This was so far the most effortful tutorial I have written. Considering the fact that just three weeks ago, I only heard of Ansible and never even touched it, this was quite a learning curve. It was a good 70-80 hours of work with the use of various online articles, to-do guides and AI. And it was worth it!
Probably not surprisingly, the output from AI (Gemini Pro 2.5 and ChatGPT 5) was often inaccurate and I had to verify every line. In return, this meant that I was really playing with the syntax and learnt a lot faster. Perhaps that is how AI tools are supposed to be used in learning – no risk of brain rot here!
Most useful sources
- I’m a bit fan on Brandon Lee’s blog and this article title Use Ansible AWX to Automate Linux Updates and Patches helped me get a solid start into the matter:
- Sumeet Nimawe’s article is also robust. He used Docker, which is no longer officially supported. He covered the templating jobs really well.
- Nikhil Kumar’s article on Advanced Techniques for Dynamic Automation with examples of how to use variables with the awx.awx module.
- Do check the Community.Proxmox official documentation, it is a gem when it comes to having a point of reference when creating YAML templates.
Next steps
You might wonder what would be the next steps – feel free to recommend some in the comments section below!
- I have intentionally missed Windows hosts, even though I actually tested it with WinRM. I could add it into this guide if there is interest (the tutorial was just getting a bit long even for my taste).
- The scripts need to be optimized for Ansible 2.19 – is there anyone who could help me with it? AI tools cannot get it right with the Jinja2 syntax.
- What we are missing in our set up is a verification process to confirm that all hosts are patched. For that, we can use a free self-hosted tool called Patchmon. It is free when self-hosted for up to 250 hosts, which is generally sufficient for home labbers (keep in mind, Windows is not supported).
- The current version of Patchmon is built on Next.JS front-end with Node.JS / PostgreSQL on the back-end (with Prisma as the ORM). If you are interested, let me know and we can include it in our next tutorial. This way, we would have one system that monitors our patching status as an observer while we leverage Ansible with AWX to get the job done.
Alternatives to AWX
- Some might argue why AWX? It has not been touched for just over a year! Yes, AWX is currently undergoing a refactoring process due to its architectural limitations related to it being a monolithic app built on Python with Django.
- Those who feel adventurous could give Ansible-WebUI a test. This is a community project that may do just what you need. If you would like me to explore that option next, leave a comment below 🙂
- There are some other ‘self-hostable’ semi-free alternatives beyond Ansible Tower (from which AWX is derived) that support inventory management , such as Semaphore UI and Spacelift. They are just severely limiting you as an admin by either having a single API key that you can use (Spacelift) or not being able to manage your project runners (in the case of Semaphore UI).
Hopefully you have enjoyed this guide. Feel free to ask questions or provide feedback.