Applications¶

Installation des applications bureautiques et de développement. Chemin principal gratuit (LibreOffice, Chocolatey) et variante Microsoft 365.

Rôle chocolatey¶

Chocolatey est le gestionnaire de paquets de référence pour Windows. Il permet l'installation silencieuse de la plupart des logiciels.

Variables par défaut¶

Créez roles/chocolatey/defaults/main.yml :

chocolatey_enabled: true
chocolatey_packages:
  - 7zip
  - notepadplusplus
  - googlechrome
  - firefox
  - vlc
  - vscode

Tâches principales¶

Créez roles/chocolatey/tasks/main.yml :

---
- name: Installer Chocolatey
  ansible.windows.win_shell: |
    Set-ExecutionPolicy Bypass -Scope Process -Force
    [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
    Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
  args:
    creates: C:\ProgramData\chocolatey\choco.exe

- name: Installer les paquets Chocolatey
  chocolatey.chocolatey.win_chocolatey:
    name: "{{ item }}"
    state: present
  loop: "{{ chocolatey_packages }}"

- name: Validation du role
  ansible.builtin.include_tasks: validate.yml
  tags: [validate]

Assertions¶

Créez roles/chocolatey/tasks/validate.yml :

---
- name: "Assert : Chocolatey installe"
  ansible.windows.win_command: choco --version
  changed_when: false

- name: "Assert : Les paquets sont installes"
  ansible.windows.win_shell: "choco list --local-only | Select-String '{{ item }}'"
  loop: "{{ chocolatey_packages }}"
  changed_when: false

Chocolatey vs winget¶

Aspect	Chocolatey	winget
Maturité	Stable, large catalogue	Plus récent, catalogue Microsoft
Ansible	Module `win_chocolatey` officiel	Pas de module natif (via `win_command`)
Licence	Community gratuite	Gratuit
Recommandation	Utiliser pour le provisioning	Bon pour usage interactif

Rôle apps (LibreOffice)¶

Variables par défaut¶

Créez roles/apps/defaults/main.yml :

apps_enabled: true
libreoffice_version: "24.8"
libreoffice_msi_url: "https://download.documentfoundation.org/libreoffice/stable/{{ libreoffice_version }}/win/x86_64/LibreOffice_{{ libreoffice_version }}_Win_x86-64.msi"
libreoffice_install_dir: "C:\\Program Files\\LibreOffice"

Tâches principales¶

Créez roles/apps/tasks/main.yml :

---
- name: Telecharger LibreOffice MSI
  ansible.windows.win_get_url:
    url: "{{ libreoffice_msi_url }}"
    dest: "C:\\Temp\\libreoffice.msi"

- name: Installer LibreOffice en mode silencieux
  ansible.windows.win_package:
    path: "C:\\Temp\\libreoffice.msi"
    arguments:
      - /qn
      - /norestart
      - ADDLOCAL=ALL
    state: present

- name: Nettoyer l'installeur
  ansible.windows.win_file:
    path: "C:\\Temp\\libreoffice.msi"
    state: absent

- name: Validation du role
  ansible.builtin.include_tasks: validate.yml
  tags: [validate]

Assertions¶

Créez roles/apps/tasks/validate.yml :

---
- name: "Assert : LibreOffice installe"
  ansible.windows.win_stat:
    path: "{{ libreoffice_install_dir }}\\program\\soffice.exe"
  register: lo_check
  failed_when: not lo_check.stat.exists

- name: "Assert : LibreOffice peut demarrer"
  ansible.windows.win_command: '"{{ libreoffice_install_dir }}\\program\\soffice.exe" --version'
  changed_when: false

Variante M365 : Office Deployment Tool¶

Licences

L'installation de Microsoft 365 Apps nécessité des licences valides. Ce rôle automatise le déploiement mais ne fournit pas de licence. Activez-le uniquement si votre organisation dispose de licences M365.

Variables par défaut¶

Créez roles/m365/defaults/main.yml :

m365_enabled: false
m365_channel: "MonthlyEnterprise"
m365_products:
  - "O365ProPlusRetail"
m365_exclude_apps:
  - "Groove"
  - "Lync"
  - "OneDrive"
m365_language: "fr-fr"

Configuration XML pour ODT¶

Créez roles/m365/templates/configuration.xml.j2 :

<Configuration>
  <Add OfficeClientEdition="64" Channel="{{ m365_channel }}">
{% for product in m365_products %}
    <Product ID="{{ product }}">
      <Language ID="{{ m365_language }}" />
{% for app in m365_exclude_apps %}
      <ExcludeApp ID="{{ app }}" />
{% endfor %}
    </Product>
{% endfor %}
  </Add>
  <Display Level="None" AcceptEULA="TRUE" />
  <Updates Enabled="TRUE" Channel="{{ m365_channel }}" />
  <RemoveMSI />
</Configuration>

Tâches principales¶

Créez roles/m365/tasks/main.yml :

---
- name: Creer le repertoire ODT
  ansible.windows.win_file:
    path: C:\ODT
    state: directory

- name: Telecharger Office Deployment Tool
  ansible.windows.win_get_url:
    url: "https://officecdn.microsoft.com/pr/wsus/setup.exe"
    dest: C:\ODT\setup.exe

- name: Generer le fichier de configuration
  ansible.windows.win_template:
    src: configuration.xml.j2
    dest: C:\ODT\configuration.xml

- name: Telecharger les fichiers d'installation M365
  ansible.windows.win_command: C:\ODT\setup.exe /download C:\ODT\configuration.xml
  args:
    chdir: C:\ODT

- name: Installer Microsoft 365 Apps
  ansible.windows.win_command: C:\ODT\setup.exe /configure C:\ODT\configuration.xml
  args:
    chdir: C:\ODT

- name: Nettoyer les fichiers ODT
  ansible.windows.win_file:
    path: C:\ODT
    state: absent

- name: Validation du role
  ansible.builtin.include_tasks: validate.yml
  tags: [validate]

Assertions¶

Créez roles/m365/tasks/validate.yml :

---
- name: "Assert : M365 installe"
  ansible.windows.win_reg_stat:
    path: HKLM:\SOFTWARE\Microsoft\Office\ClickToRun\Configuration
    name: VersionToReport
  register: m365_check
  failed_when: m365_check.value is not defined