Capabilities
Active Directory
| Feature | Playbook / Role | Type | Status | Notes |
|---|---|---|---|---|
| Create AD Users and Groups | playbooks/provision_ad.yml | build | dev | |
| Create AD GMSA | playbooks/create-gmsa.yml | build | dev | |
| Remove computer from AD | playbooks/remove-computer-ad.yml | build | dev |
Windows
| Feature | Playbook / Role | Type | Status | Notes |
|---|---|---|---|---|
| Provision AWS storage | aws_windows_storage | build | prod | |
| Provision Azure storage | azure_windows_storage | build | prod | |
| Install Microsoft SQL | microsoft_sql | build | prod | |
| Install Kuiper | kuiper | build | prod | |
| Install System Pulse | system_pulse | build | prod | |
| Install Cogito and Caboodle | cogito | build | prod | |
| Install windows_exporter | windows_exporter | build | prod | Used with Prometheus monitoring |
| CIS Hardening | trippsc2.cis.windows2022 | build | dev | See playbooks/apply-windows-server-2022-cis-hardening.yml for recommended exclusions |
| Domain join | playbooks/join-domain.yml | build | dev | |
| Log off disconnected sessions | playbooks/logoff-disconnected-sessions.yml | maintenance | prod | Useful for account lockouts after a password change |
Linux
| Feature | Playbook / Role | Type | Status | Notes |
|---|---|---|---|---|
| Provision AWS storage | aws_linux_storage | build | prod | |
| Provision Azure storage | azure_linux_storage | build | prod | |
| Configure known_hosts | iris | build | prod | --tags known_hosts |
| Configure /etc/hosts | iris | build | prod | --tags hosts |
| Create local users (GIDs/UIDs) | iris | build | prod | --tags users |
| Configure authorized_keys | iris | build | prod | --tags keys |
| Configure sudoers | iris | build | prod | --tags sudo |
| Configure search suffix | linux-system-roles.network | build | dev | playbooks/configure-linux-search-suffix.yml |
| Domain Join | playbooks/linux-join-domain.yml | build | prod | |
| Install and configure tuned/hugepages | iris | build | prod | --tags tuned|hugepages |
| Install Iris | iris | build | prod | --tags iris |
| Register with Satellite | subscription-manager | build | dev | playbooks/register-with-satellite.yml |
| Install node_exporter | linux-exporter | build | dev | playbooks/deploy-node_exporter.yml |
Generic
| Feature | Playbook / Role | Type | Status | Notes |
|---|---|---|---|---|
| Certificate Authority (PKI) | certificate-authority | build | dev |