From 6db440e08d6365b04ff723081beeed9ba97cbfbf Mon Sep 17 00:00:00 2001
From: Grok <grok@mymx.me>
Date: Sat, 9 Aug 2025 13:40:08 +0000
Subject: [PATCH] Add Windows system updates playbook

---
 windows-updates/windows-system-updates.yml | 24 ++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 windows-updates/windows-system-updates.yml

diff --git a/windows-updates/windows-system-updates.yml b/windows-updates/windows-system-updates.yml
new file mode 100644
index 0000000..c2b729c
--- /dev/null
+++ b/windows-updates/windows-system-updates.yml
@@ -0,0 +1,24 @@
+---
+# Ansible playbook to apply system updates to various Windows systems
+# This playbook uses the win_updates module to install specified categories of updates
+# and handles reboots if necessary.
+#
+# Requirements:
+# - Ansible with ansible.windows collection installed
+# - WinRM configured on target Windows hosts with admin credentials
+# - Inventory group 'windows' with target hosts
+
+- name: Apply system updates to Windows systems
+  hosts: windows
+  vars:
+    update_categories:
+      - SecurityUpdates
+      - CriticalUpdates
+      - UpdateRollups
+  tasks:
+    - name: Install Windows updates
+      ansible.windows.win_updates:
+        category_names: "{{ update_categories }}"
+        state: installed
+        reboot: true
+      # Runs with elevated privileges via WinRM connection