This directory contains Ansible automation for config management and operations.
The Config automation provides playbooks and roles for managing and configuring config infrastructure and services.
| Role | Description |
|---|---|
| shadowman_aap_metrics | Role for shadowman aap metrics |
| shadowman_aap_metrics_api | Role for shadowman aap metrics api |
| shadowman_aap_roi | Role for shadowman aap roi |
| shadowman_active_directory | Role for shadowman active directory |
| shadowman_ad_user_info | Role for shadowman ad user info |
| shadowman_add_to_ad | Role for shadowman add to ad |
| shadowman_add_to_idm | Role for shadowman add to idm |
| shadowman_cert_check | Role for shadowman cert check |
| shadowman_cis_rhel7 | Role for shadowman cis rhel7 |
| shadowman_cis_rhel8 | Role for shadowman cis rhel8 |
| shadowman_cis_windows_2016 | Ansible role to apply Windows Server 2016 CIS Benchmark |
| shadowman_compliance_playbook_create | Role for shadowman compliance playbook create |
| shadowman_compliance_scan | Role for shadowman compliance scan |
| shadowman_create_snapshot | Role for shadowman create snapshot |
| shadowman_esx_migrate_vms | Role for shadowman esx migrate vms |
| shadowman_esx_update | Role for shadowman esx update |
| shadowman_gather_tags | Role for shadowman gather tags |
| shadowman_hashi_sshd_config | Role for shadowman hashi sshd config |
| shadowman_idm_user | Role for shadowman idm user |
| shadowman_image_builder_cockpit_ssl | Role for shadowman image builder cockpit ssl |
| shadowman_image_builder_install | Role for shadowman image builder install |
| shadowman_infra_patching | Role for shadowman infra patching |
| shadowman_kernel_cleanup | Role for shadowman kernel cleanup |
| shadowman_linux_setup | Role for shadowman linux setup |
| shadowman_local_user_remove | Role for shadowman local user remove |
| shadowman_mesh | Role for shadowman mesh |
| shadowman_nist_rhel7 | Role for shadowman nist rhel7 |
| shadowman_nist_rhel8 | Role for shadowman nist rhel8 |
| shadowman_patching | Role for shadowman patching |
| shadowman_patching_async | Role for shadowman patching async |
| shadowman_pci_rhel7 | Role for shadowman pci rhel7 |
| shadowman_pci_rhel8 | Role for shadowman pci rhel8 |
| shadowman_podman_cleanup | Role for shadowman podman cleanup |
| shadowman_podman_cleanup_edahub | Role for shadowman podman cleanup edahub |
| shadowman_reboot | Role for shadowman reboot |
| shadowman_register_insights | Role for shadowman register insights |
| shadowman_remove_snapshot | Role for shadowman remove snapshot |
| shadowman_rhel_register | Role for shadowman rhel register |
| shadowman_rhel_template_seal | Role for shadowman rhel template seal |
| shadowman_run_scap | Role for shadowman run scap |
| shadowman_run_scap_windows | Role for shadowman run scap windows |
| shadowman_scan_systems | Role for shadowman scan systems |
| shadowman_schedule | Role for shadowman schedule |
| shadowman_schedule_cr | Role for shadowman schedule cr |
| shadowman_snapshot_restore | Role for shadowman snapshot restore |
| shadowman_stig_windows_2016 | Apply the DISA Windows Server 2016 STIG |
| shadowman_tower_metrics | Role for shadowman tower metrics |
| shadowman_vcenter_admin | Role for shadowman vcenter admin |
| shadowman_vmware_vm_info | Role for shadowman vmware vm info |
| shadowman_windows_firewall_add | Role for shadowman windows firewall add |
| shadowman_windows_firewall_remove | Role for shadowman windows firewall remove |
| shadowman_windows_powershell | Role for shadowman windows powershell |
| shadowman_windows_user | Role for shadowman windows user |
| Playbook | Description | Target Hosts |
|---|---|---|
| aap_metrics.yml | Playbook for aap metrics | all |
| aap_metrics_api.yml | Playbook for aap metrics api | localhost |
| aap_roi.yml | Playbook for aap roi | localhost |
| ad_user_info.yml | Playbook for ad user info | all |
| addfirewallrule.yml | Playbook for addfirewallrule | {{ vm_name |
| addvmtoad.yml | Playbook for addvmtoad | {{ vm_name }} |
| buildlinuxreport.yml | Playbook for buildlinuxreport | all |
| buildwindowsreport.yml | Playbook for buildwindowsreport | all |
| certificatereport.yml | Playbook for certificatereport | all |
| change_request_patch.yml | Playbook for change request patch | localhost |
| compliance_enforcement.yml | Playbook for compliance enforcement | all |
| compliancescan.yml | Playbook for compliancescan | all |
| controller_schedule.yml | Playbook for controller schedule | localhost |
| driftcheck.yml | Playbook for driftcheck | all |
| env.yml | Playbook for env | localhost |
| esx_migrate.yml | Playbook for esx migrate | localhost |
| esx_update.yml | Playbook for esx update | all |
| hashisshdconfig.yml | Playbook for hashisshdconfig | all |
| image_builder_image_build.yml | Playbook for image builder image build | all |
| image_builder_install.yml | Playbook for image builder install | all |
| infrapatching.yml | Playbook for infrapatching | all |
| initialconfig.yml | Playbook for initialconfig | {{ vm_name |
| insights_openscap_setup.yml | Playbook for insights openscap setup | all |
| linux_package.yml | Playbook for linux package | all |
| linuxcis.yml | Playbook for linuxcis | all |
| linuxcompliance.yml | Playbook for linuxcompliance | all |
| linuxkernelcleanup.yml | Playbook for linuxkernelcleanup | all |
| linuxnist.yml | Playbook for linuxnist | all |
| linuxpatching.yml | Playbook for linuxpatching | all |
| linuxpatching_app.yml | Playbook for linuxpatching app | all |
| linuxpatching_lifecycle_test.yml | Playbook for linuxpatching lifecycle test | {{ lifecycle_environment }} |
| linuxpatching_poll.yml | Playbook for linuxpatching poll | all |
| linuxpci.yml | Playbook for linuxpci | all |
| mesh_status.yml | Playbook for mesh status | all |
| nmapsnow.yml | Playbook for nmapsnow | ssh, unreachable_hosts, unreachable_hosts_2 |
| openscap.yml | Playbook for openscap | all |
| openscap windows.yml | Playbook for openscap windows | all |
| patching_withsnapshot.yml | Playbook for patching withsnapshot | all |
| podmancleanup.yml | Playbook for podmancleanup | all |
| podmancleanupedahub.yml | Playbook for podmancleanupedahub | all |
| reboot.yml | Playbook for reboot | all |
| removefirewallrule.yml | Playbook for removefirewallrule | {{ vm_name |
| removelocaluser.yml | Playbook for removelocaluser | {{ vm_name |
| removewindowsuser.yml | Playbook for removewindowsuser | {{ vm_name |
| seal_rhel.yml | Playbook for seal rhel | {{ operating_system |
| seal_rhel_vmware.yml | Playbook for seal rhel vmware | all |
| shadowman_patching.yml | Playbook for shadowman patching | tag_{{ env }}:&tag_{{ owner.split('@')[0] }}* |
| shadowman_patching_snow.yml | Playbook for shadowman patching snow | {{ vm_names }} |
| snapshot_postpatch.yml | Playbook for snapshot postpatch | all |
| snapshot_prepatch.yml | Playbook for snapshot prepatch | all |
| snow_cr_patching.yml | Playbook for snow cr patching | localhost |
| tower_metrics.yml | Playbook for tower metrics | all |
| updateuser_AD.yml | Playbook for updateuser AD | all |
| updateuser_IDM.yml | Playbook for updateuser IDM | localhost |
| vcenter_admin.yml | Playbook for vcenter admin | localhost |
| vmtagsreport.yml | Playbook for vmtagsreport | localhost |
| vmware_prereqs.yml | Playbook for vmware prereqs | all |
| win_package.yml | Playbook for win package | all |
| win_package_choc.yml | Playbook for win package choc | all |
| windows_patching.yml | Playbook for windows patching | all |
| windows_patching_app.yml | Playbook for windows patching app | all |
| windowscis.yml | Playbook for windowscis | all |
| windowsstig.yml | Playbook for windowsstig | all |
| writecsv.yml | Playbook for writecsv | all |
# Run a playbook
ansible-navigator run aap_metrics.yml
# Run in stdout mode
ansible-navigator run aap_metrics.yml -m stdout- hosts: target_hosts
roles:
- shadowman_aap_metrics- Ansible 2.9 or higher (via ansible-navigator)
- Required collections (see
collections/requirements.ymlif present) - Appropriate access credentials configured via environment variables
Ansible-Config/
├── roles/ # Ansible roles
├── *.yml # Playbooks
├── collections/ # Collection dependencies (if present)
└── ansible-navigator.yml # Navigator configuration