jumpserver/apps/terminal/automations/deploy_applet_host/playbook.yml

---

- hosts: all
  vars:
    APPLET_DOWNLOAD_HOST: https://demo.jumpserver.org
    IGNORE_VERIFY_CERTS: true
    HOST_NAME: test
    HOST_ID: 00000000-0000-0000-0000-000000000000
    CORE_HOST: https://demo.jumpserver.org
    BOOTSTRAP_TOKEN: PleaseChangeMe
    RDS_Licensing: false
    RDS_LicenseServer: 127.0.0.1
    RDS_LicensingMode: 4
    RDS_fSingleSessionPerUser: 1
    RDS_MaxDisconnectionTime: 60000
    RDS_RemoteAppLogoffTimeLimit: 0
    INSTALL_APPLETS: true
    PYTHON_VERSION: 3.11.6
    CHROME_VERSION: 118.0.5993.118
    CHROME_DRIVER_VERSION: 118.0.5993.70
    TINKER_VERSION: v0.1.7

  tasks:
    - block:
        - name: Check if CORE_HOST is redirects
          ansible.windows.win_uri:
            url: "{{ CORE_HOST }}"
            method: GET
            follow_redirects: none
            status_code: [200, 301, 302, 303, 307, 308]
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"
          register: core_host_redirects

        - name: Check failed
          fail:
            msg: "CORE_HOST {{ CORE_HOST }} is redirecting to {{ core_host_redirects.location }}, please use the final url"
          when: core_host_redirects.status_code >= 300 and core_host_redirects.status_code < 400

        - name: Install RDS-RD-Server (RDS)
          ansible.windows.win_feature:
            name: RDS-RD-Server
            state: present
            include_management_tools: yes
          register: rds_install

        - name: Stop Tinker before install
          ansible.windows.win_powershell:
            script: |
              if (Get-Process -Name 'tinker' -ErrorAction SilentlyContinue) {
                TASKKILL /F /IM tinker.exe /T
              }
              else {
               $Ansible.Changed = $false
              }

        - name: Download JumpServer Tinker installer
          ansible.windows.win_get_url:
            url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/Tinker_Installer_{{ TINKER_VERSION }}.exe"
            dest: "{{ ansible_env.TEMP }}\\Tinker_Installer_{{ TINKER_VERSION }}.exe"
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"

        - name: Install JumpServer Tinker
          ansible.windows.win_package:
            path: "{{ ansible_env.TEMP }}\\Tinker_Installer_{{ TINKER_VERSION }}.exe"
            arguments:
              - /VERYSILENT
              - /SUPPRESSMSGBOXES
              - /NORESTART
            state: present

        - name: Set Tinkerd on the global system path
          ansible.windows.win_path:
            elements:
              - '%USERPROFILE%\AppData\Local\Programs\Tinker\'
            scope: user

        - name: Download python-{{ PYTHON_VERSION }}
          ansible.windows.win_get_url:
            url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/python-{{ PYTHON_VERSION }}-amd64.exe"
            dest: "{{ ansible_env.TEMP }}\\python-{{ PYTHON_VERSION }}-amd64.exe"
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"

        - name: Install the python-{{ PYTHON_VERSION }}
          ansible.windows.win_package:
            path: "{{ ansible_env.TEMP }}\\python-{{ PYTHON_VERSION }}-amd64.exe"
            arguments:
              - /quiet
              - InstallAllUsers=1
              - PrependPath=1
              - Include_test=0
              - Include_launcher=0
            state: present
          register: win_install_python

        - name: Check pip command exists
          ansible.windows.win_powershell:
            script: |
              if (Get-Command -Name 'pip' -ErrorAction SilentlyContinue) {
                $Ansible.Changed = $false
              }
              else {
               $Ansible.Changed = $true
              }
          ignore_errors: yes
          register: check_pip_command

        - name: Reboot if installing requires it
          ansible.windows.win_reboot:
            post_reboot_delay: 10
            test_command: whoami
          when: check_pip_command.changed or rds_install.reboot_required or win_install_python.reboot_required

        - name: Set RDS LicenseServer (regedit)
          ansible.windows.win_regedit:
            path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
            name: LicenseServers
            data: "{{ RDS_LicenseServer }}"
            type: string
          when: RDS_Licensing

        - name: Set RDS LicensingMode (regedit)
          ansible.windows.win_regedit:
            path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
            name: LicensingMode
            data: "{{ RDS_LicensingMode }}"
            type: dword
          when: RDS_Licensing

        - name: Set RDS fSingleSessionPerUser (regedit)
          ansible.windows.win_regedit:
            path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
            name: fSingleSessionPerUser
            data: "{{ RDS_fSingleSessionPerUser }}"
            type: dword
          when: RDS_Licensing

        - name: Set RDS MaxDisconnectionTime (regedit)
          ansible.windows.win_regedit:
            path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
            name: MaxDisconnectionTime
            data: "{{ RDS_MaxDisconnectionTime }}"
            type: dword
          when: RDS_MaxDisconnectionTime >= 60000

        - name: Set RDS RemoteAppLogoffTimeLimit (regedit)
          ansible.windows.win_regedit:
            path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
            name: RemoteAppLogoffTimeLimit
            data: "{{ RDS_RemoteAppLogoffTimeLimit }}"
            type: dword

        - name: Download pip packages
          ansible.windows.win_get_url:
            url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/pip_packages.zip"
            dest: "{{ ansible_env.TEMP }}\\pip_packages.zip"
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"

        - name: Unzip pip_packages
          community.windows.win_unzip:
            src: "{{ ansible_env.TEMP }}\\pip_packages.zip"
            dest: "{{ ansible_env.TEMP }}\\pip_packages"

        - name: Install python requirements offline
          ansible.windows.win_powershell:
            script: |
              pip install -r '{{ ansible_env.TEMP }}\pip_packages\pip_packages\requirements.txt' --no-index --find-links='{{ ansible_env.TEMP }}\pip_packages\pip_packages'

        - name: Stop chromedriver before install
          ansible.windows.win_powershell:
            script: |
              if (Get-Process -Name 'chromedriver' -ErrorAction SilentlyContinue) {
                TASKKILL /F /IM chromedriver.exe /T
              }
              else {
               $Ansible.Changed = $false
              }

        - name: Remove old chromedriver (Chrome)
          ansible.windows.win_file:
            path: "{{ item }}"
            state: absent
          with_items:
            - C:\Program Files\JumpServer\drivers\chromedriver-win32
            - C:\Program Files\JumpServer\drivers\chromedriver_win32
            - C:\Program Files\JumpServer\drivers\chromedriver-win64
            - C:\Program Files\JumpServer\drivers\chromedriver_win64

        - name: Download chromedriver (Chrome)
          ansible.windows.win_get_url:
            url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"
            dest: "{{ ansible_env.TEMP }}\\chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"

        - name: Unzip chromedriver (Chrome)
          community.windows.win_unzip:
            src: "{{ ansible_env.TEMP }}\\chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"
            dest: C:\Program Files\JumpServer\drivers

        - name: Download Chrome zip package (Chrome)
          ansible.windows.win_get_url:
            url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chrome-{{ CHROME_VERSION }}-win.zip"
            dest: "{{ ansible_env.TEMP }}\\chrome-{{ CHROME_VERSION }}-win.zip"
            validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"

        - name: Stop Chrome before install
          ansible.windows.win_powershell:
            script: |
              if (Get-Process -Name 'chrome' -ErrorAction SilentlyContinue) {
                TASKKILL /F /IM chrome.exe /T
              }
              else {
               $Ansible.Changed = $false
              }

        - name: Remove old Chrome (Chrome)
          ansible.windows.win_file:
            path: "{{ item }}"
            state: absent
          with_items:
            - C:\Program Files\JumpServer\applications\Chrome
            - C:\Program Files\Chrome\chrome-win32
            - C:\Program Files\Chrome\chrome-win
            - C:\Program Files\chrome-win

        - name: Unzip Chrome (Chrome)
          community.windows.win_unzip:
            src: "{{ ansible_env.TEMP }}\\chrome-{{ CHROME_VERSION }}-win.zip"
            dest: C:\Program Files\JumpServer\applications

        - name: Check and Clean global system path (Chrome)
          ansible.windows.win_path:
            elements:
              - 'C:\Program Files\Python310\Scripts\'
              - 'C:\Program Files\Python310\'
              - 'C:\Program Files\JumpServer\drivers\chromedriver-win32'
              - 'C:\Program Files\JumpServer\drivers\chromedriver_win32'
              - 'C:\Program Files\Chrome\chrome-win32'
              - 'C:\Program Files\Chrome\chrome-win'
              - 'C:\Program Files\chrome-win'
            state: absent

        - name: Set Chrome and driver on the global system path (Chrome)
          ansible.windows.win_path:
            elements:
              - 'C:\Program Files\JumpServer\applications\Chrome\Application'
              - 'C:\Program Files\JumpServer\drivers\chromedriver-win64'

        - name: Set Chrome variables disable Google Api (Chrome)
          ansible.windows.win_environment:
            level: machine
            variables:
              GOOGLE_API_KEY: ''
              GOOGLE_DEFAULT_CLIENT_ID: ''
              GOOGLE_DEFAULT_CLIENT_SECRET: ''

        - name: Generate tinkerd component config
          ansible.windows.win_powershell:
            script: |
              tinkerd config --hostname {{ HOST_NAME }} --core_host {{ CORE_HOST }} --token {{ BOOTSTRAP_TOKEN }} --host_id {{ HOST_ID }} --ignore-verify-certs {{ IGNORE_VERIFY_CERTS }}

        - name: Install tinkerd service
          ansible.windows.win_powershell:
            script: |
              tinkerd service install

        - name: Start tinkerd service
          ansible.windows.win_powershell:
            script: |
              tinkerd service start

        - name: Wait Tinker api health
          ansible.windows.win_uri:
            url: http://localhost:6068/api/health/
            status_code: 200
            method: GET
          register: _result
          until: _result.status_code == 200
          retries: 30
          delay: 5

        - name: Sync all remote applets
          ansible.windows.win_powershell:
            script: |
              tinkerd install all
          register: sync_remote_applets
          when: INSTALL_APPLETS

      rescue:
        - debug:
            var: ansible_failed_result
        - fail:
            msg: "Failed to deploy applet host"
pref: 添加 deploy playbook 2022-10-26 09:21:52 +00:00			`---`
perf: update playbook.yml 2022-10-26 11:25:34 +00:00
pref: 修改 applet host deploy 2022-10-28 10:19:44 +00:00			`- hosts: all`
pref: 添加 deploy playbook 2022-10-26 09:21:52 +00:00			`vars:`
perf: update applet delopyment task 2022-11-17 08:02:22 +00:00			`APPLET_DOWNLOAD_HOST: https://demo.jumpserver.org`
fix: 修复自签证书下发布机部署失败 2023-03-08 05:27:03 +00:00			`IGNORE_VERIFY_CERTS: true`
pref: 基本完成部署 2022-11-01 09:04:44 +00:00			`HOST_NAME: test`
perf: deploy applet host 2022-11-03 10:03:46 +00:00			`HOST_ID: 00000000-0000-0000-0000-000000000000`
pref: 基本完成部署 2022-11-01 09:04:44 +00:00			`CORE_HOST: https://demo.jumpserver.org`
			`BOOTSTRAP_TOKEN: PleaseChangeMe`
perf: 优化 RD License 配置 2023-02-28 10:00:08 +00:00			`RDS_Licensing: false`
pref: 基本完成部署 2022-11-01 09:04:44 +00:00			`RDS_LicenseServer: 127.0.0.1`
			`RDS_LicensingMode: 4`
			`RDS_fSingleSessionPerUser: 1`
			`RDS_MaxDisconnectionTime: 60000`
			`RDS_RemoteAppLogoffTimeLimit: 0`
perf: 支持发布机仅初始化配置 2024-03-15 05:57:22 +00:00			`INSTALL_APPLETS: true`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`PYTHON_VERSION: 3.11.6`
			`CHROME_VERSION: 118.0.5993.118`
			`CHROME_DRIVER_VERSION: 118.0.5993.70`
perf: update tinker v0.1.7 2024-08-01 06:36:51 +00:00			`TINKER_VERSION: v0.1.7`
perf: update playbook.yml 2022-10-26 11:25:34 +00:00
pref: 添加 deploy playbook 2022-10-26 09:21:52 +00:00			`tasks:`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`- block:`
perf: 优化发布机部署 2024-05-17 03:53:11 +00:00			`- name: Check if CORE_HOST is redirects`
			`ansible.windows.win_uri:`
			`url: "{{ CORE_HOST }}"`
			`method: GET`
			`follow_redirects: none`
			`status_code: [200, 301, 302, 303, 307, 308]`
perf: Check if CORE_HOST should ignore SSL 2024-07-30 03:09:57 +00:00			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`
perf: 优化发布机部署 2024-05-17 03:53:11 +00:00			`register: core_host_redirects`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Check failed`
			`fail:`
perf: 优化发布机部署 2024-05-17 03:53:11 +00:00			`msg: "CORE_HOST {{ CORE_HOST }} is redirecting to {{ core_host_redirects.location }}, please use the final url"`
			`when: core_host_redirects.status_code >= 300 and core_host_redirects.status_code < 400`

perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`- name: Install RDS-RD-Server (RDS)`
			`ansible.windows.win_feature:`
			`name: RDS-RD-Server`
			`state: present`
			`include_management_tools: yes`
			`register: rds_install`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Stop Tinker before install`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_powershell:`
			`script: \|`
			`if (Get-Process -Name 'tinker' -ErrorAction SilentlyContinue) {`
			`TASKKILL /F /IM tinker.exe /T`
			`}`
			`else {`
			`$Ansible.Changed = $false`
			`}`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Download JumpServer Tinker installer`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_get_url:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/Tinker_Installer_{{ TINKER_VERSION }}.exe"`
			`dest: "{{ ansible_env.TEMP }}\\Tinker_Installer_{{ TINKER_VERSION }}.exe"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Install JumpServer Tinker`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_package:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`path: "{{ ansible_env.TEMP }}\\Tinker_Installer_{{ TINKER_VERSION }}.exe"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`arguments:`
			`- /VERYSILENT`
			`- /SUPPRESSMSGBOXES`
			`- /NORESTART`
			`state: present`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Set Tinkerd on the global system path`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_path:`
			`elements:`
			`- '%USERPROFILE%\AppData\Local\Programs\Tinker\'`
			`scope: user`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Download python-{{ PYTHON_VERSION }}`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_get_url:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/python-{{ PYTHON_VERSION }}-amd64.exe"`
			`dest: "{{ ansible_env.TEMP }}\\python-{{ PYTHON_VERSION }}-amd64.exe"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Install the python-{{ PYTHON_VERSION }}`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_package:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`path: "{{ ansible_env.TEMP }}\\python-{{ PYTHON_VERSION }}-amd64.exe"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`arguments:`
			`- /quiet`
			`- InstallAllUsers=1`
			`- PrependPath=1`
			`- Include_test=0`
			`- Include_launcher=0`
			`state: present`
			`register: win_install_python`

			`- name: Check pip command exists`
			`ansible.windows.win_powershell:`
			`script: \|`
			`if (Get-Command -Name 'pip' -ErrorAction SilentlyContinue) {`
			`$Ansible.Changed = $false`
			`}`
			`else {`
			`$Ansible.Changed = $true`
			`}`
			`ignore_errors: yes`
			`register: check_pip_command`

			`- name: Reboot if installing requires it`
			`ansible.windows.win_reboot:`
			`post_reboot_delay: 10`
			`test_command: whoami`
			`when: check_pip_command.changed or rds_install.reboot_required or win_install_python.reboot_required`

			`- name: Set RDS LicenseServer (regedit)`
			`ansible.windows.win_regedit:`
			`path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services`
			`name: LicenseServers`
			`data: "{{ RDS_LicenseServer }}"`
			`type: string`
			`when: RDS_Licensing`

			`- name: Set RDS LicensingMode (regedit)`
			`ansible.windows.win_regedit:`
			`path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services`
			`name: LicensingMode`
			`data: "{{ RDS_LicensingMode }}"`
			`type: dword`
			`when: RDS_Licensing`

			`- name: Set RDS fSingleSessionPerUser (regedit)`
			`ansible.windows.win_regedit:`
			`path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services`
			`name: fSingleSessionPerUser`
			`data: "{{ RDS_fSingleSessionPerUser }}"`
			`type: dword`
			`when: RDS_Licensing`

			`- name: Set RDS MaxDisconnectionTime (regedit)`
			`ansible.windows.win_regedit:`
			`path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services`
			`name: MaxDisconnectionTime`
			`data: "{{ RDS_MaxDisconnectionTime }}"`
			`type: dword`
			`when: RDS_MaxDisconnectionTime >= 60000`

			`- name: Set RDS RemoteAppLogoffTimeLimit (regedit)`
			`ansible.windows.win_regedit:`
			`path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services`
			`name: RemoteAppLogoffTimeLimit`
			`data: "{{ RDS_RemoteAppLogoffTimeLimit }}"`
			`type: dword`

			`- name: Download pip packages`
			`ansible.windows.win_get_url:`
			`url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/pip_packages.zip"`
			`dest: "{{ ansible_env.TEMP }}\\pip_packages.zip"`
			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`

			`- name: Unzip pip_packages`
			`community.windows.win_unzip:`
			`src: "{{ ansible_env.TEMP }}\\pip_packages.zip"`
			`dest: "{{ ansible_env.TEMP }}\\pip_packages"`

			`- name: Install python requirements offline`
			`ansible.windows.win_powershell:`
			`script: \|`
			`pip install -r '{{ ansible_env.TEMP }}\pip_packages\pip_packages\requirements.txt' --no-index --find-links='{{ ansible_env.TEMP }}\pip_packages\pip_packages'`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Stop chromedriver before install`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_powershell:`
			`script: \|`
			`if (Get-Process -Name 'chromedriver' -ErrorAction SilentlyContinue) {`
			`TASKKILL /F /IM chromedriver.exe /T`
			`}`
			`else {`
			`$Ansible.Changed = $false`
			`}`

			`- name: Remove old chromedriver (Chrome)`
			`ansible.windows.win_file:`
			`path: "{{ item }}"`
			`state: absent`
			`with_items:`
			`- C:\Program Files\JumpServer\drivers\chromedriver-win32`
			`- C:\Program Files\JumpServer\drivers\chromedriver_win32`
			`- C:\Program Files\JumpServer\drivers\chromedriver-win64`
			`- C:\Program Files\JumpServer\drivers\chromedriver_win64`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Download chromedriver (Chrome)`
			`ansible.windows.win_get_url:`
			`url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"`
			`dest: "{{ ansible_env.TEMP }}\\chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"`
			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`

perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`- name: Unzip chromedriver (Chrome)`
			`community.windows.win_unzip:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`src: "{{ ansible_env.TEMP }}\\chromedriver-{{ CHROME_DRIVER_VERSION }}-win64.zip"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`dest: C:\Program Files\JumpServer\drivers`

fix: deploy applet host 2024-07-16 03:38:55 +00:00			`- name: Download Chrome zip package (Chrome)`
			`ansible.windows.win_get_url:`
			`url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chrome-{{ CHROME_VERSION }}-win.zip"`
			`dest: "{{ ansible_env.TEMP }}\\chrome-{{ CHROME_VERSION }}-win.zip"`
			`validate_certs: "{{ not IGNORE_VERIFY_CERTS }}"`

			`- name: Stop Chrome before install`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`ansible.windows.win_powershell:`
			`script: \|`
			`if (Get-Process -Name 'chrome' -ErrorAction SilentlyContinue) {`
			`TASKKILL /F /IM chrome.exe /T`
			`}`
			`else {`
			`$Ansible.Changed = $false`
			`}`

			`- name: Remove old Chrome (Chrome)`
			`ansible.windows.win_file:`
			`path: "{{ item }}"`
			`state: absent`
			`with_items:`
			`- C:\Program Files\JumpServer\applications\Chrome`
			`- C:\Program Files\Chrome\chrome-win32`
			`- C:\Program Files\Chrome\chrome-win`
			`- C:\Program Files\chrome-win`

			`- name: Unzip Chrome (Chrome)`
			`community.windows.win_unzip:`
fix: deploy applet host 2024-07-16 03:38:55 +00:00			`src: "{{ ansible_env.TEMP }}\\chrome-{{ CHROME_VERSION }}-win.zip"`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00			`dest: C:\Program Files\JumpServer\applications`

			`- name: Check and Clean global system path (Chrome)`
			`ansible.windows.win_path:`
			`elements:`
			`- 'C:\Program Files\Python310\Scripts\'`
			`- 'C:\Program Files\Python310\'`
			`- 'C:\Program Files\JumpServer\drivers\chromedriver-win32'`
			`- 'C:\Program Files\JumpServer\drivers\chromedriver_win32'`
			`- 'C:\Program Files\Chrome\chrome-win32'`
			`- 'C:\Program Files\Chrome\chrome-win'`
			`- 'C:\Program Files\chrome-win'`
			`state: absent`

			`- name: Set Chrome and driver on the global system path (Chrome)`
			`ansible.windows.win_path:`
			`elements:`
			`- 'C:\Program Files\JumpServer\applications\Chrome\Application'`
			`- 'C:\Program Files\JumpServer\drivers\chromedriver-win64'`

			`- name: Set Chrome variables disable Google Api (Chrome)`
			`ansible.windows.win_environment:`
			`level: machine`
			`variables:`
			`GOOGLE_API_KEY: ''`
			`GOOGLE_DEFAULT_CLIENT_ID: ''`
			`GOOGLE_DEFAULT_CLIENT_SECRET: ''`

			`- name: Generate tinkerd component config`
			`ansible.windows.win_powershell:`
			`script: \|`
			`tinkerd config --hostname {{ HOST_NAME }} --core_host {{ CORE_HOST }} --token {{ BOOTSTRAP_TOKEN }} --host_id {{ HOST_ID }} --ignore-verify-certs {{ IGNORE_VERIFY_CERTS }}`

			`- name: Install tinkerd service`
			`ansible.windows.win_powershell:`
			`script: \|`
			`tinkerd service install`

			`- name: Start tinkerd service`
			`ansible.windows.win_powershell:`
			`script: \|`
			`tinkerd service start`

			`- name: Wait Tinker api health`
			`ansible.windows.win_uri:`
			`url: http://localhost:6068/api/health/`
			`status_code: 200`
			`method: GET`
			`register: _result`
			`until: _result.status_code == 200`
			`retries: 30`
			`delay: 5`

			`- name: Sync all remote applets`
			`ansible.windows.win_powershell:`
			`script: \|`
			`tinkerd install all`
			`register: sync_remote_applets`
merge: into dev from v4 2024-04-29 03:07:43 +00:00			`when: INSTALL_APPLETS`
perf: 优化发布机日志输出 2024-04-13 04:30:56 +00:00
			`rescue:`
			`- debug:`
			`var: ansible_failed_result`
			`- fail:`
			`msg: "Failed to deploy applet host"`