Hello,
I'm looking to fully automate the installation of the WAPT server component using Ansible and its Windows administration console. I have several servers, and updating all the agents, consoles, and servers is starting to represent a significant workload.
* Server Component:
- Installation: Regarding the installation, I've read the Python script. I'll install Nginx and PostgreSQL using Ansible roles, and then configure them (admin password, secret) within a WAPT role.
- Update: I've started looking into how to perform the update, but I don't see much to check.
My only problem is the configuration file, which isn't generated during installation or updates. It seems to be generated by an import. Can you confirm this? And do you have a method for retrieving it from a link or other source?
* Administration Console:
I will also perform the installation and updates using Ansible and the Windows modules. I would like to have the silent settings for installing the "waptsetup-tis.exe" executable.
Once the console is installed, we need to generate a certificate. Is this possible via the command line?
This certificate, which we use to sign our packages, allows us to create the "waptagent.exe" installer. Is it possible to generate it via the command line like a regular package? Are there any changes made to this package when it is generated from the console?
This would allow me to have a solution that could be deployed on a large scale.
Thank you for your help!
Automatic server/console installation/update
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
The server-side configuration file (/opt/wapt/conf/waptserver.ini) is basic.
Generating it with Ansible should be quite trivial. You just need to generate a unique server UUID and a random session key.
On the server side, also remember to generate the key/certificate pair for Nginx and initialize the PostgreSQL database.
The necessary functions are in postconf.py.
waptsetup-tis.exe has the same silent command-line options as waptagent.exe.
Among other things: https://www.wapt.fr/fr/doc/Configuratio ...
When generating a waptagent.exe, you are actually recompiling a waptsetup.exe with default values specific to the local installation. You also include the authorized certificate(s) for packages and actions, as well as the certificates for verifying HTTPS connections.
To generate a key/certificate, OpenSSL (installed with Wapt) works very well. You just need to make sure to add the "Code Signing" attribute. However, an automated procedure should only be responsible for deploying the certificate, as the private key/certificate pair has already been generated once and for all to identify the administrator.
(In fact, it's not strictly necessary to recompile a waptagent.exe; you can easily deploy a waptsetup-tis.exe with appropriate command-line options to set the repo_url and wapt_server parameters, add the certificates, etc.)
Generating it with Ansible should be quite trivial. You just need to generate a unique server UUID and a random session key.
On the server side, also remember to generate the key/certificate pair for Nginx and initialize the PostgreSQL database.
The necessary functions are in postconf.py.
waptsetup-tis.exe has the same silent command-line options as waptagent.exe.
Among other things: https://www.wapt.fr/fr/doc/Configuratio ...
When generating a waptagent.exe, you are actually recompiling a waptsetup.exe with default values specific to the local installation. You also include the authorized certificate(s) for packages and actions, as well as the certificates for verifying HTTPS connections.
To generate a key/certificate, OpenSSL (installed with Wapt) works very well. You just need to make sure to add the "Code Signing" attribute. However, an automated procedure should only be responsible for deploying the certificate, as the private key/certificate pair has already been generated once and for all to identify the administrator.
(In fact, it's not strictly necessary to recompile a waptagent.exe; you can easily deploy a waptsetup-tis.exe with appropriate command-line options to set the repo_url and wapt_server parameters, add the certificates, etc.)
Tranquil IT
