2023-06-14 14:03:57 +02:00
|
|
|
---
|
2023-06-14 14:11:35 +02:00
|
|
|
- hosts: all
|
2023-06-14 15:16:25 +02:00
|
|
|
vars:
|
|
|
|
remote_user: Administrator
|
2023-06-14 14:01:46 +02:00
|
|
|
tasks:
|
2023-06-14 14:11:35 +02:00
|
|
|
- name: Choose which Windows updates to install
|
2023-06-14 14:14:36 +02:00
|
|
|
win_updates:
|
|
|
|
category_names:
|
|
|
|
- SecurityUpdates
|
|
|
|
- CriticalUpdates
|
|
|
|
- UpdateRollups
|
2023-06-14 14:11:35 +02:00
|
|
|
|
|
|
|
#---
|
|
|
|
# hosts: all
|
|
|
|
# tasks:
|
|
|
|
# - name: Install all updates and reboot as many times as needed
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names: '*'
|
|
|
|
# reboot: true
|
2023-06-14 13:47:01 +02:00
|
|
|
|
2023-06-14 14:01:46 +02:00
|
|
|
#- name: Install all security, critical, and rollup updates without a scheduled task
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names:
|
|
|
|
# - SecurityUpdates
|
|
|
|
# - CriticalUpdates
|
|
|
|
# - UpdateRollups
|
2023-06-14 13:47:01 +02:00
|
|
|
|
|
|
|
#- name: Search-only, return list of found updates (if any), log to C:\ansible_wu.txt
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names: SecurityUpdates
|
|
|
|
# state: searched
|
|
|
|
# log_path: C:\ansible_wu.txt
|
|
|
|
|
|
|
|
#- name: Install all security updates with automatic reboots
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names:
|
|
|
|
# - SecurityUpdates
|
|
|
|
# reboot: true
|
|
|
|
|
|
|
|
#- name: Install only particular updates based on the KB numbers
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names:
|
|
|
|
# - SecurityUpdates
|
|
|
|
# accept_list:
|
|
|
|
# - KB4056892
|
|
|
|
# - KB4073117
|
|
|
|
|
|
|
|
#- name: Exclude updates based on the update title
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# category_names:
|
|
|
|
# - SecurityUpdates
|
|
|
|
# - CriticalUpdates
|
|
|
|
# reject_list:
|
|
|
|
# - Windows Malicious Software Removal Tool for Windows
|
|
|
|
# - \d{4}-\d{2} Cumulative Update for Windows Server 2016
|
|
|
|
|
|
|
|
# Optionally, you can increase the reboot_timeout to survive long updates during reboot
|
2023-06-14 14:05:11 +02:00
|
|
|
#- name: Ensure we wait long enough for the updates to be applied during reboot
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# reboot: true
|
|
|
|
# reboot_timeout: 3600
|
2023-06-14 13:47:01 +02:00
|
|
|
|
|
|
|
# Search and download Windows updates
|
|
|
|
#- name: Search and download Windows updates without installing them
|
|
|
|
# ansible.windows.win_updates:
|
|
|
|
# state: downloaded
|