Commit graph

79 commits

Author SHA1 Message Date
Sandra McCann
26bb114ccb
[backport][docs][2.10]Docsbackportapalooza 8 (#71379)
* Move 2.10.0rc1 release date a few days forward. (#71270)

At yesterday's meeting it was decided to have ansible-2.10.0 depend on
ansible-base-2.10.1 so that we can get several fixes for ansible-base's
routing (including adding the gluster.gluster collection).
ansible-base-2.10.1 will release on September 8th.  So we will plan on
releasing ansible-2.10.0rc1 on the 10th.

https://meetbot.fedoraproject.org/ansible-community/2020-08-12/ansible_community_meeting.2020-08-12-18.00.html
(cherry picked from commit e507c127e5)

* a few writing style updates (#71212)

(cherry picked from commit 4f0bd5de38)

* Fix code markups and add link to CVE (#71082)

(cherry picked from commit 92d59a58c0)

* Fix 404 links (#71256)

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit ecea018506)

* Writing style updates to Developing dynamic inventory topic (#71245)

* modified the writing style

* incorporated peer feedback

(cherry picked from commit ecd3b52ad7)

* Fix roadmap formatting. (#71275)

(cherry picked from commit ee48e0b0ad)

* Update password.py (#71295)

List md5_crypt, bcrypt, sha256_crypt, sha512_crypt as hash schemes in the password plugin.

(cherry picked from commit 1d1de2c6fd)

* Update ansible european IRC channel (#71326)

Signed-off-by: Rémi VERCHERE <remi@verchere.fr>
(cherry picked from commit 824cd4cbeb)

* Add warning about copyright year change (#71251)

To simplify project administration and avoid any legal issues,
add a warning in the docs. This reflects - https://github.com/ansible/ansible/issues/45989#issuecomment-423635622 and fixes: #45989

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 606604bb97)

* subelements: Clarify parameter docs (#71177)

skip_missing parameter in subelements lookup plugin is accepted from
inside the dictionary.

Fixes: #38182

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 6d17736ef4)

* Writing style updates to Using Variables topic (#71194)

* updated topic title, underline length for headings, and incorporated peer feedback

(cherry picked from commit 4d68efbe24)

* cron module defaults to current user, not root (#71337)

(cherry picked from commit 4792d83e13)

* Update Network Getting Started for FQCN/collection world (#71188)

* pull out network roles, cleanup, update first playbook examples, update gather facts section, some inventory conversion to .yml, update inventory and roles, simplify the navigation titles, fix tocs, feedback comments

(cherry picked from commit f79a7c5585)

* Add documentation about info/facts module development (#71250)

Fixes: #40151

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 4f993922c8)

* network: Correct documentation (#71246)

ini-style inventory does not support Ansible Vault password.
This fixes network_best_practices_2.5 doc.
Fixes: #69039

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a1257d75aa)

* tidies up vars page (#71339)

(cherry picked from commit 02ea80f6d7)

* base.yml: Fix typos (#71346)

(cherry picked from commit 41d7d53573)

* quick fix to change main back to devel (#71342)

* quick fix to change main back to devel
* Update docs/docsite/rst/dev_guide/developing_collections.rst

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 74f88c56a5)

* Add note about integration tests for new modules to the dev guide (#71345)

(cherry picked from commit b82889eef5)

* update fest link (#71376)

(cherry picked from commit 80b8fde946)

* incorporate minimalism feedback on debugging page (#71272)

Co-authored-by: bobjohnsrh <50667510+bobjohnsrh@users.noreply.github.com>

(cherry picked from commit 5073cfc8bc)

* fix header problem

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Sayee <57951841+sayee-jadhav@users.noreply.github.com>
Co-authored-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: rovshango <rovshan.go@gmail.com>
Co-authored-by: Remi Verchere <rverchere@users.noreply.github.com>
Co-authored-by: Jake Howard <RealOrangeOne@users.noreply.github.com>
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-authored-by: Per Lundberg <perlun@gmail.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
2020-08-20 17:44:50 -05:00
Sviatoslav Sydorenko
be28e98cf2
[backport][2.10][PR #70446] Refactor Python API examples and docs (#70850)
* Add boilerplate snippet into `examples/`

It is a partial backport of #70224

(partially cherry picked from commit 4816bb4f43)

* Refactor Python API examples and docs

PR #70446: it's a follow-up for #70445.

It includes a merge of `examples/scripts/uptime.py` and a similar
code snippet from `docs/docsite/rst/dev_guide/developing_api.rst`.

This patch also changes the docs RST file to include contents of
the example file instead of holding a copy of a similar code.

(cherry picked from commit 20bb915092)
2020-07-29 13:51:21 -07:00
Sviatoslav Sydorenko
7969b60552
Fix the internal Python API usage examples (#70841)
Previous version initialized the `TaskQueueManager` after calling
`Play.load()` while advertising a way to inject a custom library
location path. This caused the tasks loader not to find any custom
modules because it was triggered before the path was actually added
to the module loader.

This patch changes the order of the operations to ensure that the
customized `context.CLIARGS` actually influences things.

Resolves https://github.com/ansible/ansible/issues/69758.

(cherry picked from commit 8d97c8c222)
2020-07-23 10:10:42 -07:00
Shachaf92
7ddcaafee5 many pslint fixes (#55862)
* Handles:

PSAvoidTrailingWhitespace
PSAvoidGlobalVars
PSAvoidAssignmentToAutomaticVariable
PSAvoidUsingCmdletAliases
PSAvoidUsingWriteHost
PSUseDeclaredVarsMoreThanAssignments
PSUsePSCredentialType
PSAvoidUsingPositionalParameters
PSAvoidUsingEmptyCatchBlock
PSAvoidUsingWMICmdlet

Replaced Write-Host with Write-Output
Added smart reboot check for win_domain feature installation
Modify the Creation of the pagefileto fit to CIM
Changelog fragment addition
Ignore.txt without fixes

* Changes after community reviews

* Change Out-Null to '> $null'

* Fixes after jborean93 comments

* Test

* Revert "Test"

This reverts commit 35c5c0648fa9d2868a18094d84954e53ffa28880.

* Removed all  > $null since they broke the module since the output got dumped

* run test again

* Revert "run test again"

This reverts commit 80eaf07143f9d8cb0116cbbc68a6a69c0ace840c.

* Changes after community review

* ignore PSUseDeclaredVarsMoreThanAssignments that are on a diffrent PR

* CI failed on extra line in ignore.txt

* Review changes

* PSlint errors

* Trail space

* send to null breaks the tests for  Set-Workgroup

* Lint stuff

* win_domain_user issue of indent.

* Update win_domain_user.ps1

* Update win_domain_membership.ps1

* Fix redirect to null

* lint space issue

* removed return from set-workgroup

* removed send to null
2019-07-09 05:41:58 +10:00
Abhijeet Kasurde
1da5e21289 examples: fix Ansible API example (#51863)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-02-12 15:35:49 -06:00
Jordan Borean
24b4633481
explicitly set LocalAccountTokenFilterPolicy on WinRM configure script (#45947) 2018-09-25 08:01:03 +10:00
Joren Vrancken
b954917761 Surround top-level function and class definitions with two blank lines. 2018-07-31 12:06:56 -07:00
David Norman
7963279fc2 Generate SHA256 signed certificates for WinRM (#36668)
* Generate SHA256 signed certificates

Vulnerability scanners are increasingly reporting SHA-1 signed certificates as a vulnerability on servers. Before this change, -ForceNewSSLCert generates a signature algorithm that openssl shows as sha1WthRSAEncryption for WinRM port 5986. After, this forces certificates to be signed with SHA256, which openssl shows sha256WithRSAEncryption.

Some example SHA-1 deprecations include:
- https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2017/4010323
- https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Also note that RDP 3389 on Windows 2016 also defaults to a SHA256 certificate.

The specifics were merged from a script mod I found at https://gallery.technet.microsoft.com/scriptcenter/PowerShell-script-to-7a0321b7 intended for Exchange. It also includes a mod to add an alternate DNS listing so the cert contains CN=HOSTNAME plus now also an alternative of the FQDN.

I tested this change on Windows 2008R2, 2012R2, and 2016 Datacenter.

* Keep WinRM cert key length at 4096.

* Remove WinRM cert exportpolicy setting.
2018-04-20 09:01:48 +10:00
John Bond
d72587084b Update example uptime script to provide correct type for explicit individual hosts (#34740) 2018-01-16 11:39:15 -06:00
Matt Clay
797664d9cb Python 2.6 str.format() compatibility fixes. 2018-01-10 14:08:11 -08:00
Erwan Quélin
e3b49a7aeb Added possibility to disable basic auth (#33224) 2018-01-02 10:13:20 +10:00
Matt Davis
853fa8223a avoid use of Write-Host in config script 2017-12-20 22:51:16 -08:00
Matt Davis
898eead48f
add GlobalHttpFirewallAccess arg (#34124) 2017-12-20 20:36:26 -08:00
Dag Wieers
1140d6ecd7
Explain -EnableCredSSP in header
The new Windows documentation references the top of this file for a list and explanation of options, however `-EnableCredSSP` was missing from this list.
2017-11-02 16:59:13 +01:00
Matt Martz
2b08e00a54 Update uptime.py example script with changes to the API. Fixes #31229 2017-10-04 08:50:10 -07:00
Simon Liddicott
3ceeb5124e Set startup type to automatic before attempting to start the service. Otherwise it will fail if the service is disabled. (#27751) 2017-08-07 08:14:56 +10:00
Toshio Kuratomi
87a192fe66 Fix one name in module error due to rewritten VariableManager 2017-07-27 15:37:26 -07:00
Abhijeet Kasurde
b89cb95609 Fix spelling mistakes (comments only) (#25564)
Original Author : klemens <ka7@github.com>

Taking over previous PR as per
https://github.com/ansible/ansible/pull/23644#issuecomment-307334525

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-06-12 07:55:19 +01:00
Dag Wieers
ea27baf7ff examples/: PEP8 compliancy (#24682)
- Make PEP8 compliant
2017-05-18 08:38:40 +01:00
Nicolas Simond
a40450d40a ConfigureRemotingForAnsible: RSA 1024 to RSA 4096 (#23684) 2017-04-19 13:21:25 +02:00
David PHAM-VAN
6a0fb4e3b6 Remove useless # in comment (#21609) 2017-02-18 11:43:04 +00:00
Matt Davis
ba353b0f8f fix ambiguous cert selection in WinRM enable script (#21263)
Rather than trying to guess which cert we just generated,   parse the generated cert data and extract the thumbprint directly.
2017-02-13 10:16:23 +01:00
Jordan Borean
719e1840da Added info on ntlm and credssp, updated configure script for credssp (#21175) 2017-02-08 17:00:58 -08:00
Dag Wieers
6de1f22c15 Add missing support for -CertValidityDays (#21009)
* Add missing support for -CertValidityDays

For some reason the -CertValidityDays option was not being used in the certificates we created.

This fixes #10439

* Possible fix

* We cannot use New-SelfSignedCertificate on 2012R2 and earlier

As suggested by @jhawkesworth
2017-02-06 08:14:42 +00:00
Dag Wieers
28060a4c47 Improve inline docs (#21029) 2017-02-04 08:52:01 +01:00
Matt Clay
10d9318de7 PEP 8 indent cleanup. (#20800)
* PEP 8 E121 cleanup.

* PEP 8 E126 cleanup.

* PEP 8 E122 cleanup.
2017-01-29 07:28:53 +00:00
Dag Wieers
c94c53e8a4 Ensure that the script is run with elevated privileges (#20669)
* Ensure that the script is run with elevated privileges

This fixes #20654

* Implement our own check for elevated privileges
2017-01-27 14:23:18 -08:00
Dag Wieers
e64ef8b0ab Small fix for running using Invoke-Expression
A small fix suggested by a user for running ConfigureRemotingForAnsible.

This fixes #20512
2017-01-26 04:10:14 -08:00
Dag Wieers
de21038feb Enable -Verbose and log to EventLog (#19909)
Instead of asking the user to type something prior to running the script, why not allow -Verbose on the command line directly.
Also log important events to EventLog, so that it can be traced e.g. when running via RunOnce mechanism.

The documentation is updated as well.
2017-01-10 23:52:41 -08:00
TaoBeier
6ec0369c26 fix indent (#20071) 2017-01-10 18:47:03 -08:00
Matt Clay
75c281debc Fix compile errors in scripts. 2016-12-08 11:35:20 -05:00
Matt Clay
0d46805979 Clean up shebangs for various files.
- Remove shebangs from:
  - ini files
  - unit tests
  - module_utils
  - plugins
  - module_docs_fragments
  - non-executable Makefiles
- Change non-modules from '/usr/bin/python' to '/usr/bin/env python'.
- Change '/bin/env' to '/usr/bin/env'.

Also removed main functions from unit tests (since they no longer
have a shebang) and fixed a python 3 compatibility issue with
update_bundled.py so it does not need to specify a python 2 shebang.

A script was added to check for unexpected shebangs in files.
This script is run during CI on Shippable.
2016-11-02 17:00:27 -07:00
nitzmahone
ee080eddb5 adjust WinRM service configuration message text
fixes #17478
2016-09-09 09:47:46 -07:00
jlehtniemi-broadsoft
5864ae50c6 Start WinRM service automatically on reboot 2016-09-09 14:00:49 +03:00
Brian Coca
81a4164207 old yaml format has been long gone
script is not compatible with new yaml format so removing it to avoid confusion

(cherry picked from commit 52099224e632fe0a8b076774b22723fb73d19ea0)
2016-09-08 14:18:10 -04:00
Shota
47f715fb37 Fix some typos (#16498) 2016-06-29 14:31:25 -04:00
Cryptophobia
76a519fddc Update to ConfigureRemotingForAnsible.ps1 2016-04-13 18:02:55 -04:00
Matt Davis
840cda741d Merge pull request #12363 from breathe/devel
allow ConfigureRemotingForAnsible.ps1 script from public zone
2016-02-29 22:28:53 +00:00
Michael Crilly
e9fe5f201f $SubjectName variable unused; clean up
Having used this script several times today, I came to notice the $SubjectName variable, being passed in via the CLI, is essentially ignored when generating the SSL certificates, rendering it useless. I believe it's a good idea to have it in place, so I've updated the script to reflect this.

I also cleaned up some random new lines throughout the file, and expanded on a comment.

It might be worth going a step further and commenting the file fully, as most people reviewing this file won't be familiar with PowerShell (like I wasn't unitl a few days ago). It could be helpful.
2016-02-29 14:24:37 -08:00
b4ldr
439baf004e update uptime script to use version 2.0 of the api 2016-02-17 18:34:12 +00:00
Nathaniel Cohen
8b6f8ff928 Document -SkipNetworkProfileCheck switch 2015-09-22 11:57:15 -07:00
Nathaniel Cohen
be452c1b27 allow ConfigureRemotingForAnsible.ps1 script to function from 'public' adapters
The current script fails on machines which have network interfaces designated
as connected to "Public" networks (choices for network designation being
Private, Domain, Public).  This commit changes the script to NOT prevent winrm
initialization when device is connected to a "Public" network.
2015-09-14 15:13:33 -07:00
Marius Gedminas
823677b490 Replace .iteritems() with six.iteritems()
Replace .iteritems() with six.iteritems() everywhere except in
module_utils (because there's no 'six' on the remote host).  And except
in lib/ansible/galaxy/data/metadata_template.j2, because I'm not sure
six is available there.
2015-09-03 09:23:27 +03:00
nitzmahone
74694b2b0d moved WinRM setup script test after config 2015-08-31 16:38:23 -07:00
Willem Pienaar
ac28652602 Fixed error handling for the enabling of PS Remoting 2014-12-16 02:29:13 +02:00
Chris Church
116109468c Merge pull request #9481 from cipress/patch-1
fixes powershell upgrade script to work on different System architectures.
2014-11-23 01:37:33 -05:00
Chris Church
2f7348fddf Update firewall rules, error handling, other comment/whitespace cleanup. 2014-11-11 02:20:28 -05:00
cipress
c1fc0ca4fd Found issue on different System architecture.
On x86 systems doesn't work so, starting by the line 63 we check if the architecture is x86 or x64.
2014-11-04 17:38:08 +01:00
nathansoz
f0004b1604 $powershellpath is called as ".$powershellpath"
$powershell path is set to "C:\powershell" at line 27. This is fine, but on line 82 $powershellpath is called as ".$powershellpath\$filename". Because the path at line 27 is absolute, a period preceding the $powershellpath is not required at 82. It actually causes an error:

Start-Process : This command cannot be executed due to the error: Unknown error (0x80041002).
At C:\users\Nathan Sosnovske\Documents\ps2to3.ps1:81 char:14

Start-Process <<<< -FilePath ".$powershellpath\$filename" -ArgumentList /quiet
CategoryInfo : InvalidOperation: (:) [Start-Process], InvalidOperationException
FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand
Removing the period on line 82 before $powershellpath fixes this error.
2014-08-18 15:55:24 -07:00
Trond Hindenes
d568966e2c Added script for configuring winrm for Ansible
The script can be used to set up a windows host with WinRM with the least possible effort.
2014-07-06 19:02:32 +02:00