GO-EUC · RyanBijkerk · Aug 16, 2023 · May 29, 2023 · May 29, 2023 · Aug 16, 2023
diff --git a/ansible/citrix-license-server.yml b/ansible/citrix-license-server.yml
@@ -16,7 +16,7 @@
   vars:
     ou_path: "OU=Infra,OU=Machines,OU=GO"
 
-- name: Citrix License Server
+- name: Install and configure Citrix License Server
   hosts: citrix_lic
   roles:
   - citrix-license-server

diff --git a/ansible/citrix-storefront.yml b/ansible/citrix-storefront.yml
@@ -1,9 +1,9 @@
 ---
 - hosts: localhost
  connection: local
  gather_facts: yes
  tasks:
  - name: Install requirements
    include_tasks: vault.yml

 - name: Domain join the Citrix Storefront
@@ -16,7 +16,7 @@
   vars:
     ou_path: "OU=Infra,OU=Machines,OU=GO"
 
-- name: Citrix Storefront
+- name: Install and configure Citrix Storefront
   hosts: citrix_sf
   roles:
     - citrix-storefront

diff --git a/ansible/loadgen.yml b/ansible/loadgen.yml
@@ -9,18 +9,28 @@
 #   - name: Start the Azure Key Vault actions
 #     include_tasks: azure-keyvault.yml
 
-- name: LoadGen Bots
-  hosts: lg_bots
+- hosts: localhost
+  connection: local
+  gather_facts: yes
+  tasks:
+  - name: Install requirements
+    include_tasks: vault.yml
+
+- name: Domain join the LoadGen bots
+  hosts: bots
   roles:
-  - domain-join
-  - citrix-receiver
-  - loadgen-agent
+    - domain-join
+  vars_files:
+    - ansible.yml
+    - local.yml
   vars:
-    dns_domain_name: 'GO.EUC'
-    domain_name: GO
-    domain_controller: "{{ groups['dc'][0] }}"
-    domain_admin_user: "GO\\{{ ansible_user }}"
-    ansible_connection: winrm
-    ansible_winrm_transport: ntlm
-    ansible_winrm_server_cert_validation: ignore
-    ansible_port: 5985
+    ou_path: "OU=Bots,OU=Machines,OU=GO"
+
+- name: Install and configure the LoadGen bots
+  hosts: bots
+  roles:
+    - citrix-receiver
+  vars_files:
+    - ansible.yml
+    - domain.yml
+    - loadgen.yml
diff --git a/ansible/roles/citrix-delivery-controller/tasks/install.yml b/ansible/roles/citrix-delivery-controller/tasks/install.yml
@@ -8,6 +8,9 @@
 - name: Block for Citrix installation
   block:
 
+    - name: Install NuGet
+      win_shell: Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
+
     - name: Check for PendingReboot module
       win_psmodule:
         name: PendingReboot

diff --git a/ansible/roles/citrix-license-server/tasks/main.yml b/ansible/roles/citrix-license-server/tasks/main.yml
@@ -9,7 +9,7 @@
   block:
 
     - name: Install NuGet
-      win_shell: Install-PackageProvider -Name Nuget -Force
+      win_shell: Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
 
     - name: Check for PendingReboot module
       win_psmodule:

diff --git a/ansible/roles/citrix-receiver/tasks/main.yml b/ansible/roles/citrix-receiver/tasks/main.yml
@@ -1,8 +1,23 @@
 ---
-- name: Install Citrix Receiver
+- name: Update fact to CitrixWorkspaceApp
+  set_fact:
+    app_name: CitrixWorkspaceApp
+
+- name: "Collect Evergreen info for {{ app_name }}"
+  win_uri:
+    url: "https://evergreen-api.stealthpuppy.com/app/{{ app_name }}"
+    method: GET
+    content_type: application/json
+    return_content: true
+  register: app
+
+- name: "Set Evergreen object for {{ app_name }}"
+  set_fact:
+    app_details: "{{ app.json | json_query('[?Stream == `Current`]') | first }}"
+
+- name: "Install {{ app_details.Title }} {{ app_details.Version }}"
   win_package:
-    path: "https://downloadplugins.citrix.com/ReceiverUpdates/Prod/Receiver/Win/CitrixWorkspaceApp22.7.0.24.exe"
+    path: "{{ app_details.URI }}"
     arguments: /silent /noreboot /AutoUpdateCheck=disabled
-    state: present
     expected_return_code: [0, 3, 3010]
-    creates_path: "C:\\Program Files (x86)\\Citrix\\Citrix WorkSpace 2207"
+    state: present
diff --git a/ansible/roles/citrix-storefront/tasks/install.yml b/ansible/roles/citrix-storefront/tasks/install.yml
@@ -9,7 +9,7 @@
   block:
 
     - name: Install NuGet
-      win_shell: Install-PackageProvider -Name Nuget -Force
+      win_shell: Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
 
     - name: Check for PendingReboot module
       win_psmodule:

diff --git a/ansible/roles/citrix-vda/tasks/main.yml b/ansible/roles/citrix-vda/tasks/main.yml
@@ -1,18 +1,4 @@
 ---
-- name: Built the environment dictonary and variables
-  set_fact:
-    branch: "{{ lookup('env', 'environment') | lower }}"
-    environments:
-      default: "pois"
-      cards: "card"
-      flowers: "flow"
-
-- name: Built the environment dictonary and variables
-  set_fact:
-    citrix_username: "{{ lookup('env', 'citrix_username') }}"
-    citrix_password: "{{ lookup('env', 'citrix_password') }}"
-    environment_short: "{{ environments[branch] }}"
-
 - name: Install Microsoft Visual C++ Redistributable Latest - X86"
   win_package:
     path: https://aka.ms/vs/17/release/vc_redist.x86.exe
@@ -32,50 +18,14 @@
   win_reboot:
     reboot_timeout: 3600
 
-- name: Create directory structure
-  win_file:
-    path: C:\Download\Citrix
-    state: directory
-
-- name: Copy a single file
-  ansible.windows.win_copy:
-    src: files/Get-CTXBinary.ps1
-    dest: C:\Download\Citrix\Get-CTXBinary.ps1
-
-- name: Debug Citrix download
-  ansible.builtin.debug:
-    msg: "{{ citrix_username }}"
-
-- name: Download Citrix VDA
-  win_shell: C:\Download\Citrix\Get-CTXBinary.ps1 -DownloadPath C:\Download\Citrix\ -MyCitrixUsername "{{ citrix_username }}" -MyCitrixPassword "{{ citrix_password }}" -VDAVersion latest -VDAType server
-  register: citrix_download
-
-- name: Debug Citrix download
-  ansible.builtin.debug:
-    msg: "{{ citrix_download }}"
-
 - name: Install Citrix VDA
   win_package:
-    chdir: C:\Download\Citrix
-    path: "{{ citrix_download.stdout | trim }}"
-    arguments: /components VDA /controllers "{{ environment_short }}-cc-1.go.euc, {{ environment_short }}-cc-2.go.euc" /disableexperiencemetrics /enable_hdx_ports /enable_hdx_udp_ports /enable_real_time_transport /enable_remote_assistance /enable_ss_ports /exclude `"Citrix Telemetry Service`",`"Citrix Personalization for App-V - VDA`",`"Citrix Files for Windows`",`"Citrix Files for Outlook`",`"User personalization layer`",`"Citrix WEM Agent`",`"Citrix VDA Upgrade Agent`" /includeadditional `"Citrix MCS IODriver`" /masterimage /noreboot /quiet
+    path: "{{citrix.path}}/{{citrix.version}}/VDAWorkstationSetup_{{citrix.version}}.exe"
+    arguments: /components VDA /disableexperiencemetrics /enable_hdx_ports /enable_hdx_udp_ports /enable_real_time_transport /masterimage /noreboot /quiet
     state: present
     expected_return_code: [0, 3, 3010]
   register: vda_install
 
 - name: Reboot after VDA
   win_reboot:
   when: vda_install.changed
-
-- name: Resume VDA Install
-  win_package:
-    path: "{{ citrix_download.stdout | trim }}"
-    state: present
-    expected_return_code: [0, 3, 3010]
-    creates_service: BrokerAgent
-  when: vda_install.changed
-  register: vda_resume
-
-- name: Reboot after vda install
-  win_reboot:
-  when: vda_resume.changed
diff --git a/ansible/roles/domain-controller/tasks/gpo.yml b/ansible/roles/domain-controller/tasks/gpo.yml
@@ -77,8 +77,8 @@
     - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: AllowCortanaAboveLock, type: DWORD, value: 0}
     - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: DisableWebSearch, type: DWORD, value: 1}
     - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: HideUNCTab, type: DWORD, value: 1}
-    - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: ConnectedSearchUseWeb, type: DWORD, value: 0}    
-    - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: PreventIndexingOfflineFiles, type: DWORD, value: 1}    
+    - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: ConnectedSearchUseWeb, type: DWORD, value: 0}
+    - { key: HKLM\Software\Policies\Microsoft\Windows\Windows Search, name: PreventIndexingOfflineFiles, type: DWORD, value: 1}
     - { key: HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate, name: SetDisableUXWUAccess, type: DWORD, value: 1}
     - { key: HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU, name: AutoInstallMinorUpdates, type: DWORD, value: 1}
     - { key: HKLM\Software\Policies\Microsoft\WindowsMediaPlayer, name: GroupPrivacyAcceptance, type: DWORD, value: 1}
@@ -88,6 +88,13 @@
     - { key: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, name: ClearRecentProgForNewUserInStartMenu, type: DWORD, value: 1}
     - { key: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, name: NoInstrumentation, type: DWORD, value: 1}
     - { key: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, name: NoThumbnailCache, type: DWORD, value: 1}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\common, name: sendcustomerdata, type: DWORD, value: 0}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\common\general, name: shownfirstrunoptin, type: DWORD, value: 1}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\common\privacy, name: controllerconnectedservicesenabled, type: DWORD, value: 2}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\firstrun, name: bootedrtm, type: DWORD, value: 1}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\firstrun, name: disablemovie, type: DWORD, value: 1}
+    - { key: HKCU\Software\Policies\Microsoft\office\16.0\teams, name: preventfirstlaunchafterinstall, type: DWORD, value: 1}
+    - { key: HKCU\Software\Policies\Microsoft\office\common\clienttelemetry, name: sendtelemetry, type: DWORD, value: 3}
     - { key: HKCU\Software\Policies\Microsoft\Windows\CloudContent, name: DisableWindowsSpotlightFeatures, type: DWORD, value: 1}
     - { key: HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications, name: NoToastApplicationNotification, type: DWORD, value: 1}
     - { key: HKCU\Software\Policies\Microsoft\Windows\Directory UI, name: QueryLimit, type: DWORD, value: 1388}

diff --git a/ansible/roles/domain-join/tasks/main.yml b/ansible/roles/domain-join/tasks/main.yml
@@ -2,6 +2,10 @@
 - name: Domain join machine
   block:
 
+  - name: Set timezone to 'W. Europe Standard Time' (GMT+01:00)
+    win_timezone:
+      timezone: W. Europe Standard Time
+
   - name: Set fact for Domain Path
     set_fact:
       domain_path: "DC={{ dns_domain_name.split('.') | join(',DC=') }}"

diff --git a/ansible/roles/windows-image/files/GO-EUC.xml b/ansible/roles/windows-image/files/GO-EUC.xml
@@ -0,0 +1,23 @@
+<Configuration ID="3f8ce214-9982-437f-9721-a809ca139579">
+  <Add OfficeClientEdition="64" Channel="SemiAnnual">
+    <Product ID="O365ProPlusRetail">
+      <Language ID="en-us" />
+      <ExcludeApp ID="Groove" />
+      <ExcludeApp ID="Lync" />
+      <ExcludeApp ID="Bing" />
+    </Product>
+  </Add>
+  <Property Name="SharedComputerLicensing" Value="1" />
+  <Property Name="FORCEAPPSHUTDOWN" Value="FALSE" />
+  <Property Name="DeviceBasedLicensing" Value="0" />
+  <Property Name="SCLCacheOverride" Value="0" />
+  <Updates Enabled="TRUE" />
+  <RemoveMSI />
+  <AppSettings>
+    <Setup Name="Company" Value="GO-EUC Test Lab" />
+    <User Key="software\microsoft\office\16.0\excel\options" Name="defaultformat" Value="51" Type="REG_DWORD" App="excel16" Id="L_SaveExcelfilesas" />
+    <User Key="software\microsoft\office\16.0\powerpoint\options" Name="defaultformat" Value="27" Type="REG_DWORD" App="ppt16" Id="L_SavePowerPointfilesas" />
+    <User Key="software\microsoft\office\16.0\word\options" Name="defaultformat" Value="" Type="REG_SZ" App="word16" Id="L_SaveWordfilesas" />
+  </AppSettings>
+  <Display Level="None" AcceptEULA="TRUE" />
+</Configuration>
diff --git a/ansible/roles/windows-image/tasks/adobe-reader-dc.yml b/ansible/roles/windows-image/tasks/adobe-reader-dc.yml
@@ -0,0 +1,23 @@
+---
+- name: Update fact to AdobeAcrobatReaderDC
+  set_fact:
+    app_name: AdobeAcrobatReaderDC
+
+- name: "Collect Evergreen info for {{ app_name }}"
+  win_uri:
+    url: "https://evergreen-api.stealthpuppy.com/app/{{ app_name }}"
+    method: GET
+    content_type: application/json
+    return_content: true
+  register: app
+
+- name: "Set Evergreen object for {{ app_name }}"
+  set_fact:
+    app_details: "{{ app.json | json_query('[?Architecture == `x64` && Language == `MUI`]') | first }}"
+
+- name: "Install {{ app_details.Title }} {{ app_details.Version }}"
+  win_package:
+    path: "{{ app_details.URI }}"
+    arguments: /sAll /rs /msi EULA_ACCEPT=YES
+    expected_return_code: [0, 3, 3010]
+    state: present
diff --git a/ansible/roles/windows-image/tasks/citrix-optimizer.yml b/ansible/roles/windows-image/tasks/citrix-optimizer.yml
@@ -0,0 +1,23 @@
+---
+- name: Create Temp folder
+  win_file:
+    path: C:\Temp
+    state: directory
+
+- name: Download Citrix Optimizer
+  win_get_url:
+    url: "{{citrix.optimizer.path}}/{{citrix.optimizer.version}}/CitrixOptimizerTool.zip"
+    dest: C:\Temp\CitrixOptimizerTool.zip
+
+- name: Extract zip file
+  win_unzip:
+    src: C:\Temp\CitrixOptimizerTool.zip
+    dest: C:\Temp\
+
+- name: Apply optimizations
+  win_shell: C:\Temp\CtxOptimizerEngine.ps1 -Template AutoSelect -Mode Execute
+
+- name: Remove Temp directory structure
+  win_file:
+    path: C:\Temp
+    state: absent