# connect_timeout: 5 +# reboot_timeout: 300 +# pre_reboot_delay: 0 +# post_reboot_delay: 30 +# test_command: uptime +# when: reboot_required_file.stat.exists \ No newline at end of file diff --git a/roles/linux_update/tests/inventory b/roles/linux_update/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/linux_update/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/linux_update/tests/test.yml b/roles/linux_update/tests/test.yml new file mode 100644 index 0000000..69c22fc --- /dev/null +++ b/roles/linux_update/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - linux_update diff --git a/roles/linux_update/vars/main.yml b/roles/linux_update/vars/main.yml new file mode 100644 index 0000000..734bac6 --- /dev/null +++ b/roles/linux_update/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for linux_update diff --git a/roles/win_ping/.travis.yml b/roles/win_ping/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/win_ping/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/win_ping/README.md b/roles/win_ping/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/win_ping/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/win_ping/defaults/main.yml b/roles/win_ping/defaults/main.yml new file mode 100644 index 0000000..ce2f7e2 --- /dev/null +++ b/roles/win_ping/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for win_ping diff --git a/roles/win_ping/handlers/main.yml b/roles/win_ping/handlers/main.yml new file mode 100644 index 0000000..236a71b --- /dev/null +++ b/roles/win_ping/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for win_ping diff --git a/roles/win_ping/meta/main.yml b/roles/win_ping/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/win_ping/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/win_ping/tasks/main.yml b/roles/win_ping/tasks/main.yml new file mode 100644 index 0000000..b285421 --- /dev/null +++ b/roles/win_ping/tasks/main.yml @@ -0,0 +1,6 @@ +--- +# tasks file for win_ping + +- name: ping host + win_ping: + ignore_errors: yes \ No newline at end of file diff --git a/roles/win_ping/tests/inventory b/roles/win_ping/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/win_ping/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/win_ping/tests/test.yml b/roles/win_ping/tests/test.yml new file mode 100644 index 0000000..72e7f62 --- /dev/null +++ b/roles/win_ping/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - win_ping diff --git a/roles/win_ping/vars/main.yml b/roles/win_ping/vars/main.yml new file mode 100644 index 0000000..f7892c2 --- /dev/null +++ b/roles/win_ping/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for win_ping diff --git a/roles/windows_add-ad-group/.travis.yml b/roles/windows_add-ad-group/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_add-ad-group/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_add-ad-group/README.md b/roles/windows_add-ad-group/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_add-ad-group/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_add-ad-group/defaults/main.yml b/roles/windows_add-ad-group/defaults/main.yml new file mode 100644 index 0000000..bf5caab --- /dev/null +++ b/roles/windows_add-ad-group/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_add-ad-group diff --git a/roles/windows_add-ad-group/handlers/main.yml b/roles/windows_add-ad-group/handlers/main.yml new file mode 100644 index 0000000..4f21c19 --- /dev/null +++ b/roles/windows_add-ad-group/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_add-ad-group diff --git a/roles/windows_add-ad-group/meta/main.yml b/roles/windows_add-ad-group/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_add-ad-group/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_add-ad-group/tasks/main.yml b/roles/windows_add-ad-group/tasks/main.yml new file mode 100644 index 0000000..8c4b3b4 --- /dev/null +++ b/roles/windows_add-ad-group/tasks/main.yml @@ -0,0 +1,25 @@ +--- +# tasks file for windows_add-ad-group +- name: Create ad security group for Devices + community.windows.win_domain_group: + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{ad_user}}" + domain_password: "{{ad_pass}}" + state: present + scope: global + + +- name: add admin users to ad group + community.windows.win_domain_group_membership: + domain_username: "{{ad_user}}" + domain_password: "{{ad_pass}}" + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + members: + - sys-awx-srvautomate + - adm-bvandendaele + - adm-yclaes + - adm-pvandeweert + state: present + + \ No newline at end of file diff --git a/roles/windows_add-ad-group/tests/inventory b/roles/windows_add-ad-group/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_add-ad-group/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_add-ad-group/tests/test.yml b/roles/windows_add-ad-group/tests/test.yml new file mode 100644 index 0000000..21ec308 --- /dev/null +++ b/roles/windows_add-ad-group/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_add-ad-group diff --git a/roles/windows_add-ad-group/vars/main.yml b/roles/windows_add-ad-group/vars/main.yml new file mode 100644 index 0000000..8a31eec --- /dev/null +++ b/roles/windows_add-ad-group/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_add-ad-group diff --git a/roles/windows_add-user-to-adgroup/README.md b/roles/windows_add-user-to-adgroup/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_add-user-to-adgroup/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_add-user-to-adgroup/defaults/main.yml b/roles/windows_add-user-to-adgroup/defaults/main.yml new file mode 100644 index 0000000..03d7270 --- /dev/null +++ b/roles/windows_add-user-to-adgroup/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_add-user-to-adgroup diff --git a/roles/windows_add-user-to-adgroup/handlers/main.yml b/roles/windows_add-user-to-adgroup/handlers/main.yml new file mode 100644 index 0000000..800dd04 --- /dev/null +++ b/roles/windows_add-user-to-adgroup/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_add-user-to-adgroup diff --git a/roles/windows_add-user-to-adgroup/meta/main.yml b/roles/windows_add-user-to-adgroup/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_add-user-to-adgroup/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_add-user-to-adgroup/tasks/main.yml b/roles/windows_add-user-to-adgroup/tasks/main.yml new file mode 100644 index 0000000..f33ee23 --- /dev/null +++ b/roles/windows_add-user-to-adgroup/tasks/main.yml @@ -0,0 +1,29 @@ +--- +# tasks file for windows_add-user-to-adgroup +- name: check if group exists + community.windows.win_domain_group: + domain_username: "{{admin_name}}" + domain_password: "{{admin_pass}}" + name: "{{groupname}}" + +- name: Add a domain user/group to a domain group + community.windows.win_domain_group_membership: + name: "{{groupname}}" + domain_username: "{{admin_name}}" + domain_password: "{{admin_pass}}" + members: + - "ADAGILITY\\{{item}}" + state: present + with_items: "{{ usernames.split(',') }}" + when: not destroy + + +- name: remove user from that group (old module) + community.windows.win_domain_group_membership: + name: "{{groupname}}" + domain_username: "{{admin_name}}" + domain_password: "{{admin_pass}}" + members: + - ADAGILITY\adm-bvandendaele + state: absent + when: destroy diff --git a/roles/windows_add-user-to-adgroup/tests/inventory b/roles/windows_add-user-to-adgroup/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_add-user-to-adgroup/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_add-user-to-adgroup/tests/test.yml b/roles/windows_add-user-to-adgroup/tests/test.yml new file mode 100644 index 0000000..40910cb --- /dev/null +++ b/roles/windows_add-user-to-adgroup/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_add-user-to-adgroup diff --git a/roles/windows_add-user-to-adgroup/vars/main.yml b/roles/windows_add-user-to-adgroup/vars/main.yml new file mode 100644 index 0000000..1d020dd --- /dev/null +++ b/roles/windows_add-user-to-adgroup/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_add-user-to-adgroup diff --git a/roles/windows_azure-arc/.travis.yml b/roles/windows_azure-arc/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_azure-arc/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_azure-arc/README.md b/roles/windows_azure-arc/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_azure-arc/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_azure-arc/defaults/main.yml b/roles/windows_azure-arc/defaults/main.yml new file mode 100644 index 0000000..39c902e --- /dev/null +++ b/roles/windows_azure-arc/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_azure-arc diff --git a/roles/windows_azure-arc/handlers/main.yml b/roles/windows_azure-arc/handlers/main.yml new file mode 100644 index 0000000..7d9f985 --- /dev/null +++ b/roles/windows_azure-arc/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_azure-arc diff --git a/roles/windows_azure-arc/meta/main.yml b/roles/windows_azure-arc/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_azure-arc/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_azure-arc/tasks/main.yml b/roles/windows_azure-arc/tasks/main.yml new file mode 100644 index 0000000..9915e0a --- /dev/null +++ b/roles/windows_azure-arc/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# tasks file for windows_azure-arc +- name: Onboard Linux and Windows Servers to Azure Arc-enabled servers with public endpoint connectivity + hosts: all + # vars: + # azure: + # service_principal_id: 'INSERT-SERVICE-PRINCIPAL-CLIENT-ID' + # service_principal_secret: 'INSERT-SERVICE-PRINCIPAL-SECRET' + # resource_group: 'INSERT-RESOURCE-GROUP' + # tenant_id: 'INSERT-TENANT-ID' + # subscription_id: 'INSERT-SUBSCRIPTION-ID' + # location: 'INSERT-LOCATION' + tasks: + - name: Check if the Connected Machine Agent has already been downloaded on Windows servers + win_stat: + path: C:\Program Files\AzureConnectedMachineAgent + register: azcmagent_win_downloaded + when: ansible_os_family == 'Windows' + + - name: Download the Connected Machine Agent on Windows servers + win_get_url: + url: https://aka.ms/AzureConnectedMachineAgent + dest: C:\AzureConnectedMachineAgent.msi + when: (ansible_os_family == 'Windows') and (not azcmagent_win_downloaded.stat.exists) + + - name: Install the Connected Machine Agent on Windows servers + win_package: + path: C:\AzureConnectedMachineAgent.msi + when: (ansible_os_family == 'Windows') and (not azcmagent_win_downloaded.stat.exists) + + - name: Connect the Connected Machine Agent on Windows servers to Azure + win_shell: '& $env:ProgramFiles\AzureConnectedMachineAgent\azcmagent.exe connect --service-principal-id "{{ azure.service_principal_id }}" --service-principal-secret "{{ azure.service_principal_secret }}" --resource-group "{{ azure.resource_group }}" --tenant-id "{{ azure.tenant_id }}" --location "{{ azure.location }}" --subscription-id "{{ azure.subscription_id }}"' + + - name: Check if the Connected Machine Agent has already been connected on windows + win_command: azcmagent check + register: azcmagent_win_connected + when: ansible_os_family == 'Windows' + ignore_errors: yes + failed_when: (azcmagent_win_connected.rc not in [ 0, 16 ]) + changed_when: False + + \ No newline at end of file diff --git a/roles/windows_azure-arc/tests/inventory b/roles/windows_azure-arc/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_azure-arc/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_azure-arc/tests/test.yml b/roles/windows_azure-arc/tests/test.yml new file mode 100644 index 0000000..b09ec05 --- /dev/null +++ b/roles/windows_azure-arc/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_azure-arc diff --git a/roles/windows_azure-arc/vars/main.yml b/roles/windows_azure-arc/vars/main.yml new file mode 100644 index 0000000..cb8dc6f --- /dev/null +++ b/roles/windows_azure-arc/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_azure-arc diff --git a/roles/windows_clean-printer-export/.travis.yml b/roles/windows_clean-printer-export/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_clean-printer-export/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_clean-printer-export/README.md b/roles/windows_clean-printer-export/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_clean-printer-export/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_clean-printer-export/defaults/main.yml b/roles/windows_clean-printer-export/defaults/main.yml new file mode 100644 index 0000000..051e40b --- /dev/null +++ b/roles/windows_clean-printer-export/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_clean-printer-export diff --git a/roles/windows_clean-printer-export/handlers/main.yml b/roles/windows_clean-printer-export/handlers/main.yml new file mode 100644 index 0000000..5fd1201 --- /dev/null +++ b/roles/windows_clean-printer-export/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_clean-printer-export diff --git a/roles/windows_clean-printer-export/meta/main.yml b/roles/windows_clean-printer-export/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_clean-printer-export/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_clean-printer-export/tasks/main.yml b/roles/windows_clean-printer-export/tasks/main.yml new file mode 100644 index 0000000..87de9f3 --- /dev/null +++ b/roles/windows_clean-printer-export/tasks/main.yml @@ -0,0 +1,23 @@ +--- +# tasks file for windows_clean-printer-export +- name: clean all services + win_nssm: + name: printer-export-{{item}} + state: absent + loop: "{{printers}}" + +- name: clean all log files + ansible.windows.win_file: + path: F:\{{item}}.txt + state: absent + loop: "{{printers}}" +- name: clean error files + ansible.windows.win_file: + path: F:\{{item}}-err.txt + state: absent + loop: "{{printers}}" + +- debug: + msg: "{{ '%Y%m%d' | strftime( ( ansible_date_time.epoch | int ) - ( 86400 ) ) }}" + + \ No newline at end of file diff --git a/roles/windows_clean-printer-export/tests/inventory b/roles/windows_clean-printer-export/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_clean-printer-export/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_clean-printer-export/tests/test.yml b/roles/windows_clean-printer-export/tests/test.yml new file mode 100644 index 0000000..66ca3bc --- /dev/null +++ b/roles/windows_clean-printer-export/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_clean-printer-export diff --git a/roles/windows_clean-printer-export/vars/main.yml b/roles/windows_clean-printer-export/vars/main.yml new file mode 100644 index 0000000..06f7b5a --- /dev/null +++ b/roles/windows_clean-printer-export/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_clean-printer-export diff --git a/roles/windows_dhcp-config/.travis.yml b/roles/windows_dhcp-config/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_dhcp-config/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_dhcp-config/README.md b/roles/windows_dhcp-config/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_dhcp-config/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_dhcp-config/defaults/main.yml b/roles/windows_dhcp-config/defaults/main.yml new file mode 100644 index 0000000..5c7f0ac --- /dev/null +++ b/roles/windows_dhcp-config/defaults/main.yml @@ -0,0 +1,6 @@ +--- +# defaults file for windows_dhcp-config +servers: + - bth-mgt-009 + - btn-mgt-009 + - isb-fsr-001 \ No newline at end of file diff --git a/roles/windows_dhcp-config/handlers/main.yml b/roles/windows_dhcp-config/handlers/main.yml new file mode 100644 index 0000000..086bd05 --- /dev/null +++ b/roles/windows_dhcp-config/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_dhcp-config diff --git a/roles/windows_dhcp-config/meta/main.yml b/roles/windows_dhcp-config/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_dhcp-config/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_dhcp-config/tasks/main.yml b/roles/windows_dhcp-config/tasks/main.yml new file mode 100644 index 0000000..e203b07 --- /dev/null +++ b/roles/windows_dhcp-config/tasks/main.yml @@ -0,0 +1,20 @@ +--- + - name: Create directory structure + ansible.windows.win_file: + path: \\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\DHCP\ + state: directory + - name: Run PowerShell script for dhcp config + ansible.windows.win_powershell: + script: | + Export-DhcpServer -computerName {{item}} -File "\\awe-mps-006.adagility.net\cor$\$(get-date -f yyyyMMdd)\Infra\Configs\DHCP\{{item}}.xml" + loop: "{{servers}}" + register: pwsh_output + - name: check if file exists + ansible.windows.win_file: + path: \\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\DHCP\{{item}}.xml + loop: "{{servers}}" + + + + +# Export-DhcpServer -computerName gns-mgt-001 -File "\\awe-mps-006.adagility.net\cor$\Infra\Configs\DHCP\gns-mgt-001-$(get-date -f yyyy-MM-dd).xml" \ No newline at end of file diff --git a/roles/windows_dhcp-config/tests/inventory b/roles/windows_dhcp-config/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_dhcp-config/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_dhcp-config/tests/test.yml b/roles/windows_dhcp-config/tests/test.yml new file mode 100644 index 0000000..78d3ff4 --- /dev/null +++ b/roles/windows_dhcp-config/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_dhcp-config diff --git a/roles/windows_dhcp-config/vars/main.yml b/roles/windows_dhcp-config/vars/main.yml new file mode 100644 index 0000000..b6ead18 --- /dev/null +++ b/roles/windows_dhcp-config/vars/main.yml @@ -0,0 +1,7 @@ +--- +# vars file for windows_dhcp-config + +servers: + - bth-mgt-009 + - btn-mgt-009 + - isb-fsr-001 \ No newline at end of file diff --git a/roles/windows_dns/.travis.yml b/roles/windows_dns/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_dns/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_dns/README.md b/roles/windows_dns/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_dns/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_dns/defaults/main.yml b/roles/windows_dns/defaults/main.yml new file mode 100644 index 0000000..1fecdc6 --- /dev/null +++ b/roles/windows_dns/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_dns diff --git a/roles/windows_dns/handlers/main.yml b/roles/windows_dns/handlers/main.yml new file mode 100644 index 0000000..3009026 --- /dev/null +++ b/roles/windows_dns/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_dns diff --git a/roles/windows_dns/meta/main.yml b/roles/windows_dns/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_dns/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_dns/tasks/main.yml b/roles/windows_dns/tasks/main.yml new file mode 100644 index 0000000..70570db --- /dev/null +++ b/roles/windows_dns/tasks/main.yml @@ -0,0 +1,7 @@ +--- +# tasks file for windows_dns +- name: Set a single address on the adapter named Ethernet + ansible.windows.win_dns_client: + adapter_names: 'Ethernet0' + dns_servers: + - 10.10.10.1 diff --git a/roles/windows_dns/tests/inventory b/roles/windows_dns/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_dns/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_dns/tests/test.yml b/roles/windows_dns/tests/test.yml new file mode 100644 index 0000000..9ebd2fd --- /dev/null +++ b/roles/windows_dns/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_dns diff --git a/roles/windows_dns/vars/main.yml b/roles/windows_dns/vars/main.yml new file mode 100644 index 0000000..6c40b31 --- /dev/null +++ b/roles/windows_dns/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_dns diff --git a/roles/windows_domain-join/.travis.yml b/roles/windows_domain-join/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_domain-join/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_domain-join/README.md b/roles/windows_domain-join/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_domain-join/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_domain-join/defaults/main.yml b/roles/windows_domain-join/defaults/main.yml new file mode 100644 index 0000000..b8e347a --- /dev/null +++ b/roles/windows_domain-join/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_domain-join diff --git a/roles/windows_domain-join/handlers/main.yml b/roles/windows_domain-join/handlers/main.yml new file mode 100644 index 0000000..bf0224e --- /dev/null +++ b/roles/windows_domain-join/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_domain-join diff --git a/roles/windows_domain-join/meta/main.yml b/roles/windows_domain-join/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_domain-join/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_domain-join/tasks/main.yml b/roles/windows_domain-join/tasks/main.yml new file mode 100644 index 0000000..ee98603 --- /dev/null +++ b/roles/windows_domain-join/tasks/main.yml @@ -0,0 +1,28 @@ +--- +# - name: create computer object in adagility +# microsoft.ad.computer: +# name: "{{hostname}}" +# dns_hostname: "{{hostname}}.ADAGILITY.NET" +# path: "OU={{accdevtest}},{{domain_path}}" +# enabled: yes +# state: present + + +- name: join host to adagility.net + microsoft.ad.membership: + dns_domain_name: adagility.net + hostname: "{{hostname}}" + domain_admin_user: "{{domain_admin}}" + domain_admin_password: "{{domain_password}}" + domain_ou_path: "OU={{accdevtest}},{{domain_path}}" + state: domain + # reboot: true + ignore_errors: true + + + + + + + + diff --git a/roles/windows_domain-join/tests/inventory b/roles/windows_domain-join/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_domain-join/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_domain-join/tests/test.yml b/roles/windows_domain-join/tests/test.yml new file mode 100644 index 0000000..121e38c --- /dev/null +++ b/roles/windows_domain-join/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_domain-join diff --git a/roles/windows_domain-join/vars/main.yml b/roles/windows_domain-join/vars/main.yml new file mode 100644 index 0000000..c7b8416 --- /dev/null +++ b/roles/windows_domain-join/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_domain-join diff --git a/roles/windows_finalize/.travis.yml b/roles/windows_finalize/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_finalize/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_finalize/README.md b/roles/windows_finalize/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_finalize/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_finalize/defaults/main.yml b/roles/windows_finalize/defaults/main.yml new file mode 100644 index 0000000..d7d8f32 --- /dev/null +++ b/roles/windows_finalize/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_finalize diff --git a/roles/windows_finalize/handlers/main.yml b/roles/windows_finalize/handlers/main.yml new file mode 100644 index 0000000..a5dba86 --- /dev/null +++ b/roles/windows_finalize/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_finalize diff --git a/roles/windows_finalize/meta/main.yml b/roles/windows_finalize/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_finalize/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_finalize/tasks/main.yml b/roles/windows_finalize/tasks/main.yml new file mode 100644 index 0000000..c1e748b --- /dev/null +++ b/roles/windows_finalize/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# tasks file for windows_finalize +- name: reboot host(s) + ansible.windows.win_reboot: + msg: "reboot by Ansible" + pre_reboot_delay: 5 + post_reboot_delay: 10 + ignore_errors: yes diff --git a/roles/windows_finalize/tests/inventory b/roles/windows_finalize/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_finalize/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_finalize/tests/test.yml b/roles/windows_finalize/tests/test.yml new file mode 100644 index 0000000..56c524c --- /dev/null +++ b/roles/windows_finalize/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_finalize diff --git a/roles/windows_finalize/vars/main.yml b/roles/windows_finalize/vars/main.yml new file mode 100644 index 0000000..aa6eac0 --- /dev/null +++ b/roles/windows_finalize/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_finalize diff --git a/roles/windows_find-moviesandshows/README.md b/roles/windows_find-moviesandshows/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_find-moviesandshows/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_find-moviesandshows/defaults/main.yml b/roles/windows_find-moviesandshows/defaults/main.yml new file mode 100644 index 0000000..25e2f2a --- /dev/null +++ b/roles/windows_find-moviesandshows/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_find-moviesandshows diff --git a/roles/windows_find-moviesandshows/handlers/main.yml b/roles/windows_find-moviesandshows/handlers/main.yml new file mode 100644 index 0000000..d274074 --- /dev/null +++ b/roles/windows_find-moviesandshows/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_find-moviesandshows diff --git a/roles/windows_find-moviesandshows/meta/main.yml b/roles/windows_find-moviesandshows/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_find-moviesandshows/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_find-moviesandshows/tasks/main.yml b/roles/windows_find-moviesandshows/tasks/main.yml new file mode 100644 index 0000000..aa13aa7 --- /dev/null +++ b/roles/windows_find-moviesandshows/tasks/main.yml @@ -0,0 +1,27 @@ +--- +# tasks file for windows_find-moviesandshows + - name: find movie files above 100mb + ansible.windows.win_find: + paths: "{{ path }}" + size: 524288000 + patterns: ['*.mp4', '*.mkv','*.avi', '*.MOV'] + recurse: true + hidden: true + follow: true + register: movies + - name: find subtitle files + ansible.windows.win_find: + paths: "{{ path }}" + patterns: ['*.srt', '*.VTT'] + recurse: true + hidden: true + follow: true + register: subs + - name: output movie file names + ansible.builtin.debug: + msg: "file: {{ item }}" + loop: "{{ movies.files | map(attribute='path') }}" + - name: output movie subs + ansible.builtin.debug: + msg: "file: {{ item }}" + loop: "{{ subs.files | map(attribute='path') }}" \ No newline at end of file diff --git a/roles/windows_find-moviesandshows/tests/inventory b/roles/windows_find-moviesandshows/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_find-moviesandshows/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_find-moviesandshows/tests/test.yml b/roles/windows_find-moviesandshows/tests/test.yml new file mode 100644 index 0000000..7513d5a --- /dev/null +++ b/roles/windows_find-moviesandshows/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_find-moviesandshows diff --git a/roles/windows_find-moviesandshows/vars/main.yml b/roles/windows_find-moviesandshows/vars/main.yml new file mode 100644 index 0000000..0a9f3e1 --- /dev/null +++ b/roles/windows_find-moviesandshows/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_find-moviesandshows diff --git a/roles/windows_inbound_rule/.travis.yml b/roles/windows_inbound_rule/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_inbound_rule/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_inbound_rule/README.md b/roles/windows_inbound_rule/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_inbound_rule/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_inbound_rule/defaults/main.yml b/roles/windows_inbound_rule/defaults/main.yml new file mode 100644 index 0000000..2866dec --- /dev/null +++ b/roles/windows_inbound_rule/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for inbound_rule diff --git a/roles/windows_inbound_rule/handlers/main.yml b/roles/windows_inbound_rule/handlers/main.yml new file mode 100644 index 0000000..322f016 --- /dev/null +++ b/roles/windows_inbound_rule/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for inbound_rule diff --git a/roles/windows_inbound_rule/meta/main.yml b/roles/windows_inbound_rule/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_inbound_rule/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_inbound_rule/tasks/main.yml b/roles/windows_inbound_rule/tasks/main.yml new file mode 100644 index 0000000..688862a --- /dev/null +++ b/roles/windows_inbound_rule/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# tasks file for inbound_rule + +- name: Firewall rule to allow SMTP on TCP port 25 + community.windows.win_firewall_rule: + name: CheckMK + localport: 6556 + action: allow + direction: in + protocol: tcp + state: absent + enabled: yes diff --git a/roles/windows_inbound_rule/tests/inventory b/roles/windows_inbound_rule/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_inbound_rule/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_inbound_rule/tests/test.yml b/roles/windows_inbound_rule/tests/test.yml new file mode 100644 index 0000000..9ee0846 --- /dev/null +++ b/roles/windows_inbound_rule/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - inbound_rule diff --git a/roles/windows_inbound_rule/vars/main.yml b/roles/windows_inbound_rule/vars/main.yml new file mode 100644 index 0000000..1534101 --- /dev/null +++ b/roles/windows_inbound_rule/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for inbound_rule diff --git a/roles/windows_initialize-azconnect/.travis.yml b/roles/windows_initialize-azconnect/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_initialize-azconnect/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_initialize-azconnect/README.md b/roles/windows_initialize-azconnect/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_initialize-azconnect/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_initialize-azconnect/defaults/main.yml b/roles/windows_initialize-azconnect/defaults/main.yml new file mode 100644 index 0000000..42efdcd --- /dev/null +++ b/roles/windows_initialize-azconnect/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_initialize-azconnect diff --git a/roles/windows_initialize-azconnect/handlers/main.yml b/roles/windows_initialize-azconnect/handlers/main.yml new file mode 100644 index 0000000..571627b --- /dev/null +++ b/roles/windows_initialize-azconnect/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_initialize-azconnect diff --git a/roles/windows_initialize-azconnect/meta/main.yml b/roles/windows_initialize-azconnect/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_initialize-azconnect/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_initialize-azconnect/tasks/main.yml b/roles/windows_initialize-azconnect/tasks/main.yml new file mode 100644 index 0000000..2f4c75f --- /dev/null +++ b/roles/windows_initialize-azconnect/tasks/main.yml @@ -0,0 +1,24 @@ +--- +# tasks file for windows_initialize-azconnect + +- name: Create directory structure + ansible.windows.win_file: + path: \\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\AZ_VMINFO\ + state: directory +- name: Run export script + ansible.windows.win_powershell: + script: | + F:\Data\COR\export_az-vms.ps1 >> F:\Data\COR\$(get-date -f yyyyMMdd)\Infra\Configs\AZ_VMINFO\servers.txt + + + + + + + + + + + + + diff --git a/roles/windows_initialize-azconnect/tests/inventory b/roles/windows_initialize-azconnect/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_initialize-azconnect/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_initialize-azconnect/tests/test.yml b/roles/windows_initialize-azconnect/tests/test.yml new file mode 100644 index 0000000..b08a0d8 --- /dev/null +++ b/roles/windows_initialize-azconnect/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_initialize-azconnect diff --git a/roles/windows_initialize-azconnect/vars/main.yml b/roles/windows_initialize-azconnect/vars/main.yml new file mode 100644 index 0000000..cc697c2 --- /dev/null +++ b/roles/windows_initialize-azconnect/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_initialize-azconnect diff --git a/roles/windows_install-check-mk/.travis.yml b/roles/windows_install-check-mk/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_install-check-mk/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_install-check-mk/README.md b/roles/windows_install-check-mk/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-check-mk/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-check-mk/defaults/main.yml b/roles/windows_install-check-mk/defaults/main.yml new file mode 100644 index 0000000..5c98d3e --- /dev/null +++ b/roles/windows_install-check-mk/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install-check-mk diff --git a/roles/windows_install-check-mk/files/check_mk_agent.msi b/roles/windows_install-check-mk/files/check_mk_agent.msi new file mode 100644 index 0000000..6f3e1a3 Binary files /dev/null and b/roles/windows_install-check-mk/files/check_mk_agent.msi differ diff --git a/roles/windows_install-check-mk/handlers/main.yml b/roles/windows_install-check-mk/handlers/main.yml new file mode 100644 index 0000000..339f0bd --- /dev/null +++ b/roles/windows_install-check-mk/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install-check-mk diff --git a/roles/windows_install-check-mk/meta/main.yml b/roles/windows_install-check-mk/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-check-mk/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-check-mk/tasks/main.yml b/roles/windows_install-check-mk/tasks/main.yml new file mode 100644 index 0000000..a34ae75 --- /dev/null +++ b/roles/windows_install-check-mk/tasks/main.yml @@ -0,0 +1,63 @@ +--- +# tasks file for windows_install-check-mk +# - name: download check_mk +# ansible.windows.win_get_url: +# url: https://monitoringeu.aperam.internal/monaperam/check_mk/agents/windows/check_mk_agent.msi +# dest: C:\Users\Public\Downloads\check_mk_agent.msi +# validate_certs: false + + +- name: copy installer to destination + ansible.windows.win_copy: + src: check_mk_agent.msi + dest: C:\Users\Public\Downloads\check_mk_agent.msi + +- name: Install checkmk + win_package: + path: C:\Users\Public\Downloads\check_mk_agent.msi + # arguments: + # - /FORCERESTART + #creates_path: "{{ Directory }}" + creates_service: "Check MK Service" + state: present + register: package_output + ignore_errors: yes +- name: enable port 6556 on firewall + community.windows.win_firewall_rule: + name: checkmk + localport: 6556 + action: allow + direction: in + protocol: tcp + state: present + enabled: yes + +# - name: Add host +# tribe29.checkmk.host: +# server_url: "https://monitoringeu.aperam.internal/" +# site: "monaperam" +# automation_user: "ansible" +# automation_secret: "TJXTVH@GFYPRNCJCWUMY" +# host_name: "{{ ansible_fqdn }}" +# validate_certs: false +# state: present + +# - name: "Add newly discovered services on host." +# tribe29.checkmk.discovery: +# server_url: "https://monitoringeu.aperam.internal/" +# site: "monaperam" +# automation_user: "ansible" +# automation_secret: "TJXTVH@GFYPRNCJCWUMY" +# host_name: "{{ ansible_fqdn }}" +# state: "new" +# validate_certs: false + +# - name: "Activate changes on all sites." +# tribe29.checkmk.activation: +# server_url: "https://monitoringeu.aperam.internal/" +# site: "monaperam" +# automation_user: "ansible" +# automation_secret: "TJXTVH@GFYPRNCJCWUMY" +# force_foreign_changes: 'true' +# validate_certs: false +# run_once: 'true' diff --git a/roles/windows_install-check-mk/tests/inventory b/roles/windows_install-check-mk/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-check-mk/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-check-mk/tests/test.yml b/roles/windows_install-check-mk/tests/test.yml new file mode 100644 index 0000000..39596c3 --- /dev/null +++ b/roles/windows_install-check-mk/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install-check-mk diff --git a/roles/windows_install-check-mk/vars/main.yml b/roles/windows_install-check-mk/vars/main.yml new file mode 100644 index 0000000..60cbfb6 --- /dev/null +++ b/roles/windows_install-check-mk/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_install-check-mk diff --git a/roles/windows_install-heavy-forwarder/README.md b/roles/windows_install-heavy-forwarder/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-heavy-forwarder/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-heavy-forwarder/defaults/main.yml b/roles/windows_install-heavy-forwarder/defaults/main.yml new file mode 100644 index 0000000..31a5567 --- /dev/null +++ b/roles/windows_install-heavy-forwarder/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install-heavy-forwarder diff --git a/roles/windows_install-heavy-forwarder/files/splunkclouduf.spl b/roles/windows_install-heavy-forwarder/files/splunkclouduf.spl new file mode 100644 index 0000000..46311e9 Binary files /dev/null and b/roles/windows_install-heavy-forwarder/files/splunkclouduf.spl differ diff --git a/roles/windows_install-heavy-forwarder/files/splunkforwarder-9.0.4-de405f4a7979-x64-release.msi b/roles/windows_install-heavy-forwarder/files/splunkforwarder-9.0.4-de405f4a7979-x64-release.msi new file mode 100644 index 0000000..8be39cf Binary files /dev/null and b/roles/windows_install-heavy-forwarder/files/splunkforwarder-9.0.4-de405f4a7979-x64-release.msi differ diff --git a/roles/windows_install-heavy-forwarder/handlers/main.yml b/roles/windows_install-heavy-forwarder/handlers/main.yml new file mode 100644 index 0000000..e9ea4b6 --- /dev/null +++ b/roles/windows_install-heavy-forwarder/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install-heavy-forwarder diff --git a/roles/windows_install-heavy-forwarder/meta/main.yml b/roles/windows_install-heavy-forwarder/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-heavy-forwarder/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-heavy-forwarder/tasks/main.yml b/roles/windows_install-heavy-forwarder/tasks/main.yml new file mode 100644 index 0000000..e32b840 --- /dev/null +++ b/roles/windows_install-heavy-forwarder/tasks/main.yml @@ -0,0 +1,20 @@ +--- +# tasks file for windows_install-heavy-forwarder +- name: Copy Universal forwarder to target + ansible.windows.win_copy: + src: splunkforwarder-9.0.4-de405f4a7979-x64-release.msi + dest: C:\Users\Public\Downloads\splunkforwarder.msi + + +- name: install splunk forwarder + win_package: + path: C:\Users\Public\Downloads\splunkforwarder.msi + arguments: 'GENRANDOMPASSWORD=1 DEPLOYMENT_SERVER="gnd-mgt-004.adagility.net:8089" AGREETOLICENSE=Yes /quiet' + creates_service: "SplunkForwarder" + state: present + + +- name: Remove a file, if present + ansible.windows.win_file: + path: C:\Users\Public\Downloads\splunkforwarder.msi + state: absent \ No newline at end of file diff --git a/roles/windows_install-heavy-forwarder/tests/inventory b/roles/windows_install-heavy-forwarder/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-heavy-forwarder/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-heavy-forwarder/tests/test.yml b/roles/windows_install-heavy-forwarder/tests/test.yml new file mode 100644 index 0000000..3caeff4 --- /dev/null +++ b/roles/windows_install-heavy-forwarder/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install-heavy-forwarder diff --git a/roles/windows_install-heavy-forwarder/vars/main.yml b/roles/windows_install-heavy-forwarder/vars/main.yml new file mode 100644 index 0000000..1891cde --- /dev/null +++ b/roles/windows_install-heavy-forwarder/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_install-heavy-forwarder diff --git a/roles/windows_install-laps/.travis.yml b/roles/windows_install-laps/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_install-laps/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_install-laps/README.md b/roles/windows_install-laps/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-laps/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-laps/defaults/main.yml b/roles/windows_install-laps/defaults/main.yml new file mode 100644 index 0000000..9ce05d9 --- /dev/null +++ b/roles/windows_install-laps/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install-laps diff --git a/roles/windows_install-laps/handlers/main.yml b/roles/windows_install-laps/handlers/main.yml new file mode 100644 index 0000000..2e710d3 --- /dev/null +++ b/roles/windows_install-laps/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install-laps diff --git a/roles/windows_install-laps/meta/main.yml b/roles/windows_install-laps/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-laps/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-laps/tasks/main.yml b/roles/windows_install-laps/tasks/main.yml new file mode 100644 index 0000000..5823899 --- /dev/null +++ b/roles/windows_install-laps/tasks/main.yml @@ -0,0 +1,15 @@ +--- +# tasks file for windows_install-laps +- name: download LAPS + ansible.windows.win_get_url: + url: http://awe-mps-006/LAPS.x64.msi + dest: C:\Users\Public\Downloads\LAPS.msi + + +- name: Install LAPS + win_package: + path: C:\Users\Public\Downloads\LAPS.msi + creates_path: C:\Program Files\LAPS\CSE\ + state: present + register: package_output + ignore_errors: yes \ No newline at end of file diff --git a/roles/windows_install-laps/tests/inventory b/roles/windows_install-laps/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-laps/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-laps/tests/test.yml b/roles/windows_install-laps/tests/test.yml new file mode 100644 index 0000000..22edc32 --- /dev/null +++ b/roles/windows_install-laps/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install-laps diff --git a/roles/windows_install-laps/vars/main.yml b/roles/windows_install-laps/vars/main.yml new file mode 100644 index 0000000..e412a05 --- /dev/null +++ b/roles/windows_install-laps/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_install-laps diff --git a/roles/windows_install-package/README.md b/roles/windows_install-package/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-package/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-package/defaults/main.yml b/roles/windows_install-package/defaults/main.yml new file mode 100644 index 0000000..3006b3f --- /dev/null +++ b/roles/windows_install-package/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install-package diff --git a/roles/windows_install-package/files/AzureConnectedMachineAgent.msi b/roles/windows_install-package/files/AzureConnectedMachineAgent.msi new file mode 100644 index 0000000..58e2472 Binary files /dev/null and b/roles/windows_install-package/files/AzureConnectedMachineAgent.msi differ diff --git a/roles/windows_install-package/handlers/main.yml b/roles/windows_install-package/handlers/main.yml new file mode 100644 index 0000000..fa006db --- /dev/null +++ b/roles/windows_install-package/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install-package diff --git a/roles/windows_install-package/meta/main.yml b/roles/windows_install-package/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-package/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-package/tasks/main.yml b/roles/windows_install-package/tasks/main.yml new file mode 100644 index 0000000..8bbffd8 --- /dev/null +++ b/roles/windows_install-package/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# tasks file for windows_install-package +- name: Copy package to target + ansible.windows.win_copy: + src: "{{package_name}}" + dest: C:\Users\Public\Downloads\{{package_name}} + +- name: install package + ansible.windows.win_package: + path: C:\Users\Public\Downloads\{{package_name}} + arguments: "{{ arguments }}" + state: present \ No newline at end of file diff --git a/roles/windows_install-package/tests/inventory b/roles/windows_install-package/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-package/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-package/tests/test.yml b/roles/windows_install-package/tests/test.yml new file mode 100644 index 0000000..c8fd876 --- /dev/null +++ b/roles/windows_install-package/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install-package diff --git a/roles/windows_install-package/vars/main.yml b/roles/windows_install-package/vars/main.yml new file mode 100644 index 0000000..740f49b --- /dev/null +++ b/roles/windows_install-package/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_install-package diff --git a/roles/windows_install-sentinelone/.travis.yml b/roles/windows_install-sentinelone/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_install-sentinelone/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_install-sentinelone/README.md b/roles/windows_install-sentinelone/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-sentinelone/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-sentinelone/defaults/main.yml b/roles/windows_install-sentinelone/defaults/main.yml new file mode 100644 index 0000000..45cc3c0 --- /dev/null +++ b/roles/windows_install-sentinelone/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install_files diff --git a/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows 64bit_v23.3.3_264.exe b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows 64bit_v23.3.3_264.exe new file mode 100644 index 0000000..155f2dd Binary files /dev/null and b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows 64bit_v23.3.3_264.exe differ diff --git a/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_4_612.exe b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_4_612.exe new file mode 100644 index 0000000..7e32294 Binary files /dev/null and b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_4_612.exe differ diff --git a/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_5_887.exe b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_5_887.exe new file mode 100644 index 0000000..7035c49 Binary files /dev/null and b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v22_3_5_887.exe differ diff --git a/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v23_1_4_650.exe b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v23_1_4_650.exe new file mode 100644 index 0000000..fcbe5da Binary files /dev/null and b/roles/windows_install-sentinelone/files/SentinelOneInstaller_windows_64bit_v23_1_4_650.exe differ diff --git a/roles/windows_install-sentinelone/handlers/main.yml b/roles/windows_install-sentinelone/handlers/main.yml new file mode 100644 index 0000000..3cc2434 --- /dev/null +++ b/roles/windows_install-sentinelone/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install_files diff --git a/roles/windows_install-sentinelone/meta/main.yml b/roles/windows_install-sentinelone/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-sentinelone/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-sentinelone/tasks/main.yml b/roles/windows_install-sentinelone/tasks/main.yml new file mode 100644 index 0000000..30cd710 --- /dev/null +++ b/roles/windows_install-sentinelone/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: Copy SentinelAgent to target + ansible.windows.win_copy: + src: SentinelOneInstaller_windows 64bit_v23.3.3_264.exe + dest: C:\Users\Public\Downloads\sentinelone.exe +- name: install sentinelone + win_package: + path: C:\Users\Public\Downloads\sentinelone.exe + arguments: + - -t eyJ1cmwiOiAiaHR0cHM6Ly9ldWNlMS0xMDQuc2VudGluZWxvbmUubmV0IiwgInNpdGVfa2V5IjogIjNiOGI1MDlhY2I5OGU5MmYifQ== + - --qn + - --dont_fail_on_config_preserving_failures + creates_service: "Sentinel Agent" + state: present + expected_return_code: [0] + register: package_output + ignore_errors: yes \ No newline at end of file diff --git a/roles/windows_install-sentinelone/tests/inventory b/roles/windows_install-sentinelone/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-sentinelone/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-sentinelone/tests/test.yml b/roles/windows_install-sentinelone/tests/test.yml new file mode 100644 index 0000000..a0a50c7 --- /dev/null +++ b/roles/windows_install-sentinelone/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install_files diff --git a/roles/windows_install-sentinelone/vars/main.yml b/roles/windows_install-sentinelone/vars/main.yml new file mode 100644 index 0000000..cd5b0e5 --- /dev/null +++ b/roles/windows_install-sentinelone/vars/main.yml @@ -0,0 +1,4 @@ +--- +# vars file for windows_install_files +Directory: 'C:\Program Files\SentinelOne' +file: 'C:\Program Files\SentinelOne\rebooted.txt' \ No newline at end of file diff --git a/roles/windows_install-windirstat/.travis.yml b/roles/windows_install-windirstat/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_install-windirstat/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_install-windirstat/README.md b/roles/windows_install-windirstat/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install-windirstat/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install-windirstat/defaults/main.yml b/roles/windows_install-windirstat/defaults/main.yml new file mode 100644 index 0000000..d40f5c7 --- /dev/null +++ b/roles/windows_install-windirstat/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_install-windirstat diff --git a/roles/windows_install-windirstat/files/windirstat.exe b/roles/windows_install-windirstat/files/windirstat.exe new file mode 100644 index 0000000..be8b507 Binary files /dev/null and b/roles/windows_install-windirstat/files/windirstat.exe differ diff --git a/roles/windows_install-windirstat/handlers/main.yml b/roles/windows_install-windirstat/handlers/main.yml new file mode 100644 index 0000000..b8f9287 --- /dev/null +++ b/roles/windows_install-windirstat/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_install-windirstat diff --git a/roles/windows_install-windirstat/meta/main.yml b/roles/windows_install-windirstat/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install-windirstat/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install-windirstat/tasks/main.yml b/roles/windows_install-windirstat/tasks/main.yml new file mode 100644 index 0000000..223f7ea --- /dev/null +++ b/roles/windows_install-windirstat/tasks/main.yml @@ -0,0 +1,40 @@ +--- +# tasks file for windows_install-windirstat + +# - name: Download windirstat +# ansible.windows.win_get_url: +# url: http://awe-mps-006/windirstat1_1_2_setup.exe +# dest: C:\Users\Public\Downloads\windirstat1_1_2_setup.exe + +- name: Create directory structure + ansible.windows.win_file: + path: C:\Program Files (x86)\Tools + state: directory + +- name: Copy WinDirStat to local directory + ansible.windows.win_copy: + src: windirstat.exe + dest: C:\Program Files (x86)\Tools\windirstat.exe + + + + + +# - name: Install windirstat +# ansible.windows.win_package: +# path: C:\Users\Public\Downloads\windirstat1_1_2_setup.exe +# arguments: /S +# creates_path: 'C:\Program Files (x86)\WinDirStat' +# state: present +# register: package_output +# ignore_errors: true + +# - name: Copy a single file +# ansible.windows.win_copy: +# src: 'C:\Users\sys-awx-srvautomate\Desktop\WinDirStat.lnk' +# dest: '%Public%\Desktop\WinDirStat.lnk' +# - name: Create an application shortcut on the desktop +# community.windows.win_shortcut: +# src: C:\Program Files (x86)\WinDirStat\windirstat.exe +# dest: C:\Users\Public\Desktop\WinDirStat.lnk +# icon: C:\Program Files (x86)\WinDirStat\windirstat.exe,0 diff --git a/roles/windows_install-windirstat/tests/inventory b/roles/windows_install-windirstat/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install-windirstat/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install-windirstat/tests/test.yml b/roles/windows_install-windirstat/tests/test.yml new file mode 100644 index 0000000..345a73e --- /dev/null +++ b/roles/windows_install-windirstat/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_install-windirstat diff --git a/roles/windows_install-windirstat/vars/main.yml b/roles/windows_install-windirstat/vars/main.yml new file mode 100644 index 0000000..3fe6d71 --- /dev/null +++ b/roles/windows_install-windirstat/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_install-windirstat diff --git a/roles/windows_install_ad_role/.travis.yml b/roles/windows_install_ad_role/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_install_ad_role/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_install_ad_role/README.md b/roles/windows_install_ad_role/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_install_ad_role/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_install_ad_role/defaults/main.yml b/roles/windows_install_ad_role/defaults/main.yml new file mode 100644 index 0000000..68ee224 --- /dev/null +++ b/roles/windows_install_ad_role/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for install_ad_role diff --git a/roles/windows_install_ad_role/handlers/main.yml b/roles/windows_install_ad_role/handlers/main.yml new file mode 100644 index 0000000..698acf7 --- /dev/null +++ b/roles/windows_install_ad_role/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for install_ad_role diff --git a/roles/windows_install_ad_role/meta/main.yml b/roles/windows_install_ad_role/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_install_ad_role/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_install_ad_role/tasks/main.yml b/roles/windows_install_ad_role/tasks/main.yml new file mode 100644 index 0000000..eec9c3e --- /dev/null +++ b/roles/windows_install_ad_role/tasks/main.yml @@ -0,0 +1,9 @@ +--- +# tasks file for install_ad_role +- name: Install AD Services feature + win_feature: + name: AD-Domain-Services + include_management_tools: yes + include_sub_features: yes + state: absent + register: result \ No newline at end of file diff --git a/roles/windows_install_ad_role/tests/inventory b/roles/windows_install_ad_role/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_install_ad_role/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_install_ad_role/tests/test.yml b/roles/windows_install_ad_role/tests/test.yml new file mode 100644 index 0000000..f900871 --- /dev/null +++ b/roles/windows_install_ad_role/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - install_ad_role diff --git a/roles/windows_install_ad_role/vars/main.yml b/roles/windows_install_ad_role/vars/main.yml new file mode 100644 index 0000000..5b4bca8 --- /dev/null +++ b/roles/windows_install_ad_role/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for install_ad_role diff --git a/roles/windows_onboard-mde/README.md b/roles/windows_onboard-mde/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_onboard-mde/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_onboard-mde/defaults/main.yml b/roles/windows_onboard-mde/defaults/main.yml new file mode 100644 index 0000000..041ee16 --- /dev/null +++ b/roles/windows_onboard-mde/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_onboard-mde diff --git a/roles/windows_onboard-mde/files/WindowsDefenderATPLocalOnboardingScript.cmd b/roles/windows_onboard-mde/files/WindowsDefenderATPLocalOnboardingScript.cmd new file mode 100644 index 0000000..355a9a6 --- /dev/null +++ b/roles/windows_onboard-mde/files/WindowsDefenderATPLocalOnboardingScript.cmd @@ -0,0 +1,188 @@ +@echo off + +echo This script is for onboarding machines to the Microsoft Defender for Endpoint services, including security and compliance products. +echo Once completed, the machine should light up in the portal within 5-30 minutes, depending on this machine's Internet connectivity availability and machine power state (plugged in vs. battery powered). +echo IMPORTANT: This script is optimized for onboarding a single machine and should not be used for large scale deployment. +echo For more information on large scale deployment, please consult the MDE documentation (links available in the MDE portal under the endpoint onboarding section). +echo. +:USER_CONSENT +::set /p shouldContinue= "Press (Y) to confirm and continue or (N) to cancel and exit: " +set shouldContinue="Y" +::IF /I "%shouldContinue%"=="N" ( +:: GOTO CLEANUP +::) +::IF /I "%shouldContinue%"=="Y" ( + GOTO SCRIPT_START +::) +echo. +echo Wrong input. Please try again. +GOTO USER_CONSENT +echo. +:SCRIPT_START +REG add "HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection" /v latency /t REG_SZ /f /d "Demo" >NUL 2>&1 + +@echo off + +echo. +echo Starting Microsoft Defender for Endpoint onboarding process... +echo. + +set errorCode=0 +set lastError=0 +set "troubleshootInfo=For more information, visit: https://go.microsoft.com/fwlink/p/?linkid=822807" +set "errorDescription=" + +echo Testing administrator privileges + +net session >NUL 2>&1 +if %ERRORLEVEL% NEQ 0 ( + @echo Script is running with insufficient privileges. Please run with administrator privileges> %TMP%\senseTmp.txt + set errorCode=65 + set lastError=%ERRORLEVEL% + GOTO ERROR +) + +echo Script is running with sufficient privileges +echo. +echo Performing onboarding operations +echo. + +IF [%PROCESSOR_ARCHITEW6432%] EQU [] ( + set powershellPath=%windir%\System32\WindowsPowerShell\v1.0\powershell.exe +) ELSE ( + set powershellPath=%windir%\SysNative\WindowsPowerShell\v1.0\powershell.exe +) + +set sdbin=0100048044000000540000000000000014000000020030000200000000001400FF0F120001010000000000051200000000001400E104120001010000000000050B0000000102000000000005200000002002000001020000000000052000000020020000 >NUL 2>&1 +reg add HKLM\SYSTEM\CurrentControlSet\Control\WMI\Security /v 14f8138e-3b61-580b-544b-2609378ae460 /t REG_BINARY /d %sdbin% /f >NUL 2>&1 +reg add HKLM\SYSTEM\CurrentControlSet\Control\WMI\Security /v cb2ff72d-d4e4-585d-33f9-f3a395c40be7 /t REG_BINARY /d %sdbin% /f >NUL 2>&1 + +REG add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v DisableEnterpriseAuthProxy /t REG_DWORD /f /d 1 >NUL 2>&1 + +%powershellPath% -ExecutionPolicy Bypass -NoProfile -Command "Add-Type ' using System; using System.IO; using System.Runtime.InteropServices; using Microsoft.Win32.SafeHandles; using System.ComponentModel; public static class Elam{ [DllImport(\"Kernel32\", CharSet=CharSet.Auto, SetLastError=true)] public static extern bool InstallELAMCertificateInfo(SafeFileHandle handle); public static void InstallWdBoot(string path) { Console.Out.WriteLine(\"About to call create file on {0}\", path); var stream = File.Open(path, FileMode.Open, FileAccess.Read, FileShare.Read); var handle = stream.SafeFileHandle; Console.Out.WriteLine(\"About to call InstallELAMCertificateInfo on handle {0}\", handle.DangerousGetHandle()); if (!InstallELAMCertificateInfo(handle)) { Console.Out.WriteLine(\"Call failed.\"); throw new Win32Exception(Marshal.GetLastWin32Error()); } Console.Out.WriteLine(\"Call successful.\"); } } '; $driverPath = $env:SystemRoot + '\System32\Drivers\WdBoot.sys'; [Elam]::InstallWdBoot($driverPath) " >NUL 2>&1 + +REG query "HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection" /v 696C1FA1-4030-4FA4-8713-FAF9B2EA7C0A /reg:64 > %TMP%\senseTmp.txt 2>&1 +if %ERRORLEVEL% EQU 0 ( + REG delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection" /v 696C1FA1-4030-4FA4-8713-FAF9B2EA7C0A /f > %TMP%\senseTmp.txt 2>&1 + if %ERRORLEVEL% NEQ 0 ( + set "errorDescription=Unable to delete previous offboarding information from registry." + set errorCode=5 + set lastError=%ERRORLEVEL% + GOTO ERROR + ) +) + +REG add "HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection" /v OnboardingInfo /t REG_SZ /f /d "{\"body\":\"{\\\"previousOrgIds\\\":[],\\\"orgId\\\":\\\"e2410533-3ed7-4855-86a0-91e4a7808621\\\",\\\"geoLocationUrl\\\":\\\"https://winatp-gw-weu.microsoft.com/\\\",\\\"datacenter\\\":\\\"WestEurope\\\",\\\"vortexGeoLocation\\\":\\\"EU\\\",\\\"version\\\":\\\"1.47\\\"}\",\"sig\":\"dgvoVHc7kpfFDdTYl5ngU7oJwaLcuRs93ErynM5svTaSfwSHvLPP+SFtyXE1VLO4XBh3Re7iMwwd09r0KyuM0xsLEvMAvSjepCYquxY481j1SfN3PHzYGkVFc68NXeISekeUmiAocKgQDp8dLWUW8L6JEunFEJOlIDsPuwhgYeDWUxzv71a21wfTocaEYhdJ0lrQoK2uxpuPUh2eVN9yY/oFaqce3PhPKiG/ZP6IlygRne9Bkyv0j95n7n8ny03g1iAr+PHjSbdcM90sn4Q/6ZLssEd9PXm6D9DkpuXs22qi1ghRAf2voXXz72UD6ezglmBaTfqeAeD94GHhgc/2Ow==\",\"sha256sig\":\"FYJhkIZxRBc+DFVvm+sf/4TCxKWIrZE6ovtNUhNnqOkuspd9r8fVnW7gtNx86mocusfKBrmKXNd3a4eh9x23y8+nK2thr+uGJ8Grge0fGdv6gnqF7gYXLNfCxAsnFIWL96FIf4LW8f9CxlCYoVm0P0Wo6fiY3aOi2QshJPPbmFGsWu0wgu/0Mlg9620vFcQBBUrpsJDOE+NuZD0rppjqGqe3F2XMKqfuKrvYcNEaIMcriLHG6RQ+EbBM31XQcIw8ImEdsMKCtn3PTgIWt8vAbtEK7fiCBG66F+Qtm89XzakJODNU+Ch/Cr97dRKquoU3dbbWEUb7zmjthQ4pRM4Xpg==\",\"cert\":\"MIIFgzCCA2ugAwIBAgITMwAAAgKh9Eww96dTKQAAAAACAjANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBDQSAyMDExMB4XDTIzMDIyMzE5NDMxMVoXDTI0MDIyMzE5NDMxMVowHjEcMBoGA1UEAxMTU2V2aWxsZS5XaW5kb3dzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjedJ4XjZjlasoG2AecXnOQ4T04l1VeqhjrfJ6PvQf1oiI8HuZ1l0l6Szgvl0yi2dehEL0llDAaqAjk/T5wFF6fYA4JfXriOTx83zsq9IKnjVZ34Jzbfkvy9lHTu+giCDkzs/Eo560rpJXl5VlGsQpzzYCkWZ6ZJQ1eDfrPqu3SISi+Na0cxE3nGpqG5mtMckdrsrzwrDuKm4qAQaGsGlfEoR1IVtCNydnuL+FmPK9+j/nzJ4eHqIzr8Euz3laW+UGvf2r7Z5n19IFT7sJuqjTeG5RC+LODHQFl/knG9sRQaae+zqkmPvMT7m4tx2/HJsyJsatOp38GJ3f+Qqy8/3UCAwEAAaOCAVgwggFUMA4GA1UdDwEB/wQEAwIFIDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAeBgNVHREEFzAVghNTZXZpbGxlLldpbmRvd3MuY29tMB0GA1UdDgQWBBSz+8TlAUJCn2MDTDONsD1p+meKaTAfBgNVHSMEGDAWgBQ2VollSctbmy88rEIWUE2RuTPXkTBTBgNVHR8ETDBKMEigRqBEhkJodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNTZWNTZXJDQTIwMTFfMjAxMS0xMC0xOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY1NlY1NlckNBMjAxMV8yMDExLTEwLTE4LmNydDANBgkqhkiG9w0BAQsFAAOCAgEAoKKuLorfzJWL6HsBsAMwocM295/IkS5FVTASKTdZsqF9Q0Dvngx5YRMY1ljznNhyUYLXzLFKom2oVHlUmhbgY0zVkK798Mv6MEscMxxiQ9o/s8DxxdCBmnwswg3ERR8Q6RCqclsp8LEGUmQXJiLA5EFZSNMa2qlHQS3LoaEz5saVTvt6UihfwclY/F5MJOtlj+IJyv3lIX5Gdzi5wlCp7gMhOZmwDh2RCvulWT3wMmyz2lNT/vkEb8IJ7oKr+/oj7wPTmCZ0k20wyDIa9QbVBMX0CiotY5RHkHZnzkpi4lWc6f2MXsqMRjP6iyyylWQ1Itn+rKjHeBuLAIfqQWuvfT1kyH5IM6QXQw8DS6Wto0hjIx9epUOPscxOr/Qli8zOYJ3i/h3j9/x41hArCnla/ISf5hDVPm0/LTDfFZWxuvMjjnkk+HmsEpq5oaV/Pmuh8ml47kXWddJrAJGDPtEZNqpjO+ObH0P7kb/t5feK1mTmSsKwMJVTnlIUuubbRM2ZeQ0kkZKSUhVjMvO6YfoR6f2EkrCXWlr9VPYtro+pAy4cVMARDW1aOPPLyxk/7cLL+YUTYbEOw+D+bQXEr00AsjmzucvRN2paejjBSH8A+8k+alPobReH88Ktlo4GkqbK9S3vSqH4zJC3GcIJ+mQBxcUlmKWbC5lRo9btWPcTEOU=\",\"chain\":[\"MIIG2DCCBMCgAwIBAgIKYT+3GAAAAAAABDANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTExMDE4MjI1NTE5WhcNMjYxMDE4MjMwNTE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0AvApKgZgeI25eKq5fOyFVh1vrTlSfHghPm7DWTvhcGBVbjz5/FtQFU9zotq0YST9XV8W6TUdBDKMvMj067uz54EWMLZR8vRfABBSHEbAWcXGK/G/nMDfuTvQ5zvAXEqH4EmQ3eYVFdznVUr8J6OfQYOrBtU8yb3+CMIIoueBh03OP1y0srlY8GaWn2ybbNSqW7prrX8izb5nvr2HFgbl1alEeW3Utu76fBUv7T/LGy4XSbOoArX35Ptf92s8SxzGtkZN1W63SJ4jqHUmwn4ByIxcbCUruCw5yZEV5CBlxXOYexl4kvxhVIWMvi1eKp+zU3sgyGkqJu+mmoE4KMczVYYbP1rL0I+4jfycqvQeHNye97sAFjlITCjCDqZ75/D93oWlmW1w4Gv9DlwSa/2qfZqADj5tAgZ4Bo1pVZ2Il9q8mmuPq1YRk24VPaJQUQecrG8EidT0sH/ss1QmB619Lu2woI52awb8jsnhGqwxiYL1zoQ57PbfNNWrFNMC/o7MTd02Fkr+QB5GQZ7/RwdQtRBDS8FDtVrSSP/z834eoLP2jwt3+jYEgQYuh6Id7iYHxAHu8gFfgsJv2vd405bsPnHhKY7ykyfW2Ip98eiqJWIcCzlwT88UiNPQJrDMYWDL78p8R1QjyGWB87v8oDCRH2bYu8vw3eJq0VNUz4CedMCAwEAAaOCAUswggFHMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBQ2VollSctbmy88rEIWUE2RuTPXkTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQBByGHB9VuePpEx8bDGvwkBtJ22kHTXCdumLg2fyOd2NEavB2CJTIGzPNX0EjV1wnOl9U2EjMukXa+/kvYXCFdClXJlBXZ5re7RurguVKNRB6xo6yEM4yWBws0q8sP/z8K9SRiax/CExfkUvGuV5Zbvs0LSU9VKoBLErhJ2UwlWDp3306ZJiFDyiiyXIKK+TnjvBWW3S6EWiN4xxwhCJHyke56dvGAAXmKX45P8p/5beyXf5FN/S77mPvDbAXlCHG6FbH22RDD7pTeSk7Kl7iCtP1PVyfQoa1fB+B1qt1YqtieBHKYtn+f00DGDl6gqtqy+G0H15IlfVvvaWtNefVWUEH5TV/RKPUAqyL1nn4ThEO792msVgkn8Rh3/RQZ0nEIU7cU507PNC4MnkENRkvJEgq5umhUXshn6x0VsmAF7vzepsIikkrw4OOAd5HyXmBouX+84Zbc1L71/TyH6xIzSbwb5STXq3yAPJarqYKssH0uJ/Lf6XFSQSz6iKE9s5FJlwf2QHIWCiG7pplXdISh5RbAU5QrM5l/Eu9thNGmfrCY498EpQQgVLkyg9/kMPt5fqwgJLYOsrDSDYvTJSUKJJbVuskfFszmgsSAbLLGOBG+lMEkc0EbpQFv0rW6624JKhxJKgAlN2992uQVbG+C7IHBfACXH0w76Fq17Ip5xCA==\",\"MIIF7TCCA9WgAwIBAgIQP4vItfyfspZDtWnWbELhRDANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwMzIyMjIwNTI4WhcNMzYwMzIyMjIxMzA0WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCygEGqNThNE3IyaCJNuLLx/9VSvGzH9dJKjDbu0cJcfoyKrq8TKG/Ac+M6ztAlqFo6be+ouFmrEyNozQwph9FvgFyPRH9dkAFSWKxRxV8qh9zc2AodwQO5e7BW6KPeZGHCnvjzfLnsDbVU/ky2ZU+I8JxImQxCCwl8MVkXeQZ4KI2JOkwDJb5xalwL54RgpJki49KvhKSn+9GY7Qyp3pSJ4Q6g3MDOmT3qCFK7VnnkH4S6Hri0xElcTzFLh93dBWcmmYDgcRGjuKVB4qRTufcyKYMME782XgSzS0NHL2vikR7TmE/dQgfI6B0S/Jmpaz6SfsjWaTr8ZL22CZ3K/QwLopt3YEsDlKQwaRLWQi3BQUzK3Kr9j1uDRprZ/LHR47PJf0h6zSTwQY9cdNCssBAgBkm3xy0hyFfj0IbzA2j70M5xwYmZSmQBbP3sMJHPQTySx+W6hh1hhMdfgzlirrSSL0fzC/hV66AfWdC7dJse0Hbm8ukG1xDo+mTeacY1logC8Ea4PyeZb8txiSk190gWAjWP1Xl8TQLPX+uKg09FcYj5qQ1OcunCnAfPSRtOBA5jUYxe2ADBVSy2xuDCZU7JNDn1nLPEfuhhbhNfFcRf2X7tHc7uROzLLoax7Dj2cO2rXBPB2Q8Nx4CyVe0096yb5MPa50c8prWPMd/FS6/r8QIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUci06AjGQQ7kUBU7h6qfHMdEjiTQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQELBQADggIBAH9yzw+3xRXbm8BJyiZb/p4T5tPw0tuXX/JLP02zrhmu7deXoKzvqTqjwkGw5biRnhOBJAPmCf0/V0A5ISRW0RAvS0CpNoZLtFNXmvvxfomPEf4YbFGq6O0JlbXlccmh6Yd1phV/yX43VF50k8XDZ8wNT2uoFwxtCJJ+i92Bqi1wIcM9BhS7vyRep4TXPw8hIr1LAAbblxzYXtTFC1yHblCk6MM4pPvLLMWSZpuFXst6bJN8gClYW1e1QGm6CHmmZGIVnYeWRbVmIyADixxzoNOieTPgUFmG2y/lAiXqcyqfABTINseSO+lOAOzYVgm5M0kS0lQLAausR7aRKX1MtHWAUgHoyoL2n8ysnI8X6i8msKtyrAv+nlEex0NVZ09Rs1fWtuzuUrc66U7h14GIvE+OdbtLqPA1qibUZ2dJsnBMO5PcHd94kIZysjik0dySTclY6ysSXNQ7roxrsIPlAT/4CTL2kzU0Iq/dNw13CYArzUgA8YyZGUcFAenRv9FO0OYoQzeZpApKCNmacXPSqs0xE2N2oTdvkjgefRI8ZjLny23h/FKJ3crWZgWalmG+oijHHKOnNlA8OqTfSm7mhzvO6/DggTedEzxSjr25HTTGHdUKaj2YKXCMiSrRq4IQSB/c9O+lxbtVGjhjhE63bK2VVOxlIhBJF7jAHscPrFRH\"]}" > %TMP%\senseTmp.txt 2>&1 +if %ERRORLEVEL% NEQ 0 ( + set "errorDescription=Unable to write onboarding information to registry." + set errorCode=10 + set lastError=%ERRORLEVEL% + GOTO ERROR +) + +echo Starting the service, if not already running +echo. +sc query "SENSE" | find /i "RUNNING" >NUL 2>&1 +if %ERRORLEVEL% EQU 0 GOTO RUNNING + +net start sense > %TMP%\senseTmp.txt 2>&1 +if %ERRORLEVEL% NEQ 0 ( + echo Microsoft Defender for Endpoint Service has not started yet + GOTO WAIT_FOR_THE_SERVICE_TO_START +) +goto SUCCEEDED + +:RUNNING +set "runningOutput=The Microsoft Defender for Endpoint Service is already running!" +echo %runningOutput% +echo. +eventcreate /l Application /so WDATPOnboarding /t Information /id 10 /d "%runningOutput%" >NUL 2>&1 +GOTO WAIT_FOR_THE_SERVICE_TO_START + +:ERROR +Set /P errorMsg=<%TMP%\senseTmp.txt +set "errorOutput=[Error Id: %errorCode%, Error Level: %lastError%] %errorDescription% Error message: %errorMsg%" +%powershellPath% -ExecutionPolicy Bypass -NoProfile -Command "Add-Type 'using System; using System.Diagnostics; using System.Diagnostics.Tracing; namespace Sense { [EventData(Name = \"Onboarding\")]public struct Onboarding{public string Message { get; set; }} public class Trace {public static EventSourceOptions TelemetryCriticalOption = new EventSourceOptions(){Level = EventLevel.Error, Keywords = (EventKeywords)0x0000200000000000, Tags = (EventTags)0x0200000}; public void WriteOnboardingMessage(string message){es.Write(\"OnboardingScript\", TelemetryCriticalOption, new Onboarding {Message = message});} private static readonly string[] telemetryTraits = { \"ETW_GROUP\", \"{5ECB0BAC-B930-47F5-A8A4-E8253529EDB7}\" }; private EventSource es = new EventSource(\"Microsoft.Windows.Sense.Client.Management\",EventSourceSettings.EtwSelfDescribingEventFormat,telemetryTraits);}}'; $logger = New-Object -TypeName Sense.Trace; $logger.WriteOnboardingMessage('%errorOutput%')" >NUL 2>&1 +echo %errorOutput% +echo %troubleshootInfo% +echo. +eventcreate /l Application /so WDATPOnboarding /t Error /id %errorCode% /d "%errorOutput%" >NUL 2>&1 +GOTO CLEANUP + +:SUCCEEDED +echo Finished performing onboarding operations +echo. +GOTO WAIT_FOR_THE_SERVICE_TO_START + +:WAIT_FOR_THE_SERVICE_TO_START +echo Waiting for the service to start +echo. + +set /a counter=0 + +:SENSE_RUNNING_WAIT +sc query "SENSE" | find /i "RUNNING" >NUL 2>&1 +if %ERRORLEVEL% NEQ 0 ( + IF %counter% EQU 4 ( + set "errorDescription=Unable to start Microsoft Defender for Endpoint Service." + set errorCode=15 + set lastError=%ERRORLEVEL% + GOTO ERROR + ) + + set /a counter=%counter%+1 + + timeout 5 >NUL 2>&1 + GOTO :SENSE_RUNNING_WAIT +) + +set /a counter=0 + +:SENSE_ONBOARDED_STATUS_WAIT +REG query "HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status" /v OnboardingState /reg:64 >NUL 2>&1 +if %ERRORLEVEL% NEQ 0 ( + IF %counter% EQU 4 ( + @echo Microsoft Defender for Endpoint Service is not running as expected> %TMP%\senseTmp.txt + set errorCode=35 + set lastError=%ERRORLEVEL% + GOTO ERROR + ) + + set /a counter=%counter%+1 + + timeout 5 >NUL 2>&1 + GOTO :SENSE_ONBOARDED_STATUS_WAIT +) + +set /a counter=0 + +:SENSE_ONBOARDED_WAIT +REG query "HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status" /v OnboardingState /reg:64 | find /i "0x1" >NUL 2>&1 +if %ERRORLEVEL% NEQ 0 ( + IF %counter% EQU 4 ( + @echo Microsoft Defender for Endpoint Service is not running as expected> %TMP%\senseTmp.txt + set errorCode=40 + set lastError=%ERRORLEVEL% + GOTO ERROR + ) + + set /a counter=%counter%+1 + + timeout 5 >NUL 2>&1 + GOTO :SENSE_ONBOARDED_WAIT +) + +set "successOutput=Successfully onboarded machine to Microsoft Defender for Endpoint" +echo %successOutput% +echo. +eventcreate /l Application /so WDATPOnboarding /t Information /id 20 /d "%successOutput%" >NUL 2>&1 +%powershellPath% -ExecutionPolicy Bypass -NoProfile -Command "Add-Type 'using System; using System.Diagnostics; using System.Diagnostics.Tracing; namespace Sense { [EventData(Name = \"Onboarding\")]public struct Onboarding{public string Message { get; set; }} public class Trace {public static EventSourceOptions TelemetryCriticalOption = new EventSourceOptions(){Level = EventLevel.Informational, Keywords = (EventKeywords)0x0000200000000000, Tags = (EventTags)0x0200000}; public void WriteOnboardingMessage(string message){es.Write(\"OnboardingScript\", TelemetryCriticalOption, new Onboarding {Message = message});} private static readonly string[] telemetryTraits = { \"ETW_GROUP\", \"{5ECB0BAC-B930-47F5-A8A4-E8253529EDB7}\" }; private EventSource es = new EventSource(\"Microsoft.Windows.Sense.Client.Management\",EventSourceSettings.EtwSelfDescribingEventFormat,telemetryTraits);}}'; $logger = New-Object -TypeName Sense.Trace; $logger.WriteOnboardingMessage('%successOutput%')" >NUL 2>&1 +"%PROGRAMFILES%\Windows Defender\MpCmdRun.exe" -ReloadEngine >NUL 2>&1 + +GOTO CLEANUP + +:CLEANUP +if exist %TMP%\senseTmp.txt del %TMP%\senseTmp.txt +pause +EXIT /B %errorCode% + diff --git a/roles/windows_onboard-mde/handlers/main.yml b/roles/windows_onboard-mde/handlers/main.yml new file mode 100644 index 0000000..e90a83e --- /dev/null +++ b/roles/windows_onboard-mde/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_onboard-mde diff --git a/roles/windows_onboard-mde/meta/main.yml b/roles/windows_onboard-mde/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_onboard-mde/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_onboard-mde/tasks/main.yml b/roles/windows_onboard-mde/tasks/main.yml new file mode 100644 index 0000000..587e6aa --- /dev/null +++ b/roles/windows_onboard-mde/tasks/main.yml @@ -0,0 +1,11 @@ +--- +# tasks file for windows_onboard-mde + +- name: Copy script to target + ansible.windows.win_copy: + src: WindowsDefenderATPLocalOnboardingScript.cmd + dest: C:\Users\Public\Downloads\onboarding.cmd + +- name: run script + ansible.windows.win_command: + cmd: C:\Users\Public\Downloads\onboarding.cmd \ No newline at end of file diff --git a/roles/windows_onboard-mde/tests/inventory b/roles/windows_onboard-mde/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_onboard-mde/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_onboard-mde/tests/test.yml b/roles/windows_onboard-mde/tests/test.yml new file mode 100644 index 0000000..2d86af9 --- /dev/null +++ b/roles/windows_onboard-mde/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_onboard-mde diff --git a/roles/windows_onboard-mde/vars/main.yml b/roles/windows_onboard-mde/vars/main.yml new file mode 100644 index 0000000..9deffa1 --- /dev/null +++ b/roles/windows_onboard-mde/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_onboard-mde diff --git a/roles/windows_printer-export/.travis.yml b/roles/windows_printer-export/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_printer-export/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_printer-export/README.md b/roles/windows_printer-export/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_printer-export/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_printer-export/defaults/main.yml b/roles/windows_printer-export/defaults/main.yml new file mode 100644 index 0000000..bed1e35 --- /dev/null +++ b/roles/windows_printer-export/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_printer-export diff --git a/roles/windows_printer-export/handlers/main.yml b/roles/windows_printer-export/handlers/main.yml new file mode 100644 index 0000000..392a855 --- /dev/null +++ b/roles/windows_printer-export/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_printer-export diff --git a/roles/windows_printer-export/meta/main.yml b/roles/windows_printer-export/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_printer-export/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_printer-export/tasks/main.yml b/roles/windows_printer-export/tasks/main.yml new file mode 100644 index 0000000..855c6a5 --- /dev/null +++ b/roles/windows_printer-export/tasks/main.yml @@ -0,0 +1,48 @@ +--- +# tasks file for windows_printer-export +- name: Create directory structure + ansible.windows.win_file: + path: \\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\PRINTER\ + state: directory + +- name: clean all services + win_nssm: + name: printer-export-{{item}} + state: absent + loop: "{{printers}}" + +- name: create services for printer exports + community.windows.win_nssm: + name: printer-export-{{item}} + application: "C:\\Windows\\System32\\spool\\tools\\PrintBrm.exe" + app_parameters: _=-b; -s=\\{{item}}; -f=\\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\PRINTER\{{item}}.printerexport + stdout_file: F:\{{item}}.txt + stderr_file: F:\{{item}}-err.txt + start_mode: manual + state: started + user: '{{username}}' + password: '{{password}}' + no_log: True + loop: "{{printers}}" + + + + +- name: Start all services + ansible.windows.win_service: + name: printer-export-{{item}} + state: started + loop: "{{printers}}" + + +# - name: check if file exists +# ansible.windows.win_file: +# path: \\awe-mps-006.adagility.net\cor$\{{ansible_date_time.year + ansible_date_time.month + ansible_date_time.day}}\Infra\Configs\PRINTER\{{item}}.printerexport +# loop: "{{printers}}" + + + # printbrm.exe -b -s \\gns-don-01 -f "\\awe-mps-006.adagility.net\cor$\$(get-date -f yyyyMMdd)\Infra\Configs\PRINTER\gns-don-01.printerexport" + + # C:\Windows\System32\spool\tools\PrintBrm.exe -b -s \\gns-don-01 -f "\\awe-mps-006.adagility.net\cor$\$(get-date -f yyyyMMdd)\Infra\Configs\PRINTER\gns-don-01.printerexport" + + diff --git a/roles/windows_printer-export/tests/inventory b/roles/windows_printer-export/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_printer-export/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_printer-export/tests/test.yml b/roles/windows_printer-export/tests/test.yml new file mode 100644 index 0000000..79938f6 --- /dev/null +++ b/roles/windows_printer-export/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_printer-export diff --git a/roles/windows_printer-export/vars/main.yml b/roles/windows_printer-export/vars/main.yml new file mode 100644 index 0000000..7a348f7 --- /dev/null +++ b/roles/windows_printer-export/vars/main.yml @@ -0,0 +1,5 @@ +--- +# vars file for windows_printer-export + +servers: + - gns-don-01 \ No newline at end of file diff --git a/roles/windows_push-ISB-to-SA/.travis.yml b/roles/windows_push-ISB-to-SA/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_push-ISB-to-SA/README.md b/roles/windows_push-ISB-to-SA/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_push-ISB-to-SA/defaults/main.yml b/roles/windows_push-ISB-to-SA/defaults/main.yml new file mode 100644 index 0000000..8e640d0 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_push-to-SA diff --git a/roles/windows_push-ISB-to-SA/handlers/main.yml b/roles/windows_push-ISB-to-SA/handlers/main.yml new file mode 100644 index 0000000..43cbd28 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_push-to-SA diff --git a/roles/windows_push-ISB-to-SA/meta/main.yml b/roles/windows_push-ISB-to-SA/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_push-ISB-to-SA/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_push-ISB-to-SA/tasks/main.yml b/roles/windows_push-ISB-to-SA/tasks/main.yml new file mode 100644 index 0000000..92580f0 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: Copy ISB to WORM + ansible.windows.win_powershell: + script: | + C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe sync --recursive "G:\ISB" "https://saapewormisbprd.blob.core.windows.net/coapewormlisbprd0/ISB/?sp=racwli&st=2023-02-13T11:59:41Z&se=2024-02-13T19:59:41Z&spr=https&sv=2021-06-08&sr=c&sig=PxCqJQm2NmYBdbkObqvFabC41%2FUB5innP5e8GZJIrPg%3D" \ No newline at end of file diff --git a/roles/windows_push-ISB-to-SA/tests/inventory b/roles/windows_push-ISB-to-SA/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_push-ISB-to-SA/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_push-ISB-to-SA/tests/test.yml b/roles/windows_push-ISB-to-SA/tests/test.yml new file mode 100644 index 0000000..f357888 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_push-to-SA diff --git a/roles/windows_push-ISB-to-SA/vars/main.yml b/roles/windows_push-ISB-to-SA/vars/main.yml new file mode 100644 index 0000000..7064dd9 --- /dev/null +++ b/roles/windows_push-ISB-to-SA/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_push-to-SA diff --git a/roles/windows_push-to-SA/.travis.yml b/roles/windows_push-to-SA/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_push-to-SA/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_push-to-SA/README.md b/roles/windows_push-to-SA/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_push-to-SA/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_push-to-SA/defaults/main.yml b/roles/windows_push-to-SA/defaults/main.yml new file mode 100644 index 0000000..8e640d0 --- /dev/null +++ b/roles/windows_push-to-SA/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_push-to-SA diff --git a/roles/windows_push-to-SA/handlers/main.yml b/roles/windows_push-to-SA/handlers/main.yml new file mode 100644 index 0000000..43cbd28 --- /dev/null +++ b/roles/windows_push-to-SA/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_push-to-SA diff --git a/roles/windows_push-to-SA/meta/main.yml b/roles/windows_push-to-SA/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_push-to-SA/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_push-to-SA/tasks/main.yml b/roles/windows_push-to-SA/tasks/main.yml new file mode 100644 index 0000000..31a482c --- /dev/null +++ b/roles/windows_push-to-SA/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: Copy local folder to WORM + ansible.windows.win_powershell: + script: | + C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "F:\Data\COR\$((get-date).AddDays(-1).ToString("yyyyMMdd"))" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/?sp=racwdli&st=2024-02-29T08:11:58Z&se=2025-03-03T16:11:58Z&spr=https&sv=2022-11-02&sr=c&sig=R%2BHf1BWyUDfa6w3c3U%2BQ5yO0BPrxObIbueRao14loH0%3D" + +# +- name: Copy local google drive folder to WORM + ansible.windows.win_powershell: + script: | + C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "E:\Shared drives\Global IT Infrastructure Library\Design Documentation\Network" "https://saapewormsprd2prd.blob.core.windows.net/coapewormsprd2prd-0/Data/COR/$((get-date).AddDays(-1).ToString("yyyyMMdd"))/GDrive/?sp=racwdli&st=2024-02-29T08:11:58Z&se=2025-03-03T16:11:58Z&spr=https&sv=2022-11-02&sr=c&sig=R%2BHf1BWyUDfa6w3c3U%2BQ5yO0BPrxObIbueRao14loH0%3D" --include-pattern '*.vsd;*.vsdx;*.pdf;*.png;*.jpg' + \ No newline at end of file diff --git a/roles/windows_push-to-SA/tests/inventory b/roles/windows_push-to-SA/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_push-to-SA/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_push-to-SA/tests/test.yml b/roles/windows_push-to-SA/tests/test.yml new file mode 100644 index 0000000..f357888 --- /dev/null +++ b/roles/windows_push-to-SA/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_push-to-SA diff --git a/roles/windows_push-to-SA/vars/main.yml b/roles/windows_push-to-SA/vars/main.yml new file mode 100644 index 0000000..7064dd9 --- /dev/null +++ b/roles/windows_push-to-SA/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_push-to-SA diff --git a/roles/windows_reboot/.travis.yml b/roles/windows_reboot/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_reboot/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_reboot/README.md b/roles/windows_reboot/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_reboot/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_reboot/defaults/main.yml b/roles/windows_reboot/defaults/main.yml new file mode 100644 index 0000000..167cfe3 --- /dev/null +++ b/roles/windows_reboot/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_reboot diff --git a/roles/windows_reboot/handlers/main.yml b/roles/windows_reboot/handlers/main.yml new file mode 100644 index 0000000..603d1e4 --- /dev/null +++ b/roles/windows_reboot/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_reboot diff --git a/roles/windows_reboot/meta/main.yml b/roles/windows_reboot/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_reboot/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_reboot/tasks/main.yml b/roles/windows_reboot/tasks/main.yml new file mode 100644 index 0000000..4863527 --- /dev/null +++ b/roles/windows_reboot/tasks/main.yml @@ -0,0 +1,4 @@ +--- +# tasks file for windows_reboot +- name: Reboot the machine with all defaults + ansible.windows.win_reboot: \ No newline at end of file diff --git a/roles/windows_reboot/tests/inventory b/roles/windows_reboot/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_reboot/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_reboot/tests/test.yml b/roles/windows_reboot/tests/test.yml new file mode 100644 index 0000000..f476f33 --- /dev/null +++ b/roles/windows_reboot/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_reboot diff --git a/roles/windows_reboot/vars/main.yml b/roles/windows_reboot/vars/main.yml new file mode 100644 index 0000000..a9d7521 --- /dev/null +++ b/roles/windows_reboot/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_reboot diff --git a/roles/windows_set-timezone/README.md b/roles/windows_set-timezone/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_set-timezone/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_set-timezone/defaults/main.yml b/roles/windows_set-timezone/defaults/main.yml new file mode 100644 index 0000000..8710c92 --- /dev/null +++ b/roles/windows_set-timezone/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_set-timezone diff --git a/roles/windows_set-timezone/handlers/main.yml b/roles/windows_set-timezone/handlers/main.yml new file mode 100644 index 0000000..7a1bfd7 --- /dev/null +++ b/roles/windows_set-timezone/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_set-timezone diff --git a/roles/windows_set-timezone/meta/main.yml b/roles/windows_set-timezone/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_set-timezone/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_set-timezone/tasks/main.yml b/roles/windows_set-timezone/tasks/main.yml new file mode 100644 index 0000000..5bff51c --- /dev/null +++ b/roles/windows_set-timezone/tasks/main.yml @@ -0,0 +1,5 @@ +--- +# tasks file for windows_set-timezone +- name: Set timezone to 'Romance Standard Time' (GMT+01:00) + community.windows.win_timezone: + timezone: Romance Standard Time \ No newline at end of file diff --git a/roles/windows_set-timezone/tests/inventory b/roles/windows_set-timezone/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_set-timezone/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_set-timezone/tests/test.yml b/roles/windows_set-timezone/tests/test.yml new file mode 100644 index 0000000..3805039 --- /dev/null +++ b/roles/windows_set-timezone/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_set-timezone diff --git a/roles/windows_set-timezone/vars/main.yml b/roles/windows_set-timezone/vars/main.yml new file mode 100644 index 0000000..92ec6d5 --- /dev/null +++ b/roles/windows_set-timezone/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_set-timezone diff --git a/roles/windows_smb_share/.travis.yml b/roles/windows_smb_share/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_smb_share/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_smb_share/README.md b/roles/windows_smb_share/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_smb_share/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_smb_share/defaults/main.yml b/roles/windows_smb_share/defaults/main.yml new file mode 100644 index 0000000..5f4f8ce --- /dev/null +++ b/roles/windows_smb_share/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_smb_share diff --git a/roles/windows_smb_share/handlers/main.yml b/roles/windows_smb_share/handlers/main.yml new file mode 100644 index 0000000..b865f72 --- /dev/null +++ b/roles/windows_smb_share/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_smb_share diff --git a/roles/windows_smb_share/meta/main.yml b/roles/windows_smb_share/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_smb_share/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_smb_share/tasks/main.yml b/roles/windows_smb_share/tasks/main.yml new file mode 100644 index 0000000..74a24be --- /dev/null +++ b/roles/windows_smb_share/tasks/main.yml @@ -0,0 +1,16 @@ +--- +# tasks file for windows_smb_share +- name: map WD_RED on Z + community.windows.win_mapped_drive: + letter: Z + path: \\192.168.104.102\WD_RED + state: present + +# - name: map MX500 on Y +# community.windows.win_mapped_drive: +# letter: E +# path: \\192.168.104.102\MX500/bram/VEEAM +# state: absent +# username: bram +# password: "{{ smb_pass }}" + diff --git a/roles/windows_smb_share/tests/inventory b/roles/windows_smb_share/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_smb_share/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_smb_share/tests/test.yml b/roles/windows_smb_share/tests/test.yml new file mode 100644 index 0000000..5e88f6c --- /dev/null +++ b/roles/windows_smb_share/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_smb_share diff --git a/roles/windows_smb_share/vars/main.yml b/roles/windows_smb_share/vars/main.yml new file mode 100644 index 0000000..8804c07 --- /dev/null +++ b/roles/windows_smb_share/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_smb_share \ No newline at end of file diff --git a/roles/windows_sync-sa/.travis.yml b/roles/windows_sync-sa/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_sync-sa/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_sync-sa/README.md b/roles/windows_sync-sa/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_sync-sa/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_sync-sa/defaults/main.yml b/roles/windows_sync-sa/defaults/main.yml new file mode 100644 index 0000000..8e640d0 --- /dev/null +++ b/roles/windows_sync-sa/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_push-to-SA diff --git a/roles/windows_sync-sa/handlers/main.yml b/roles/windows_sync-sa/handlers/main.yml new file mode 100644 index 0000000..43cbd28 --- /dev/null +++ b/roles/windows_sync-sa/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_push-to-SA diff --git a/roles/windows_sync-sa/meta/main.yml b/roles/windows_sync-sa/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_sync-sa/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_sync-sa/tasks/main.yml b/roles/windows_sync-sa/tasks/main.yml new file mode 100644 index 0000000..dd914a8 --- /dev/null +++ b/roles/windows_sync-sa/tasks/main.yml @@ -0,0 +1,22 @@ +--- +# - name: Copy VHD from WORM sa to corporate sa +# ansible.windows.win_powershell: +# script: | +# C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" "https://saawewormrestores.blob.core.windows.net/test/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:12:47Z&st=2022-11-30T13:12:47Z&spr=https&sig=9216998FWWenz928iDfL8Lsqw%2BTYJY1ll1IlBoKspoI%3D" --include-pattern 'OG_{{vmhostname}}*{{dag}}-{{maand}}-{{jaar}}.vhd' +# register: output +# - name: Debug output +# debug: var=output.stdout +#13-11-2022 is de template voor datum + + +- name: Copy VHD from WORM sa to corporate sa + win_command: powershell.exe - + args: + stdin: C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" "https://saawewormrestores.blob.core.windows.net/test/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:12:47Z&st=2022-11-30T13:12:47Z&spr=https&sig=9216998FWWenz928iDfL8Lsqw%2BTYJY1ll1IlBoKspoI%3D" --include-pattern 'OG_{{vmhostname}}*{{dag}}-{{maand}}-{{jaar}}.vhd' + register: output + # async: 1200 + # poll: 120 +- name: Debug output + debug: var=output.stdout + +#C:\Windows\System32\azcopy_windows_amd64_10.16.2\azcopy.exe copy --recursive "https://saapewormsaweprd.blob.core.windows.net/coapewormsaweprd0/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:01:05Z&st=2022-11-30T13:01:05Z&spr=https&sig=7HCiPgsEF7LPik0QxPfoDysKNsInZyyk%2BQiKGkgNxfM%3D" "https://saawewormrestores.blob.core.windows.net/test/?sv=2021-06-08&ss=bfqt&srt=co&sp=rwdlacupiytfx&se=2023-01-31T21:12:47Z&st=2022-11-30T13:12:47Z&spr=https&sig=9216998FWWenz928iDfL8Lsqw%2BTYJY1ll1IlBoKspoI%3D" --include-pattern 'OG_awe-vca-007*31-01-2023.vhd' --check-md5 NoCheck \ No newline at end of file diff --git a/roles/windows_sync-sa/tests/inventory b/roles/windows_sync-sa/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_sync-sa/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_sync-sa/tests/test.yml b/roles/windows_sync-sa/tests/test.yml new file mode 100644 index 0000000..f357888 --- /dev/null +++ b/roles/windows_sync-sa/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_push-to-SA diff --git a/roles/windows_sync-sa/vars/main.yml b/roles/windows_sync-sa/vars/main.yml new file mode 100644 index 0000000..7064dd9 --- /dev/null +++ b/roles/windows_sync-sa/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_push-to-SA diff --git a/roles/windows_updates/.travis.yml b/roles/windows_updates/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/windows_updates/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/windows_updates/README.md b/roles/windows_updates/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/windows_updates/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/windows_updates/defaults/main.yml b/roles/windows_updates/defaults/main.yml new file mode 100644 index 0000000..c216be8 --- /dev/null +++ b/roles/windows_updates/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for windows_updates diff --git a/roles/windows_updates/handlers/main.yml b/roles/windows_updates/handlers/main.yml new file mode 100644 index 0000000..09a11c4 --- /dev/null +++ b/roles/windows_updates/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for windows_updates diff --git a/roles/windows_updates/meta/main.yml b/roles/windows_updates/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/windows_updates/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/windows_updates/tasks/main.yml b/roles/windows_updates/tasks/main.yml new file mode 100644 index 0000000..ae44cab --- /dev/null +++ b/roles/windows_updates/tasks/main.yml @@ -0,0 +1,50 @@ +--- +# tasks file for windows_updates +- name: Install all security, critical, and rollup updates + win_updates: + category_names: + - SecurityUpdates + - CriticalUpdates + - UpdateRollups +- name: Install Application updates + win_updates: + category_names: + - Application + +- name: Install connectors + win_updates: + category_names: + - Connectors + +- name: Install Definition Updates + win_updates: + category_names: + - DefinitionUpdates + +- name: Install Feature and Service Packs + win_updates: + category_names: + - FeaturePacks + - ServicePacks + +- name: Install Tools + win_updates: + category_names: + - Tools + + +- name: Install Tools + win_updates: + category_names: + - Updates + - Upgrades + +- name: Install all updates and reboot as many times as needed + ansible.windows.win_updates: + category_names: '*' + reboot: yes + + + + + \ No newline at end of file diff --git a/roles/windows_updates/tests/inventory b/roles/windows_updates/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/windows_updates/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/windows_updates/tests/test.yml b/roles/windows_updates/tests/test.yml new file mode 100644 index 0000000..b453611 --- /dev/null +++ b/roles/windows_updates/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - windows_updates diff --git a/roles/windows_updates/vars/main.yml b/roles/windows_updates/vars/main.yml new file mode 100644 index 0000000..534a269 --- /dev/null +++ b/roles/windows_updates/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for windows_updates diff --git a/sentinel.yml b/sentinel.yml new file mode 100644 index 0000000..e62461c --- /dev/null +++ b/sentinel.yml @@ -0,0 +1,20 @@ +--- +#test +- name: run automation for linux + become: true + hosts: LIN + roles: + # - role: linux_update + - role: linux_install-sentinelone +# - role: linux_install-checkmk +- name: run automation for windows + gather_facts: no + hosts: WIN + become_method: runas + become: yes + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_transport: kerberos + ansible_winrm_server_cert_validation: ignore + roles: + - role: windows_install-sentinelone diff --git a/windows.yml b/windows.yml new file mode 100644 index 0000000..a904ad5 --- /dev/null +++ b/windows.yml @@ -0,0 +1,56 @@ +--- +- name: run automation for windows + #gather_facts: no + hosts: localhost + tasks: + - name: create hostgroup for ad group creation + add_host: + hostname: awe-mps-006.adagility.net + groups: ad_group + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{ansible_user}}" + ansible_password: "{{ansible_password}}" + ansible_winrm_transport: kerberos + - name: create host group for new host + add_host: + hostname: "{{ip_address}}" + group: new_host + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_user: "{{local_admin}}" + ansible_password: "{{local_admin_pw}}" + ansible_winrm_transport: ntlm +- name: Create admin group + hosts: ad_group + tasks: + - name: Create ad security group for Devices + community.windows.win_domain_group: + name: G-MGMT-LA-DEVADM-{{ hostname|upper }} + path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + state: present + scope: global + +- name: run automation for windows + gather_facts: no + hosts: new_host + become_method: runas + #vars: + #- ansible_user: "{{local_admin}}" + #- ansible_password: + roles: + - role: windows_install-check-mk + - role: windows_install-windirstat + - role: windows_install-sentinelone + - role: checkmk_join + - role: windows_domain-join + - role: windows_finalize + + + + + diff --git a/windows_ad-group.yml b/windows_ad-group.yml new file mode 100644 index 0000000..bba46c2 --- /dev/null +++ b/windows_ad-group.yml @@ -0,0 +1,10 @@ +--- +- name: create AD group + become: true +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: windows_add-ad-group + vars: + hostname: "{{ host }}" diff --git a/windows_ad-user-to-groups.yml b/windows_ad-user-to-groups.yml new file mode 100644 index 0000000..20e1a0c --- /dev/null +++ b/windows_ad-user-to-groups.yml @@ -0,0 +1,16 @@ +--- +- name: create AD group + become: true +# become_method: runas + hosts: all + tasks: + - name: Add a domain user/group to a domain group + community.windows.win_domain_group_membership: + name: "G-MGMT-LA-DEVADM-{{item}}" + domain_username: "{{admin_name}}" + domain_password: "{{admin_pass}}" + members: + - "ADAGILITY\\{{user}}" + state: present + with_items: "{{ adgroup.split(',') }}" + diff --git a/windows_add-computer-group.yml b/windows_add-computer-group.yml new file mode 100644 index 0000000..80d4471 --- /dev/null +++ b/windows_add-computer-group.yml @@ -0,0 +1,146 @@ +--- +- name: Create admin group + gather_facts: + hosts: all + tasks: + - name: add host to azure updates group + microsoft.ad.group: + name: GG-GPO-APERAM-SERVERS-AZUREUPDATES + identity: GG-GPO-APERAM-SERVERS-AZUREUPDATES + members: + add: + - bac-don-01$ #arc + - btn-mgt-009$ #arc + - cht-fsr-001$ #arc + - erk-don-01$ #arc + - geb-fps-001$ #arc + - gnk-fsr-002$ #arc + - gnk-mgt-001$ #arc + # #noarc + - gns-app-001$ #arc + - gns-don-01$ #arc + - gue-fsr-001$ #arc + - gue-mgt-002$ #arc + - gue-psr-001$ #arc + - haa-app-001$ #arc + # - haa-app-002$ #noarc stopped + - haa-fps-001$ #arc + # #noarc + # #noarc + - imp-fsr-001$ #arc + - imp-psr-001$ #arc + - isb-fsr-001$ #arc + - isb-psr-001$ #arc + - luh-don-01$ #arc + - mas-don-01$ #arc + - pod-don-01$ #arc + - pon-imp-002$ #arc + - pon-mgt-001$ #arc + - pon-sch-agt-001$ #arc + - rdn-fps-001$ #arc + - rdn-hpv-001$ #arc + - rdn-psr-001$ #arc + - sde-fsr-001$ #arc + - ser-don-01$ #arc + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + scope: global + ignore_errors: true + + + - name: remove host to azure updates group + microsoft.ad.group: + name: GG-GPO-APERAM-SERVERS-WSUSPublish + identity: GG-GPO-APERAM-SERVERS-WSUSPublish + members: + remove: + - bac-don-01$ + - btn-mgt-009$ + - cht-fsr-001$ + - erk-don-01$ + - geb-fps-001$ + - gnk-fsr-002$ + - gnk-mgt-001$ + + - gns-app-001$ + - gns-don-01$ + - gue-fsr-001$ + - gue-mgt-002$ + - gue-psr-001$ + - haa-app-001$ + - haa-app-002$ + - haa-fps-001$ + + + - imp-fsr-001$ + - imp-psr-001$ + - isb-fsr-001$ + - isb-psr-001$ + - luh-don-01$ + - mas-don-01$ + - pod-don-01$ + - pon-imp-002$ + - pon-mgt-001$ + - pon-sch-agt-001$ + - rdn-fps-001$ + - rdn-hpv-001$ + - rdn-psr-001$ + - sde-fsr-001$ + - ser-don-01$ + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + scope: global + ignore_errors: true + + - name: remove host to azure updates group + microsoft.ad.group: + name: GG-GPO-APERAM-SERVERS-WSUSAUTO + identity: GG-GPO-APERAM-SERVERS-WSUSAUTO + members: + remove: + - bac-don-01$ + - btn-mgt-009$ + - cht-fsr-001$ + - erk-don-01$ + - geb-fps-001$ + - gnk-fsr-002$ + - gnk-mgt-001$ + + - gns-app-001$ + - gns-don-01$ + - gue-fsr-001$ + - gue-mgt-002$ + - gue-psr-001$ + - haa-app-001$ + - haa-app-002$ + - haa-fps-001$ + + + - imp-fsr-001$ + - imp-psr-001$ + - isb-fsr-001$ + - isb-psr-001$ + - luh-don-01$ + - mas-don-01$ + - pod-don-01$ + - pon-imp-002$ + - pon-mgt-001$ + - pon-sch-agt-001$ + - rdn-fps-001$ + - rdn-hpv-001$ + - rdn-psr-001$ + - sde-fsr-001$ + - ser-don-01$ + domain_username: "{{domain_admin}}" + domain_password: "{{domain_password}}" + scope: global + ignore_errors: true + + + + + +#awe-app-037.aperam.net +#awe-tst-001.aperam.net + + diff --git a/windows_add-user-to-adgroup.yml b/windows_add-user-to-adgroup.yml new file mode 100644 index 0000000..3c740eb --- /dev/null +++ b/windows_add-user-to-adgroup.yml @@ -0,0 +1,7 @@ +--- +- name: create AD group + become: true + become_method: runas + hosts: all + roles: + - role: windows_add-user-to-adgroup diff --git a/windows_az-sa-sync.yml b/windows_az-sa-sync.yml new file mode 100644 index 0000000..a5dd920 --- /dev/null +++ b/windows_az-sa-sync.yml @@ -0,0 +1,14 @@ +--- +- name: sync storage account + become: true +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: windows_sync-sa + vars: + vmhostname: "{{ host }}" + dag: "{{day}}" + maand: "{{month}}" + jaar: "{{year}}" + diff --git a/windows_az-worm-sa-to-corp.yml b/windows_az-worm-sa-to-corp.yml new file mode 100644 index 0000000..a5dd920 --- /dev/null +++ b/windows_az-worm-sa-to-corp.yml @@ -0,0 +1,14 @@ +--- +- name: sync storage account + become: true +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: windows_sync-sa + vars: + vmhostname: "{{ host }}" + dag: "{{day}}" + maand: "{{month}}" + jaar: "{{year}}" + diff --git a/windows_check-files.yml b/windows_check-files.yml new file mode 100644 index 0000000..c426284 --- /dev/null +++ b/windows_check-files.yml @@ -0,0 +1,68 @@ +--- +- name: check for movies and subs + gather_facts: no + environment: + ANSIBLE_CONFIG: config/ansible.cfg + hosts: all + become_method: runas + tasks: + # - name: find movie files above 100mb + # ansible.windows.win_find: + # paths: H:\home + # size: 524288000 + # patterns: ['*.mp4', '*.mkv','*.avi', '*.MOV'] + # recurse: true + # hidden: true + # follow: true + # register: movies + # - name: find subtitle files + # ansible.windows.win_find: + # paths: H:\home + # patterns: ['*.srt', '*.VTT'] + # recurse: true + # hidden: true + # follow: true + # register: subs + # - name: output movie file names + # ansible.builtin.debug: + # msg: "file: {{ item }}" + # loop: "{{ movies.files | map(attribute='path') }}" + # - name: output movie subs + # ansible.builtin.debug: + # msg: "file: {{ item }}" + # loop: "{{ subs.files | map(attribute='path') }}" + + + + + - name: find all directories + ansible.windows.win_find: + paths: H:\home\yclaes + patterns: ['*'] + recurse: false + file_type: directory + hidden: true + follow: true + register: directories + - name: find all recycle bin folders + ansible.windows.win_find: + paths: "{{ item }}" + patterns: ['$RECYCLE.BIN'] + recurse: false + file_type: directory + hidden: true + follow: true + loop: "{{ directories.files | map(attribute='path') }}" + register: recycle_bin + + # - name: output movie subs + # ansible.builtin.debug: + # msg: "{{recycle_bin}}" + + - name: Get boot info after copy primary to secondary + ansible.builtin.include_role: + name: windows_find-moviesandshows + vars: + path: "{{ item | map(attribute='path') }}" + loop: "{{ recycle_bin.results}}" + diff --git a/windows_check-if-dir-empty.yml b/windows_check-if-dir-empty.yml new file mode 100644 index 0000000..5395ade --- /dev/null +++ b/windows_check-if-dir-empty.yml @@ -0,0 +1,32 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + tasks: + - name: get folder stats + ansible.windows.win_stat: + path: F:\Data\PON + register: folderinfo + - name: get folder stats + ansible.windows.win_stat: + path: F:\Data\GUE + register: folderinfo1 + + - name: output size + debug: + var: folderinfo.stat.size / 1048576 + - name: output size + debug: + var: folderinfo1.stat.size / 1048576 + - name: test this + debug: + msg: "Show output if pon is not empty" + when: folderinfo.stat.size != 0 + - name: test1 this + debug: + msg: "Show output if gue is empty" + when: folderinfo1.stat.size == 0 + + + diff --git a/windows_checkmk.yml b/windows_checkmk.yml new file mode 100644 index 0000000..aa97669 --- /dev/null +++ b/windows_checkmk.yml @@ -0,0 +1,32 @@ +--- +- name: run automation for windows + gather_facts: yes + hosts: all + become_method: runas + roles: + - role: windows_install-check-mk + tasks: + - name: Add all hosts running this playbook to the done group + ansible.builtin.add_host: + name: '{{ item }}.adagility.net' + groups: checkmk_hosts + loop: "{{ ansible_play_hosts }}" + + +- name: Onboard host to checkmk GUI + become: true + become_user: root + hosts: localhost + roles: + - role: linux_add-host-to-checkmk + tasks: + - name: + debug: + var: item + with_inventory_hostnames: + - checkmk_hosts + + + + + diff --git a/windows_connect-az.yml b/windows_connect-az.yml new file mode 100644 index 0000000..cb14cb0 --- /dev/null +++ b/windows_connect-az.yml @@ -0,0 +1,9 @@ +--- +- name: do az commands windows powershell + become: true +# become_method: runas + hosts: all + roles: + # - role: linux_update + - role: windows_initialize-azconnect + diff --git a/windows_dhcp-backup.yml b/windows_dhcp-backup.yml new file mode 100644 index 0000000..bd07749 --- /dev/null +++ b/windows_dhcp-backup.yml @@ -0,0 +1,10 @@ +--- +- name: run automation for windows + #gather_facts: no + gather_facts: yes + hosts: all + become_method: runas + roles: + - role: windows_dhcp-config + + \ No newline at end of file diff --git a/windows_domain-join.yml b/windows_domain-join.yml new file mode 100644 index 0000000..17ac3ad --- /dev/null +++ b/windows_domain-join.yml @@ -0,0 +1,15 @@ +--- +- name: join windows to adagility domain + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_domain-join + vars: + windows_hostname: "{{vmhostname}}" + domain_admin: "{{admin_user}}" + domain_admin_password: "{{domain_password}}" + + + + diff --git a/windows_facts.yml b/windows_facts.yml new file mode 100644 index 0000000..ca33027 --- /dev/null +++ b/windows_facts.yml @@ -0,0 +1,21 @@ +--- + +- name: get facts + become: true + become_method: runas + hosts: all + gather_facts: false + tasks: + # - name: run the setup facts + # ansible.builtin.setup: + - name: try command + ansible.windows.win_command: powershell.exe - + args: + stdin: Get-DnsClientServerAddress | select ServerAddresses -First 1 + register: command_out + ignore_errors: true + + - name: show dns configs + debug: + var: command_out.stdout + diff --git a/windows_find-all-adminprocesses.yml b/windows_find-all-adminprocesses.yml new file mode 100644 index 0000000..ef0bcbb --- /dev/null +++ b/windows_find-all-adminprocesses.yml @@ -0,0 +1,30 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + tasks: + - name: Domain Administrator Inspection via PowerShell + ansible.windows.win_powershell: + script: | + Get-WmiObject win32_service | Where-Object { + $_.StartName -Match "Administrator" + } | Select-Object SystemName,Name,StartName,State + Get-WmiObject win32_process | Where-Object { + $_.GetOwner().User -Match "Administrator" -And` + $_.ProcessName -NotMatch "cmd.exe|powershell.exe|winrshost.exe|conhost.exe" + } | Select-Object CSName,ProcessName,@{Name="User"; Expression={ $_.GetOwner().User }} + Get-ScheduledTask | Where-Object { + $_.Principal.UserId -Match "Administrator" -And` + $_.Principal.LogonType -Eq "Password" + } | Select-Object TaskName,State,TaskPath,@{Name="User"; Expression={ $_.Principal.UserId }} + register: script_return + - name: Output + debug: + msg: "{{ script_return.output }}" + when: script_return.output + + + + + diff --git a/windows_install-heavy-forwarder.yml b/windows_install-heavy-forwarder.yml new file mode 100644 index 0000000..87d60a5 --- /dev/null +++ b/windows_install-heavy-forwarder.yml @@ -0,0 +1,17 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_install-heavy-forwarder + + # - role: windows_install_ad_role + # - role: windows_smb_share + # - role: windows_dns + # - role: windows_install_files + # - role: windows_inbound_rule + + + + diff --git a/windows_maintenance.yml b/windows_maintenance.yml new file mode 100644 index 0000000..24572f0 --- /dev/null +++ b/windows_maintenance.yml @@ -0,0 +1,8 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_reboot + diff --git a/windows_onboard-mde.yml b/windows_onboard-mde.yml new file mode 100644 index 0000000..02da965 --- /dev/null +++ b/windows_onboard-mde.yml @@ -0,0 +1,12 @@ +--- + +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_onboard-mde + + + + diff --git a/windows_onboard-without-adjoin.yml b/windows_onboard-without-adjoin.yml new file mode 100644 index 0000000..f514541 --- /dev/null +++ b/windows_onboard-without-adjoin.yml @@ -0,0 +1,16 @@ +--- +- name: run automation for windows + gather_facts: yes + hosts: "{{ hostname }}" + become_method: runas + roles: + - role: windows_install-check-mk + - role: windows_install-windirstat + - role: windows_install-sentinelone + - role: checkmk_join + - role: windows_finalize + + + + + diff --git a/windows_ping.yml b/windows_ping.yml new file mode 100644 index 0000000..3784150 --- /dev/null +++ b/windows_ping.yml @@ -0,0 +1,28 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + tasks: + - name: test connection for adagility + block: + - name: test connection + wait_for_connection: + timeout: 5 + - name: debug aperamnet + debug: + var: useraperamnet + + rescue: + - name: change credentials + # set_fact: + # ansible_user: "{{useraperamnet}}" + # ansible_password: "{{passaperamnet}}" + environment: + ansible_user: "{{useraperamnet}}" + ansible_password: "{{passaperamnet}}" + - name: test connection for aperamnet + wait_for_connection: + timeout: 20 + + diff --git a/windows_printer-export-cleanup.yml b/windows_printer-export-cleanup.yml new file mode 100644 index 0000000..3a00341 --- /dev/null +++ b/windows_printer-export-cleanup.yml @@ -0,0 +1,10 @@ +--- +- name: run automation for windows + #gather_facts: no + gather_facts: yes + hosts: all + become_method: runas + roles: + - role: windows_clean-printer-export + + \ No newline at end of file diff --git a/windows_printer-export.yml b/windows_printer-export.yml new file mode 100644 index 0000000..d8c012b --- /dev/null +++ b/windows_printer-export.yml @@ -0,0 +1,10 @@ +--- +- name: run automation for windows + #gather_facts: no + gather_facts: yes + hosts: all + become_method: runas + roles: + - role: windows_printer-export + + \ No newline at end of file diff --git a/windows_sentinelone.yml b/windows_sentinelone.yml new file mode 100644 index 0000000..10bedc2 --- /dev/null +++ b/windows_sentinelone.yml @@ -0,0 +1,11 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_install-sentinelone + + + + diff --git a/windows_set-timezone.yml b/windows_set-timezone.yml new file mode 100644 index 0000000..bfa2280 --- /dev/null +++ b/windows_set-timezone.yml @@ -0,0 +1,9 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_set-timezone + + diff --git a/windows_update-azure-arc.yml b/windows_update-azure-arc.yml new file mode 100644 index 0000000..be862b4 --- /dev/null +++ b/windows_update-azure-arc.yml @@ -0,0 +1,14 @@ +--- +- name: run automation for windows + gather_facts: no + hosts: all + become_method: runas + roles: + - role: windows_install-package + vars: + - package_name: "AzureConnectedMachineAgent.msi" + - arguments: "/qn" + + + +