ansible: Add winrm setup and cleanup

2023-01-20 17:23:00 +11:00 · 2023-01-20 17:23:00 +11:00 · bd96c3c2bf
commit bd96c3c2bf
parent 8b45689ae9
4 changed files with 55 additions and 10 deletions
--- a/Dev2/Internal/7zr.exe
+++ b/Dev2/Internal/7zr.exe
--- a/Dev2/playbook.yml
+++ b/Dev2/playbook.yml
@ -1,18 +1,32 @@
-# ~/Developer/Tools/python_linux64_3.10.5/bin/ansible-playbook --inventory inventory.yml --ask-become-pass -vv playbook.yml
+# ~/Developer/Tools/python_linux64_3.10.5/bin/ansible-playbook -vv playbook.yml
 ---
 - hosts: localhost
-  connection: local
  gather_facts: no

  vars:
+    ansible_connection:                   winrm
+    ansible_port:                         5985
+    ansible_winrm_transport:              basic
+    ansible_winrm_server_cert_validation: ignore # Connect over HTTP, not HTTPs, local setup ...
+
    root_dir:               "{{ playbook_dir }}"
    download_dir:           "{{ root_dir }}/Downloads"
-    install_dir:            "{{ root_dir }}/Tools"
+    internal_dir:           "{{ root_dir }}/Internal"
+    install_dir:            "{{ root_dir }}/Install"

-    zip7_version:           "2201"
+    zip7_version:           2201
    zip7_install_dir:       "{{ install_dir }}/7zip_win64_{{ zip7_version }}"
-    zip7_download_url:      "https://www.7-zip.org/a/7z{{ zip7_version }}-x64.exe"
-    zip7_download_checksum: "sha256:b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4"
+    zip7_download_url:      https://www.7-zip.org/a/7z{{ zip7_version }}-x64.exe
+    zip7_download_checksum: sha256:b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4
+
+
+  vars_prompt:
+    - name: ansible_user
+      prompt: Windows username
+      private: false
+
+    - name: ansible_password
+      prompt: Windows password

  tasks:
    - name: Setup root directories
@ -22,6 +36,7 @@
        mode: '0755'
      loop:
        - "{{ download_dir }}"
+        - "{{ install_dir }}"
        - "{{ zip7_install_dir }}"

    - name: Download 7zip
@ -32,8 +47,9 @@
        checksum: "{{ zip7_download_checksum }}"

    - name: Unzip 7zip
-      community.windows.win_unzip:
-        src:     "{{ zip7_download_result.dest }}"
-        dest:    "{{ zip7_install_dir }}"
-        remote_src: true
+      ansible.windows.win_command: "{{ install_dir }}/7zr.exe -x {{ zip7_download_result.dest }} -o{{ zip7_install_dir }}"
+
+        # src:     "{{ zip7_download_result.dest }}"
+        # dest:    "{{ zip7_install_dir }}"
+        # remote_src: true

--- a/Dev2/win_ansible_end_setup.bat
+++ b/Dev2/win_ansible_end_setup.bat
@ -0,0 +1,13 @@
+@echo off
+
+REM Reference
+REM https://stackoverflow.com/questions/58345011/setup-windows-10-workstation-using-ansible-installed-on-wsl
+REM https://4sysops.com/wiki/disable-powershell-remoting-disable-psremoting-winrm-listener-firewall-and-localaccounttokenfilterpolicy/
+
+powershell -Command "Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $false"
+powershell -Command "Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $false"
+powershell -Command "Disable-PSRemoting"
+
+powershell -Command "Stop-Service WinRM -PassThru"
+powershell -Command "Set-Service WinRM -StartupType Disabled -PassThru"
+powershell -Command "Set-NetFirewallRule -DisplayName 'Windows Remote Management (HTTP-In)' -Enabled False -PassThru | Select -Property DisplayName, Profile, Enabled"
--- a/Dev2/win_ansible_start_setup.bat
+++ b/Dev2/win_ansible_start_setup.bat
@ -0,0 +1,16 @@
+@echo off
+
+REM Reference
+REM https://stackoverflow.com/questions/58345011/setup-windows-10-workstation-using-ansible-installed-on-wsl
+
+set script_dir_backslash=%~dp0
+set script_dir=%script_dir_backslash:~0,-1%
+
+powershell -Command "Enable-PSRemoting" || goto :cleanup
+powershell -Command "Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $true" || goto :cleanup
+powershell -Command "Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $true" || goto :cleanup
+goto :eof
+
+:cleanup
+call %script_dir%\win_ansible_end_setup.bat
+