improve user setup, manage sshd and winrm
This commit is contained in:
parent
b194632a44
commit
f999c15675
7 changed files with 15 additions and 22 deletions
3
.gitmodules
vendored
3
.gitmodules
vendored
|
@ -31,3 +31,6 @@
|
||||||
[submodule "roles/do1jlr.win_firewall_icmp"]
|
[submodule "roles/do1jlr.win_firewall_icmp"]
|
||||||
path = roles/do1jlr.win_firewall_icmp
|
path = roles/do1jlr.win_firewall_icmp
|
||||||
url = https://backwesen.de/voc/win_ansible_role_firewall_icmp.git
|
url = https://backwesen.de/voc/win_ansible_role_firewall_icmp.git
|
||||||
|
[submodule "roles/do1jlr.win_sshd"]
|
||||||
|
path = roles/do1jlr.win_sshd
|
||||||
|
url = https://backwesen.de/voc/win_ansible_role_sshd.git
|
||||||
|
|
22
README.md
22
README.md
|
@ -46,29 +46,15 @@ Ansible Requirements
|
||||||
ansible-galaxy install -r requirements.yml
|
ansible-galaxy install -r requirements.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
And PyWinRM Python mdule
|
Install sshpass fo SSH with Passwords to windowsvia ansible
|
||||||
```bash
|
```bash
|
||||||
pip3 install pywinrm
|
sudo apt install sshpass
|
||||||
```
|
```
|
||||||
|
|
||||||
Configure Ansible Access (WinRM Setup)
|
Configure Ansible Access (Windows SSH Server Setup)
|
||||||
----------------------------------------
|
----------------------------------------
|
||||||
|
|
||||||
### configure WinRM Access
|
Have a look at the [official Ansible Docs](https://docs.ansible.com/ansible/latest/os_guide/windows_setup.html#windows-ssh-setup) and install [OpenSSH Server](https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=powershell) on Windows or WinRM by running the [ConfigureReotingForAnsible.ps1](https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureReotingForAnsible.ps1) script.
|
||||||
Configure WinRM with the ``ConfigureRemotingForAnsible.ps1`` Script as described in [docs.ansible.com/ansible/latest/user_guide/windows_setup.html#winrm-setup](https://docs.ansible.com/ansible/latest/user_guide/windows_setup.html#winrm-setup) in your WINDOWS PowerShell.
|
|
||||||
|
|
||||||
### configure ansible setup for new hosts
|
|
||||||
+ add your host to the ``hosts.ini`` file.
|
|
||||||
+ add the following variables in the ``host_vars``:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
---
|
|
||||||
# host_vars/$hostname/vars.yml
|
|
||||||
ansible_connection: winrm
|
|
||||||
ansible_user: 'Windows_Admin_User'
|
|
||||||
ansible_password: 'Your_Windows_Admin_Password'
|
|
||||||
ansible_winrm_server_cert_validation: ignore
|
|
||||||
```
|
|
||||||
|
|
||||||
Gopass Passwords
|
Gopass Passwords
|
||||||
------------------
|
------------------
|
||||||
|
|
|
@ -8,8 +8,10 @@ win_obs_init__powerplan_enabled: true
|
||||||
win_obs_init_powerplan_mode: 'high performance'
|
win_obs_init_powerplan_mode: 'high performance'
|
||||||
|
|
||||||
# connect
|
# connect
|
||||||
ansible_connection: winrm
|
ansible_connection: ssh
|
||||||
|
ansible_shell_type: "powershell"
|
||||||
ansible_winrm_server_cert_validation: ignore
|
ansible_winrm_server_cert_validation: ignore
|
||||||
|
ansible_pipelining: true
|
||||||
ansible_password: "{{ lookup('community.general.passwordstore', 'chvoc/ansible/windows/' + inventory_hostname + '/login/' + ansible_user) }}"
|
ansible_password: "{{ lookup('community.general.passwordstore', 'chvoc/ansible/windows/' + inventory_hostname + '/login/' + ansible_user) }}"
|
||||||
|
|
||||||
# credetials
|
# credetials
|
||||||
|
@ -19,7 +21,7 @@ win_obs_init__password: "{{ lookup('community.general.passwordstore', gopass_pas
|
||||||
|
|
||||||
# manage autologon
|
# manage autologon
|
||||||
win_obs_init__autologon: true
|
win_obs_init__autologon: true
|
||||||
win_obs_init__autologon_password: "{{ lookup('community.general.passwordstore', 'chvoc/ansible/windows/' + inventory_hostname + '/login/obs') }}"
|
win_obs_init__autologon_password: "{{ lookup('community.general.passwordstore', 'chvoc/ansible/windows/' + inventory_hostname + '/login/voc') }}"
|
||||||
|
|
||||||
# define obs szene
|
# define obs szene
|
||||||
win_obs_szene__project: 'swiss_python_summit_2022'
|
win_obs_szene__project: 'swiss_python_summit_2022'
|
||||||
|
|
|
@ -2,4 +2,4 @@
|
||||||
obs-white ansible_host=obs-white.local
|
obs-white ansible_host=obs-white.local
|
||||||
obs-yellow ansible_host=obs-yellow.local
|
obs-yellow ansible_host=obs-yellow.local
|
||||||
obs-blue ansible_host=obs-blue.local
|
obs-blue ansible_host=obs-blue.local
|
||||||
obs-spare ansible_host=obs-spare.local
|
obs-misc ansible_host=obs-misc.local
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit 6b86e9d710ed073088e82b4d0b343dc932cb2920
|
Subproject commit 6249b9b886a4561fa1eab6978453d699bd8c7f4c
|
1
roles/do1jlr.win_sshd
Submodule
1
roles/do1jlr.win_sshd
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 61b785cae02215e0d7dc3878da5d792e198a595c
|
1
site.yml
1
site.yml
|
@ -12,6 +12,7 @@
|
||||||
- {role: do1jlr.win_base_setup, tags: [user, setup]}
|
- {role: do1jlr.win_base_setup, tags: [user, setup]}
|
||||||
- {role: do1jlr.win_zeroconf, tags: zeroconf}
|
- {role: do1jlr.win_zeroconf, tags: zeroconf}
|
||||||
- {role: do1jlr.win_firewall_icmp, tags: firewall}
|
- {role: do1jlr.win_firewall_icmp, tags: firewall}
|
||||||
|
- {role: do1jlr.win_sshd, tags: sshd}
|
||||||
- {role: do1jlr.win_obs_setup, tags: [user, obs]}
|
- {role: do1jlr.win_obs_setup, tags: [user, obs]}
|
||||||
- {role: do1jlr.win_parsec, tags: parsec}
|
- {role: do1jlr.win_parsec, tags: parsec}
|
||||||
- {role: do1jlr.win_streamdeck, tags: streamdeck}
|
- {role: do1jlr.win_streamdeck, tags: streamdeck}
|
||||||
|
|
Loading…
Reference in a new issue