Commit | Line | Data |
---|---|---|
d82e5cee KS |
1 | --- |
2 | ||
3 | - name: Install OpenSSH | |
4 | ansible.windows.win_feature: | |
5 | name: OpenSSH | |
6 | state: present | |
7 | # This depends on Get-WindowsFeature, provided by RSAT. Not currently available on arm | |
8 | when: ansible_architecture != 'ARM 64-bit Processor' | |
9 | - name: Run OpenSSH automatically | |
10 | ansible.windows.win_service: | |
11 | name: sshd | |
12 | start_mode: auto | |
13 | state: started | |
14 | - name: Turn off standy | |
15 | ansible.windows.win_command: 'C:\Windows\system32\powercfg.exe /change standby-timeout-ac 0' | |
16 | - name: Turn off hibernation | |
17 | ansible.windows.win_command: 'C:\Windows\system32\powercfg.exe /hibernate off' | |
18 | - name: Turn off disk timeouts | |
19 | ansible.windows.win_command: 'C:\Windows\system32\powercfg.exe /change disk-timeout-ac 0' | |
20 | - name: Install powershell | |
21 | ansible.windows.win_package: | |
22 | path: 'https://github.com/PowerShell/PowerShell/releases/download/v7.3.4/PowerShell-7.3.4-win-x64.msi' | |
23 | state: 'present' | |
24 | # get-wmiobject Win32_Product | |
25 | product_id: '{11479679-5C7F-477F-869F-3ED956CE684D}' | |
26 | - name: Set powershell 7 as the default shell for OpenSSH | |
27 | ansible.windows.win_regedit: | |
28 | path: 'HKLM:\SOFTWARE\OpenSSH' | |
29 | name: 'DefaultShell' | |
30 | data: 'c:/progra~1/powershell/7/pwsh.exe' | |
31 | - name: Join domain | |
32 | ansible.windows.win_domain_membership: | |
33 | dns_domain_name: 'internal.efficios.com' | |
34 | hostname: "{{ansible_hostname}}" | |
35 | domain_ou_path: 'DC=internal,DC=efficios,DC=com' | |
36 | state: 'domain' | |
37 | domain_admin_user: "{{ lookup('community.general.bitwarden', '2443aefa-0b85-497d-aa0e-aef6011295c4', search='id', field='username')[0] }}" | |
38 | domain_admin_password: "{{ lookup('community.general.bitwarden', '2443aefa-0b85-497d-aa0e-aef6011295c4', search='id', field='password')[0] }}" | |
39 | register: domain_state | |
40 | - name: Install python | |
41 | ansible.windows.win_package: | |
42 | path: 'https://www.python.org/ftp/python/3.11.3/python-3.11.3-arm64.exe' | |
43 | state: 'present' | |
44 | arguments: | |
45 | - '/InstallAllUsers=1' | |
46 | - '/SimpleInstall' | |
47 | - '/quiet' | |
48 | creates_path: 'C:\Windows\py.exe' | |
49 | - name: Set administrator authorized keys | |
50 | ansible.windows.win_template: | |
51 | src: 'authorized_keys.j2' | |
52 | dest: 'c:\ProgramData\ssh\administrators_authorized_keys' | |
53 | ||
54 | - name: Reboot if domain changed | |
55 | when: domain_state.reboot_required | |
56 | ansible.windows.win_reboot: |