ansible: Add winrm setup and cleanup

This commit is contained in:
doyle 2023-01-20 17:23:00 +11:00
parent 8b45689ae9
commit bd96c3c2bf
4 changed files with 55 additions and 10 deletions

BIN
Dev2/Internal/7zr.exe Normal file

Binary file not shown.

View File

@ -1,18 +1,32 @@
# ~/Developer/Tools/python_linux64_3.10.5/bin/ansible-playbook --inventory inventory.yml --ask-become-pass -vv playbook.yml # ~/Developer/Tools/python_linux64_3.10.5/bin/ansible-playbook -vv playbook.yml
--- ---
- hosts: localhost - hosts: localhost
connection: local
gather_facts: no gather_facts: no
vars: vars:
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_transport: basic
ansible_winrm_server_cert_validation: ignore # Connect over HTTP, not HTTPs, local setup ...
root_dir: "{{ playbook_dir }}" root_dir: "{{ playbook_dir }}"
download_dir: "{{ root_dir }}/Downloads" download_dir: "{{ root_dir }}/Downloads"
install_dir: "{{ root_dir }}/Tools" internal_dir: "{{ root_dir }}/Internal"
install_dir: "{{ root_dir }}/Install"
zip7_version: "2201" zip7_version: 2201
zip7_install_dir: "{{ install_dir }}/7zip_win64_{{ zip7_version }}" zip7_install_dir: "{{ install_dir }}/7zip_win64_{{ zip7_version }}"
zip7_download_url: "https://www.7-zip.org/a/7z{{ zip7_version }}-x64.exe" zip7_download_url: https://www.7-zip.org/a/7z{{ zip7_version }}-x64.exe
zip7_download_checksum: "sha256:b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4" zip7_download_checksum: sha256:b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4
vars_prompt:
- name: ansible_user
prompt: Windows username
private: false
- name: ansible_password
prompt: Windows password
tasks: tasks:
- name: Setup root directories - name: Setup root directories
@ -22,6 +36,7 @@
mode: '0755' mode: '0755'
loop: loop:
- "{{ download_dir }}" - "{{ download_dir }}"
- "{{ install_dir }}"
- "{{ zip7_install_dir }}" - "{{ zip7_install_dir }}"
- name: Download 7zip - name: Download 7zip
@ -32,8 +47,9 @@
checksum: "{{ zip7_download_checksum }}" checksum: "{{ zip7_download_checksum }}"
- name: Unzip 7zip - name: Unzip 7zip
community.windows.win_unzip: ansible.windows.win_command: "{{ install_dir }}/7zr.exe -x {{ zip7_download_result.dest }} -o{{ zip7_install_dir }}"
src: "{{ zip7_download_result.dest }}"
dest: "{{ zip7_install_dir }}" # src: "{{ zip7_download_result.dest }}"
remote_src: true # dest: "{{ zip7_install_dir }}"
# remote_src: true

View File

@ -0,0 +1,13 @@
@echo off
REM Reference
REM https://stackoverflow.com/questions/58345011/setup-windows-10-workstation-using-ansible-installed-on-wsl
REM https://4sysops.com/wiki/disable-powershell-remoting-disable-psremoting-winrm-listener-firewall-and-localaccounttokenfilterpolicy/
powershell -Command "Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $false"
powershell -Command "Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $false"
powershell -Command "Disable-PSRemoting"
powershell -Command "Stop-Service WinRM -PassThru"
powershell -Command "Set-Service WinRM -StartupType Disabled -PassThru"
powershell -Command "Set-NetFirewallRule -DisplayName 'Windows Remote Management (HTTP-In)' -Enabled False -PassThru | Select -Property DisplayName, Profile, Enabled"

View File

@ -0,0 +1,16 @@
@echo off
REM Reference
REM https://stackoverflow.com/questions/58345011/setup-windows-10-workstation-using-ansible-installed-on-wsl
set script_dir_backslash=%~dp0
set script_dir=%script_dir_backslash:~0,-1%
powershell -Command "Enable-PSRemoting" || goto :cleanup
powershell -Command "Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $true" || goto :cleanup
powershell -Command "Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $true" || goto :cleanup
goto :eof
:cleanup
call %script_dir%\win_ansible_end_setup.bat