d o n e
This commit is contained in:
parent
0febd7ec08
commit
76407a72d6
@ -1,4 +1,5 @@
|
|||||||
---
|
---
|
||||||
# defaults file for win-initial-setup
|
# defaults file for win-initial-setup
|
||||||
iis_log_retention_days: 15
|
iis_log_retention_days: 15
|
||||||
iis_log_directory: D:\IISLogs
|
iis_log_directory: C:\IISLogs
|
||||||
|
log_dir: C:\Logs
|
||||||
|
|||||||
@ -1,4 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
# - name: Install Chocolatey
|
||||||
|
# ansible.builtin.import_tasks: install-chocolatey.yml
|
||||||
|
|
||||||
- name: Set Cipher Suite
|
- name: Set Cipher Suite
|
||||||
ansible.builtin.import_tasks: set-cipher-suite.yml
|
ansible.builtin.import_tasks: set-cipher-suite.yml
|
||||||
|
|
||||||
@ -12,13 +15,8 @@
|
|||||||
ASPNETCORE_ENVIRONMENT: "{{ devops_env }}"
|
ASPNETCORE_ENVIRONMENT: "{{ devops_env }}"
|
||||||
DOTNET_ENVIRONMENT: "{{ devops_env }}"
|
DOTNET_ENVIRONMENT: "{{ devops_env }}"
|
||||||
|
|
||||||
- name: Ensure Framework 4.8 is Installed
|
- name: Install Framework 4.8
|
||||||
ansible.builtin.import_tasks: install-dotnet-framework.yml
|
ansible.builtin.import_tasks: install-framework-4.8.yml
|
||||||
|
|
||||||
- name: Ensure Latest Microsoft Edge is Installed
|
|
||||||
chocolatey.chocolatey.win_chocolatey:
|
|
||||||
name: microsoft-edge
|
|
||||||
state: latest
|
|
||||||
|
|
||||||
- name: Ensure IIS Log Retention Task Exists
|
- name: Ensure IIS Log Retention Task Exists
|
||||||
community.windows.win_scheduled_task:
|
community.windows.win_scheduled_task:
|
||||||
@ -43,13 +41,15 @@
|
|||||||
- name: Set IIS Header Logging
|
- name: Set IIS Header Logging
|
||||||
ansible.windows.win_powershell:
|
ansible.windows.win_powershell:
|
||||||
script: |
|
script: |
|
||||||
Add-WebConfigurationProperty `
|
Import-Module WebAdministration
|
||||||
|
|
||||||
|
Set-WebConfigurationProperty `
|
||||||
-pspath 'MACHINE/WEBROOT/APPHOST' `
|
-pspath 'MACHINE/WEBROOT/APPHOST' `
|
||||||
-filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
|
-filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
|
||||||
-name "." `
|
-name "." `
|
||||||
-value @{logFieldName='x-forwarded-for';sourceName='x-forwarded-for';sourceType='RequestHeader'}
|
-value @{logFieldName='x-forwarded-for';sourceName='x-forwarded-for';sourceType='RequestHeader'}
|
||||||
|
|
||||||
Add-WebConfigurationProperty `
|
Set-WebConfigurationProperty `
|
||||||
-pspath 'MACHINE/WEBROOT/APPHOST' `
|
-pspath 'MACHINE/WEBROOT/APPHOST' `
|
||||||
-filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
|
-filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
|
||||||
-name "." `
|
-name "." `
|
||||||
@ -58,13 +58,13 @@
|
|||||||
- name: Ensure WebPI Is Installed
|
- name: Ensure WebPI Is Installed
|
||||||
ansible.windows.win_package:
|
ansible.windows.win_package:
|
||||||
path: https://download.microsoft.com/download/8/4/9/849DBCF2-DFD9-49F5-9A19-9AEE5B29341A/WebPlatformInstaller_x64_en-US.msi
|
path: https://download.microsoft.com/download/8/4/9/849DBCF2-DFD9-49F5-9A19-9AEE5B29341A/WebPlatformInstaller_x64_en-US.msi
|
||||||
product_id: 849DBCF2-DFD9-49F5-9A19-9AEE5B29341A
|
product_id: "{849DBCF2-DFD9-49F5-9A19-9AEE5B29341A}"
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Ensure Application Request Routing 3.0 Is Installed
|
- name: Ensure Application Request Routing 3.0 Is Installed
|
||||||
ansible.windows.win_package:
|
ansible.windows.win_package:
|
||||||
path: https://download.microsoft.com/download/E/9/8/E9849D6A-020E-47E4-9FD0-A023E99B54EB/requestRouter_amd64.msi
|
path: https://download.microsoft.com/download/E/9/8/E9849D6A-020E-47E4-9FD0-A023E99B54EB/requestRouter_amd64.msi
|
||||||
product_id: E9849D6A-020E-47E4-9FD0-A023E99B54EB
|
product_id: "{E9849D6A-020E-47E4-9FD0-A023E99B54EB}"
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Ensure svc-rmagent Exists
|
- name: Ensure svc-rmagent Exists
|
||||||
@ -86,6 +86,15 @@
|
|||||||
|
|
||||||
# TODO: Determine adding group to another group? Ask Monique, not sure what this means.
|
# TODO: Determine adding group to another group? Ask Monique, not sure what this means.
|
||||||
|
|
||||||
|
- name: Ensure Log Paths Exist
|
||||||
|
ansible.windows.win_file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ item }}"
|
||||||
|
loop:
|
||||||
|
- "{{ iis_log_directory }}"
|
||||||
|
- "{{ log_dir }}"
|
||||||
|
when: devops_env is in ['QA', 'PROD', 'TRN']
|
||||||
|
|
||||||
- name: Ensure ISG Team & Admin Have Proper Log Permissions
|
- name: Ensure ISG Team & Admin Have Proper Log Permissions
|
||||||
ansible.windows.win_acl:
|
ansible.windows.win_acl:
|
||||||
path: "{{ item.path }}"
|
path: "{{ item.path }}"
|
||||||
@ -95,15 +104,15 @@
|
|||||||
state: present
|
state: present
|
||||||
loop:
|
loop:
|
||||||
- user: DL_ISG_WEB
|
- user: DL_ISG_WEB
|
||||||
path: C:\IISLogs
|
path: "{{ iis_log_directory }}"
|
||||||
rights: Read
|
rights: Read
|
||||||
- user: DL_ISG_WEB
|
- user: DL_ISG_WEB
|
||||||
path: C:\Logs
|
path: "{{ log_dir }}"
|
||||||
rights: Read
|
rights: Read
|
||||||
- user: Administrators
|
- user: Administrators
|
||||||
path: C:\IISLogs
|
path: "{{ iis_log_directory }}"
|
||||||
rights: FullControl
|
rights: FullControl
|
||||||
- user: Administrators
|
- user: Administrators
|
||||||
path: C:\Logs
|
path: "{{ log_dir }}"
|
||||||
rights: FullControl
|
rights: FullControl
|
||||||
when: devops_env is in ['QA', 'PROD', 'TRN']
|
when: devops_env is in ['QA', 'PROD', 'TRN']
|
||||||
|
|||||||
@ -1,4 +1,3 @@
|
|||||||
---
|
|
||||||
- name: Install chocolatey
|
- name: Install chocolatey
|
||||||
win_chocolatey:
|
win_chocolatey:
|
||||||
name:
|
name:
|
||||||
|
|||||||
25
tasks/install-framework-4.8.yml
Normal file
25
tasks/install-framework-4.8.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
---
|
||||||
|
- name: Check if Framework 4.8 is Installed
|
||||||
|
win_reg_stat:
|
||||||
|
path: HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full
|
||||||
|
name: Release
|
||||||
|
register: framework_release
|
||||||
|
|
||||||
|
- name: Ensure Framework 4.8 is Installed
|
||||||
|
ansible.windows.win_package:
|
||||||
|
path: https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/8494001c276a4b96804cde7829c04d7f/ndp48-x86-x64-allos-enu.exe
|
||||||
|
product_id: "{2D6BB6B2-226A-4BAA-BDEC-798822606FF1}"
|
||||||
|
state: present
|
||||||
|
arguments: /install /quiet /norestart
|
||||||
|
register: framework_48
|
||||||
|
when: framework_release.value != 528049
|
||||||
|
|
||||||
|
- name: Reboot if Framework Reboot Requested
|
||||||
|
ansible.windows.win_reboot:
|
||||||
|
when: framework_release.value != 528049 and framework_48.reboot_required
|
||||||
|
|
||||||
|
- name: Ensure Microsoft Edge is Installed
|
||||||
|
ansible.windows.win_package:
|
||||||
|
path: https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/810f5f99-1567-46ad-9a44-4b26ba115366/MicrosoftEdgeEnterpriseX64.msi
|
||||||
|
product_id: "{810F5F99-1567-46AD-9A44-4b26ba115366}"
|
||||||
|
state: present
|
||||||
7
tasks/uninstall-chocolatey.yml
Normal file
7
tasks/uninstall-chocolatey.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: Uninstall chocolatey
|
||||||
|
win_chocolatey:
|
||||||
|
name:
|
||||||
|
- chocolatey
|
||||||
|
- chocolatey-core.extension
|
||||||
|
state: absent
|
||||||
Loading…
Reference in New Issue
Block a user