This lab was an interesting one, to say the least. My personal thoughts are that the lab was a lot more difficult than it should have been and there were some elements that still don't really make sense to me such as the concept of playbooks. I am not the best at scripting and at the moment doesn't seem like the best alternative. Also, The last step of chocolatey is currently an anomaly to me and won't install no matter how many breaks I take. I do see how this can be easier in some concepts, but I feel like I need an understanding and an expansion on the elements to use playbooks and downloading software from ansible-galaxy.

1. Same ol' setup with all 3 machines that are included. Create a user named "deployer" on all 3 machines aswell

• Ansible1
• Ansible2
• Controller

2. Install ansible sudo apt install ansible sshpass python3-paramiko
3. mkdir /etc/sudoers.d/sys265 on all linux systems
4. In sys265 create a document that just includes the following

• deployer <tab> ALL=(ALL) <tab> NOPASSWD: ALL

5. Use ssh-copy-id add deployer@controllers's public key to the deployer accounts on ansible1 and ansible2. This was done in the last lab

• This will allow for a passwordless login

6. mkdir -p ansible/roles

• echo ansible1-eric >> inventory.txt repeat for ansible2 aswell

7. This will allow to access that list to do commands such as ping
8. Add [webmin] ontop of ansible2-eric in the list
9. This allows to only use commands on specific groups of systems
10. Enter ansible-galaxy install semuadmin.webmin -p roles/ to install webmin from ansible galaxy which is similar to docker and it software
11. Create a .yml file in role that has the following:

• 
• DISCLAIMER: erase the d in firewalls in the first block! Or else it wont work and cause frustration

12. Since ansible2 uses rocky and that isn't supported on the webmin files, it needs to be altered to the following:

• 
• This can be found here! /ansible/roles/semuadmin.webmin/tasks/webmin.yml

13. Run the yml like this ansible-playbook -i inventory.txt roles/webmin.yml
14. You can now access webmin on a browser such as mgmt01
15. A similar process is done with a docker software found on ansible galaxy but the os doesn't need to be altered.
16. Install Open SSH through services

• If this doesnt work enter the following in an admin powershell

• `Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 Start-Service sshd Set-Service -Name sshd -StartupType 'Automatic'

• Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force

17. You can now ssh into mgmt01 as your adm account. Step 16 needs to be repeated to do it on wks01
18. Add mgmt1-eric with a [windows] role

• also add ansible_shell_type=powershell with the [windows:vars] roles

19. You can now ping mgmt01-eric through ansible windows -i inventory.txt -m win_ping -u [email protected] --ask-pass
20. Add wks01-eric and do the same thing. SSH wks01 in order for it to work
21. Chocolatey needs to be configured through windows_software.yml through settings provided in the documentation
22. Chocolatey should install but I could not get it to work

I had a lot of frustration with this lab and while playbooks appear to be neat, don't seem like a good alternative. This is from the context of this lab only and could change over time. Use this guide to help with frustration once again.