diff --git a/.drone.yml b/.drone.yml index 74c5cfe..7f1ea9f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -16,17 +16,15 @@ steps: commands: - yamllint --version - packer --version - - pwsh --version + - ansible --version - ovftool --version -- name: Windows 10 +- name: Ubuntu Server 20.04 image: bv11-cr01.bessems.eu/library/packer-extended pull: always commands: - - sed -i -e "s/<>/$${PRODUCTKEY}/" packer/preseed/Windows10/Autounattend.xml - | - sed -i -e "s/<>/$${WINRM_PASSWORD}/g" \ - packer/preseed/Windows10/Autounattend.xml \ - packer/preseed/Windows10/Sysprep_Unattend.xml + sed -i -e "s/<>/$${SSH_PASSWORD}/g" \ + packer/preseed/UbuntuServer20.04/user-data - | yamllint -d "{extends: relaxed, rules: {line-length: disable}}" scripts - | @@ -35,33 +33,31 @@ steps: - | packer validate \ -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \ - -var vm_guestos=win10 \ + -var vm_guestos=ubuntuserver20.04 \ -var repo_username=$${REPO_USERNAME} \ -var repo_password=$${REPO_PASSWORD} \ -var vsphere_password=$${VSPHERE_PASSWORD} \ - -var winrm_password=$${WINRM_PASSWORD} \ + -var ssh_password=$${WINRM_PASSWORD} \ ./packer - | packer build \ -on-error=cleanup \ -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \ - -var vm_guestos=win10 \ + -var vm_guestos=ubuntuserver20.04 \ -var repo_username=$${REPO_USERNAME} \ -var repo_password=$${REPO_PASSWORD} \ -var vsphere_password=$${VSPHERE_PASSWORD} \ - -var winrm_password=$${WINRM_PASSWORD} \ + -var ssh_password=$${WINRM_PASSWORD} \ ./packer environment: VSPHERE_PASSWORD: from_secret: vsphere_password - WINRM_PASSWORD: - from_secret: winrm_password + SSH_PASSWORD: + from_secret: ssh_password REPO_USERNAME: from_secret: repo_username REPO_PASSWORD: from_secret: repo_password - PRODUCTKEY: - from_secret: prodkey_win10 # PACKER_LOG: 1 volumes: - name: output diff --git a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled IPv6.rb b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled IPv6.rb deleted file mode 100644 index aee7bf9..0000000 --- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled IPv6.rb +++ /dev/null @@ -1,16 +0,0 @@ -script = <<-EOH -$nic = get-netadapter - -Get-NetAdapterBinding –InterfaceAlias $nic.name –ComponentID ms_tcpip6 -EOH - -control "ipv6" do - title 'Disabled network protocol IPv6' - desc ' - This test assures that IPv6 is disabled - ' - - describe powershell(script) do - its('stdout') { should match 'False' } - end -end \ No newline at end of file diff --git a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled Services.rb b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled Services.rb deleted file mode 100644 index da3d4f4..0000000 --- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled Services.rb +++ /dev/null @@ -1,29 +0,0 @@ -script = <<-EOH - # Initialize variable to empty array - $NonCompliantServices = @() - - # Specify relevant services - $Services = @( - "wuauserv", - "W3SVC", - "XboxGipSvc", - "XblGameSave" - ) - - # Enumerate all services - $NonCompliantServices += Get-Service $Services -ErrorAction 'SilentlyContinue' | Where-Object {$_.StartType -ne 'Disabled'} - - # Output; 'True' or list of noncompliant services - Write-Output ($True, $NonCompliantServices)[!($NonCompliantServices.Count -eq 0)] -EOH - -control "disabled_services" do - title 'Disabled services' - desc ' - This test assures that all unneeded services are set to "disabled". - ' - - describe powershell(script) do - its('stdout') { should match 'True' } - end -end diff --git a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single Disk.rb b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single Disk.rb deleted file mode 100644 index f1c499f..0000000 --- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single Disk.rb +++ /dev/null @@ -1,29 +0,0 @@ -script = <<-EOH - # Initialize variable to empty array - $LogicalDisks = @() - - # Enumerate all logicaldisks - # DriveType: - # Unknown (0) - # No Root Directory (1) - # Removable Disk (2) - # Local Disk (3) - # Network Drive (4) - # Compact Disc (5) - # RAM Disk (6) - $LogicalDisks += Get-WmiObject -Class 'win32_logicaldisk' -Filter 'DriveType=3' - - # Filter/Quantify - ($LogicalDisks.Count -eq 1) -and (($LogicalDisks | Where-Object {$_.DeviceID -ne 'C:'}).Count -eq 0) -EOH - -control "single_disk" do - title 'Single Disk' - desc ' - This test assures that only a single disk (C:) is available - ' - - describe powershell(script) do - its('stdout') { should match 'True' } - end -end diff --git a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software Installed.rb b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software Installed.rb deleted file mode 100644 index b6ac8be..0000000 --- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software Installed.rb +++ /dev/null @@ -1,54 +0,0 @@ -control "software_installed-7zip" do - title 'Included Default Applications: 7-Zip' - desc ' - This test assures that the software application "7-Zip" is installed. - ' - - describe chocolatey_package('7zip.install') do - it { should be_installed } - end -end - -# control "software_installed-dotnetfx" do -# title 'Included Default Applications: .NET' -# desc ' -# This test assures that the software application ".NET" is installed. -# ' - -# describe chocolatey_package('dotnetfx') do -# it { should be_installed } -# end -# end - -# control "software_installed-foxitreader" do -# title 'Included Default Applications: Foxit Reader' -# desc ' -# This test assures that the software application "Foxit Reader" is installed. -# ' - -# describe chocolatey_package('foxitreader') do -# it { should be_installed } -# end -# end - -# control "software_installed-notepadplusplus" do -# title 'Included Default Applications: Notepad++' -# desc ' -# This test assures that the software application "Notepad++" is installed. -# ' - -# describe chocolatey_package('notepadplusplus') do -# it { should be_installed } -# end -# end - -# control "software_installed-putty" do -# title 'Included Default Applications: Putty' -# desc ' -# This test assures that the software application "PuTTy" is installed. -# ' - -# describe chocolatey_package('putty') do -# it { should be_installed } -# end -# end \ No newline at end of file diff --git a/inspec/Windows10IoTEnterprise/profile/inspec.yml b/inspec/Windows10IoTEnterprise/profile/inspec.yml deleted file mode 100644 index 94cd003..0000000 --- a/inspec/Windows10IoTEnterprise/profile/inspec.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -name: Windows 10 IoT Enterprise -title: Windows 10 IoT Enterprise InSpec Tests -summary: Unit test for Windows 10 IoT Enterprise -version: 1.0.0 -maintainer: https://code.spamasaurus.com/djpbessems -copyright: https://code.spamasaurus.com/djpbessems -license: Proprietary -supports: - - platform-family: windows \ No newline at end of file diff --git a/packer/preseed/UbuntuServer20.04/user-data b/packer/preseed/UbuntuServer20.04/user-data new file mode 100644 index 0000000..df10ee1 --- /dev/null +++ b/packer/preseed/UbuntuServer20.04/user-data @@ -0,0 +1,29 @@ +#cloud-config +autoinstall: + version: 1 + locale: en_US + keyboard: + layout: en + variant: us + network: + network: + version: 2 + ethernets: + ens192: + dhcp4: true + storage: + layout: + name: lvm + identity: + hostname: packer-template + username: root + password: <> + ssh: + install-server: yes + allow-pw: true +# authorized-keys: +# - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCi9eAu6KBaShdcL4pxi6/sJp+IS6nCKexcjQdwFLxg+EoiT2MTAnMsjnfi570het+VV+iOigcZLuRwEcAPh6rSQOtpikmpV6WFjzToWq9aUxDrxWsp/iEPHp+sbjrlsdnGvLGY9XhmPs9s5I8xFQbwF6ilhMIQm+RxtGJJuPUWaF+uXo+3CB91A6bK/rjs97iAjrPZRs0vo5hJGqrIGFi3WP9hf8hF9oWz2BiLRYBib3il6lsAl4Ca0sI//gNM0Ztj4gB7qv1+uPz157bk0IZoN285/72l/rUZVSPIwO+QFZFK07FsyVrpAgMlHk65BiSAO4DtolZEArfXRE1g1DH/ mail@example.com + user-data: + disable_root: false +# late-commands: +# - echo 'ubnt ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu \ No newline at end of file diff --git a/packer/preseed/Windows10/Autounattend.xml b/packer/preseed/Windows10/Autounattend.xml deleted file mode 100644 index ae9838d..0000000 --- a/packer/preseed/Windows10/Autounattend.xml +++ /dev/null @@ -1,159 +0,0 @@ - - - - - - - - - - 1 - Primary - true - - - - - false - NTFS - C - 1 - 1 - - - - 0 - true - - OnError - - - true - - - <> - Never - - - - - - 0 - 1 - - OnError - false - - - /IMAGE/INDEX - 3 - - - - - - - - en-US - - en-US - en-US - en-US - en-US - en-US - - - - - false - - - - - en-US - en-US - en-US - en-US - - - - - <> - true</PlainText> - </AdministratorPassword> - </UserAccounts> - <OOBE> - <HideEULAPage>true</HideEULAPage> - <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> - <ProtectYourPC>1</ProtectYourPC> - </OOBE> - <AutoLogon> - <Password> - <Value><<img-password>></Value> - <PlainText>true</PlainText> - </Password> - <Username>administrator</Username> - <Enabled>true</Enabled> - </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set execution policy 64bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set execution policy 32bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine> - <Description>Disable new network prompt</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Set-NetworkProfile.ps1</CommandLine> - <Description>Set network profile to private</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Disable-WinRM.ps1</CommandLine> - <Description>Disable WinRM</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c a:\Install-VMwareTools.cmd</CommandLine> - <Order>13</Order> - <Description>Install VMware Tools</Description> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Enable-WinRM.ps1</CommandLine> - <Description>Enable WinRM</Description> - <Order>99</Order> - </SynchronousCommand> - </FirstLogonCommands> - <ShowWindowsLive>false</ShowWindowsLive> - </component> - </settings> - <settings pass="specialize"> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <OEMInformation> - <HelpCustomized>false</HelpCustomized> - </OEMInformation> - <!-- Rename computer here. --> - <ComputerName>packer-template</ComputerName> - <TimeZone>W. Europe Standard Time</TimeZone> - <RegisteredOwner/> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <SkipAutoActivation>true</SkipAutoActivation> - </component> - </settings> -</unattend> diff --git a/packer/preseed/Windows10/Sysprep_Unattend.xml b/packer/preseed/Windows10/Sysprep_Unattend.xml deleted file mode 100644 index fc79fe6..0000000 --- a/packer/preseed/Windows10/Sysprep_Unattend.xml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <OOBE> - <HideEULAPage>true</HideEULAPage> - <HideLocalAccountScreen>true</HideLocalAccountScreen> - <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> - <HideOnlineAccountScreens>true</HideOnlineAccountScreens> - <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Work</NetworkLocation> - <ProtectYourPC>1</ProtectYourPC> - <SkipMachineOOBE>true</SkipMachineOOBE> - <SkipUserOOBE>true</SkipUserOOBE> - </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value><<img-password>></Value> - <PlainText>true</PlainText> - </AdministratorPassword> - </UserAccounts> - </component> - </settings> - <settings pass="specialize"> - </settings> -</unattend> \ No newline at end of file diff --git a/packer/ubuntuserver20.04.pkr.hcl b/packer/ubuntuserver20.04.pkr.hcl new file mode 100644 index 0000000..9a964f7 --- /dev/null +++ b/packer/ubuntuserver20.04.pkr.hcl @@ -0,0 +1,84 @@ +packer { + required_plugins { + } +} + +source "vsphere-iso" "ubuntuserver" { + vcenter_server = var.vcenter_server + username = var.vsphere_username + password = var.vsphere_password + insecure_connection = "true" + + vm_name = "${var.vm_guestos}-${var.vm_name}" + datacenter = var.vsphere_datacenter + host = var.vsphere_host + folder = var.vsphere_folder + datastore = var.vsphere_datastore + + guest_os_type = "ubuntu64Guest" + + boot_order = "disk,cdrom" + boot_command = [ + "<enter><wait2><enter><wait><f6><esc><wait>", + " autoinstall<wait2> ds=nocloud;", + "<wait><enter>" + ] + boot_wait = "2s" + + communicator = "ssh" + winrm_username = "root" + winrm_password = var.ssh_password + winrm_timeout = "10m" + + CPUs = 2 + RAM = 4096 + + network_adapters { + network = var.vsphere_network + network_card = "vmxnet3" + } + storage { + disk_size = 20480 + disk_thin_provisioned = true + } + disk_controller_type = ["pvscsi"] + usb_controller = ["xhci"] + + cd_files = [ + "packer/preseed/UbuntuServer20.04/*" + ] + cd_label = "cidata" + iso_checksum = "sha256:D1F2BF834BBE9BB43FAF16F9BE992A6F3935E65BE0EDECE1DEE2AA6EB1767423" + iso_url = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Canonical/Ubuntu%20Server%2020.04/ubuntu-20.04.2-live-server-amd64.iso" + + shutdown_command = "echo '${var.ssh_password}' | sudo -S shutdown -P now" + shutdown_timeout = "5m" + + export { + images = false + output_directory = "/scratch/ubuntuserver" + } + remove_cdrom = true +} + +build { + sources = ["source.vsphere-iso.ubuntuserver"] + + // provisioner "file" { + // destination = "" + // source = "" + // } + + post-processor "shell-local" { + inline = [ + "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\", + " -OVFFile '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\", + " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"", + "pwsh -file scripts/Update-Manifest.ps1 \\", + " -ManifestFileName '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.mf'", + "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\", + " '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\", + " /output/UbuntuServer20.04.ova" + ] + } +} \ No newline at end of file diff --git a/packer/variables.pkr.hcl b/packer/variables.pkr.hcl index 8cd48bc..59ddfa8 100644 --- a/packer/variables.pkr.hcl +++ b/packer/variables.pkr.hcl @@ -12,7 +12,7 @@ variable "vsphere_network" {} variable "vm_name" {} variable "vm_guestos" {} -variable "winrm_password" {} +variable "ssh_password" {} variable "repo_username" {} variable "repo_password" {} \ No newline at end of file diff --git a/packer/windows10.pkr.hcl b/packer/windows10.pkr.hcl deleted file mode 100644 index 62a2ea0..0000000 --- a/packer/windows10.pkr.hcl +++ /dev/null @@ -1,133 +0,0 @@ -packer { - required_plugins { - windows-update = { - version = ">= 0.12.0" - source = "github.com/rgl/windows-update" - } - } -} - -source "vsphere-iso" "win10" { - vcenter_server = var.vcenter_server - username = var.vsphere_username - password = var.vsphere_password - insecure_connection = "true" - - vm_name = "${var.vm_guestos}-${var.vm_name}" - datacenter = var.vsphere_datacenter - host = var.vsphere_host - folder = var.vsphere_folder - datastore = var.vsphere_datastore - - guest_os_type = "windows9_64Guest" - - boot_order = "disk,cdrom" - boot_command = [""] - boot_wait = "5m" - - communicator = "winrm" - winrm_username = "administrator" - winrm_password = var.winrm_password - winrm_timeout = "10m" - - CPUs = 2 - RAM = 8192 - - network_adapters { - network = var.vsphere_network - network_card = "vmxnet3" - } - storage { - disk_size = 20480 - disk_thin_provisioned = true - } - disk_controller_type = ["lsilogic-sas"] - usb_controller = ["xhci"] - - floppy_files = [ - "packer/preseed/Windows10/Autounattend.xml", - "packer/preseed/Windows10/Sysprep_Unattend.xml", - "scripts/Set-NetworkProfile.ps1", - "scripts/Disable-WinRM.ps1", - "scripts/Enable-WinRM.ps1", - "scripts/Install-VMwareTools.cmd" - ] - iso_checksum = "sha256:8D1663B71280533824CF95C7AB48ADAF5A187C38FCFF5B16A569F903688916D0" - iso_paths = [ - "ISO-files/VMware-tools-windows-11.2.1-17243207/VMware-tools-windows-11.2.1-17243207.iso" - ] - iso_url = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Microsoft/Windows%2010/20H2/en_windows_10_enterprise_20H2_x64.iso" - - shutdown_command = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml" - shutdown_timeout = "1h" - - export { - images = false - output_directory = "/scratch/win10" - } - remove_cdrom = true -} - -build { - sources = ["source.vsphere-iso.win10"] - - provisioner "windows-update" { - filters = [ - "exclude:$_.Title -like '*Preview*'", - "include:$true" - ] - } - - provisioner "powershell" { - inline = [ - "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12", - "Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" - ] - } - - provisioner "powershell" { - inline = [ - "choco config set --name=limit-output --value=LimitOutput", - "choco install -y 7zip.install", - "choco install -y sysinternals", - "choco install -y firefox" - ] - } - - provisioner "windows-update" { - filters = [ - "exclude:$_.Title -like '*Preview*'", - "include:$true" - ] - } - - provisioner "powershell" { - inline = [ - "New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False" - ] - } - - provisioner "file" { - destination = "C:\\Payload\\" - source = "scripts/Windows10/payload/" - } - - provisioner "powershell" { - scripts = [ - "scripts/Windows10/Register-ScheduledTask.ps1" - ] - } - - post-processor "shell-local" { - inline = [ - "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\", - " -OVFFile '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\", - " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"", - "pwsh -file scripts/Update-Manifest.ps1 \\", - " -ManifestFileName '/scratch/win10/${var.vm_guestos}-${var.vm_name}.mf'", - "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\", - " '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\", - " /output/Windows10.ova" - ] - } -} \ No newline at end of file diff --git a/scripts/Disable-WinRM.ps1 b/scripts/Disable-WinRM.ps1 deleted file mode 100644 index 1ce9273..0000000 --- a/scripts/Disable-WinRM.ps1 +++ /dev/null @@ -1,8 +0,0 @@ -netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block -netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes -$winrmService = Get-Service -Name WinRM -if ($winrmService.Status -eq "Running"){ - Disable-PSRemoting -Force -} -Stop-Service winrm -Set-Service -Name winrm -StartupType Disabled diff --git a/scripts/Enable-WinRM.ps1 b/scripts/Enable-WinRM.ps1 deleted file mode 100644 index 3d70efe..0000000 --- a/scripts/Enable-WinRM.ps1 +++ /dev/null @@ -1,18 +0,0 @@ -$NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) -$Connections = $NetworkListManager.GetNetworkConnections() -$Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) } - -Enable-PSRemoting -Force -winrm quickconfig -q -winrm quickconfig -transport:http -winrm set winrm/config '@{MaxTimeoutms="1800000"}' -winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}' -winrm set winrm/config/service '@{AllowUnencrypted="true"}' -winrm set winrm/config/service/auth '@{Basic="true"}' -winrm set winrm/config/client/auth '@{Basic="true"}' -winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}' -netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes -netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow -netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public new remoteip=any -Set-Service winrm -startuptype "auto" -Restart-Service winrm diff --git a/scripts/Install-VMwareTools.cmd b/scripts/Install-VMwareTools.cmd deleted file mode 100644 index 58f2b36..0000000 --- a/scripts/Install-VMwareTools.cmd +++ /dev/null @@ -1,2 +0,0 @@ -@rem Silent mode, basic UI, no reboot -e:\setup64 /s /v "/qb REBOOT=R" \ No newline at end of file diff --git a/scripts/MVMC/BlockList.xml b/scripts/MVMC/BlockList.xml deleted file mode 100644 index d590aeb..0000000 --- a/scripts/MVMC/BlockList.xml +++ /dev/null @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="utf-8" ?> -<BlockList> - <!-- services to disable --> - <Services> - <Name>MVMCP2VAgent</Name> - <Name>VMTools</Name> - <Name> VMUpgradeHelper </Name> - <Name> vmvss </Name> - <Name>vmdesched</Name> - <Name>Virtual Server</Name> - <!-- Virtual Machine Helper --> - <Name>vmh</Name> - <!-- Xen-specific service --> - <Name>xensvc</Name> - </Services> - <!-- drivers to disable --> - <Drivers> - <Name>vmx_svga</Name> - <Name>vmmouse</Name> - <Name>vmscsi</Name> - <Name>amdpcn</Name> - <Name>PCnet</Name> - <Name>VMMEMCTL</Name> - - <Name> pvscsi </Name> - <Name> vmci </Name> - <Name> vmmouse </Name> - <Name> vmaudio </Name> - <Name> vmrawdsk </Name> - <Name> vmxnet </Name> - <Name> vmxnet3ndis6 </Name> - <Name> vm3dmp </Name> - <Name> vmdebug </Name> - <Name> vmxnet3ndis5 </Name> - - - <Name>cirrus</Name> - <!-- storage drivers --> - <Name>buslogic</Name> - <Name>symc810</Name> - <Name>cpqarray</Name> - <Name>pcntn4m</Name> - <Name>cpqnf3</Name> - <Name>MRaidNT</Name> - <Name>Symc8XX</Name> - <!-- VIA chipset drivers --> - <Name>viaide</Name> - <Name>VIAudio</Name> - <Name>VIAPFD</Name> - <Name>viafilter</Name> - <Name>viaagp</Name> - <Name>viaagp1</Name> - <!-- network drivers: Intel(R) PRO/100 --> - <Name>E100B</Name> - <!-- tape drivers --> - <Name>4mmdat</Name> - <Name>4mmdat-SeSFT</Name> - <Name>SCSIChanger</Name> - - <!-- Virtual Machine Monitor --> - <Name>vmm</Name> - <!-- Xen-specific drivers --> - <Name>xenevtchn</Name> - <Name>xenvbd</Name> - <Name>xennet</Name> - </Drivers> - <Programs> - <Name>ProMON</Name> - <Name>s3tray2</Name> - <Name>VMwareTray</Name> - <Name>VMwareUser</Name> - </Programs> -</BlockList> \ No newline at end of file diff --git a/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll b/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll deleted file mode 100644 index 15ffdcb..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Accelerators.Framework.dll b/scripts/MVMC/Microsoft.Accelerators.Framework.dll deleted file mode 100644 index 714ec9b..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Framework.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll b/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll deleted file mode 100644 index ae32db5..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll deleted file mode 100644 index 4dab6e8..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll deleted file mode 100644 index eab48e2..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll deleted file mode 100644 index 9adbdf0..0000000 Binary files a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll b/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll deleted file mode 100644 index 330e60e..0000000 Binary files a/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Practices.Unity.dll b/scripts/MVMC/Microsoft.Practices.Unity.dll deleted file mode 100644 index b3ca3ce..0000000 Binary files a/scripts/MVMC/Microsoft.Practices.Unity.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll b/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll deleted file mode 100644 index a07b399..0000000 Binary files a/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll deleted file mode 100644 index dcc2e64..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll deleted file mode 100644 index d7762a3..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll deleted file mode 100644 index d3e036d..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll deleted file mode 100644 index 3353bc9..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll deleted file mode 100644 index 7aae384..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll deleted file mode 100644 index 69839bf..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll deleted file mode 100644 index 3e5cd36..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll deleted file mode 100644 index 4e138ae..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll deleted file mode 100644 index bf1863d..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Management.dll b/scripts/MVMC/Microsoft.WindowsAzure.Management.dll deleted file mode 100644 index febdfcf..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Management.dll and /dev/null differ diff --git a/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll b/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll deleted file mode 100644 index 0d29d8d..0000000 Binary files a/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll and /dev/null differ diff --git a/scripts/MVMC/MvmcCmdlet.dll b/scripts/MVMC/MvmcCmdlet.dll deleted file mode 100644 index 5cef267..0000000 Binary files a/scripts/MVMC/MvmcCmdlet.dll and /dev/null differ diff --git a/scripts/MVMC/MvmcCmdlet.psd1 b/scripts/MVMC/MvmcCmdlet.psd1 deleted file mode 100644 index a2be3f7..0000000 Binary files a/scripts/MVMC/MvmcCmdlet.psd1 and /dev/null differ diff --git a/scripts/MVMC/Sshlib_x64.dll b/scripts/MVMC/Sshlib_x64.dll deleted file mode 100644 index ce68651..0000000 Binary files a/scripts/MVMC/Sshlib_x64.dll and /dev/null differ diff --git a/scripts/MVMC/Sshlib_x86.dll b/scripts/MVMC/Sshlib_x86.dll deleted file mode 100644 index 4658589..0000000 Binary files a/scripts/MVMC/Sshlib_x86.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.Core.dll b/scripts/MVMC/System.Reactive.Core.dll deleted file mode 100644 index b893f83..0000000 Binary files a/scripts/MVMC/System.Reactive.Core.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.Interfaces.dll b/scripts/MVMC/System.Reactive.Interfaces.dll deleted file mode 100644 index 3dbb203..0000000 Binary files a/scripts/MVMC/System.Reactive.Interfaces.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.Linq.dll b/scripts/MVMC/System.Reactive.Linq.dll deleted file mode 100644 index 35d022a..0000000 Binary files a/scripts/MVMC/System.Reactive.Linq.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.PlatformServices.dll b/scripts/MVMC/System.Reactive.PlatformServices.dll deleted file mode 100644 index 77f2db4..0000000 Binary files a/scripts/MVMC/System.Reactive.PlatformServices.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.Providers.dll b/scripts/MVMC/System.Reactive.Providers.dll deleted file mode 100644 index fabc533..0000000 Binary files a/scripts/MVMC/System.Reactive.Providers.dll and /dev/null differ diff --git a/scripts/MVMC/System.Reactive.Windows.Threading.dll b/scripts/MVMC/System.Reactive.Windows.Threading.dll deleted file mode 100644 index 1c7840f..0000000 Binary files a/scripts/MVMC/System.Reactive.Windows.Threading.dll and /dev/null differ diff --git a/scripts/Remove-Resources.ps1 b/scripts/Remove-Resources.ps1 deleted file mode 100644 index 4d27bd6..0000000 --- a/scripts/Remove-Resources.ps1 +++ /dev/null @@ -1,51 +0,0 @@ -[CmdletBinding()] -Param( - [Parameter(Mandatory)] - [string]$VMName, - [Parameter(Mandatory)] - [string]$VSphereFQDN, - [Parameter(Mandatory)] - [string]$VSphereUsername, - [Parameter(Mandatory)] - [string]$VSpherePassword -) - -$PowerCliConfigurationSplat = @{ - Scope = 'User' - ParticipateInCEIP = $False - Confirm = $False - InvalidCertificateAction = 'Ignore' -} -Set-PowerCLIConfiguration @PowerCliConfigurationSplat | Out-Null - -$ConnectVIServerSplat = @{ - Server = $VSphereFQDN - User = "$VSphereUsername" - Password = "$VSpherePassword" - WarningAction = 'SilentlyContinue' -} -Connect-VIServer @ConnectVIServerSplat | Out-Null - -$GetVMSplat = @{ - Name = "*$($VMName)*" - ErrorAction = 'SilentlyContinue' -} -If ([boolean](Get-VM @GetVMSplat)) { - $RemoveVMSplat = @{ - VM = Get-VM @GetVMSplat - DeletePermanently = $True - Confirm = $False - ErrorAction = 'SilentlyContinue' - } - Remove-VM @RemoveVMSplat -} - -Disconnect-VIServer * -Confirm:$False - -$RemoveItemSplat = @{ - Path = "/scratch/*" - Recurse = $True - Force = $True - Confirm = $False -} -Remove-Item @RemoveItemSplat \ No newline at end of file diff --git a/scripts/Set-NetworkProfile.ps1 b/scripts/Set-NetworkProfile.ps1 deleted file mode 100644 index 7433079..0000000 --- a/scripts/Set-NetworkProfile.ps1 +++ /dev/null @@ -1,23 +0,0 @@ -# You cannot enable Windows PowerShell Remoting on network connections that are set to Public -# Spin through all the network locations and if they are set to Public, set them to Private -# using the INetwork interface: -# http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx -# For more info, see: -# http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx - -# Network location feature was only introduced in Windows Vista - no need to bother with this -# if the operating system is older than Vista -if([environment]::OSVersion.version.Major -lt 6) { return } - -# You cannot change the network location if you are joined to a domain, so abort -if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return } - -# Get network connections -$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) -$connections = $networkListManager.GetNetworkConnections() - -$connections |foreach { - Write-Host $_.GetNetwork().GetName()"category was previously set to"$_.GetNetwork().GetCategory() - $_.GetNetwork().SetCategory(1) - Write-Host $_.GetNetwork().GetName()"changed to category"$_.GetNetwork().GetCategory() -} diff --git a/scripts/Update-Manifest.ps1 b/scripts/Update-Manifest.ps1 deleted file mode 100644 index 03e3ff8..0000000 --- a/scripts/Update-Manifest.ps1 +++ /dev/null @@ -1,55 +0,0 @@ -#Requires -Modules 'powershell-yaml' -[CmdletBinding()] -Param( - [Parameter(Mandatory)] - [ValidateScript({ - If (Test-Path($_)) { - $True - } Else { - Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting." - } - })] - [string]$ManifestFileName -) - -$GetItemSplat = @{ - Path = $ManifestFileName -} -$ManifestFile = Get-Item @GetItemSplat - -$SetLocationSplat = @{ - Path = $ManifestFile.DirectoryName -} -Set-Location @SetLocationSplat - -$GetContentSplat = @{ - Path = $ManifestFile.FullName -} -$Manifest = Get-Content @GetContentSplat - -$UpdatedManifest = ForEach ($Line in $Manifest) { - Write-Host "Processing '$($Line)' ..." - If ($Line -match '^SHA256\((.+)\)= ([0-9a-fA-F]{64})$') { - If (Test-Path $Matches[1]) { - $GetFileHashSplat = @{ - Path = $Matches[1] - Algorithm = 'SHA256' - } - Write-Host "Updating checksum..." - "SHA256($($Matches[1]))= $((Get-FileHash @GetFileHashSplat).Hash)" - } - } -} - -If ($UpdatedManifest -ne $Null) { - $SetContentSplat = @{ - Path = $ManifestFile.FullName - Value = $UpdatedManifest - Force = $True - Confirm = $False - } - Set-Content @SetContentSplat -} Else { - Write-Host "Failed updating manifest." - Exit 1 -} diff --git a/scripts/Update-OvfConfiguration.ps1 b/scripts/Update-OvfConfiguration.ps1 deleted file mode 100644 index c0fc01f..0000000 --- a/scripts/Update-OvfConfiguration.ps1 +++ /dev/null @@ -1,253 +0,0 @@ -#Requires -Modules 'powershell-yaml' -[CmdletBinding()] -Param( - [Parameter(Mandatory)] - [ValidateScript({ - If (Test-Path($_)) { - $True - } Else { - Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting." - } - })] - [string]$OVFFile, - [hashtable]$Parameter -) - -$GetContentSplat = @{ - Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".yml") - Raw = $True -} -$RawContent = Get-Content @GetContentSplat -$ConvertFromYamlSplat = @{ - Yaml = $RawContent - AllDocuments = $True -} -$YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat - -# Check if the respective .yml file declared substitutions which need to be parsed -If (($YamlDocuments.Count -gt 1) -and $YamlDocuments[-1].Variables) { - ForEach ($Pattern in $YamlDocuments[-1].Variables) { - $RawContent = $RawContent -replace "\{\{ ($($Pattern.Name)) \}\}", [string](Invoke-Expression -Command $Pattern.Expression) - } - # Perform conversion to Yaml again, now with parsed file contents - $ConvertFromYamlSplat = @{ - Yaml = $RawContent - AllDocuments = $True - } - $YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat - $OVFConfig = $YamlDocuments[0..($YamlDocuments.Count - 2)] -} -Else { - $OVFConfig = $YamlDocuments -} - -$SourceFile = Get-Item -Path $OVFFile -$GetContentSplat = @{ - Path = $SourceFile.FullName -} -$XML = [xml](Get-Content @GetContentSplat) -$NS = [System.Xml.XmlNamespaceManager]$XML.NameTable -[void]$NS.AddNamespace('Any', $XML.DocumentElement.xmlns) - -If ($OVFConfig.DeploymentConfigurations.Count -gt 0) { - $XMLSection = $XML.CreateElement('DeploymentOptionSection', $XML.DocumentElement.xmlns) - $XMLSectionInfo = $XML.CreateElement('Info', $XML.DocumentElement.xmlns) - $XMLSectionInfo.InnerText = 'Deployment Type' - [void]$XMLSection.AppendChild($XMLSectionInfo) - - ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) { - $XMLConfig = $XML.CreateElement('Configuration', $XML.DocumentElement.xmlns) - - $XMLConfigAttrId = $XML.CreateAttribute('id', $XML.DocumentElement.ovf) - $XMLConfigAttrId.Value = $Configuration.Id - - $XMLConfigLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns) - $XMLConfigLabel.InnerText = $Configuration.Label - - $XMLConfigDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns) - $XMLConfigDescription.InnerText = $Configuration.Description - - [void]$XMLConfig.Attributes.Append($XMLConfigAttrId) - [void]$XMLConfig.AppendChild($XMLConfigLabel) - [void]$XMLConfig.AppendChild($XMLConfigDescription) - - [void]$XMLSection.AppendChild($XMLConfig) - } - [void]$XML.SelectSingleNode('//Any:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//Any:NetworkSection', $NS)) - Write-Host "Inserted 'DeploymentOptionSection' with $($Configuration.Count) nodes" -} - -$XMLAttrTransport = $XML.CreateAttribute('transport', $XML.DocumentElement.ovf) -$XMLAttrTransport.Value = 'com.vmware.guestInfo' -[void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).Attributes.Append($XMLAttrTransport) -ForEach ($ExtraConfig in $OVFConfig.AdvancedOptions) { - $XMLExtraConfig = $XML.CreateElement('vmw:ExtraConfig', $XML.DocumentElement.vmw) - - $XMLExtraConfigAttrRequired = $XML.CreateAttribute('required', $XML.DocumentElement.ovf) - $XMLExtraConfigAttrRequired.Value = "$([boolean]$ExtraConfig.Required)".ToLower() - $XMLExtraConfigAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.vmw) - $XMLExtraConfigAttrKey.Value = $ExtraConfig.Key - $XMLExtraConfigAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.vmw) - $XMLExtraConfigAttrValue.Value = $ExtraConfig.Value - - [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrRequired) - [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrKey) - [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrValue) - [void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).AppendChild($XMLExtraConfig) -} -Write-Host "Added $($OVFConfig.AdvancedOptions.Count) 'vmw:ExtraConfig' nodes" - -$XMLProductSection = $XML.SelectSingleNode('//Any:ProductSection', $NS) -If ($XMLProductSection -eq $Null) { - $XMLProductSection = $XML.CreateElement('ProductSection', $XML.DocumentElement.xmlns) - [void]$XML.SelectSingleNode('//Any:VirtualSystem', $NS).AppendChild($XMLProductSection) - Write-Host "Inserted 'ProductSection'" -} Else { - ForEach ($Child in $XMLProductSection.SelectNodes('//Any:ProductSection/child::*', $NS)) { - [void]$Child.ParentNode.RemoveChild($Child) - } - Write-Host "Destroyed pre-existing children in 'ProductSection'" -} -$XMLProductSectionInfo = $XML.CreateElement('Info', $XML.DocumentElement.xmlns) -$XMLProductSectionInfo.InnerText = 'Information about the installed software' -[void]$XMLProductSection.AppendChild($XMLProductSectionInfo) -Write-Host "Inserted new 'Info' into 'ProductSection'" - -ForEach ($Category in $OVFConfig.PropertyCategories) { - If ($Category.Name -ne '') { - $XMLCategory = $XML.CreateElement('Category', $XML.DocumentElement.xmlns) - $XMLCategory.InnerText = $Category.Name - [void]$XMLProductSection.AppendChild($XMLCategory) - Write-Host "Inserted new 'Category' into 'ProductSection'" - } - - ForEach ($Property in $Category.ProductProperties) { - $XMLProperty = $XML.CreateElement('Property', $XML.DocumentElement.xmlns) - - $XMLPropertyAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.ovf) - $XMLPropertyAttrKey.Value = $Property.Key - $XMLPropertyAttrType = $XML.CreateAttribute('type', $XML.DocumentElement.ovf) - Switch -regex ($Property.Type) { - '^boolean' { - $XMLPropertyAttrType.Value = 'boolean' - } - '^int' { - $XMLPropertyAttrType.Value = 'uint8' - $Qualifiers = @() - If ($Property.Type -match '^int\((\d*)\.\.(\d*)\)') { - If ($Matches[1]) { - $Qualifiers += "MinValue($($Matches[1]))" - } - If ($Matches[2]) { - $Qualifiers += "MaxValue($($Matches[2]))" - } - $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf) - $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' ' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers) - } - } - '^ip' { - $XMLPropertyAttrType.Value = 'string' - $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.vmw) - $XMLPropertyAttrQualifiers.Value = 'Ip' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers) - } - '^password' { - $XMLPropertyAttrType.Value = 'string' - $XMLPropertyAttrPassword = $XML.CreateAttribute('password', $XML.DocumentElement.ovf) - $XMLPropertyAttrPassword.Value = 'true' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrPassword) - - $Qualifiers = @() - If ($Property.Type -match '^password\((\d*)\.\.(\d*)\)') { - If ($Matches[1]) { - $Qualifiers += "MinLen($($Matches[1]))" - } - If ($Matches[2]) { - $Qualifiers += "MaxLen($($Matches[2]))" - } - $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf) - $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' ' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers) - } - } - '^string' { - $XMLPropertyAttrType.Value = 'string' - $Qualifiers = @() - If ($Property.Type -match '^string\((\d*)\.\.(\d*)\)') { - If ($Matches[1]) { - $Qualifiers += "MinLen($($Matches[1]))" - } - If ($Matches[2]) { - $Qualifiers += "MaxLen($($Matches[2]))" - } - $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf) - $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' ' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers) - } ElseIf ($Property.Type -match '^string\[(.*)\]') { - $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf) - $XMLPropertyAttrQualifiers.Value = "ValueMap{$($Matches[1] -replace '","', '", "')}" - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers) - } - } - } - $XMLPropertyAttrUserConfigurable = $XML.CreateAttribute('userConfigurable', $XML.DocumentElement.ovf) - $XMLPropertyAttrUserConfigurable.Value = "$([boolean]$Property.UserConfigurable)".ToLower() - $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf) - If ($Property.Type -eq 'boolean') { - $XMLPropertyAttrValue.Value = "$([boolean]$Property.DefaultValue)".ToLower() - } Else { - $XMLPropertyAttrValue.Value = $Property.DefaultValue - } - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrKey) - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrType) - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrUserConfigurable) - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue) - - If ($Property.Label) { - $XMLPropertyLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns) - $XMLPropertyLabel.InnerText = $Property.Label - [void]$XMLProperty.AppendChild($XMLPropertyLabel) - } - If ($Property.Description) { - $XMLPropertyDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns) - $XMLPropertyDescription.InnerText = $Property.Description - [void]$XMLProperty.AppendChild($XMLPropertyDescription) - } - - If (($Property.Configurations.Count -eq 1) -and ($Property.Configurations -eq '*')) { - $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf) - $XMLPropertyAttrConfiguration.Value = $OVFConfig.DeploymentConfigurations.Id -join ' ' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration) - } ElseIf ($Property.Configurations.Count -gt 0) { - $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf) - $XMLPropertyAttrConfiguration.Value = $Property.Configurations -join ' ' - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration) - } - - If ($Property.Value.Count -eq 1) { - $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf) - $XMLPropertyAttrValue.Value = $Property.Value - [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue) - } ElseIf ($Property.Value.Count -gt 1) { - ForEach ($Value in $Property.Value) { - $XMLValue = $XML.CreateElement('Value', $XML.DocumentElement.xmlns) - - $XMLValueAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf) - $XMLValueAttrValue.Value = $Value - $XMLValueAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf) - $XMLValueAttrConfiguration.Value = $Value - - [void]$XMLValue.Attributes.Append($XMLValueAttrValue) - [void]$XMLValue.Attributes.Append($XMLValueAttrConfiguration) - - [void]$XMLProperty.AppendChild($XMLValue) - } - } - - [void]$XMLProductSection.AppendChild($XMLProperty) - } - Write-Host "Inserted $($Category.ProductProperties.Count) new node(s) into 'ProductSection'" -} - -$XML.Save($SourceFile.FullName) diff --git a/scripts/Update-OvfConfiguration.yml b/scripts/Update-OvfConfiguration.yml deleted file mode 100644 index 9eb931e..0000000 --- a/scripts/Update-OvfConfiguration.yml +++ /dev/null @@ -1,113 +0,0 @@ -DeploymentConfigurations: -- Id: domainmember - Label: Domain member - Description: Windows 10 client joined to an Active Directory domain -- Id: standalone - Label: Stand-alone - Description: Stand-alone Windows 10 client -PropertyCategories: -- Name: 0) Deployment information - ProductProperties: - - Key: deployment.type - Type: string - Value: - - domainmember - - standalone - UserConfigurable: false -- Name: 1) Operating System - ProductProperties: - - Key: guestinfo.hostname - Type: string(1..15) - Label: Hostname* - Description: '(max length: 15 characters)' - DefaultValue: '' - Configurations: '*' - UserConfigurable: true - - Key: guestinfo.administratorpw - Type: password(7..) - Label: Local administrator password* - Description: Must meet password complexity rules - DefaultValue: password - Configurations: - - standalone - UserConfigurable: true - - Key: guestinfo.ntpserver - Type: string(1..) - Label: Time server* - Description: A comma-separated list of timeservers - DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org - Configurations: - - standalone - UserConfigurable: true -- Name: 2) Networking - ProductProperties: - - Key: guestinfo.ipaddress - Type: ip - Label: IP Address* - Description: '' - DefaultValue: '' - Configurations: '*' - UserConfigurable: true - - Key: guestinfo.prefixlength - Type: int(8..32) - Label: Subnet prefix length* - Description: '' - DefaultValue: '24' - Configurations: '*' - UserConfigurable: true - - Key: guestinfo.dnsserver - Type: ip - Label: DNS server* - Description: '' - DefaultValue: '' - Configurations: '*' - UserConfigurable: true - - Key: guestinfo.gateway - Type: ip - Label: Gateway* - Description: '' - DefaultValue: '' - Configurations: '*' - UserConfigurable: true -- Name: 3) Active Directory membership - ProductProperties: - - Key: addsconfig.domainname - Type: string(1..) - Label: Domain name* - Description: Must be able to be resolved through provided DNS server - DefaultValue: example.org - Configurations: - - domainmember - UserConfigurable: true - - Key: addsconfig.username - Type: string(1..) - Label: Domain account username* - Description: '' - DefaultValue: username - Configurations: - - domainmember - UserConfigurable: true - - Key: addsconfig.password - Type: password(1..) - Label: Domain account password* - Description: '' - DefaultValue: password - Configurations: - - domainmember - UserConfigurable: true -AdvancedOptions: -- Key: appliance.name - Value: "{{ appliance.name }}" - Required: false -- Key: appliance.version - Value: "{{ appliance.version }}" - Required: false - ---- -Variables: -- Name: appliance.name - Expression: | - $Parameter['appliance.name'] -- Name: appliance.version - Expression: | - $Parameter['appliance.version'] diff --git a/scripts/Windows10/Register-ScheduledTask.ps1 b/scripts/Windows10/Register-ScheduledTask.ps1 deleted file mode 100644 index 21973d6..0000000 --- a/scripts/Windows10/Register-ScheduledTask.ps1 +++ /dev/null @@ -1,7 +0,0 @@ -[CmdletBinding()] -Param( - # No parameters -) - -# Create scheduled task -& schtasks.exe /Create /TN 'FirstBoot' /SC ONSTART /RU SYSTEM /TR "powershell.exe -file C:\Payload\Apply-FirstBootConfig.ps1" \ No newline at end of file diff --git a/scripts/Windows10/payload/Apply-FirstBootConfig.ps1 b/scripts/Windows10/payload/Apply-FirstBootConfig.ps1 deleted file mode 100644 index e9c2fb5..0000000 --- a/scripts/Windows10/payload/Apply-FirstBootConfig.ps1 +++ /dev/null @@ -1,244 +0,0 @@ -[CmdletBinding()] -Param( - # No parameters -) - -$SetLocationSplat = @{ - Path = $PSScriptRoot -} -Set-Location @SetLocationSplat - -$NewEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - ErrorAction = 'SilentlyContinue' -} -New-EventLog @NewEventLogSplat -$WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Information' - EventID = 1 - Message = "FirstBoot sequence initiated [working directory: '$PWD']" -} -Write-EventLog @WriteEventLogSplat - -$VMwareToolsExecutable = "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" - -[xml]$ovfEnv = & $VMwareToolsExecutable --cmd "info-get guestinfo.ovfEnv" | Out-String -$ovfProperties = $ovfEnv.ChildNodes.NextSibling.PropertySection.Property - -$ovfPropertyValues = @{} -foreach ($ovfProperty in $ovfProperties) { - $ovfPropertyValues[$ovfProperty.key] = $ovfProperty.Value -} - -# Check for mandatory values -Switch ($ovfPropertyValues['deployment.type']) { - 'domainmember' { - $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'addsconfig.domainname', 'addsconfig.username', 'addsconfig.password'), @() - } - 'standalone' { - $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'guestinfo.administratorpw', 'guestinfo.ntpserver'), @() - } - default { - # Mandatory values missing, cannot provision. - $WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Error' - EventID = 66 - Message = "Unexpected or no value set for property 'deployment.type', cannot provision." - } - Write-EventLog @WriteEventLogSplat - & schtasks.exe /Change /TN 'FirstBoot' /DISABLE - Stop-Computer -Force - Exit - } -} -ForEach ($Property in $MandatoryProperties) { - If (!$ovfPropertyValues[$Property]) { - $MissingProperties += $Property - } -} -If ($MissingProperties.Length -gt 0) { - # Mandatory values missing, cannot provision. - $WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Error' - EventID = 66 - Message = "Missing values for mandatory properties $(($MissingProperties | ForEach-Object {"'{0}'" -f $_}) -join ', '), cannot provision." - } - Write-EventLog @WriteEventLogSplat - & schtasks.exe /Change /TN 'FirstBoot' /DISABLE - Stop-Computer -Force - Exit -} - -# Set hostname and description -If ($Env:ComputerName -ne $ovfPropertyValues['guestinfo.hostname']) { - $RenameComputerSplat = @{ - NewName = $ovfPropertyValues['guestinfo.hostname'] - Force = $True - Confirm = $False - } - Rename-Computer @RenameComputerSplat - $SetCimInstanceSplat = @{ - InputObject = (Get-CimInstance -ClassName 'Win32_OperatingSystem') - Property = @{ - Description = $ovfPropertyValues['guestinfo.hostname'] - } - } - Set-CimInstance @SetCimInstanceSplat - - # Restart the computer to apply changes - Restart-Computer -Force - Exit -} - -# Configure network interface -If ((Get-WmiObject -Class 'Win32_NetworkAdapterConfiguration').IPAddress -NotContains $ovfPropertyValues['guestinfo.ipaddress']) { - $NewNetIPAddressSplat = @{ - InterfaceAlias = (Get-NetAdapter).Name - AddressFamily = 'IPv4' - IPAddress = $ovfPropertyValues['guestinfo.ipaddress'] - PrefixLength = $ovfPropertyValues['guestinfo.prefixlength'] - DefaultGateway = $ovfPropertyValues['guestinfo.gateway'] - } - $IPAddress = New-NetIPAddress @NewNetIPAddressSplat - - # Wait for network connection to become available - $Timestamp, $TimeoutMinutes = (Get-Date), 5 - Do { - If ($Timestamp.AddMinutes($TimeoutMinutes) -lt (Get-Date)) { - $WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Warning' - EventID = 13 - Message = "Timeout after $($TimeoutMinutes) minutes waiting for network connection to become available." - } - Write-EventLog @WriteEventLogSplat - Break - } - - Start-Sleep -Milliseconds 250 - - $GetNetIPAddressSplat = @{ - IPAddress = $ovfPropertyValues['guestinfo.ipaddress'] - InterfaceIndex = $IPAddress.InterfaceIndex - AddressFamily = 'IPv4' - ErrorAction = 'SilentlyContinue' - } - } Until ((Get-NetIPAddress @GetNetIPAddressSplat).AddressState -eq 'Preferred') - - $OldErrorActionPreference, $ErrorActionPreference = $ErrorActionPreference, 'SilentlyContinue' - $TestNetConnectionSplat = @{ - ComputerName = ([IPAddress]$ovfPropertyValues['guestinfo.dnsserver']).IPAddressToString - InformationLevel = 'Quiet' - } - $SetDnsClientServerAddressSplat = @{ - InterfaceAlias = (Get-NetAdapter).Name - ServerAddresses = If ( - [boolean]($ovfPropertyValues['guestinfo.dnsserver'] -as [IPaddress]) -and (Test-NetConnection @TestNetConnectionSplat)) { - ($ovfPropertyValues['guestinfo.dnsserver']) - } else { - ('127.0.0.1') - } - Validate = $False - } - Set-DnsClientServerAddress @SetDnsClientServerAddressSplat - $ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL -} - -Switch ($ovfPropertyValues['deployment.type']) { - 'domainmember' { - # Join Active Directory domain as member - If (!(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) { - $AddComputerSplat = @{ - DomainName = $ovfPropertyValues['addsconfig.domainname'] - Credential = New-Object System.Management.Automation.PSCredential( - $ovfPropertyValues['addsconfig.username'], - (ConvertTo-SecureString $ovfPropertyValues['addsconfig.password'] -AsPlainText -Force) - ) - # OUPath = $ovfPropertyValues['addsconfig.organizationalunit'] - Restart = $True - Force = $True - Confirm = $False - } - Add-Computer @AddComputerSplat - - # Previous cmdlet performs a reboot on completion; so these are commented out - # Restart-Computer -Force - # Exit - } - } - 'standalone' { - # Change password of built-in Administrator - $BuiltinAdministrator = (Get-LocalUser | Where-Object {$_.SID -match '-500'}) - $ConvertToSecureStringSplat = @{ - String = $ovfPropertyValues['guestinfo.administratorpw'] - AsPlainText = $True - Force = $True - } - $SetLocalUserSplat = @{ - InputObject = $BuiltinAdministrator - Password = ConvertTo-SecureString @ConvertToSecureStringSplat - PasswordNeverExpires = $True - AccountNeverExpires = $True - ### This setting is not allowed on the last administrator - # UserMayChangePassword = $False - Confirm = $False - } - Set-LocalUser @SetLocalUserSplat - - $EnableLocalUserSplat = @{ - InputObject = $BuiltinAdministrator - Confirm = $False - } - Enable-LocalUser @EnableLocalUserSplat - } -} - -# Iterate through and invoke all payload scripts -#! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots) -$GetItemSplat = @{ - Path = "$($PSScriptRoot)\Scripts\*.ps1" -} -ForEach ($Script in (Get-Item @GetItemSplat)) { - Try { - $WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Information' - EventID = 4 - Message = "Running script: '$($Script.FullName)'" - } - Write-EventLog @WriteEventLogSplat - & $Script.FullName -Parameter $ovfPropertyValues - } - Catch { - $WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Error' - EventID = 66 - Message = @" -Error occurred while executing script '$($Script.Name)': -$($_.Exception.Message) -"@ - } - Write-EventLog @WriteEventLogSplat - } -} - -$WriteEventLogSplat = @{ - LogName = 'Application' - Source = 'FirstBoot' - EntryType = 'Information' - EventID = 42 - Message = 'FirstBoot sequence applied and finished' -} -Write-EventLog @WriteEventLogSplat -& schtasks.exe /Change /TN 'FirstBoot' /DISABLE