diff options
Diffstat (limited to 'ansible/roles')
| -rw-r--r-- | ansible/roles/dc01/tasks/cleanup.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/init.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/install_software.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/main.yaml | 41 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/populate_ad.yaml | 7 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/reboot.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/set_hostname.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/setup_domain.yaml | 6 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/setup_gpo.yaml | 7 | ||||
| -rw-r--r-- | ansible/roles/dc01/tasks/wait_for_ready.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/create_vm.yaml | 16 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/enable_qemu_guest_agent.yaml | 12 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/get_ip.yaml | 29 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/main.yaml | 17 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/set_network.yaml | 20 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/start_vm.yaml | 13 | ||||
| -rw-r--r-- | ansible/roles/proxmox_vm/tasks/upload_files.yaml | 9 |
17 files changed, 194 insertions, 0 deletions
diff --git a/ansible/roles/dc01/tasks/cleanup.yaml b/ansible/roles/dc01/tasks/cleanup.yaml new file mode 100644 index 0000000..e30df58 --- /dev/null +++ b/ansible/roles/dc01/tasks/cleanup.yaml @@ -0,0 +1,3 @@ +- name: "{{ ansible_host }}: execute cleanup.ps1" + ansible.windows.win_powershell: + script: C:\scripts\cleanup.ps1 diff --git a/ansible/roles/dc01/tasks/init.yaml b/ansible/roles/dc01/tasks/init.yaml new file mode 100644 index 0000000..afd2820 --- /dev/null +++ b/ansible/roles/dc01/tasks/init.yaml @@ -0,0 +1,3 @@ +- name: "{{ ansible_host }}: execute init.ps1" + ansible.windows.win_powershell: + script: C:\scripts\init.ps1 diff --git a/ansible/roles/dc01/tasks/install_software.yaml b/ansible/roles/dc01/tasks/install_software.yaml new file mode 100644 index 0000000..4c43d2b --- /dev/null +++ b/ansible/roles/dc01/tasks/install_software.yaml @@ -0,0 +1,3 @@ +- name: "{{ ansible_host }}: execute install-software.ps1" + ansible.windows.win_powershell: + script: C:\scripts\install-software.ps1 diff --git a/ansible/roles/dc01/tasks/main.yaml b/ansible/roles/dc01/tasks/main.yaml new file mode 100644 index 0000000..2ce79c9 --- /dev/null +++ b/ansible/roles/dc01/tasks/main.yaml @@ -0,0 +1,41 @@ +- name: wait for winrm to be available + ansible.builtin.wait_for: + host: "{{ ansible_host }}" + port: "{{ ansible_port }}" + timeout: 300 + delegate_to: localhost + vars: + ansible_connection: local + +- name: execute init.ps1 + import_tasks: init.yaml + +- name: set hostname + import_tasks: set_hostname.yaml + +- name: reboot after hostname change + import_tasks: reboot.yaml + +- name: execute setup-main-domain.ps1 + import_tasks: setup_domain.yaml + +- name: reboot after domain setup + import_tasks: reboot.yaml + +- name: execute dc-wait-for-ready.ps1 + import_tasks: wait_for_ready.yaml + +- name: execute populate-ad.ps1 + import_tasks: populate_ad.yaml + +- name: execute setup-gpo.ps1 as domain admin + import_tasks: setup_gpo.yaml + +- name: reboot after gpo setup + import_tasks: reboot.yaml + +- name: execute install-software.ps1 + import_tasks: install_software.yaml + +- name: execute cleanup.ps1 + import_tasks: cleanup.yaml diff --git a/ansible/roles/dc01/tasks/populate_ad.yaml b/ansible/roles/dc01/tasks/populate_ad.yaml new file mode 100644 index 0000000..1cc0308 --- /dev/null +++ b/ansible/roles/dc01/tasks/populate_ad.yaml @@ -0,0 +1,7 @@ +- name: "{{ ansible_host }}: execute populate-ad.ps1" + ansible.windows.win_powershell: + script: C:\scripts\populate-ad.ps1 + parameters: + DomainName: "{{ domain_name }}" + UserPassword: "{{ default_win_user_password }}" + SvcPassword: "{{ default_win_svc_password }}" diff --git a/ansible/roles/dc01/tasks/reboot.yaml b/ansible/roles/dc01/tasks/reboot.yaml new file mode 100644 index 0000000..6c17c3d --- /dev/null +++ b/ansible/roles/dc01/tasks/reboot.yaml @@ -0,0 +1,3 @@ +- name: "{{ ansible_host }}: reboot" + ansible.windows.win_reboot: + reboot_timeout: 3600 diff --git a/ansible/roles/dc01/tasks/set_hostname.yaml b/ansible/roles/dc01/tasks/set_hostname.yaml new file mode 100644 index 0000000..7cca168 --- /dev/null +++ b/ansible/roles/dc01/tasks/set_hostname.yaml @@ -0,0 +1,2 @@ +- name: "{{ ansible_host }}: set hostname" + ansible.windows.win_shell: Rename-Computer -NewName "{{ hostname }}" -Force diff --git a/ansible/roles/dc01/tasks/setup_domain.yaml b/ansible/roles/dc01/tasks/setup_domain.yaml new file mode 100644 index 0000000..43fcfc4 --- /dev/null +++ b/ansible/roles/dc01/tasks/setup_domain.yaml @@ -0,0 +1,6 @@ +- name: "{{ ansible_host }}: execute setup-main-domain.ps1" + ansible.windows.win_powershell: + script: C:\scripts\setup-main-domain.ps1 + parameters: + DomainName: "{{ domain_name }}" + SafeModePassword: "{{ default_win_safemode_password }}" diff --git a/ansible/roles/dc01/tasks/setup_gpo.yaml b/ansible/roles/dc01/tasks/setup_gpo.yaml new file mode 100644 index 0000000..aa84237 --- /dev/null +++ b/ansible/roles/dc01/tasks/setup_gpo.yaml @@ -0,0 +1,7 @@ +- name: "{{ ansible_host }}: execute setup-gpo.ps1 as domain admin" + ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-gpo.ps1 -DomainName "{{ domain_name }}" + become: yes + become_method: runas + become_user: "{{ domain_name }}\\Administrator" + vars: + ansible_become_password: "{{ default_win_password }}" diff --git a/ansible/roles/dc01/tasks/wait_for_ready.yaml b/ansible/roles/dc01/tasks/wait_for_ready.yaml new file mode 100644 index 0000000..c43431c --- /dev/null +++ b/ansible/roles/dc01/tasks/wait_for_ready.yaml @@ -0,0 +1,3 @@ +- name: "{{ ansible_host }}: execute dc-wait-for-ready.ps1" + ansible.windows.win_powershell: + script: C:\scripts\dc-wait-for-ready.ps1 diff --git a/ansible/roles/proxmox_vm/tasks/create_vm.yaml b/ansible/roles/proxmox_vm/tasks/create_vm.yaml new file mode 100644 index 0000000..21645b9 --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/create_vm.yaml @@ -0,0 +1,16 @@ +--- +- name: "create vm from template" + community.general.proxmox_kvm: + api_host: "{{ proxmox_hostname }}" + api_user: "{{ proxmox_username }}" + api_token_id: "{{ proxmox_api_token_id }}" + api_token_secret: "{{ proxmox_api_token_secret }}" + node: "{{ proxmox_node }}" + clone: "{{ template }}" + vmid: "{{ id }}" + newid: "{{ newid | int }}" + name: "{{ vm }}" + full: true + storage: "local-lvm" + timeout: 1337 + register: clone_result diff --git a/ansible/roles/proxmox_vm/tasks/enable_qemu_guest_agent.yaml b/ansible/roles/proxmox_vm/tasks/enable_qemu_guest_agent.yaml new file mode 100644 index 0000000..df6da92 --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/enable_qemu_guest_agent.yaml @@ -0,0 +1,12 @@ +--- +- name: "vmid {{ clone_result.vmid }}: enabling qemu guest agent via proxmox api" + uri: + url: "https://{{ proxmox_hostname }}:8006/api2/json/nodes/{{ proxmox_node }}/qemu/{{ clone_result.vmid }}/config" + method: PUT + headers: + Authorization: "PVEAPIToken={{ proxmox_username }}!{{ proxmox_api_token_id }}={{ proxmox_api_token_secret }}" + body: + agent: 1 + body_format: json + validate_certs: no + diff --git a/ansible/roles/proxmox_vm/tasks/get_ip.yaml b/ansible/roles/proxmox_vm/tasks/get_ip.yaml new file mode 100644 index 0000000..584b44d --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/get_ip.yaml @@ -0,0 +1,29 @@ +--- +- name: "vmid {{ clone_result.vmid }}: getting config via proxmox api" + set_fact: + vm_config: "{{ lookup('url', config_url, validate_certs=False, headers=config_headers) }}" + vars: + config_url: "https://{{ proxmox_hostname }}:8006/api2/json/nodes/{{ proxmox_node }}/qemu/{{ clone_result.vmid }}/agent/network-get-interfaces" + config_headers: + Authorization: "PVEAPIToken={{ proxmox_username }}!{{ proxmox_api_token_id }}={{ proxmox_api_token_secret }}" + +- name: "vmid {{ clone_result.vmid }}: extracting ipv4 address" + set_fact: + vm_ip: >- + {{ + vm_config['data']['result'] + | map(attribute='ip-addresses') + | flatten + | selectattr("ip-address-type", "equalto", "ipv4") + | selectattr("ip-address", "ne", "127.0.0.1") + | map(attribute="ip-address") + | first + }} + +- name: "vmid {{ clone_result.vmid }}: ip address result" + ansible.builtin.debug: + msg: "vmid {{ clone_result.vmid }} ip address is {{ vm_ip }}" + +- name: "vmid {{ clone_result.vmid }}: set ip to {{ vm_ip }}" + set_fact: + ansible_host: "{{ vm_ip }}" diff --git a/ansible/roles/proxmox_vm/tasks/main.yaml b/ansible/roles/proxmox_vm/tasks/main.yaml new file mode 100644 index 0000000..c6abe93 --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/main.yaml @@ -0,0 +1,17 @@ +- name: create vm from template + import_tasks: create_vm.yaml + +- name: enable qemu guest agent + import_tasks: enable_qemu_guest_agent.yaml + +- name: start vm + import_tasks: start_vm.yaml + +- name: get vm ip address + import_tasks: get_ip.yaml + +- name: set vm network configuration + import_tasks: set_network.yaml + +- name: upload files to vm + import_tasks: upload_files.yaml diff --git a/ansible/roles/proxmox_vm/tasks/set_network.yaml b/ansible/roles/proxmox_vm/tasks/set_network.yaml new file mode 100644 index 0000000..20ab31c --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/set_network.yaml @@ -0,0 +1,20 @@ +--- +- name: "vmid {{ clone_result.vmid }}: set up static ip address" + win_shell: | + Start-Transcript -Path C:\set_domain_network_log.txt -Append + Get-NetIpAddress -InterfaceAlias 'Ethernet' | Remove-NetIPAddress -Confirm:$false + New-NetIPAddress -InterfaceAlias 'Ethernet' -IPAddress "{{ ip }}" -PrefixLength 24 -DefaultGateway "{{ gateway }}" + Set-DnsClientServerAddress -InterfaceAlias 'Ethernet' -ServerAddresses "{{ dns }}" + Get-NetConnectionProfile -InterfaceAlias 'Ethernet' | Set-NetConnectionProfile -NetworkCategory Private + Stop-Transcript + async: 15 + poll: 0 + delegate_to: "{{ vm_ip }}" + +- name: "vmid {{ clone_result.vmid }}: update ip to {{ ip }}" + set_fact: + ansible_host: "{{ ip }}" + +- name: "vmid {{ clone_result.vmid }}: pause execution for 1 minute to allow ip change and reconnect" + pause: + minutes: 1 diff --git a/ansible/roles/proxmox_vm/tasks/start_vm.yaml b/ansible/roles/proxmox_vm/tasks/start_vm.yaml new file mode 100644 index 0000000..f2ed036 --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/start_vm.yaml @@ -0,0 +1,13 @@ +- name: "start vm" + community.general.proxmox_kvm: + api_host: "{{ proxmox_hostname }}" + api_user: "{{ proxmox_username }}" + api_token_id: "{{ proxmox_api_token_id }}" + api_token_secret: "{{ proxmox_api_token_secret }}" + node: "{{ proxmox_node }}" + vmid: "{{ vmid | int }}" + state: started + +- name: "pause execution for 3 minutes to allow vm to fully boot" + pause: + minutes: 3 diff --git a/ansible/roles/proxmox_vm/tasks/upload_files.yaml b/ansible/roles/proxmox_vm/tasks/upload_files.yaml new file mode 100644 index 0000000..651d203 --- /dev/null +++ b/ansible/roles/proxmox_vm/tasks/upload_files.yaml @@ -0,0 +1,9 @@ +--- +- name: "upload directories" + ansible.builtin.copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + loop: + - { src: ../../../scripts/, dest: C:\scripts\ } + - { src: ../../../files/software/, dest: C:\software\ } + delegate_to: "{{ ansible_host }}" |