ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lint fixes

Browse Source
This commit is contained in:
willtome
2023-03-07 09:26:22 -05:00
parent 36f113aa75
commit 745b755296
57 changed files with 525 additions and 1135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/ansible-lint.yml vendored Normal file
View File

@@ -0,0 +1,16 @@
---
name: Ansible Lint
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
# Important: This sets up your GITHUB_WORKSPACE environment variable
- uses: actions/checkout@v3
with:
fetch-depth: 0 # needed for progressive mode to work
- name: Run ansible-lint
uses: ansible/ansible-lint-action@v6

19
cloud/destroy_vm.yml
View File

@@ -1,19 +0,0 @@
---
- hosts: "{{ _hosts }}"
gather_facts: no
tasks:
- name: list systems to be destroyed
debug:
msg: "{{ inventory_hostname }}"
- name: pause for review...
pause:
seconds: 30
prompt: "Systems listed above will be DESTROYED in 30 seconds. Cancel the job to Abort."
- name: destroy vm
include_role:
name: "demo.cloud.aws"
tasks_from: destroy_vm
when: "'cloud_aws' in group_names or 'cloud_azure' in group_names"

2
collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml
View File

@@ -115,4 +115,4 @@
state: present state: present
tags: tags:
owner: "{{ aws_vpc_name }}" owner: "{{ aws_vpc_name }}"
purpose: "{{ aws_purpose_tag }}" purpose: "{{ aws_purpose_tag }}"

2
collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml
View File

@@ -44,4 +44,4 @@
wait: "{{ aws_ec2_wait }}" wait: "{{ aws_ec2_wait }}"
vpc_subnet_id: "{{ aws_subnet_id }}" vpc_subnet_id: "{{ aws_subnet_id }}"
user_data: "{{ lookup('template', aws_userdata_template+'.j2', template_vars=dict(aws_vm_name=vm_name)) }}" user_data: "{{ lookup('template', aws_userdata_template+'.j2', template_vars=dict(aws_vm_name=vm_name)) }}"
register: aws_vm_output register: aws_vm_output

17
collections/ansible_collections/demo/cloud/roles/azure/defaults/main.yml
View File

@@ -1,17 +0,0 @@
---
##############
# Azure Vars
##############
az_region: eastus
az_rg_name: ansible
az_rg_prefix: demo
az_vnet_cidr_block: 10.0.0.0/16
az_subnet_cidr: 10.0.1.0/24
az_vm_name: "{{ vm_name }}"
az_vm_owner: "{{ vm_owner }}"
az_blueprint: "{{ vm_blueprint }}"
az_vm_username: "{{ ansible_user }}"
az_vm_password: "{{ ansible_password }}"
az_env_tag: prod
az_purpose_tag: ansible_demo
az_ansiblegroup_tag: cloud

76
collections/ansible_collections/demo/cloud/roles/azure/tasks/create_infra.yml
View File

@@ -1,76 +0,0 @@
---
- name: AZURE | CREATE INFRA | resource group
azure.azcollection.azure_rm_resourcegroup:
name: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
location: "{{ az_region }}"
- name: AZURE | CREATE INFRA | virtual network
azure.azcollection.azure_rm_virtualnetwork:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ az_rg_name }}-{{ az_rg_prefix }}-vnet"
address_prefixes: "{{ az_vnet_cidr }}"
- name: AZURE | CREATE INFRA | subnet
azure.azcollection.azure_rm_subnet:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ az_rg_name }}-{{ az_rg_prefix }}-subnet }}"
address_prefix: "{{ az_subnet_cidr }}"
virtual_network: "{{ az_rg_name }}-{{ az_rg_prefix }}-vnet"
- name: AZURE | CREATE INFRA | security group
azure.azcollection.azure_rm_securitygroup:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ az_rg_name }}-{{ az_rg_prefix }}-sec-group"
rules:
- name: External
protocol: Tcp
destination_port_range:
- 80 # HTTP
- 443 # HTTPS
- 5986 # WinRM
- 3389 # RDP
access: Allow
priority: 1001
direction: Inbound
- name: Ping
protocol: Icmp
access: Allow
priority: 1002
direction: Inbound
- name: Internal TCP
protocol: Tcp
destination_port_range:
- 80 # HTTP
- 5986 # WinRM
- 3389 # RDP
- 53 # DNS
- 88 # Kerberos Authentication
- 135 # RPC
- 139 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 5432 # PostgreSQL
- 636 # LDAPS (LDAP over TLS)
- 873 # Rsync
- 3268-3269 # Global Catalog
- 1024-65535 # Ephemeral RPC ports
access: Allow
priority: 1003
direction: Inbound
source_address_prefix: "{{ az_vnet_cidr_block }}"
- name: Internal UDP
protocol: Udp
destination_port_range:
- 53 # DNS
- 88 # Kerberos Authentication
- 123 # NTP
- 137-138 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 1024-65535 # Ephemeral RPC ports
access: Allow
priority: 1004
direction: Inbound
source_address_prefix: "{{ az_vnet_cidr_block }}"

28
collections/ansible_collections/demo/cloud/roles/azure/tasks/create_vm.yml
View File

@@ -1,28 +0,0 @@
---
- name: AZURE | CREATE VM | vnet interface
azure.azcollection.azure_rm_networkinterface:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ az_vm_name }}_nic"
public_ip_name: "{{ az_vm_name }}_ip"
virtual_network: "{{ az_rg_name }}-{{ az_rg_prefix }}-vnet"
subnet: "{{ az_rg_name }}-{{ az_rg_prefix }}-subnet }}"
security_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-sec-group"
- name: AZURE | CREATE VM | vm
azure.azcollection.azure_rm_virtualmachine:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ az_vm_name }}"
os_type: "{{ az_vm_os_type }}"
vm_size: "{{ az_vm_size }}"
admin_username: "{{ az_vm_username }}"
admin_password: "{{ az_vm_password }}"
network_interfaces: "{{ az_vm_name }}_nic"
image: "{{ az_vm_image }}"
tags:
blueprint: "{{ az_blueprint }}"
purpose: "{{ az_purpose_tag }}"
env: "{{ az_env_tag }}"
ansible_group: "{{ az_ansiblegroup_tag }}"
owner: "{{ az_vm_owner }}"
info: "This instance was built by Red Hat Product Demos"
Name: "{{ az_vm_name }}"

8
collections/ansible_collections/demo/cloud/roles/azure/tasks/destroy_vm.yml
View File

@@ -1,8 +0,0 @@
---
- name: Destroy VM
azure.azcollection.azure_rm_virtualmachine:
resource_group: "{{ az_rg_name }}-{{ az_rg_prefix }}-rg"
name: "{{ inventory_hostname }}"
state: absent
remove_on_absent: all_autocreated
delegate_to: localhost

202
collections/ansible_collections/demo/reporting/roles/report_server/files/css/new.css
View File

@@ -1,202 +0,0 @@
p.hostname {
color: #000000;
font-weight: bolder;
font-size: large;
margin: auto;
width: 50%;
}
#subtable {
background: #ebebeb;
margin: 0px;
width: 100%;
}
#subtable tbody tr td {
padding: 5px 5px 5px 5px;
}
#subtable thead th {
padding: 5px;
}
* {
-moz-box-sizing: border-box;
-webkit-box-sizing: border-box;
box-sizing: border-box;
font-family: "Open Sans", "Helvetica";
}
a {
color: #000000;
}
p {
color: #ffffff;
}
h1 {
text-align: center;
color: #ffffff;
}
body {
background:#353a40;
padding: 0px;
margin: 0px;
font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
}
table {
border-collapse: separate;
background:#fff;
@include border-radius(5px);
@include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
}
.main_net_table {
margin:50px auto;
}
thead {
@include border-radius(5px);
}
thead th {
font-size:16px;
font-weight:400;
color:#fff;
@include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
text-align:left;
padding:20px;
border-top:1px solid #858d99;
background: #353a40;
&:first-child {
@include border-top-left-radius(5px);
}
&:last-child {
@include border-top-right-radius(5px);
}
}
tbody tr td {
font-weight:400;
color:#5f6062;
font-size:13px;
padding:20px 20px 20px 20px;
border-bottom:1px solid #e0e0e0;
}
tbody tr:nth-child(2n) {
background:#f0f3f5;
}
tbody tr:last-child td {
border-bottom:none;
&:first-child {
@include border-bottom-left-radius(5px);
}
&:last-child {
@include border-bottom-right-radius(5px);
}
}
td {
vertical-align: top;
}
span.highlight {
background-color: yellow;
}
.expandclass {
color: #5f6062;
}
.content{
display:none;
margin: 10px;
}
header {
width: 100%;
position: initial;
float: initial;
padding: 0;
margin: 0;
border-radius: 0;
height: 88px;
background-color: #171717;
}
.header-container {
margin: 0 auto;
width: 100%;
height: 100%;
max-width: 1170px;
padding: 0;
float: initial;
display: flex;
align-items: center;
}
.header-logo {
width: 137px;
border: 0;
margin: 0;
margin-left: 15px;
}
.header-link {
margin-left: 40px;
text-decoration: none;
cursor: pointer;
text-transform: uppercase;
font-size: 15px;
font-family: 'Red Hat Text';
font-weight: 500;
}
.header-link:hover {
text-shadow: 0 0 0.02px white;
text-decoration: none;
}
table.net_info td {
padding: 5px;
}
p.expandclass:hover {
text-decoration: underline;
color: #EE0000;
cursor: pointer;
}
.summary_info {
}
.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
border: 1px solid #5F0000;
background: #EE0000;
}
div#net_content {
padding: 0px;
height: auto !important;
}
img.router_image {
vertical-align: middle;
padding: 0px 10px 10px 10px;
width: 50px;
}
table.net_info {
width: 100%;
}
p.internal_label {
color: #000000;
}

48
collections/ansible_collections/demo/reporting/roles/report_server/files/redhat-ansible-logo.svg
View File

@@ -1,48 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Logos" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
width="930.2px" height="350px" viewBox="0 0 930.2 350" style="enable-background:new 0 0 930.2 350;" xml:space="preserve">
<style type="text/css">
.st0{fill:#FFFFFF;}
.st1{fill:#EE0000;}
</style>
<title>Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB</title>
<path class="st0" d="M383.3,228.5h18.8L446,335.7h-17.5l-12.4-31.4h-48l-12.6,31.4h-16.7L383.3,228.5z M410.9,291l-18.7-47l-18.7,47
H410.9z"/>
<path class="st0" d="M455.2,257.7h15.3v7.8c6.2-6.2,14.7-9.6,23.5-9.3c17.9,0,30.5,12.4,30.5,30.5v49h-15.3v-46.5
c0-12.3-7.5-19.8-19.3-19.8c-7.8-0.3-15.1,3.6-19.3,10.1v56.1h-15.3V257.7z"/>
<path class="st0" d="M543,315.5c8.1,6.4,16.7,9.8,25.4,9.8c11,0,18.7-4.8,18.7-11.7c0-5.5-4-8.7-12.6-10l-14.1-2
c-15.5-2.3-23.3-9.5-23.3-21.6c0-14.1,12.3-23.6,30.5-23.6c11.3-0.1,22.3,3.4,31.5,9.9l-7.8,10.1c-8.6-5.7-16.4-8.1-24.7-8.1
c-9.3,0-15.6,4.3-15.6,10.6c0,5.7,3.7,8.4,12.9,9.8l14.1,2c15.5,2.3,23.6,9.7,23.6,21.7c0,14-14.1,24.5-32.6,24.5
c-13.5,0-25.6-4-34.2-11.5L543,315.5z"/>
<path class="st0" d="M611.6,235.6c0-5.2,4.1-9.4,9.3-9.5c0,0,0,0,0,0c5.2-0.2,9.7,3.9,9.9,9.1c0.2,5.2-3.9,9.7-9.1,9.9
c-0.2,0-0.5,0-0.7,0C615.8,245.1,611.6,240.9,611.6,235.6C611.6,235.7,611.6,235.7,611.6,235.6z M628.6,335.7h-15.3v-78h15.3V335.7z
"/>
<path class="st0" d="M685.5,336.9c-8.5,0-16.8-2.7-23.6-7.8v6.6h-15.2V228.5l15.3-3.4v40c6.6-5.6,15.1-8.7,23.7-8.6
c22.1,0,39.4,17.7,39.4,40.1C725.2,319.1,707.9,336.9,685.5,336.9z M662,279.2v35.2c4.9,5.7,13,9.2,21.8,9.2
c15,0,26.4-11.5,26.4-26.8c0-15.3-11.5-27-26.4-27C674.9,269.8,667.1,273.2,662,279.2z"/>
<path class="st0" d="M755,335.7h-15.3V228.5l15.3-3.4V335.7z"/>
<path class="st0" d="M810.5,337.1c-23,0-40.9-17.7-40.9-40.4c0-22.5,17.2-40.1,39.1-40.1c21.5,0,37.7,17.8,37.7,40.8v4.4h-61.6
c2,13,13.2,22.5,26.4,22.4c7.2,0.2,14.2-2.3,19.8-6.8l9.8,9.7C832.1,333.7,821.5,337.4,810.5,337.1z M784.9,290.2h46.3
c-2.3-11.9-11.5-20.8-22.8-20.8C796.5,269.4,787.2,277.8,784.9,290.2z"/>
<path class="st1" d="M202.8,137.5c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5l-11-47.7c-2.5-10.5-4.8-15.2-23.2-24.5
c-14.3-7.3-45.5-19.4-54.7-19.4c-8.6,0-11.1,11.1-21.3,11.1c-9.8,0-17.1-8.3-26.4-8.3c-8.8,0-14.6,6-19,18.4c0,0-12.4,34.9-14,40
c-0.3,0.9-0.4,1.9-0.4,2.9C77.6,92.9,131.1,137.5,202.8,137.5 M250.8,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1
c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8c-24.8,1.3-56.9,5.7-56.9,34c0,46.4,109.9,103.5,196.9,103.5
c66.7,0,83.5-30.2,83.5-54C296.1,154.6,279.9,133.4,250.8,120.7"/>
<path d="M250.7,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8
l5.4-13.3c-0.3,0.9-0.4,1.9-0.4,2.8c0,13.6,53.5,58.1,125.2,58.1c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5L250.7,120.7z"/>
<path class="st0" d="M869.1,151.2c0,17.5,10.5,26,29.7,26c5.9-0.1,11.8-1,17.5-2.5v-20.3c-3.7,1.2-7.5,1.7-11.3,1.7
c-7.9,0-10.8-2.5-10.8-9.9v-31.1h22.9V94.2h-22.9V67.7l-25,5.4v21.1h-16.6v20.9h16.6L869.1,151.2z M791,151.7
c0-5.4,5.4-8.1,13.6-8.1c5,0,10,0.7,14.9,1.9V156c-4.8,2.6-10.2,3.9-15.6,3.9C795.9,159.9,791.1,156.8,791,151.7 M798.7,177.5
c8.8,0,16-1.9,22.6-6.3v5h24.8v-52.5c0-20-13.5-30.9-35.9-30.9c-12.6,0-25,2.9-38.3,9l9,18.4c9.6-4,17.7-6.5,24.8-6.5
c10.3,0,15.6,4,15.6,12.2v4c-6.1-1.6-12.3-2.4-18.6-2.3c-21.1,0-33.8,8.8-33.8,24.6C768.9,166.6,780.4,177.6,798.7,177.5
M662.5,176.2h26.7v-42.5h44.6v42.5h26.7V67.7h-26.6v41.7h-44.6V67.7h-26.7L662.5,176.2z M561,135.1c0-11.8,9.3-20.8,21.5-20.8
c6.4-0.1,12.6,2.1,17.4,6.4v28.6c-4.7,4.4-10.9,6.7-17.4,6.5C570.5,155.8,561,146.8,561,135.1 M600.2,176.1H625V62.3l-25,5.4v30.8
c-6.4-3.6-13.6-5.5-20.9-5.4c-23.9,0-42.6,18.4-42.6,42c-0.3,23,18.1,41.9,41.1,42.2c0.2,0,0.5,0,0.7,0c7.9,0,15.6-2.5,22-7.1V176.1
z M486.5,113.2c7.9,0,14.6,5.1,17.2,13h-34.2C471.9,118,478.2,113.2,486.5,113.2 M444.2,135.2c0,23.9,19.5,42.5,44.6,42.5
c13.8,0,23.9-3.7,34.3-12.4l-16.6-14.7c-3.9,4-9.6,6.2-16.4,6.2c-8.8,0.2-16.8-4.9-20.2-13h58.4v-6.2c0-26-17.5-44.8-41.4-44.8
c-23.2-0.4-42.4,18.2-42.7,41.5C444.2,134.6,444.2,134.9,444.2,135.2 M400.9,90.5c8.8,0,13.8,5.6,13.8,12.2s-5,12.2-13.8,12.2h-26.3
V90.5H400.9z M347.9,176.2h26.7v-39.5h20.3l20.5,39.5h29.7l-23.9-43.4c12.4-5,20.5-17.1,20.4-30.5c0-19.5-15.3-34.5-38.3-34.5H348
L347.9,176.2z"/>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 4.3 KiB

BIN
collections/ansible_collections/demo/reporting/roles/report_server/files/report.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.0 KiB

BIN
collections/ansible_collections/demo/reporting/roles/report_server/files/webpage_logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 45 KiB

34
collections/ansible_collections/demo/reporting/roles/report_server/tasks/linux_landing_page.yml
View File

@@ -1,34 +0,0 @@
---
- include_vars: "{{ ansible_system }}.yml"
- name: get reports
ansible.builtin.find:
paths: "{{ doc_root }}/{{ reports_dir }}"
patterns: '*.html'
register: reports
check_mode: no
- name: publish landing page
ansible.builtin.template:
src: linux_report.j2
dest: "{{ doc_root }}/index.html"
check_mode: no
- name: copy CSS over
ansible.builtin.copy:
src: "css"
dest: "{{ doc_root }}"
directory_mode: true
check_mode: no
- name: copy logos over
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ doc_root }}"
directory_mode: true
loop:
- "webpage_logo.png"
- "redhat-ansible-logo.svg"
- "report.png"
check_mode: no

6
collections/ansible_collections/demo/reporting/roles/report_server/tasks/main.yml
View File

@@ -1,6 +0,0 @@
---
- include_tasks: apache.yml
when: ansible_system == 'Linux'
- include_tasks: iis.yml
when: ansible_system == 'Win32NT'

34
collections/ansible_collections/demo/reporting/roles/report_server/tasks/windows_landing_page.yml
View File

@@ -1,34 +0,0 @@
---
- include_vars: "{{ ansible_system }}.yml"
- name: get reports
ansible.windows.win_find:
paths: "{{ doc_root }}/{{ reports_dir }}"
patterns: '*.html'
register: reports
check_mode: no
- name: publish landing page
ansible.builtin.win_template:
src: windows_report.j2
dest: "{{ doc_root }}/index.html"
check_mode: no
- name: copy CSS over
ansible.builtin.win_copy:
src: "css"
dest: "{{ doc_root }}"
directory_mode: true
check_mode: no
- name: copy logos over
ansible.builtin.win_copy:
src: "{{ item }}"
dest: "{{ doc_root }}"
directory_mode: true
loop:
- "webpage_logo.png"
- "redhat-ansible-logo.svg"
- "report.png"
check_mode: no

15
collections/ansible_collections/demo/reporting/roles/report_server/templates/header.j2
View File

@@ -1,15 +0,0 @@
<div class="wrapper">
<header>
<div class="header-container">
<a href="https://ansible.com">
<img
class="header-logo"
src="redhat-ansible-logo.svg"
title="Red Hat Ansible"
alt="Red Hat Ansible"
/>
</a>
</div>
</header>

42
collections/ansible_collections/demo/reporting/roles/report_server/templates/linux_report.j2
View File

@@ -1,42 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title> Ansible Linux Automation Report </title>
<link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
<link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="css/new.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
</head>
<body>
<div class="wrapper">
{% include 'header.j2' %}
<section>
<center>
<h1>Ansible Automation Reports</h1>
<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
</center>
<table class="table table-striped mt32 main_net_table">
<tbody>
{% for report in reports.files %}
{% set page = report.path.split('/')[-1] %}
<tr>
<td class="summary_info">
<div id="hostname">
<p class="hostname"> <img class="router_image" src="report.png"></p>
</div>
</td>
<td>
<a href="{{ reports_dir }}/{{ page }}"> {{ page }} <a>
</td>
{% endfor %}
</tbody>
</table>
<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
</center>
</section>
</div>
</body>
</html>

42
collections/ansible_collections/demo/reporting/roles/report_server/templates/windows_report.j2
View File

@@ -1,42 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title> Ansible Linux Automation Report </title>
<link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
<link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="css/new.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
</head>
<body>
<div class="wrapper">
{% include 'header.j2' %}
<section>
<center>
<h1>Ansible Automation Reports</h1>
<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
</center>
<table class="table table-striped mt32 main_net_table">
<tbody>
{% for report in reports.files %}
{% set page = report.path.split('\\')[-1] %}
<tr>
<td class="summary_info">
<div id="hostname">
<p class="hostname"> <img class="router_image" src="report.png"></p>
</div>
</td>
<td>
<a href="{{ reports_dir }}/{{ page }}"> {{ page }} <a>
</td>
{% endfor %}
</tbody>
</table>
<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
</center>
</section>
</div>
</body>
</html>

3
collections/ansible_collections/demo/reporting/roles/report_server/vars/Win32NT.yml
View File

@@ -1,3 +0,0 @@
---
doc_root: C:\Inetpub\wwwroot
reports_dir: reports

2
collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml
View File

@@ -70,7 +70,7 @@
template: template:
src: openscap_client_config.yaml.j2 src: openscap_client_config.yaml.j2
dest: /etc/foreman_scap_client/config.yaml dest: /etc/foreman_scap_client/config.yaml
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root

8
collections/requirements.yml
View File

@@ -4,7 +4,7 @@ collections:
version: 4.3.0 version: 4.3.0
- name: redhat_cop.controller_configuration - name: redhat_cop.controller_configuration
version: 2.2.5 version: 2.2.5
#linux # linux
- name: redhat.insights - name: redhat.insights
version: 1.0.7 version: 1.0.7
- name: redhat.rhel_system_roles - name: redhat.rhel_system_roles
@@ -12,18 +12,18 @@ collections:
- name: community.general - name: community.general
version: 6.3.0 version: 6.3.0
- name: containers.podman - name: containers.podman
#windows # windows
- name: chocolatey.chocolatey - name: chocolatey.chocolatey
- name: community.windows - name: community.windows
version: 1.12.0 version: 1.12.0
- name: ansible.windows - name: ansible.windows
version: 1.13.0 version: 1.13.0
#cloud # cloud
- name: azure.azcollection - name: azure.azcollection
version: 1.14.0 version: 1.14.0
- name: amazon.aws - name: amazon.aws
version: 5.2.0 version: 5.2.0
#satellite # satellite
- name: redhat.satellite - name: redhat.satellite
version: 3.8.0 version: 3.8.0
#network #network

13
linux/compliance.yml
View File

@@ -1,14 +1,15 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Apply compliance profile
hosts: "{{ _hosts | default(omit) }}"
become: true become: true
vars: vars:
compliance_profile: undef compliance_profile: undef
tasks: tasks:
- name: Check OS Type - name: Check os type
assert: ansible.builtin.assert:
that: "ansible_os_family == 'RedHat'" that: "ansible_os_family == 'RedHat'"
- name: Run Compliance Profile - name: Run compliance profile
include_role: ansible.builtin.include_role:
name: "redhatofficial.rhel{{ ansible_distribution_major_version }}_{{ compliance_profile }}" name: "redhatofficial.rhel{{ ansible_distribution_major_version }}_{{ compliance_profile }}"

38
linux/deploy_application.yml
View File

@@ -1,31 +1,31 @@
--- ---
- name: application deployment - name: Application deployment
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default('web') }}"
gather_facts: false gather_facts: false
become: true become: true
tasks: tasks:
- name: make sure application is not empty - name: Make sure application is not empty
assert: ansible.builtin.assert:
that: that:
- "application != ''" - "application != ''"
- name: printing to terminal application information - name: Printing to terminal application information
debug: ansible.builtin.debug:
msg: "This Ansible Playbook will install {{application}}" msg: "This Ansible Playbook will install {{ application }}"
- name: install application - name: Install application
dnf: ansible.builtin.dnf:
name: "{{application}}" name: "{{ application }}"
allow_downgrade: true allow_downgrade: true
register: result register: result
- name: printing to terminal application information - name: Printing to terminal application information
debug: ansible.builtin.debug:
msg: "The application: {{application}} has been installed" msg: "The application: {{ application }} has been installed"
when: result.changed|bool when: result.changed | bool
- name: printing to terminal application information - name: Printing to terminal application information
debug: ansible.builtin.debug:
msg: "The application: {{application}} was already installed" msg: "The application: {{ application }} was already installed"
when: not result.changed|bool when: not result.changed | bool

119
linux/ec2_register.yml
View File

@@ -1,72 +1,73 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Register ec2 instance with subscription mangler
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
tasks: tasks:
- name: check for vars - name: Check for vars
assert: ansible.builtin.assert:
that: that:
- org_id is defined - org_id is defined
- activation_key is defined - activation_key is defined
- org_id != '' - org_id != ''
- activation_key != '' - activation_key != ''
- org_id != 'undef' - org_id != 'undef'
- activation_key != 'undef' - activation_key != 'undef'
- name: set hostname - name: Set hostname
hostname: ansible.builtin.hostname:
name: "{{ inventory_hostname | regex_replace('_','-')}}" name: "{{ inventory_hostname | regex_replace('_', '-') }}"
# Install subscription-manager if it's not there # Install subscription-manager if it's not there
- name: Install subscription-manager - name: Install subscription-manager
ansible.builtin.yum: ansible.builtin.yum:
name: subscription-manager name: subscription-manager
state: present state: present
- name: remove rhui client packages - name: Remove rhui client packages
yum: ansible.builtin.yum:
name: rh-amazon-rhui-client* name: rh-amazon-rhui-client*
state: removed state: removed
- name: get current repos - name: Get current repos
command: ansible.builtin.command:
cmd: ls /etc/yum.repos.d/ cmd: ls /etc/yum.repos.d/
register: repos register: repos
changed_when: False changed_when: false
- name: remove existing rhui repos - name: Remove existing rhui repos
file: ansible.builtin.file:
path: "/etc/yum.repos.d/{{ item }}" path: "/etc/yum.repos.d/{{ item }}"
state: absent state: absent
loop: "{{ repos.stdout_lines }}" loop: "{{ repos.stdout_lines }}"
when: "'rhui' in item" when: "'rhui' in item"
- name: install katello package - name: Install katello package
yum: ansible.builtin.yum:
name: "https://{{ sat_url }}/pub/katello-ca-consumer-latest.noarch.rpm" name: "https://{{ sat_url }}/pub/katello-ca-consumer-latest.noarch.rpm"
state: present state: present
validate_certs: no validate_certs: false
disable_gpg_check: true disable_gpg_check: true
when: sat_url is defined when: sat_url is defined
- name: manage repos with subscription mangler - name: Manage repos with subscription mangler
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/rhsm/rhsm.conf path: /etc/rhsm/rhsm.conf
regexp: '^manage_repos' regexp: '^manage_repos'
line: 'manage_repos = 1' line: 'manage_repos = 1'
- name: register subscription mangler - name: Register subscription mangler
community.general.redhat_subscription: community.general.redhat_subscription:
state: present state: present
activationkey: "{{ activation_key }}" activationkey: "{{ activation_key }}"
org_id: "{{ org_id }}" org_id: "{{ org_id }}"
- name: configure Red Hat insights - name: Configure Red Hat insights
import_role: ansible.builtin.import_role:
name: redhat.insights.insights_client name: redhat.insights.insights_client
vars: vars:
insights_display_name: "{{ inventory_hostname }}" insights_display_name: "{{ inventory_hostname }}"
insights_tags: insights_tags:
env: "{{ env }}" env: "{{ env }}"
purpose: demo purpose: demo
group: "{{ insights_tag }}" group: "{{ insights_tag }}"

15
linux/fact_scan.yml
View File

@@ -1,12 +1,11 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Scan host for facts
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
tasks: tasks:
- name: get packages - name: Get packages
ansible.builtin.package_facts: ansible.builtin.package_facts:
- name: get services - name: Get services
ansible.builtin.service_facts: ansible.builtin.service_facts:

12
linux/hardening.yml
View File

@@ -1,6 +1,6 @@
--- ---
- name: harden linux systems - name: Harden linux systems
hosts: "{{ HOSTS | default('web') }}" hosts: "{{ _hosts | default('web') }}"
become: true become: true
vars: vars:
- harden_firewall: false - harden_firewall: false
@@ -11,21 +11,21 @@
tasks: tasks:
- name: Configure Firewall - name: Configure Firewall
when: harden_firewall | bool when: harden_firewall | bool
include_role: ansible.builtin.include_role:
name: linux-system-roles.firewall name: linux-system-roles.firewall
- name: Configure Timesync - name: Configure Timesync
when: harden_time | bool when: harden_time | bool
include_role: ansible.builtin.include_role:
name: redhat.rhel_system_roles.timesync name: redhat.rhel_system_roles.timesync
- name: SSH Hardening - name: SSH Hardening
when: harden_ssh | bool when: harden_ssh | bool
include_role: ansible.builtin.include_role:
name: dev-sec.ssh-hardening name: dev-sec.ssh-hardening
# run with --skip-tags accounts_passwords_pam_faillock_deny # run with --skip-tags accounts_passwords_pam_faillock_deny
- name: Apply PCI Baseline - name: Apply PCI Baseline
when: harden_pci | bool when: harden_pci | bool
include_role: ansible.builtin.include_role:
name: redhatofficial.rhel8_pci_dss name: redhatofficial.rhel8_pci_dss

13
linux/insights_compliance_scan.yml
View File

@@ -1,24 +1,25 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Run compliance scan with Red Hat Insights
hosts: "{{ _hosts | default(omit) }}"
become: true become: true
vars: vars:
#compliance_profile: undef # compliance_profile: undef
tasks: tasks:
- name: Check OS Type - name: Check OS Type
assert: ansible.builtin.assert:
that: "ansible_os_family == 'RedHat'" that: "ansible_os_family == 'RedHat'"
- name: Check variable values - name: Check variable values
debug: ansible.builtin.debug:
msg: "Value of compliance_profile_configured is {{ compliance_profile_configured }}" msg: "Value of compliance_profile_configured is {{ compliance_profile_configured }}"
- name: Run Insights Compliance scan - name: Run Insights Compliance scan
import_role: ansible.builtin.import_role:
name: redhat.insights.compliance name: redhat.insights.compliance
when: compliance_profile_configured == "Yes" when: compliance_profile_configured == "Yes"
- name: Notify user that Compliance scan is not being attempted - name: Notify user that Compliance scan is not being attempted
debug: ansible.builtin.debug:
msg: "User has not confirmed that all hosts are associated with an Insights Compliance profile. Scan aborted." msg: "User has not confirmed that all hosts are associated with an Insights Compliance profile. Scan aborted."
when: compliance_profile_configured == "No" when: compliance_profile_configured == "No"

4
linux/inventory.insights.yml
View File

@@ -1,11 +1,11 @@
--- ---
plugin: redhat.insights.insights plugin: redhat.insights.insights
get_patches: yes get_patches: true
groups: groups:
patch_bugs: insights_patching.rhba_count > 0 patch_bugs: insights_patching.rhba_count > 0
patch_enhancements: insights_patching.rhea_count > 0 patch_enhancements: insights_patching.rhea_count > 0
patch_security: insights_patching.rhsa_count > 0 patch_security: insights_patching.rhsa_count > 0
get_tags: yes get_tags: true
selection: none selection: none
filter_tags: filter_tags:
- insights-client/purpose=demo - insights-client/purpose=demo

72
linux/patching.yml
View File

@@ -1,43 +1,47 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Linux server patching
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
strategy: linear
vars: vars:
report_server: node1 report_server: node1
tasks: tasks:
# Install yum-utils if it's not there # Install yum-utils if it's not there
- name: Install yum-utils - name: Install yum-utils
ansible.builtin.yum: ansible.builtin.yum:
name: yum-utils name: yum-utils
state: latest state: installed
- include_role: - name: Include patching role
name: demo.patching.patch_linux ansible.builtin.include_role:
name: demo.patching.patch_linux
- name: Tell user when Insights Client is not configured - name: Tell user when Insights Client is not configured
debug: ansible.builtin.debug:
msg: "Insights client does not appear to be configured. Scan will be skipped" msg: "Insights client does not appear to be configured. Scan will be skipped"
when: when:
- ansible_local.insights.system_id is not defined - ansible_local.insights.system_id is not defined
- name: Run the Insights Client Scan - name: Run the Insights Client Scan
command: insights-client ansible.builtin.command: insights-client
when: when:
- not ansible_check_mode - not ansible_check_mode
- ansible_local.insights.system_id is defined - ansible_local.insights.system_id is defined
- block: - name: Deploy report server
delegate_to: "{{ report_server }}"
run_once: true
block:
- name: Build report server
ansible.builtin.include_role:
name: "{{ item }}"
loop:
- demo.patching.report_server
- demo.patching.report_linux
- demo.patching.report_linux_patching
- include_role: - name: Publish landing page
name: "{{ item }}" ansible.builtin.include_role:
loop: name: demo.patching.report_server
- demo.patching.report_server tasks_from: linux_landing_page
- demo.patching.report_linux
- demo.patching.report_linux_patching
- include_role:
name: demo.patching.report_server
tasks_from: linux_landing_page
delegate_to: "{{ report_server }}"
run_once: yes

38
linux/patching_report.yml
View File

@@ -1,38 +0,0 @@
---
- hosts: "{{ HOSTS }}"
become: yes
vars:
report_server: node1
tasks:
- include_role:
name: demo.patching.patch_linux
- block:
- yum:
name: httpd
state: latest
check_mode: no
- file:
path: /var/www/html/reports/
state: directory
check_mode: no
- copy:
dest: /var/www/html/reports/.htaccess
content: Options +Indexes
check_mode: no
- service:
name: httpd
state: started
check_mode: no
- include_role:
name: demo.patching.report_linux
- include_role:
name: demo.patching.report_linux_patching
delegate_to: "{{ report_server }}"
run_once: yes

81
linux/podman.yml
View File

@@ -1,54 +1,53 @@
--- ---
- name: Podman - name: Podman
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
vars: vars:
volume_path: podman volume_path: podman
message: undef message: undef
tasks: tasks:
- name: Install Podman - name: Install Podman
ansible.builtin.dnf: ansible.builtin.dnf:
name: podman name: podman
state: latest state: installed
become: yes become: true
- name: Create volume dir - name: Create volume dir
ansible.builtin.file: ansible.builtin.file:
path: "{{ volume_path }}" path: "{{ volume_path }}"
state: directory state: directory
- name: Create index.html - name: Create index.html
ansible.builtin.copy: ansible.builtin.copy:
dest: "{{ volume_path }}/index.html" dest: "{{ volume_path }}/index.html"
content: "{{ message }}" content: "{{ message }}"
- name: Run httpd container - name: Run httpd container
containers.podman.podman_container: containers.podman.podman_container:
name: apache name: apache
image: docker.io/httpd image: docker.io/httpd
state: started state: started
volume: volume:
- "./{{ volume_path }}/:/usr/local/apache2/htdocs:z" - "./{{ volume_path }}/:/usr/local/apache2/htdocs:z"
ports: ports:
- "8080:80" - "8080:80"
- name: Check Web Page - name: Check Web Page
ansible.builtin.uri: ansible.builtin.uri:
url: http://127.0.0.1:8080 url: http://127.0.0.1:8080
return_content: yes return_content: true
register: web_output register: web_output
changed_when: false changed_when: false
- name: podman ps - name: Podman ps
shell: podman ps ansible.builtin.command: podman ps
register: podman_output register: podman_output
changed_when: false changed_when: false
- name: Output - name: Output
ansible.builtin.debug: ansible.builtin.debug:
msg: msg:
- "Output of podman ps command:" - "Output of podman ps command:"
- "{{ podman_output.stdout_lines }}" - "{{ podman_output.stdout_lines }}"
- "Contents of web page:" - "Contents of web page:"
- "{{ web_output.content }}" - "{{ web_output.content }}"

16
linux/run_script.yml
View File

@@ -1,20 +1,22 @@
--- ---
- name: Run Shell Script - name: Run Shell Script
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
become: yes become: true
gather_facts: no gather_facts: false
vars: vars:
shell_script: undef shell_script: undef
tasks: tasks:
- name: Run Shell Script - name: Run Shell Script
shell: "{{ shell_script }}" ansible.builtin.shell: "{{ shell_script }}"
register: shell_output register: shell_output
tags:
- skip_ansible_lint # provided variable could require shell modele
- name: Print script output - name: Print script output
debug: ansible.builtin.debug:
var: shell_output.stdout_lines var: shell_output.stdout_lines
- debug: - name: Print message
ansible.builtin.debug:
msg: You should really consider converting this script to a playbook! msg: You should really consider converting this script to a playbook!
run_once: yes

19
linux/service_start.yml
View File

@@ -1,15 +1,16 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Start service
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
vars: vars:
service_name: undef service_name: undef
tasks: tasks:
- name: Check Service - name: Check Service
service_facts: ansible.builtin.service_facts:
- name: Start Service - name: Start Service
service: ansible.builtin.service:
name: "{{ service_name }}" name: "{{ service_name }}"
state: started state: started
when: service_name + '.service' in services when: service_name + '.service' in services

19
linux/service_stop.yml
View File

@@ -1,15 +1,16 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Stop service
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
vars: vars:
service_name: undef service_name: undef
tasks: tasks:
- name: Check Service - name: Check Service
service_facts: ansible.builtin.service_facts:
- name: Stop Service - name: Stop Service
service: ansible.builtin.service:
name: "{{ service_name }}" name: "{{ service_name }}"
state: stopped state: stopped
when: service_name + '.service' in services when: service_name + '.service' in services

66
linux/setup.yml
View File

@@ -1,6 +1,6 @@
--- ---
user_message: user_message:
- Be sure to update the 'activation_key' and 'org_id' extra variables for 'LINUX / Register with Insights'. https://access.redhat.com/management/activation_keys - Update the 'activation_key' and 'org_id' extra variables for 'LINUX / Register with Insights'. https://access.redhat.com/management/activation_keys
- Update Credential for Insights Inventory with Red Hat account. - Update Credential for Insights Inventory with Red Hat account.
- Add variables for system_roles. https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles - Add variables for system_roles. https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles
controller_components: controller_components:
@@ -53,7 +53,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
extra_vars: extra_vars:
activation_key: !unsafe "RHEL{{ ansible_distribution_major_version }}_{{ env }}" activation_key: !unsafe "RHEL{{ ansible_distribution_major_version }}_{{ env }}"
@@ -64,7 +64,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Choose Environment - question_name: Choose Environment
type: multiplechoice type: multiplechoice
@@ -93,7 +93,7 @@ controller_templates:
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -101,7 +101,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- name: "LINUX / Temporary Sudo" - name: "LINUX / Temporary Sudo"
@@ -113,7 +113,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -121,7 +121,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: User Name - question_name: User Name
type: text type: text
@@ -143,9 +143,9 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
ask_job_type_on_launch: yes ask_job_type_on_launch: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -153,7 +153,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- name: "LINUX / Start Service" - name: "LINUX / Start Service"
@@ -166,7 +166,7 @@ controller_templates:
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -174,7 +174,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Service Name - question_name: Service Name
type: text type: text
@@ -191,7 +191,7 @@ controller_templates:
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -199,7 +199,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Service Name - question_name: Service Name
type: text type: text
@@ -215,7 +215,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -223,7 +223,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Shell Script - question_name: Shell Script
type: textarea type: textarea
@@ -248,7 +248,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- name: "LINUX / Podman Webserver" - name: "LINUX / Podman Webserver"
@@ -260,7 +260,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -268,7 +268,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Web Page Message - question_name: Web Page Message
type: textarea type: textarea
@@ -284,15 +284,15 @@ controller_templates:
notification_templates_started: Telemetry notification_templates_started: Telemetry
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
diff_mode: yes diff_mode: true
ask_job_type_on_launch: yes ask_job_type_on_launch: true
extra_vars: extra_vars:
system_roles: system_roles:
- selinux - selinux
selinux_policy: targeted selinux_policy: targeted
selinux_state: enforcing selinux_state: enforcing
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -300,7 +300,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- name: "LINUX / Install Web Console (cockpit)" - name: "LINUX / Install Web Console (cockpit)"
@@ -311,10 +311,10 @@ controller_templates:
notification_templates_started: Telemetry notification_templates_started: Telemetry
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
diff_mode: yes diff_mode: true
ask_job_type_on_launch: yes ask_job_type_on_launch: true
extra_vars: extra_vars:
system_roles: system_roles:
- cockpit - cockpit
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
@@ -325,7 +325,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Cockpit package load - question_name: Cockpit package load
type: multiplechoice type: multiplechoice
@@ -346,7 +346,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
extra_vars: extra_vars:
sudo_remove_nopasswd: false sudo_remove_nopasswd: false
survey_enabled: true survey_enabled: true
@@ -356,7 +356,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Compliance Profile - question_name: Compliance Profile
type: multiplechoice type: multiplechoice
@@ -371,7 +371,7 @@ controller_templates:
project: "Ansible official demo project" project: "Ansible official demo project"
playbook: "linux/insights_compliance_scan.yml" playbook: "linux/insights_compliance_scan.yml"
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -379,7 +379,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Have you associated a compliance profile in the Insights Console for all hosts to be scanned? If not, then the scan will fail. - question_name: Have you associated a compliance profile in the Insights Console for all hosts to be scanned? If not, then the scan will fail.
type: multiplechoice type: multiplechoice
@@ -400,7 +400,7 @@ controller_templates:
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -408,7 +408,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: true required: true
- question_name: Application Package Name - question_name: Application Package Name
type: text type: text

6
linux/system_roles.yml
View File

@@ -1,14 +1,14 @@
--- ---
- name: Apply RHEL System Roles - name: Apply RHEL System Roles
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
become: true become: true
vars: vars:
system_roles: undef system_roles: undef
tasks: tasks:
- name: Apply System Roles - name: Apply System Roles
include_role: ansible.builtin.include_role:
name: "redhat.rhel_system_roles.{{ item }}" name: "redhat.rhel_system_roles.{{ item }}"
loop: "{{ system_roles }}" loop: "{{ system_roles }}"
when: when:
- system_roles | d("") | length > 0 - system_roles | d("") | length > 0

20
linux/temp_sudo.yml
View File

@@ -1,8 +1,8 @@
--- ---
- name: Temporary Sudo - name: Temporary Sudo
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
become: yes become: true
gather_facts: no gather_facts: false
vars: vars:
sudo_cleanup: true sudo_cleanup: true
sudo_user: undef sudo_user: undef
@@ -11,31 +11,31 @@
tasks: tasks:
- name: Check if sudo user exists on system - name: Check if sudo user exists on system
getent: ansible.builtin.getent:
database: passwd database: passwd
key: "{{ sudo_user }}" key: "{{ sudo_user }}"
- name: Check Cleanup package - name: Check Cleanup package
yum: ansible.builtin.yum:
name: at name: at
state: present state: present
- name: Check Cleanup Service - name: Check Cleanup Service
service: ansible.builtin.service:
name: atd name: atd
state: started state: started
- name: Create Sudo Rule - name: Create Sudo Rule
copy: ansible.builtin.copy:
dest: "/etc/sudoers.d/{{ sudo_user }}" dest: "/etc/sudoers.d/{{ sudo_user }}"
owner: root owner: root
group: root group: root
mode: 0640 mode: "0640"
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL" content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
- name: Set Permission Cleanup - name: Set Permission Cleanup
at: ansible.posix.at:
command: "rm /etc/sudoers.d/{{ sudo_user }}" command: "rm /etc/sudoers.d/{{ sudo_user }}"
count: "{{ sudo_time }}" count: "{{ sudo_time }}"
units: "{{ sudo_units }}" units: "{{ sudo_units }}"
when: sudo_cleanup|bool when: sudo_cleanup | bool

30
linux/tshoot.yml
View File

@@ -1,29 +1,29 @@
--- ---
- name: gather debug info - name: Gather debug info
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
become: yes become: true
tasks: tasks:
- name: Gather recent vmstat info - name: Gather recent vmstat info
command: /bin/vmstat 1 5 ansible.builtin.command: /bin/vmstat 1 5
register: vmstat register: vmstat
- name: Gather top CPU hogs - name: Gather top CPU hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu
register: pscpu register: pscpu
- name: Gather top memory hogs - name: Gather top memory hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-size ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-size
register: pssize register: pssize
- name: Swap + wait states - name: Swap + wait states
debug: ansible.builtin.debug:
var: vmstat.stdout_lines var: vmstat.stdout_lines
- name: Top 3 CPU hogs - name: Top 3 CPU hogs
debug: ansible.builtin.debug:
var: pscpu.stdout_lines[:4] var: pscpu.stdout_lines[:4]
- name: Top 3 memory hogs - name: Top 3 memory hogs
debug: ansible.builtin.debug:
var: pssize.stdout_lines[:4] var: pssize.stdout_lines[:4]

6
network/report.yml
View File

@@ -4,7 +4,7 @@
# https://github.com/network-automation/toolkit/blob/master/roles/build_report/tasks/main.yml # https://github.com/network-automation/toolkit/blob/master/roles/build_report/tasks/main.yml
- name: Collect facts - name: Collect facts
hosts: "{{ HOSTS }}" hosts: "{{ _hosts | default(omit) }}"
gather_facts: false gather_facts: false
tasks: tasks:
@@ -32,7 +32,7 @@
# ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}" # ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}"
- hosts: node1 - hosts: node1
become: yes become: true
vars: vars:
report_server: node1 report_server: node1
web_path: /var/www/html/reports/ web_path: /var/www/html/reports/
@@ -50,7 +50,7 @@
loop: loop:
- demo.patching.report_server - demo.patching.report_server
- demo.patching.build_report_network - demo.patching.build_report_network
- ansible.builtin.include_role: - ansible.builtin.include_role:
name: demo.patching.report_server name: demo.patching.report_server
tasks_from: linux_landing_page tasks_from: linux_landing_page

10
network/setup.yml
View File

@@ -14,8 +14,8 @@ controller_projects:
organization: Default organization: Default
scm_type: git scm_type: git
scm_url: https://github.com/nleiva/ansible-net-modules scm_url: https://github.com/nleiva/ansible-net-modules
update_project: yes update_project: true
wait: yes wait: true
controller_inventories: controller_inventories:
- name: Network Inventory - name: Network Inventory
@@ -47,7 +47,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
ask_limit_on_launch: true ask_limit_on_launch: true
use_fact_cache: yes use_fact_cache: true
survey: survey:
name: '' name: ''
description: '' description: ''
@@ -79,7 +79,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
use_fact_cache: true use_fact_cache: true
ask_job_type_on_launch: yes ask_job_type_on_launch: true
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
@@ -89,7 +89,7 @@ controller_templates:
spec: spec:
- question_name: What devices do you want to include in the report? - question_name: What devices do you want to include in the report?
type: multiplechoice type: multiplechoice
variable: HOSTS variable: _hosts
default: routers default: routers
required: true required: true
choices: choices:

17
satellite/server_openscap.yml
View File

@@ -1,16 +1,17 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Run openSCAP scan
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
vars: vars:
policy_name: all policy_name: all
roles: roles:
- demo.satellite.scap_client - demo.satellite.scap_client
tasks: tasks:
- name: Randomized startup delay... - name: Randomized startup delay...
pause: seconds="{{ 5 | random }}" ansible.builtin.pause: seconds="{{ 5 | random }}"
- name: "Run SCAP Scan" - name: Run SCAP Scan
shell: "/usr/bin/foreman_scap_client {{ item.id }}" ansible.builtin.shell: "/usr/bin/foreman_scap_client {{ item.id }}"
loop: "{{ policy }}" loop: "{{ policy }}"
when: policy_scan == 'all' or item.name in policy_scan when: policy_scan == 'all' or item.name in policy_scan

7
satellite/server_register.yml
View File

@@ -1,8 +1,9 @@
--- ---
- hosts: "{{ HOSTS }}" - name: Register host to Satellite
become: yes hosts: "{{ _hosts | default(omit) }}"
become: true
vars: vars:
# env: undef # env: undef
satellite_url: "{{ lookup('ansible.builtin.env', 'SATELLITE_SERVER') }}" satellite_url: "{{ lookup('ansible.builtin.env', 'SATELLITE_SERVER') }}"
roles: roles:
- demo.satellite.register_host - demo.satellite.register_host

14
satellite/setup.yml
View File

@@ -205,7 +205,7 @@ controller_launch_jobs:
####################### #######################
### Satellite Vars ### ### Satellite Vars ###
###################### ######################
satellite_components: satellite_components:
- content_views - content_views
#- content_view_publish #- content_view_publish
- lifecycle_environments - lifecycle_environments
@@ -229,12 +229,12 @@ satellite_content_views:
- name: RHEL8 - name: RHEL8
content_view: RHEL8 content_view: RHEL8
repositories: repositories:
- name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS RPMs 8 - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS RPMs 8
product: Red Hat Enterprise Linux for x86_64 product: Red Hat Enterprise Linux for x86_64
- name: Red Hat Enterprise Linux 8 for x86_64 - AppStream RPMs 8 - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream RPMs 8
product: Red Hat Enterprise Linux for x86_64 product: Red Hat Enterprise Linux for x86_64
- name: Red Hat Satellite Client 6 for RHEL 8 x86_64 RPMs - name: Red Hat Satellite Client 6 for RHEL 8 x86_64 RPMs
product: Red Hat Enterprise Linux for x86_64 product: Red Hat Enterprise Linux for x86_64
satellite_lifecycle_environments: satellite_lifecycle_environments:
# Red Hat Enterprise Linux 7 # Red Hat Enterprise Linux 7

2
satellite/setup_satellite.yml
View File

@@ -49,6 +49,6 @@
name: RHEL7_STIG name: RHEL7_STIG
organizations: "{{ satellite_organization }}" organizations: "{{ satellite_organization }}"
scap_file: "{{ item }}" scap_file: "{{ item }}"
loop: loop:
- files/ssg-rhel7-ds-tailoring.xml - files/ssg-rhel7-ds-tailoring.xml
- files/ssg-rhel8-ds-tailoring-stig-gui.xml - files/ssg-rhel8-ds-tailoring-stig-gui.xml

2
setup_demo.yml
View File

@@ -54,7 +54,7 @@
- name: "SESSION_COOKIE_AGE" - name: "SESSION_COOKIE_AGE"
value: 180000 value: 180000
- name: "include configuration for {{ demo }}" - name: "Include configuration for {{ demo }}"
ansible.builtin.include_vars: "{{ demo }}/setup.yml" ansible.builtin.include_vars: "{{ demo }}/setup.yml"
- name: Demo Components - name: Demo Components

2
windows/backup.yml
View File

@@ -3,5 +3,5 @@
name: Rollback playbook name: Rollback playbook
tasks: tasks:
- name: "Rollback this step" - name: "Rollback this step"
debug: ansible.builtin.debug:
msg: "Rolling back this step" msg: "Rolling back this step"

80
windows/create_ad_domain.yml
View File

@@ -1,50 +1,50 @@
--- ---
- name: Create Active Directory domain - name: Create Active Directory domain
hosts: "{{ HOSTS | default('os_windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
tasks: tasks:
- name: Set Local Admin Password - name: Set Local Admin Password
ansible.windows.win_user: ansible.windows.win_user:
name: Administrator name: Administrator
password: "{{ ansible_password }}" password: "{{ ansible_password }}"
- name: Create new domain in a new forest on the target host - name: Create new domain in a new forest on the target host
ansible.windows.win_domain: ansible.windows.win_domain:
dns_domain_name: ansible.local dns_domain_name: ansible.local
safe_mode_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" safe_mode_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}"
register: new_forest register: new_forest
- name: Reboot the target host - name: Reboot the target host
ansible.windows.win_reboot: ansible.windows.win_reboot:
reboot_timeout: 3600 reboot_timeout: 3600
when: new_forest.reboot_required when: new_forest.reboot_required
- name: Wait up to 10min for AD web services to start - name: Wait up to 10min for AD web services to start
community.windows.win_wait_for_process: community.windows.win_wait_for_process:
process_name_exact: Microsoft.ActiveDirectory.WebServices process_name_exact: Microsoft.ActiveDirectory.WebServices
pre_wait_delay: 60 pre_wait_delay: 60
state: present state: present
timeout: 600 timeout: 600
sleep: 10 sleep: 10
remote_user: Administrator remote_user: Administrator
- name: Create some groups - name: Create some groups
community.windows.win_domain_group: community.windows.win_domain_group:
name: "{{ item.name }}" name: "{{ item.name }}"
scope: global scope: global
loop: loop:
- { name: "GroupA" } - { name: "GroupA" }
- { name: "GroupB" } - { name: "GroupB" }
- { name: "GroupC" } - { name: "GroupC" }
- name: Create some users - name: Create some users
community.windows.win_domain_user: community.windows.win_domain_user:
name: "{{ item.name }}" name: "{{ item.name }}"
groups: "{{ item.groups }}" groups: "{{ item.groups }}"
password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}"
update_password: on_create update_password: on_create
loop: loop:
- { name: "UserA", groups: "GroupA" } - { name: "UserA", groups: "GroupA" }
- { name: "UserB", groups: "GroupB" } - { name: "UserB", groups: "GroupB" }
- { name: "UserC", groups: "GroupC" } - { name: "UserC", groups: "GroupC" }

62
windows/helpdesk_new_user_portal.yml
View File

@@ -1,39 +1,39 @@
--- ---
- name: Helpdesk new user portal - name: Helpdesk new user portal
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('windows') }}"
gather_facts: false gather_facts: false
tasks: tasks:
- name: Setting host facts using complex arguments - name: Setting host facts using complex arguments
set_fact: ansible.builtin.set_fact:
temp_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" temp_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}"
# Example result: ['&Qw2|E[-'] # Example result: ['&Qw2|E[-']
- name: Create new user - name: Create new user
community.windows.win_domain_user: community.windows.win_domain_user:
name: "{{ firstname }} {{ surname }}" name: "{{ firstname }} {{ surname }}"
firstname: "{{ firstname }}" firstname: "{{ firstname }}"
surname: "{{ surname }}" surname: "{{ surname }}"
sam_account_name: "{{ firstname[0] }}{{ surname }}" sam_account_name: "{{ firstname[0] }}{{ surname }}"
company: BobCo company: BobCo
password: "{{ temp_password }}" password: "{{ temp_password }}"
state: present state: present
groups: groups:
- "GroupA" - "GroupA"
- "GroupB" - "GroupB"
street: "{{ street }}" street: "{{ street }}"
city: "{{ city }}" city: "{{ city }}"
state_province: IN state_province: IN
postal_code: "{{ postal_code }}" postal_code: "{{ postal_code }}"
country: US country: US
attributes: attributes:
telephoneNumber: "{{ telephone_number }}" telephoneNumber: "{{ telephone_number }}"
register: new_user register: new_user
- name: Display User - name: Display User
debug: ansible.builtin.debug:
var: new_user var: new_user
- name: Show temp password - name: Show temp password
debug: ansible.builtin.debug:
var: temp_password var: temp_password

10
windows/install_iis.yml
View File

@@ -1,25 +1,25 @@
--- ---
- name: Install IIS - name: Install IIS
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('windows') }}"
vars: vars:
iis_message: undef iis_message: undef
tasks: tasks:
- name: Install IIS - name: Install IIS
win_feature: ansible.windows.win_feature:
name: Web-Server name: Web-Server
state: present state: present
- name: Start IIS service - name: Start IIS service
win_service: ansible.windows.win_service:
name: W3Svc name: W3Svc
state: started state: started
- name: Create website index.html - name: Create website index.html
win_copy: ansible.windows.win_copy:
content: "{{ iis_message }}" content: "{{ iis_message }}"
dest: C:\Inetpub\wwwroot\index.html dest: C:\Inetpub\wwwroot\index.html
- name: Show website address - name: Show website address
debug: ansible.builtin.debug:
msg: http://{{ ansible_host }} msg: http://{{ ansible_host }}

39
windows/patching.yml
View File

@@ -1,25 +1,28 @@
--- ---
- name: Windows updates - name: Windows updates
hosts: "{{ HOSTS | default('os_windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
strategy: linear
vars: vars:
report_server: win1 report_server: win1
tasks: tasks:
- include_role: - name: Patch windows server
name: demo.patching.patch_windows ansible.builtin.include_role:
name: demo.patching.patch_windows
- block: - name: Build report server
delegate_to: "{{ report_server }}"
run_once: true
block:
- name: Install report server
ansible.builtin.include_role:
name: "{{ item }}"
loop:
- demo.patching.report_server
- demo.patching.report_windows
- demo.patching.report_windows_patching
- include_role: - name: Update landing page
name: "{{ item }}" ansible.builtin.include_role:
loop: name: demo.patching.report_server
- demo.patching.report_server tasks_from: windows_landing_page
- demo.patching.report_windows
- demo.patching.report_windows_patching
- include_role:
name: demo.patching.report_server
tasks_from: windows_landing_page
delegate_to: "{{ report_server }}"
run_once: yes

17
windows/powershell.yml
View File

@@ -1,16 +1,17 @@
--- ---
- name: Run PowerShell - name: Run PowerShell
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
vars: vars:
ps_script: undef ps_script: undef
tasks: tasks:
- name: Run PowerShell - name: Run PowerShell
ansible.windows.win_powershell: ansible.windows.win_powershell:
script: | script: |
{{ ps_script }} {{ ps_script }}
register: ps_output register: ps_output
- debug: - name: Print output
msg: "{{ ps_output.output }}" ansible.builtin.debug:
msg: "{{ ps_output.output }}"

66
windows/powershell_dsc.yml
View File

@@ -1,42 +1,42 @@
--- ---
- name: PowerShell DSC - name: PowerShell DSC
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
tasks: tasks:
- name: Setup the SecurityPolicyDSC module - name: Setup the SecurityPolicyDSC module
community.windows.win_psmodule: community.windows.win_psmodule:
name: SecurityPolicyDSC name: SecurityPolicyDSC
module_version: 2.10.0.0 module_version: 2.10.0.0
state: present state: present
accept_license: yes accept_license: true
- name: Set password history
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Enforce_password_history
Enforce_password_history: 24
- name: Set maximum password age - name: Set password history
ansible.windows.win_dsc: ansible.windows.win_dsc:
resource_name: AccountPolicy resource_name: AccountPolicy
Name: Maximum_Password_Age Name: Enforce_password_history
Maximum_Password_Age: 60 Enforce_password_history: 24
- name: Set minimum password age - name: Set maximum password age
ansible.windows.win_dsc: ansible.windows.win_dsc:
resource_name: AccountPolicy resource_name: AccountPolicy
Name: Minimum_Password_Age Name: Maximum_Password_Age
Maximum_Password_Age: 20 Maximum_Password_Age: 60
- name: Set minimum password length - name: Set minimum password age
ansible.windows.win_dsc: ansible.windows.win_dsc:
resource_name: AccountPolicy resource_name: AccountPolicy
Name: Minimum_Password_Length Name: Minimum_Password_Age
Maximum_Password_Age: 8 Maximum_Password_Age: 20
- name: Set password complexity requirements - name: Set minimum password length
ansible.windows.win_dsc: ansible.windows.win_dsc:
resource_name: AccountPolicy resource_name: AccountPolicy
Name: Password_must_meet_complexity_requirements Name: Minimum_Password_Length
Password_must_meet_complexity_requirements: Enabled Maximum_Password_Age: 8
- name: Set password complexity requirements
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Password_must_meet_complexity_requirements
Password_must_meet_complexity_requirements: Enabled

30
windows/powershell_script.yml
View File

@@ -1,20 +1,22 @@
--- ---
- name: PowerShell Script - name: PowerShell Script
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
vars: vars:
remote_dest: "C:\\query_services.ps1" remote_dest: "C:\\query_services.ps1"
tasks:
- name: Copy script to remote
ansible.windows.win_copy:
src: "{{playbook_dir}}/query_services.ps1"
dest: "{{ remote_dest }}"
- name: Run Script
ansible.windows.win_powershell:
script: |
{{ remote_dest }} -ServiceState {{ service_state }}
register: ps_output
- debug: tasks:
var: ps_output - name: Copy script to remote
ansible.windows.win_copy:
src: "{{ playbook_dir }}/query_services.ps1"
dest: "{{ remote_dest }}"
- name: Run Script
ansible.windows.win_powershell:
script: |
{{ remote_dest }} -ServiceState {{ service_state }}
register: ps_output
- name: Print output
ansible.builtin.debug:
var: ps_output

38
windows/setup.yml
View File

@@ -22,7 +22,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -30,7 +30,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- question_name: web content - question_name: web content
type: text type: text
@@ -40,7 +40,7 @@ controller_templates:
- name: "WINDOWS / Patching" - name: "WINDOWS / Patching"
use_fact_cache: true use_fact_cache: true
job_type: check job_type: check
ask_job_type_on_launch: yes ask_job_type_on_launch: true
inventory: "Workshop Inventory" inventory: "Workshop Inventory"
project: "Ansible official demo project" project: "Ansible official demo project"
playbook: "windows/patching.yml" playbook: "windows/patching.yml"
@@ -49,7 +49,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -57,7 +57,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- question_name: Update categories - question_name: Update categories
type: multiselect type: multiselect
@@ -94,7 +94,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -102,7 +102,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- name: "WINDOWS / Chocolatey install specific" - name: "WINDOWS / Chocolatey install specific"
@@ -114,7 +114,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -122,7 +122,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- question_name: Package name - question_name: Package name
type: text type: text
@@ -138,7 +138,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -146,9 +146,9 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- question_name: PowerShell Script - question_name: PowerShell Script
type: textarea type: textarea
variable: ps_script variable: ps_script
default: "Get-Service | Where-Object -FilterScript {$_.Status -eq 'running'} | Select-Object -Property 'Name'" default: "Get-Service | Where-Object -FilterScript {$_.Status -eq 'running'} | Select-Object -Property 'Name'"
@@ -163,7 +163,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -171,7 +171,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- question_name: Service state to query? - question_name: Service state to query?
type: multiplechoice type: multiplechoice
@@ -191,7 +191,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -199,7 +199,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- name: "WINDOWS / AD /Create Domain" - name: "WINDOWS / AD /Create Domain"
@@ -211,7 +211,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''
@@ -219,7 +219,7 @@ controller_templates:
spec: spec:
- question_name: Server Name or Pattern - question_name: Server Name or Pattern
type: text type: text
variable: HOSTS variable: _hosts
required: false required: false
- name: "WINDOWS / AD / New User" - name: "WINDOWS / AD / New User"
@@ -231,7 +231,7 @@ controller_templates:
notification_templates_success: Telemetry notification_templates_success: Telemetry
notification_templates_error: Telemetry notification_templates_error: Telemetry
credentials: credentials:
- "Workshop Credential" - "Workshop Credential"
survey_enabled: true survey_enabled: true
survey: survey:
name: '' name: ''

32
windows/snow.yml
View File

@@ -1,32 +0,0 @@
---
- name: open a change request
hosts: student1-ansible-1
vars:
change_request:
severity: 2
priority: 2
description: Automated Provisioning
justification: Ansible Triggered
implementation_plan: Updated by Red Hat AAP
risk_impact_analysis: Changes are made automatically based on approved changes
test_plan: Run synthetic validation tests post-deployment
short_description: Automated Provisioning
tasks:
- name: Create a change request
servicenow.itsm.change_request:
instance:
host: "https://{{ snow_instance }}.service-now.com"
username: "{{ snow_username }}"
password: "{{ snow_password }}"
type: standard
state: new
requested_by: admin
short_description: "{{ change_request.short_description }}"
description: "{{ change_request.description }}"
priority: moderate
risk: low
impact: low
register: new_incident
- debug:
var: new_incident.record.number

33
windows/windows_choco_multiple.yml
View File

@@ -1,27 +1,28 @@
--- ---
- name: Chocolatey install multiple - name: Chocolatey install multiple
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
vars: vars:
choco_packages: choco_packages:
- name: nodejs - name: nodejs
- name: python - name: python
tasks: tasks:
- name: Install specific versions of packages sequentially - name: Install specific versions of packages sequentially
win_chocolatey: chocolatey.chocolatey.win_chocolatey:
name: "{{ item.name }}" name: "{{ item.name }}"
state: latest state: installed
loop: "{{ choco_packages }}" loop: "{{ choco_packages }}"
- name: Check python version - name: Check python version
win_command: python --version ansible.windows.win_command: python --version
register: check_python_version register: check_python_version
changed_when: false changed_when: false
- name: Check nodejs version - name: Check nodejs version
win_command: node --version ansible.windows.win_command: node --version
register: check_node_version register: check_node_version
changed_when: false changed_when: false
- debug: - name: Print message
msg: Python Version is {{ check_python_version.stdout_lines[0] }} and NodeJS version is {{ check_node_version.stdout_lines[0] }} ansible.builtin.debug:
msg: Python Version is {{ check_python_version.stdout_lines[0] }} and NodeJS version is {{ check_node_version.stdout_lines[0] }}

8
windows/windows_choco_specific.yml
View File

@@ -1,9 +1,9 @@
--- ---
- name: Chocolatey install specific - name: Chocolatey install specific
hosts: "{{ HOSTS | default('windows') }}" hosts: "{{ _hosts | default('os_windows') }}"
gather_facts: false gather_facts: false
tasks: tasks:
- name: Install choco package with specific version - name: Install choco package with specific version
win_chocolatey: chocolatey.chocolatey.win_chocolatey:
name: "{{ package_name }}" name: "{{ package_name }}"