added mssql02 linked to websql01

13 files changed, 105 insertions, 7 deletions

diff --git a/ansible/.env.proxmox.example b/ansible/.env.proxmox.example
index 82fbeaa..68b36df 100644
--- a/ansible/.env.proxmox.example
+++ b/ansible/.env.proxmox.example
@@ -42,4 +42,8 @@ export main_websql01_vmid="5003"
 export main_websql01_hostname="websql01"
 export main_websql01_ip_address="192.168.1.103"
 
+export main_websql01_vmid="5004"
+export main_websql01_hostname="mssql02"
+export main_websql01_ip_address="192.168.1.109"
+
 export network_gateway="192.168.1.1"
diff --git a/ansible/roles/mssql02/tasks/cleanup.yaml b/ansible/roles/mssql02/tasks/cleanup.yaml
new file mode 100644
index 0000000..0e59407
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/cleanup.yaml
@@ -0,0 +1,3 @@
+- name: execute cleanup.ps1
+  ansible.windows.win_powershell:
+    script: C:\scripts\cleanup.ps1
diff --git a/ansible/roles/mssql02/tasks/init.yaml b/ansible/roles/mssql02/tasks/init.yaml
new file mode 100644
index 0000000..a75d6cc
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/init.yaml
@@ -0,0 +1,9 @@
+- name: execute init.ps1
+  ansible.windows.win_powershell:
+    script: C:\scripts\init.ps1
+
+- name: copy mssql installer
+  ansible.builtin.copy:
+    src: files/SQL2019-SSEI-Expr.exe
+    dest: C:\setup\SQL2019-SSEI-Expr.exe
+
diff --git a/ansible/roles/mssql02/tasks/install_software.yaml b/ansible/roles/mssql02/tasks/install_software.yaml
new file mode 100644
index 0000000..a5018a8
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/install_software.yaml
@@ -0,0 +1,3 @@
+- name: execute install-software.ps1
+  ansible.windows.win_powershell:
+    script: C:\scripts\install-software.ps1
diff --git a/ansible/roles/mssql02/tasks/join_domain.yaml b/ansible/roles/mssql02/tasks/join_domain.yaml
new file mode 100644
index 0000000..6736ba2
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/join_domain.yaml
@@ -0,0 +1,13 @@
+- name: join domain
+  ansible.windows.win_domain_membership:
+    dns_domain_name: "{{ main_domain_name }}"
+    domain_admin_user: "{{ main_domain_name }}\\Administrator"
+    domain_admin_password: "{{ default_win_password }}"
+    state: domain
+  register: domain_state
+
+- name: reboot
+  win_reboot:
+    reboot_timeout: 3600
+  when: domain_state.reboot_required
+
diff --git a/ansible/roles/mssql02/tasks/main.yaml b/ansible/roles/mssql02/tasks/main.yaml
new file mode 100644
index 0000000..64c2469
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/main.yaml
@@ -0,0 +1,40 @@
+- name: wait for winrm to be available
+  ansible.builtin.wait_for:
+    host: "{{ ansible_host }}"
+    port: "{{ ansible_port }}"
+    timeout: 300
+  delegate_to: localhost
+
+- name: execute init.ps1
+  import_tasks: init.yaml
+
+- name: set hostname
+  import_tasks: set_hostname.yaml
+
+- name: reboot after hostname change
+  import_tasks: reboot.yaml
+
+- name: join domain and reboot
+  import_tasks: join_domain.yaml
+
+- name: execute setup-mssql.ps1
+  import_tasks: setup_mssql.yaml
+
+- name: reboot after mssql setup
+  import_tasks: reboot.yaml
+
+- name: pause 5 minutes for mssql setup to complete
+  pause:
+    minutes: 5
+
+- name: execute setup-mssql-link.ps1
+  import_tasks: setup_mssql_link.yaml
+
+- name: reboot after mssql link setup
+  import_tasks: reboot.yaml
+
+- name: execute install-software.ps1
+  import_tasks: install_software.yaml
+
+- name: execute cleanup.ps1
+  import_tasks: cleanup.yaml
diff --git a/ansible/roles/mssql02/tasks/reboot.yaml b/ansible/roles/mssql02/tasks/reboot.yaml
new file mode 100644
index 0000000..a7266d0
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/reboot.yaml
@@ -0,0 +1,3 @@
+- name: reboot
+  win_reboot:
+    reboot_timeout: 3600
diff --git a/ansible/roles/mssql02/tasks/set_hostname.yaml b/ansible/roles/mssql02/tasks/set_hostname.yaml
new file mode 100644
index 0000000..7c53a16
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/set_hostname.yaml
@@ -0,0 +1,2 @@
+- name: set hostname
+  win_shell: Rename-Computer -NewName "{{ main_websql01_hostname }}" -Force
diff --git a/ansible/roles/mssql02/tasks/setup_mssql.yaml b/ansible/roles/mssql02/tasks/setup_mssql.yaml
new file mode 100644
index 0000000..a219c82
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/setup_mssql.yaml
@@ -0,0 +1,7 @@
+- name: execute setup-mssql.ps1
+  ansible.windows.win_powershell:
+    script: C:\scripts\setup-mssql.ps1
+    parameters:
+      DomainName: "{{ main_domain_name }}"
+      SvcUsername: svc_mssql02
+      SvcPassword: "{{ default_win_svc_password }}"
diff --git a/ansible/roles/mssql02/tasks/setup_mssql_link.yaml b/ansible/roles/mssql02/tasks/setup_mssql_link.yaml
new file mode 100644
index 0000000..0e22754
--- /dev/null
+++ b/ansible/roles/mssql02/tasks/setup_mssql_link.yaml
@@ -0,0 +1,5 @@
+- name: execute setup-mssql-link.ps1
+  ansible.windows.win_powershell:
+    script: C:\scripts\setup-mssql-link.ps1
+    parameters:
+      LinkServer: websql01
diff --git a/ansible/roles/websql01/tasks/setup_websql.yaml b/ansible/roles/websql01/tasks/setup_websql.yaml
index ea527b6..d82831d 100644
--- a/ansible/roles/websql01/tasks/setup_websql.yaml
+++ b/ansible/roles/websql01/tasks/setup_websql.yaml
@@ -3,5 +3,5 @@
     script: C:\scripts\setup-websql.ps1
     parameters:
       DomainName: "{{ main_domain_name }}"
-      SvcUsername: svc_mssql02
+      SvcUsername: svc_websql01
       SvcPassword: "{{ default_win_svc_password }}"
diff --git a/ansible/scripts/populate-ad.ps1 b/ansible/scripts/populate-ad.ps1
index 17801e0..3d8917a 100644
--- a/ansible/scripts/populate-ad.ps1
+++ b/ansible/scripts/populate-ad.ps1
@@ -125,6 +125,7 @@ Write-Host "[inf] Created computers: $($created_computers -Join ', ')"
 $svc_users = @{
     "svc_mssql01"           = @{"type" = "spn"; "value" = "MSSQLSVC"}
     "svc_mssql02"           = @{"type" = "spn"; "value" = "MSSQLSVC"}
+    "svc_websql01"          = @{"type" = "spn"; "value" = @("MSSQLSVC", "HTTP")}
     "svc_cifs01"            = @{"type" = "spn"; "value" = "CIFS"}
     "svc_cifs02"            = @{"type" = "spn"; "value" = "CIFS"}
     "svc_iis01"             = @{"type" = "spn"; "value" = "HTTP"}
@@ -161,12 +162,21 @@ ForEach ($user in $svc_users.keys) {
                     -Enabled $true `
                     -PasswordNeverExpires $true `
                     -PassThru
-                Set-ADUser -Identity "$u" -ServicePrincipalNames @{Add="$value/$comp"}
-                Set-ADObject $u -Description "SPN on $value/$comp"
 
-                $created_svc_users += "$user ($value/$comp)"
+                $spns = @()
+                if ($value -is [string]) {
+                    $spns += "$value/$comp"
+                } else {
+                    foreach ($v in $value) {
+                        $spns += "$v/$comp"
+                    }
+                }
+
+                Set-ADUser -Identity "$u" -ServicePrincipalNames @{Add=$spns}
+                Set-ADObject $u -Description ("SPNs: " + ($spns -join ", "))
+                $created_svc_users += "$user ($($spns -join ', '))"
             } catch {
-                Write-Host "[err] Failed to create $value/$comp for $user"
+                Write-Host "[err] Failed to create SPNs for $user"
             }
         }
         "group" {
diff --git a/ansible/scripts/setup-websql.ps1 b/ansible/scripts/setup-websql.ps1
index 02e370b..7881291 100644
--- a/ansible/scripts/setup-websql.ps1
+++ b/ansible/scripts/setup-websql.ps1
@@ -1,7 +1,6 @@
 param (
     [string]$DomainName  = "contoso.com",
-    #[string]$SvcUsername = "svc_websql01",
-    [string]$SvcUsername = "svc_mssql02",
+    [string]$SvcUsername = "svc_websql01",
     [string]$SvcPassword = "Svc1234!"
 )