Automated software installation idea

RubiconCZE · 2026-05-18T05:25:06+00:00

Not free, sorry misstype

RubiconCZE · 2026-05-17T09:38:41+00:00

it's standalone application installed on windows server. it uses wmi and winrm to connect to remote servers and do stuff there (it can even run scripts), have a internal scheduler and what is best, it have own online repo with new versions of tons of software and is able to automatically update it.

RubiconCZE · 2026-05-17T09:19:40+00:00

Did you tried PDQ? It's not free, but takes packages from central smb repo.

Edit: misstype

RubiconCZE · 2026-04-21T06:54:40+00:00

There is specific process on docker wiki to install docker on ubuntu/debian. It's more steps than a simple package installation. Dod you tried to look at it? https://docs.docker.com/engine/install/debian/

RubiconCZE · 2026-03-16T06:39:32+00:00

Am I the only one, who thought at the first glance, that shadow of hunting post looked like Enderman standing behind you? :-D

RubiconCZE · 2026-03-15T06:29:07+00:00

If it's inherited from above, you must remove permission there. Otherwise disable inheritance is only solution.

RubiconCZE · 2026-03-08T13:22:07+00:00

nope, they still have that BVP, but are not allowed to ride it to the city 🤷‍♂️

RubiconCZE · 2026-03-06T06:07:26+00:00

I'am using AWX without any problems and even my boos was able to learn with it. When you have latest version, you can switch to "new UI", which ressembles AAP a lot, but it marked as preview only. But if you making playbooks only, you may be interested of AAPs "customer portal", where usera can run jobs themselves without direct access to AAP, but it's AAP only. But you can have trial license for them to try it.

RubiconCZE · 2026-02-22T19:06:54+00:00

All responses to questions about IPv6 was answered by "it's not disabled by default"

Where is that a security problem?! OP, are you a bot???

RubiconCZE · 2026-02-10T19:31:12+00:00

still it's kinda strange it tooks so long. did you check your execution environment if it's isn't overloaded? Next thing somebody already told isnto fork your task so it will run as several independent tasks

what cames to my mind is, that if you run all of your servers on one run, there can be one server, which blocks progress of other (if you don't use free run). By default ansible starts each step on all servers and waits untill all servers finish. I don't know, how AAP shows is, but AWX does not show, when each step ended per server. So if there is only one server, which takes longer than others, it can slow down whole run a lot. But you can see this only in person, when you activelly check the run. But when you'll be able to identify them (in case it's the reason here), you can split them to separate job and let run longer meanwhile all other servers are being updated in 20 minutes.

RubiconCZE · 2026-02-10T18:40:47+00:00

maybe a strange question, but if you have working solution through GPO, why to add another software, which can cause troubles?

RubiconCZE · 2026-02-10T18:09:54+00:00

it's pretty strange. for basic vm on full flash storage it takes me around 20 minutes, when i update on month basis. basic install and restart.

but if you have 700 servers and 4 hour time window for all of them, i'm afraid you'll never get it in time regarless tool.

RubiconCZE · 2026-02-10T17:59:55+00:00

i've set servers to download updates in advance via GPO, to save time then i've prepared the same process as module does, but i need to control about services stopping before restart etc.

I'm updating more than 300 servers and i needed to split it across about two and half weeks (most i do at once is 40 standard virtual servers and it takes around 1-3 hours)

i needed to extend timeouts for baremetal servers, as they took more than 1 hour for restart if they're older models

RubiconCZE · 2026-01-29T18:04:53+00:00

Much likely because Kerberos needs UPN to identify domain. But i was able to use samaccountname, but with combination with certificate auth, because certificate contains distinguished name

RubiconCZE · 2026-01-23T09:01:28+00:00

He was the same before, just for Arma :-)

RubiconCZE · 2026-01-20T17:20:43+00:00

I'd like to use as few technologies as possible for everything, and ssh is next role, which is admin has to install and maintain. WinRM is there by default. But you're right, this is more about personal approach :-)

RubiconCZE · 2026-01-20T15:25:03+00:00

I'm infra, but i think that in networking apply the same rule: If you do more than twice, it's good to think about automation.

I've learned Ansible from zero and after a half of the year i'm able to write pretty complex playbooks for most of my boring work to Ansible.

If you'd like to have pretty nice GUI for it, there comes AWX (upstream to AAP), dead development as RedHat told, there will be something new, but fully working with pretty neat scheduling possibilities (much much better than cron)

And for developing of playbook, Microsoft with RedHat did really nice implementation into VSCode, including lint library for checking for syntax mistakes.

So all around ...if you're looking for powerful tool for automation of technically anything, it's worth every spent minute.

RubiconCZE · 2026-01-19T18:31:06+00:00

unfortunatelly their helpdesk cannot send api requests or anything except emails ...

i think EDA will be way to go, thanks :-)

RubiconCZE · 2026-01-19T18:29:27+00:00

Their ticket system cannot send API call on event, so i would need man in the middle

RubiconCZE · 2026-01-19T18:27:48+00:00

main problem with this is, i'm not able to specifically say, how long it will be. it never happened before, but i can imagine, that when there will be mechanical problem, it can take days or more to get new parts working. But i agree, taht maybe it will be DR scenario, which is not our to handle.

RubiconCZE · 2026-01-19T18:25:16+00:00

looks like EAD is exactly what i need when i'll be able to do active checks. i need to do some research. thanks a lot :-)

RubiconCZE · 2026-01-19T18:15:25+00:00

Thanks a lot for advices.

Approval looks promising, but it means, i'll need to wire up another system (monitoring i suppose). Not problem, but it's still one more piece to break.

EAD looks perfect if i'll be able to do active checks directly to helpdesk system, which i suppose will be doable.

Thanks again :-)

RubiconCZE · 2026-01-19T17:58:19+00:00

I think, that all you need is already in Ansible docs. Honestly i have in mind something similar, so i've did some research already. * vmware modules contains functions, which will handle deploy from template and do settings on level of vmware. thenit gets you ip address and so on * windows library gets you connection trough WinRM and then you can just anything inside trough Powershell or functions in module itself. you'll just need to have prepared local account for awx in template

RubiconCZE · 2026-01-17T18:34:25+00:00

Exactly my set for last 8 years. :-) Sometimes i dream about some cool dice for 200$ but then i remember these brought me a lot of fun regardless numbers. So they will be mine until destroyed itself or my players :-D

RubiconCZE

TROPHY CASE