149 lines
7.2 KiB
YAML
149 lines
7.2 KiB
YAML
---
|
|
|
|
install_updates: true
|
|
remove_apps: false
|
|
clean_up_components: true
|
|
upgrade_powershell: false
|
|
powershell_target_version: 3.0
|
|
default_temp_directory: 'C:\Windows\Temp'
|
|
update_retry_limit: 10
|
|
upgrade_wait_timeout: 600
|
|
|
|
win_update_server: '' #wsus server ip/hostname
|
|
|
|
set_network_to_private: "([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}'))).GetNetworkConnections() | % {$_.GetNetwork().SetCategory(1)}"
|
|
expand_disk: !unsafe "$i=(gwmi -n root/cimv2 Win32_DiskPartition|?{$_.BootPartition }).Index;'sel dis 0',\\\"sel par $($i*2+2)\\\",'extend'|& diskpart *>$null"
|
|
|
|
win2008_hotfixes:
|
|
# this update is needed to support ssl support on Windows Server 2008 R2
|
|
- kb: KB4474419
|
|
file: windows6.1-kb4474419-v3-x64_b5614c6cea5cb4e198717789633dca16308ef79c.msu
|
|
url: http://catalog.s.download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows6.1-kb4474419-v3-x64_b5614c6cea5cb4e198717789633dca16308ef79c.msu
|
|
# this is servicing stack update to enable any recent updates
|
|
- kb: KB3080079
|
|
file: Windows6.1-KB3080079-x64.msu
|
|
url: https://download.microsoft.com/download/F/4/1/F4154AD2-2119-48B4-BF99-CC15F68E110D/Windows6.1-KB3080079-x64.msu
|
|
|
|
win2012_hotfixes:
|
|
os_6_2:
|
|
- kb: KB2901982
|
|
file: windows8-rt-kb2901982-x64_21dae8200edae3339a8c8580e516e00d7dacdfe3.msu
|
|
url: http://catalog.s.download.windowsupdate.com/d/msdownload/update/software/ftpk/2015/01/windows8-rt-kb2901982-x64_21dae8200edae3339a8c8580e516e00d7dacdfe3.msu
|
|
os_6_3:
|
|
# this update is needed to enable .NET clients to use https (tslv12) on Windows 8.1 and Windows Server 2012 R2
|
|
# see https://www.microsoft.com/en-us/download/confirmation.aspx?id=42883
|
|
- kb: KB2978041
|
|
file: windows8.1-kb2978041-x64_93d7dd68c7487670c0ab4d5eb154a0ef5e40a306.msu
|
|
url: http://download.windowsupdate.com/c/msdownload/update/software/secu/2014/09/windows8.1-kb2978041-x64_93d7dd68c7487670c0ab4d5eb154a0ef5e40a306.msu
|
|
# this is servicing stack update to enable any recent updates
|
|
- kb: KB5018922
|
|
file: windows8.1-kb5018922-x64_3aa7832b7586e11304f8fee5e09b6829b32d1833.msu
|
|
url: https://catalog.s.download.windowsupdate.com/c/msdownload/update/software/secu/2022/10/windows8.1-kb5018922-x64_3aa7832b7586e11304f8fee5e09b6829b32d1833.msu
|
|
# this a security update, it updates cipher suite for TLS, which prevents 'SSL: DH_KEY_TOO_SMALL' error with credssp
|
|
- kb: KB3042058
|
|
file: windows8.1-kb3042058-x64_c73bfac2ad93aed131627e7482bacbd89d0a0850.msu
|
|
url: https://catalog.s.download.windowsupdate.com/d/msdownload/update/software/secu/2015/09/windows8.1-kb3042058-x64_c73bfac2ad93aed131627e7482bacbd89d0a0850.msu
|
|
enable_winrm: true
|
|
|
|
win2008_hotfixes_archived:
|
|
# no longer available
|
|
# enable tls support hotfix:
|
|
- kb: kb3154518
|
|
file: windows6.1-kb3154518-x64.msu
|
|
url: http://download.microsoft.com/download/6/8/0/680ee424-358c-4fdf-a0de-b45dee07b711/windows6.1-kb3154518-x64.msu
|
|
# fix: https://support.microsoft.com/en-us/topic/security-and-quality-rollup-for-net-framework-3-5-1-for-windows-7-sp1-and-windows-server-2008-r2-sp1-kb-4040980-71f9f600-4878-a9d4-6b36-93cafad2eefe
|
|
# enable tls support hotfix:
|
|
- kb: kb4040980
|
|
file: windows6.1-kb4040980-x64_83282fb5210091802984ead0d4175879056d602c.msu
|
|
url: http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/09/windows6.1-kb4040980-x64_83282fb5210091802984ead0d4175879056d602c.msu
|
|
|
|
win2012_hotfixes_archived:
|
|
# no longer available
|
|
# dot net security hotfix:
|
|
- kb: KB2898850
|
|
file: Windows8.1-KB2898850-x64.msu
|
|
url: http://download.microsoft.com/download/C/6/9/C690CC33-18F7-405D-B18A-0A8E199E531C/Windows8.1-KB2898850-x64.msu
|
|
# superseded
|
|
# dot net security hotfix:
|
|
- kb: KB2898850
|
|
file: windows8.1-kb2898850-x64_9ffdfdeac9011569d1b14cf2dbf926257c50186d.msu
|
|
url: http://download.windowsupdate.com/d/msdownload/update/software/secu/2014/04/windows8.1-kb2898850-x64_9ffdfdeac9011569d1b14cf2dbf926257c50186d.msu
|
|
|
|
winrm_enable_script_url: https://raw.githubusercontent.com/ansible/ansible-documentation/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
|
|
enable_winrm_command: "& $([scriptblock]::Create((New-Object Net.WebClient).DownloadString('{{ winrm_enable_script_url }}'))) -ForceNewSSLCert -EnableCredSSP"
|
|
|
|
windows_update_agent_url: http://download.windowsupdate.com/windowsupdate/redist/standalone/7.6.7600.320/windowsupdateagent-7.6-x64.exe
|
|
|
|
#sdelete_download_url: http://web.archive.org/web/20140902022253/http://download.sysinternals.com/files/SDelete.zip
|
|
bleachbit_download_url: https://download.bleachbit.org/BleachBit-4.0.0-portable.zip
|
|
sdelete_download_url: https://download.sysinternals.com/files/SDelete.zip
|
|
ultradefrag_download_url: https://downloads.sourceforge.net/project/ultradefrag/stable-release/7.1.4/ultradefrag-portable-7.1.4.bin.amd64.zip
|
|
|
|
enable_auto_logon: true
|
|
|
|
target_ovirt: false
|
|
target_qemu: false
|
|
target_ec2: false
|
|
target_vagrant: false
|
|
target_openstack: false
|
|
|
|
bleachbit_clean: true
|
|
bleachbit_free_disk_space: true
|
|
|
|
ec2_ena_driver_role: oatakan.windows_ec2_ena_driver
|
|
ovirt_guest_agent_role: oatakan.windows_ovirt_guest_agent
|
|
virtio_role: oatakan.windows_virtio
|
|
vmware_tools_role: oatakan.windows_vmware_tools
|
|
virtualbox_guest_additions_role: oatakan.windows_virtualbox_guest_additions
|
|
parallels_tools_role: oatakan.windows_parallels_tools
|
|
windows_configure_update_role: oatakan.windows_configure_update
|
|
windows_update_role: oatakan.windows_update
|
|
windows_powershell_upgrade_role: oatakan.windows_powershell_upgrade
|
|
windows_hotfix_role: oatakan.windows_hotfix
|
|
|
|
policy:
|
|
allow_unauthenticated_guest_access: false
|
|
disable_eos_reminder: true
|
|
install_webclient_service: false # installed on workstation by default, only applies to server
|
|
|
|
webclient_maximum_file_size: 0xffffffff # 4GB default value is 50 MB
|
|
|
|
local_administrator_password: Chang3MyP@ssw0rd21
|
|
local_account_username: ansible
|
|
local_account_password: Chang3MyP@ssw0rd21
|
|
|
|
shutdown_instance: true
|
|
|
|
winsxs_cleanmgr_file:
|
|
2008r2: '{{ ansible_env.windir }}\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe'
|
|
2012: '{{ ansible_env.windir }}\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.2.9200.16384_none_c60dddc5e750072a\cleanmgr.exe'
|
|
winsxs_cleanmgr_mui_file:
|
|
2008r2: '{{ ansible_env.windir }}\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui'
|
|
2012: '{{ ansible_env.windir }}\WinSxS\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.2.9200.16384_en-us_b6a01752226afbb3\cleanmgr.exe.mui'
|
|
|
|
cleanup_registry_keys:
|
|
- Active Setup Temp Folders
|
|
- BranchCache
|
|
- Downloaded Program Files
|
|
- Internet Cache Files
|
|
- Memory Dump Files
|
|
- Old ChkDsk Files
|
|
- Previous Installations
|
|
- Recycle Bin
|
|
- Service Pack Cleanup
|
|
- Setup Log Files
|
|
- System error memory dump files
|
|
- System error minidump files
|
|
- Temporary Files
|
|
- Temporary Setup Files
|
|
- Thumbnail Cache
|
|
- Update Cleanup
|
|
- Upgrade Discarded Files
|
|
- User file versions
|
|
- Windows Defender
|
|
- Windows Error Reporting Archive Files
|
|
- Windows Error Reporting Queue Files
|
|
- Windows Error Reporting System Archive Files
|
|
- Windows Error Reporting System Queue Files
|
|
- Windows ESD installation files
|
|
- Windows Upgrade Log Files |