diff options
| author | heqnx <root@heqnx.com> | 2025-07-12 13:15:48 +0300 |
|---|---|---|
| committer | heqnx <root@heqnx.com> | 2025-07-12 13:15:48 +0300 |
| commit | 5c07039ceb41ad6867213827440876a74f586aad (patch) | |
| tree | bce1eaf4d7b8a47696272b91938def0981c93b75 | |
| parent | 5a0f9c70eb028fc6bf04b9cdf39904fe5391612b (diff) | |
| download | ansible-active-directory-range-5c07039ceb41ad6867213827440876a74f586aad.tar.gz ansible-active-directory-range-5c07039ceb41ad6867213827440876a74f586aad.zip | |
working setup now with dynamic inventory
| -rw-r--r-- | ansible/.env.proxmox.example | 15 | ||||
| -rw-r--r-- | ansible/main.yaml | 26 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/main.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/populate_ad.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/set_hostname.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/setup_domain.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/setup_gpo.yaml | 4 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/main.yaml | 4 | ||||
| -rw-r--r-- | ansible/roles/srv01/tasks/main.yaml | 8 |
9 files changed, 37 insertions, 28 deletions
diff --git a/ansible/.env.proxmox.example b/ansible/.env.proxmox.example index 70c9580..7b9a1d6 100644 --- a/ansible/.env.proxmox.example +++ b/ansible/.env.proxmox.example @@ -12,13 +12,16 @@ export windows_username="packer" export windows_password="packer" export windows_svc_password="Svc1234!" +# qcow2 images +export windows_server_qcow_image="images/qemu-winserver2019.qcow2" +export linux_qcow_image="images/qemu-ubuntu-24.04-server.qcow2" + # proxmox vm and template details export windows_server_template_id="200" export windows_server_template_name="winserver2019-tmpl" -#export linux_server_template_id="201" -#export linux_server_template_name="base-img-ubuntu-24.04-server" -#export kali_template_id="202" -#export kali_template_name="base-img-kali-top10-xfce" + +export linux_server_template_id="201" +export linux_server_template_name="ubuntu2404-tmpl" # domain details export main_domain_name="contoso.com" @@ -27,6 +30,10 @@ export main_dc01_vmid="5000" export main_dc01_hostname="dc01" export main_dc01_ip_address="192.168.1.50" +export main_linux_srv01_vmid="5001" +export main_linux_srv01_hostname="srv01" +export main_linux_srv01_ip_address="192.168.1.51" + export network_gateway="192.168.1.1" #export mssql01_hostname="mssql01" diff --git a/ansible/main.yaml b/ansible/main.yaml index 777db8f..3c0effe 100644 --- a/ansible/main.yaml +++ b/ansible/main.yaml @@ -31,13 +31,6 @@ ansible_winrm_server_cert_validation: ignore changed_when: false - - name: configure windows domain controller - include_role: - name: dc01 - vars: - hostname: "{{ main_dc01_hostname }}" - domain_name: "{{ main_domain_name }}" - - name: deploy linux domain vm on proxmox include_role: name: proxmox_vm @@ -50,8 +43,7 @@ vmid: "{{ main_linux_srv01_vmid }}" ip: "{{ main_linux_srv01_ip_address }}" gateway: "{{ network_gateway }}" - #dns: "{{ main_dc01_ip_address }}" - dns: "8.8.8.8" + dns: "{{ main_dc01_ip_address }}" hostname: "{{ main_linux_srv01_hostname }}" domain: "{{ main_domain_name }}" fqdn: "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}" @@ -67,9 +59,17 @@ ansible_host_key_checking: false changed_when: false - - name: configure linux domain vm +- name: configure everything + hosts: all + gather_facts: no + tasks: + - name: configure windows dc + include_role: + name: dc01 + when: inventory_hostname == main_dc01_hostname + '.' + main_domain_name + + - name: configure linux server include_role: name: srv01 - vars: - hostname: "{{ main_linux_srv01_hostname }}" - domain_name: "{{ main_domain_name }}" + when: inventory_hostname == main_linux_srv01_hostname + '.' + main_domain_name + diff --git a/ansible/roles/dc01/tasks/main.yaml b/ansible/roles/dc01/tasks/main.yaml index 2ce79c9..d9b0b40 100644 --- a/ansible/roles/dc01/tasks/main.yaml +++ b/ansible/roles/dc01/tasks/main.yaml @@ -4,8 +4,6 @@ port: "{{ ansible_port }}" timeout: 300 delegate_to: localhost - vars: - ansible_connection: local - name: execute init.ps1 import_tasks: init.yaml diff --git a/ansible/roles/dc01/tasks/populate_ad.yaml b/ansible/roles/dc01/tasks/populate_ad.yaml index 1cc0308..6eae140 100644 --- a/ansible/roles/dc01/tasks/populate_ad.yaml +++ b/ansible/roles/dc01/tasks/populate_ad.yaml @@ -2,6 +2,6 @@ ansible.windows.win_powershell: script: C:\scripts\populate-ad.ps1 parameters: - DomainName: "{{ domain_name }}" + DomainName: "{{ main_domain_name }}" UserPassword: "{{ default_win_user_password }}" SvcPassword: "{{ default_win_svc_password }}" diff --git a/ansible/roles/dc01/tasks/set_hostname.yaml b/ansible/roles/dc01/tasks/set_hostname.yaml index 7cca168..73fa63c 100644 --- a/ansible/roles/dc01/tasks/set_hostname.yaml +++ b/ansible/roles/dc01/tasks/set_hostname.yaml @@ -1,2 +1,2 @@ - name: "{{ ansible_host }}: set hostname" - ansible.windows.win_shell: Rename-Computer -NewName "{{ hostname }}" -Force + ansible.windows.win_shell: Rename-Computer -NewName "{{ main_dc01_hostname }}" -Force diff --git a/ansible/roles/dc01/tasks/setup_domain.yaml b/ansible/roles/dc01/tasks/setup_domain.yaml index 43fcfc4..778c4db 100644 --- a/ansible/roles/dc01/tasks/setup_domain.yaml +++ b/ansible/roles/dc01/tasks/setup_domain.yaml @@ -2,5 +2,5 @@ ansible.windows.win_powershell: script: C:\scripts\setup-main-domain.ps1 parameters: - DomainName: "{{ domain_name }}" + DomainName: "{{ main_domain_name }}" SafeModePassword: "{{ default_win_safemode_password }}" diff --git a/ansible/roles/dc01/tasks/setup_gpo.yaml b/ansible/roles/dc01/tasks/setup_gpo.yaml index aa84237..53eb086 100644 --- a/ansible/roles/dc01/tasks/setup_gpo.yaml +++ b/ansible/roles/dc01/tasks/setup_gpo.yaml @@ -1,7 +1,7 @@ - name: "{{ ansible_host }}: execute setup-gpo.ps1 as domain admin" - ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-gpo.ps1 -DomainName "{{ domain_name }}" + ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-gpo.ps1 -DomainName "{{ main_domain_name }}" become: yes become_method: runas - become_user: "{{ domain_name }}\\Administrator" + become_user: "{{ main_domain_name }}\\Administrator" vars: ansible_become_password: "{{ default_win_password }}" diff --git a/ansible/roles/proxmox_vm/tasks/main.yaml b/ansible/roles/proxmox_vm/tasks/main.yaml index c6abe93..051e388 100644 --- a/ansible/roles/proxmox_vm/tasks/main.yaml +++ b/ansible/roles/proxmox_vm/tasks/main.yaml @@ -13,5 +13,5 @@ - name: set vm network configuration import_tasks: set_network.yaml -- name: upload files to vm - import_tasks: upload_files.yaml + #- name: upload files to vm + # import_tasks: upload_files.yaml diff --git a/ansible/roles/srv01/tasks/main.yaml b/ansible/roles/srv01/tasks/main.yaml index 06f6974..8b14503 100644 --- a/ansible/roles/srv01/tasks/main.yaml +++ b/ansible/roles/srv01/tasks/main.yaml @@ -4,11 +4,15 @@ port: "{{ ansible_port }}" timeout: 300 delegate_to: localhost - vars: - ansible_connection: local - name: set hostname import_tasks: set_hostname.yaml +- name: reboot after hostname change + import_tasks: reboot.yaml + - name: execute join-domain.sh import_tasks: join_domain.yaml + +- name: reboot after domain join + import_tasks: reboot.yaml |