47 lines
1.7 KiB
Plaintext
47 lines
1.7 KiB
Plaintext
<powershell>
|
|
|
|
# MAKE SURE IN YOUR PACKER CONFIG TO SET:
|
|
#
|
|
#
|
|
# "winrm_username": "Administrator",
|
|
# "winrm_insecure": true,
|
|
# "winrm_use_ssl": true,
|
|
#
|
|
#
|
|
|
|
|
|
write-output "Running User Data Script"
|
|
write-host "(host) Running User Data Script"
|
|
|
|
Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force -ErrorAction Ignore
|
|
|
|
# Don't set this before Set-ExecutionPolicy as it throws an error
|
|
$ErrorActionPreference = "stop"
|
|
|
|
# Remove HTTP listener
|
|
Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse
|
|
|
|
# Create a self-signed certificate to let ssl work
|
|
$Cert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "packer"
|
|
New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $Cert.Thumbprint -Force
|
|
|
|
# WinRM
|
|
write-output "Setting up WinRM"
|
|
write-host "(host) setting up WinRM"
|
|
|
|
cmd.exe /c winrm quickconfig -q
|
|
cmd.exe /c winrm set "winrm/config" '@{MaxTimeoutms="1800000"}'
|
|
cmd.exe /c winrm set "winrm/config/winrs" '@{MaxMemoryPerShellMB="1024"}'
|
|
cmd.exe /c winrm set "winrm/config/service" '@{AllowUnencrypted="true"}'
|
|
cmd.exe /c winrm set "winrm/config/client" '@{AllowUnencrypted="true"}'
|
|
cmd.exe /c winrm set "winrm/config/service/auth" '@{Basic="true"}'
|
|
cmd.exe /c winrm set "winrm/config/client/auth" '@{Basic="true"}'
|
|
cmd.exe /c winrm set "winrm/config/service/auth" '@{CredSSP="true"}'
|
|
cmd.exe /c winrm set "winrm/config/listener?Address=*+Transport=HTTPS" "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}"
|
|
cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes
|
|
cmd.exe /c netsh firewall add portopening TCP 5986 "Port 5986"
|
|
cmd.exe /c net stop winrm
|
|
cmd.exe /c sc config winrm start= auto
|
|
cmd.exe /c net start winrm
|
|
|
|
</powershell> |