Month: August 2024
-
Enable WinRM via Powershell
I have already setup a Certificate Authority (CA) on my Domain Controller and also have the GPOs setup to issue certificates. So if the machine has a valid certificate, then use the following powershell command to enable WinRM on https. To check run: PS C:\Users\adjoin> Test-WSMan -ComputerName “syswin01.ad.mitsuk.com”
-
AWX Dynamic Inventory plugin for cobbler
Here is my guide on how to import systems/hosts from cobbler. Step 1: Create a Custom Credential Type create inventories/cobbler_inventory.py in your repo and sync the project. Step 1: Create a Custom Credential Type Injector Configuration: Define how these fields will be injected into the environment:YAML Save the Custom Credential Type. Step 2: Create a…
-
Ansible AWX running Projects from Github Repo
Continuous Integration/Continuous delivery (CI/CD) is the practice of automating the integration of code changes from multiple developers into a single codebase. It is a software development practice where the developers commit their work frequently to the central code repository (Github or Stash). Then there are automated tools that build the newly committed code and do…
-
Wazuh – Install, Config, Manage
I’m using Wazuh as Security Information and Event Management (SIEM) solution, it provides monitoring, detection, and alerting of security events and incidents. Wazuh can do much more and its up to you how you learn and integrate it within your infrastructure and IT environment. It can also do XDR and actively block connections, can also…
-
Wazuh Server LDAP/ActiveDirectory Authentication
Official guide: https://documentation.wazuh.com/current/user-manual/user-administration/ldap.html As I was using LDAPS, first step was to copy the Domain Controller SSL Certs or your Local CA cert to the following. As I have two domain controllers with self-signed certs, so I copied them both to single file: /etc/wazuh-indexer/opensearch-security/ldapcacert.pem vi /etc/wazuh-indexer/opensearch-security/config.yml The second section to change is for authorization. Official…
-
Creating a custom EE for AWX
Ansible Execution Environment (EE) is used in AWX and Redhat Tower stack as the container that runs jobs or tasks. EE executes a virtual environment (venv) which runs in the task Pod/Container as shown below: You can run into situations where you want to use certain ansible plugin which will require certain python dependencies and…
-
AWX LDAP Configuration
Following settings will allow ldap authentication using active directory with Ansible AWX. For this article I am using plain-text LDAP. In production environments you will most likely use LDAPS which requires importing ADC cert or provide CA Cert – details for which I will next in my next blog, however for more details please visit: https://github.com/kurokobo/awx-on-k3s/blob/main/tips/trust-custom-ca.md…
-
Ansible AWX on Rocky Linux 9
For this article, I install a virtual machine with Rocky Linux 9.4 with hardware of 4CPU, 8GB of RAM and 40GB of hard drive space. Lets update and install some packages. Disable Selinux and firewall. Firewall we can enable later on. Install Kubernetes by running: For latest version (Sep 2025): use this: For latest version…