bram/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5c5ab7698ea46f5e2b2e2c32cdc3a7163a89f300
ansible/azure_create-vm-without-rg.yml
root 30fdad3be5 first commit
2024-07-12 12:58:40 +02:00

134 lines
4.3 KiB
YAML
Raw Blame History

---
- name: get resource group info
become: true
become_user: root
# become_method: runas
hosts: localhost
roles:
- role: azure_createwindowsvm
environment:
- AZURE_CLIENT_ID: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b
- AZURE_SECRET: "{{secret}}"
- AZURE_SUBSCRIPTION_ID: "{{((sub_id | split(':'))[1]) | trim }}"
# - AZURE_SUBSCRIPTION_ID: a7f4215b-c8f8-45ac-8fdd-062c940b02f6
- AZURE_TENANT: 26845d4f-0cf4-4d08-b717-06b6b7824ec4
tasks:
- name: output subscriptionID
debug:
var: "AZURE_SUBSCRIPTION_ID"
- name: make host group from survey hosts list
add_host:
hostname: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}"
#hostname: "{{ hostname }}.adagility.net"
groups: new_group
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_server_cert_validation: ignore
ansible_user: ApeAdmin
ansible_password: "{{password}}"
ansible_winrm_transport: ntlm
#ansible_user: "{{ansible_user}}"
#ansible_password: "{{ansible_password}}"
- name: create hostgroup for ad group creation
add_host:
hostname: awe-mps-006.adagility.net
groups: ad_group
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_server_cert_validation: ignore
ansible_user: "{{ansible_user}}"
ansible_password: "{{ansible_password}}"
ansible_winrm_transport: kerberos
- name: Onboard vm
gather_facts: no
hosts: new_group
roles:
- role: win_ping
- role: windows_install-check-mk
- role: windows_install-sentinelone
- role: windows_install-windirstat
- role: windows_domain-join
- role: windows_finalize
ansible_user: "{{ansible_user}}"
ansible_password: "{{ansible_password}}"
# - role: windows_install-laps
- name: Create admin group
gather_facts:
hosts: ad_group
tasks:
- name: Create ad security group for Devices
community.windows.win_domain_group:
name: G-MGMT-LA-DEVADM-{{ hostname|upper }}
path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET
domain_username: "{{domain_admin}}"
domain_password: "{{domain_password}}"
domain_server: awe-dcw-004.adagility.net
state: present
scope: global
ignore_errors: true
# - name: add host to security group to use azure updates
# community.windows.win_domain_group_membership:
# identity: GG-GPO-APERAM-SERVERS-AZUREUPDATES
# members: "{{hostname}}$"
# domain_username: "{{domain_admin}}"
# domain_password: "{{domain_password}}"
# domain_server: awe-dcw-004.adagility.net
# state: present
# scope: global
# ignore_errors: true
- name: add host to azure updates group
microsoft.ad.group:
name: GG-GPO-APERAM-SERVERS-AZUREUPDATES
identity: GG-GPO-APERAM-SERVERS-AZUREUPDATES
members:
add:
- "{{hostname}}$"
domain_username: "{{domain_admin}}"
domain_password: "{{domain_password}}"
domain_server: awe-dcw-004.adagility.net
scope: global
ignore_errors: true
- name: add host to checkmk
hosts: localhost
become: true
become_user: root
tasks:
- name: Add host
tribe29.checkmk.host:
server_url: "https://monitoringeu.aperam.internal/"
site: "monaperam"
automation_user: "ansible"
automation_secret: "TJXTVH@GFYPRNCJCWUMY"
name: "{{hostname}}.adagility.net"
validate_certs: false
folder: /
state: present
with_inventory_hostnames:
- new_group
- name: "Add newly discovered services on host."
tribe29.checkmk.discovery:
server_url: "https://monitoringeu.aperam.internal/"
site: "monaperam"
automation_user: "ansible"
automation_secret: "TJXTVH@GFYPRNCJCWUMY"
host_name: "{{ hostname }}.adagility.net"
state: "new"
validate_certs: false
with_inventory_hostnames:
- new_group
- name: "Activate changes on all sites."
tribe29.checkmk.activation:
server_url: "https://monitoringeu.aperam.internal/"
site: "monaperam"
automation_user: "ansible"
automation_secret: "TJXTVH@GFYPRNCJCWUMY"
force_foreign_changes: 'true'
validate_certs: false
run_once: 'true'
Reference in New Issue View Git Blame Copy Permalink