April 9, 2024
ansible usage
init ansible control node
sudo apt update
sudo apt install python3
sudo apt install pipx
sudo apt-get install sshpass
pipx install ansible-core
pipx inject ansible-core pywinrm
pipx ensurepath
ansible-galaxy collection install ansible.windows
ansible-galaxy collection install chocolatey.chocolatey
ansible-galaxy collection install community.generalinit mac client
on mac host
enable remote login/administration (a.k.a. ssh)
init windows client
on windows host
winrm quickconfig
Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $true
winrm get winrm/config/Service
winrm get winrm/config/Winrs
New-SelfSignedCertificate -DnsName "surface3" -CertStoreLocation Cert:\LocalMachine\My
echo 239A0571A14A35C470AB3B6F3EF5181A61E557D3
winrm create winrm/config/Listener?Address=*+Transport=HTTPS '@{Hostname="surface3"; CertificateThumbprint="239A0571A14A35C470AB3B6F3EF5181A61E557D3"}'
winrm e1 winrm/config/listenerconfigure ansible
[win]
172.25.240.1
[win:vars]
ansible_connection=winrm
ansible_port=5986
ansible_winrm_server_cert_validation=ignore
ansible_winrm_transport=ntlm
ansible_user=userXXXXX
ansible_password=pwXXXXX
[mac]
192.168.69.44
[mac:vars]
ansible_connection=ssh
ansible_user=userXXXXX
ansible_password=pwXXXXXXXmanfred@surface3:~$ ansible win -i hosts.ini -m win_ping
172.25.240.1 | SUCCESS => {
"changed": false,
"ping": "pong"
}- name: default-sw-install
gather_facts: true
hosts: win
tasks:
- name: install 7-zip
win_chocolatey:
name: 7zip
state: presentansible-playbook -i hosts.ini default-sw-install.ymlansible-vault encrypt_string (pw-to-be-encrypted) --ask-vault-pass echo edit hosts.yml ansible-playbook -vv -i hosts.yml default-sw-install.yml --ask-vault-pass