djpbessems/Packer.Images
djpbessems
/
Packer.Images
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: djpbessems:master
Branches Tags
djpbessems:master
djpbessems:Appliance.AirgappedK8s-1.27.x
djpbessems:Appliance.AirgappedK8s-1.26.x
djpbessems:Appliance.AirgappedK8s-1.25.x
djpbessems:Test_SemRel
djpbessems:UbuntuServer22.04
djpbessems:UbuntuServer20.04
djpbessems:Windows10
djpbessems:Server2019
djpbessems:ADDS
djpbessems:K8s_1.25.9-v1.0.0
djpbessems:v1.0.0
...
pull from: djpbessems:Server2019
Branches Tags
djpbessems:Appliance.AirgappedK8s-1.27.x
djpbessems:Appliance.AirgappedK8s-1.26.x
djpbessems:Appliance.AirgappedK8s-1.25.x
djpbessems:Test_SemRel
djpbessems:UbuntuServer22.04
djpbessems:UbuntuServer20.04
djpbessems:Windows10
djpbessems:master
djpbessems:Server2019
djpbessems:ADDS
djpbessems:K8s_1.25.9-v1.0.0
djpbessems:v1.0.0

No commits in common. "master" and "Server2019" have entirely different histories.
master ... Server2019

22 changed files with 1683 additions and 175 deletions
Show Stats Expand all files Collapse all files

BIN
.assets/vAppConfigurations-Server2019-example.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
.assets/vAppProperties-Server2019-example.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 128 KiB

102
.drone.yml Normal file
View File

@ -0,0 +1,102 @@
kind: pipeline
type: kubernetes
name: 'Packer Build'
volumes:
- name: output
claim:
name: flexvolsmb-drone-output
- name: scratch
claim:
name: flexvolsmb-drone-scratch
steps:
- name: Debugging information
image: bv11-cr01.bessems.eu/library/packer-extended
pull: always
commands:
- yamllint --version
- packer --version
- qemu-img --version
- ovftool --version
- pwsh --version
- name: Windows Server 2019
image: bv11-cr01.bessems.eu/library/packer-extended
pull: always
commands:
- sed -i -e "s/<<img-productkey>>/$${PRODUCTKEY}/" packer/preseed/Server2019/Autounattend.xml
- |
sed -i -e "s/<<img-password>>/$${WINRM_PASSWORD}/g" \
packer/preseed/Server2019/Autounattend.xml \
packer/preseed/Server2019/Sysprep_Unattend.xml
- |
yamllint -d "{extends: relaxed, rules: {line-length: disable}}" scripts
- |
packer init -upgrade \
./packer
- |
packer validate \
-var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-var vm_guestos=server2019 \
-var repo_username=$${REPO_USERNAME} \
-var repo_password=$${REPO_PASSWORD} \
-var vsphere_password=$${VSPHERE_PASSWORD} \
-var winrm_password=$${WINRM_PASSWORD} \
./packer
- |
packer build \
-on-error=cleanup -timestamp-ui \
-var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-var vm_guestos=server2019 \
-var repo_username=$${REPO_USERNAME} \
-var repo_password=$${REPO_PASSWORD} \
-var vsphere_password=$${VSPHERE_PASSWORD} \
-var winrm_password=$${WINRM_PASSWORD} \
./packer
environment:
VSPHERE_PASSWORD:
from_secret: vsphere_password
WINRM_PASSWORD:
from_secret: winrm_password
REPO_USERNAME:
from_secret: repo_username
REPO_PASSWORD:
from_secret: repo_password
PRODUCTKEY:
from_secret: prodkey_server2019
# PACKER_LOG: 1
volumes:
- name: output
path: /output
- name: scratch
path: /scratch
- name: Remove temporary resources
image: bv11-cr01.bessems.eu/library/packer-extended
pull: always
commands:
- |
pwsh -file scripts/Remove-Resources.ps1 \
-VMName $DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-VSphereFQDN 'bv11-vc.bessems.lan' \
-VSphereUsername 'administrator@vsphere.local' \
-VSpherePassword $${VSPHERE_PASSWORD}
environment:
VSPHERE_PASSWORD:
from_secret: vsphere_password
volumes:
- name: scratch
path: /scratch
when:
status:
- success
- failure
- name: Trigger downstream builds
image: plugins/downstream
settings:
server: https://ci.spamasaurus.com
token:
from_secret: drone_token
fork: true
repositories:
- djpbessems/Packer.Images@ADCS
- djpbessems/Packer.Images@ADDS

90
README.md
View File

@ -1,15 +1,85 @@
# Packer.Images # Packer.Images [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/Server2019)](https://ci.spamasaurus.com/djpbessems/Packer.Images)
Opinionated set of packer templates for producing .OVA appliances, which can then be deployed (semi)unattended through the use of vApp properties: This OVA appliance allows deploying a Windows Server fully automated; either as a domain member or stand-alone server.
## [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/UbuntuServer20.04) **Ubuntu Server 20.04**](https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/UbuntuServer20.04) - <small>LTS</small> The included `.ovf` file has the following XML contents (simplified for clarity) to facilitate the different `DeploymentOption`s:
Lorem ipsum. ```xml
<Envelope [...]>
[...]
<DeploymentOptionSection>
<Info>Deployment Type</Info>
<Configuration ovf:id="domainmember">
<Label>Domain member</Label>
<Description>Windows Server joined to an Active Directory domain</Description>
</Configuration>
<Configuration ovf:id="standalone">
<Label>Stand-alone</Label>
<Description>Stand-alone Windows Server</Description>
</Configuration>
</DeploymentOptionSection>
<VirtualSystem ovf:id="[...]">
[...]
<ProductSection>
[...]
<Category>1) Operating System</Category>
<Property ovf:configuration="domainmember standalone" ovf:key="guestinfo.hostname" [...]>
<Label>Hostname*</Label>
</Property>
<Property ovf:configuration="standalone" ovf:key="guestinfo.administratorpw" [...]>
<Label>Local administrator password*</Label>
</Property>
[...]
<Category>3) Active Directory membership</Category>
<Property ovf:configuration="domainmember" ovf:key="addsconfig.domainname" [...]>
<Label>Domain name*</Label>
</Property>
<Property ovf:configuration="domainmember" ovf:key="addsconfig.username" [...]>
<Label>Domain account username*</Label>
</Property>
<Property ovf:configuration="domainmember" ovf:key="addsconfig.password" [...]>
<Label>Domain account password*</Label>
</Property>
</ProductSection>
</VirtualSystem>
</Envelope>
```
## [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/Server2019) **Windows Server 2019**](https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/Server2019) - <small>LTSC xx09</small> When **provisioning** the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible *Infrastructure as code* tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.
This image in itself does not actually provide much benefit over other customization methods that are available during an unattended deployment; it serves primarily as a basis for the following images.
## [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/ADDS) **ADDS**](https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/ADDS) - <small>Active Directory Domain Services</small> <table>
Lorem ipsum. <tr>
<td><em>vSphere 'Deploy OVF template...' wizard</em></td> <td> <a href="https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine#deploying-vm-from-an-ovfova-template">HashiCorp Terraform vSphere provider</a> </td>
</tr>
<tr>
<td><img src=".assets/vAppConfigurations-Server2019-example.png" alt="vApp properties" width="400" /><br/><img src=".assets/vAppProperties-Server2019-example.png" alt="vApp properties" width="400" /></td>
<td>
## [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/ADCS) **ADCS**](https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/ADCS) - <small>Active Directory Certificate Services</small> ```hcl
Lorem ipsum. vapp {
properties = {
# "deployment.type" = "domainmember"
"guestinfo.hostname" = "SRV01"
# "guestinfo.administratorpw" = var.vm_adminpassword
# "guestinfo.ntpserver" = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org"
"guestinfo.ipaddress" = "10.0.0.42"
"guestinfo.prefixlength" = "24"
"guestinfo.dnsserver" = "10.0.0.21"
"guestinfo.gateway" = "10.0.0.1"
"addsconfig.domainname" = "contoso.com"
"addsconfig.username" = "CONTOSO\\domainjoin"
"addsconfig.password" = var.adds_password
}
}
```
</td>
</tr>
</table>
On first boot, the appliance will start **configuring** itself without any further user-input, by performing the following steps:
- Change hostname
- Configure network
- Join Active Directory domain **-OR-** Set password for local administrator
- Iterate through any payload scripts

5
packer/iso.auto.pkrvars.hcl Normal file
View File

@ -0,0 +1,5 @@
iso_url = "sn.itch.fyi/Repository/iso/Microsoft/Windows%20Server%202019/LTSC/en_windows_server_2019_x64_dvd_4cb967d8.iso"
iso_checksum = "sha256:4c5dd63efee50117986a2e38d4b3a3fbaf3c1c15e2e7ea1d23ef9d8af148dd2d"
iso_paths = [
"ISO-files/VMware-tools-windows-11.2.1-17243207/VMware-tools-windows-11.2.1-17243207.iso"
]

159
packer/preseed/Server2019/Autounattend.xml Normal file
View File

@ -0,0 +1,159 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<servicing/>
<settings pass="windowsPE">
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Extend>false</Extend>
<Format>NTFS</Format>
<Letter>C</Letter>
<Order>1</Order>
<PartitionID>1</PartitionID>
<Label>Windows Server 2019</Label>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
<WillShowUI>OnError</WillShowUI>
</DiskConfiguration>
<UserData>
<AcceptEula>true</AcceptEula>
<!-- <FullName>Spamasaurus Rex</FullName>
<Organization>Spamasaurus Rex</Organization> -->
<ProductKey>
<Key><<img-productkey>></Key>
<WillShowUI>Never</WillShowUI>
</ProductKey>
</UserData>
<ImageInstall>
<OSImage>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>1</PartitionID>
</InstallTo>
<WillShowUI>OnError</WillShowUI>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/INDEX</Key>
<Value>4</Value>
</MetaData>
</InstallFrom>
</OSImage>
</ImageInstall>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAccounts>
<AdministratorPassword>
<Value><<img-password>></Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<AutoLogon>
<Password>
<Value><<img-password>></Value>
<PlainText>true</PlainText>
</Password>
<Username>administrator</Username>
<Enabled>true</Enabled>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set execution policy 64bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set execution policy 32bit</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine>
<Description>Disable new network prompt</Description>
<Order>3</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Set-NetworkProfile.ps1</CommandLine>
<Description>Set network profile to private</Description>
<Order>4</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Disable-WinRM.ps1</CommandLine>
<Description>Disable WinRM</Description>
<Order>5</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c a:\Install-VMwareTools.cmd</CommandLine>
<Order>13</Order>
<Description>Install VMware Tools</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Enable-WinRM.ps1</CommandLine>
<Description>Enable WinRM</Description>
<Order>99</Order>
</SynchronousCommand>
</FirstLogonCommands>
<ShowWindowsLive>false</ShowWindowsLive>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<OEMInformation>
<HelpCustomized>false</HelpCustomized>
</OEMInformation>
<!-- Rename computer here. -->
<ComputerName>packer-template</ComputerName>
<TimeZone>W. Europe Standard Time</TimeZone>
<RegisteredOwner/>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
</settings>
</unattend>

42
packer/preseed/Server2019/Sysprep_Unattend.xml Normal file
View File

@ -0,0 +1,42 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="generalize">
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>1</SkipRearm>
</component>
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
<DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Work</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
<SkipMachineOOBE>true</SkipMachineOOBE>
<SkipUserOOBE>true</SkipUserOOBE>
</OOBE>
<TimeZone>UTC</TimeZone>
<UserAccounts>
<AdministratorPassword>
<Value><<img-password>></Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
</component>
</settings>
<settings pass="specialize">
</settings>
</unattend>

168
packer/preseed/Server2019/pvscsi/Autounattend.xml Normal file
View File

@ -0,0 +1,168 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<servicing/>
<settings pass="auditSystem">
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DriverPaths>
<PathAndCredentials wcm:action="add" wcm:keyValue="1">
<Path>E:\Program Files\VMware\VMware Tools\Drivers\pvscsi\Win8\amd64</Path>
</PathAndCredentials>
</DriverPaths>
</component>
</settings>
<settings pass="windowsPE">
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Extend>false</Extend>
<Format>NTFS</Format>
<Letter>C</Letter>
<Order>1</Order>
<PartitionID>1</PartitionID>
<Label>Windows Server 2019</Label>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
<WillShowUI>OnError</WillShowUI>
</DiskConfiguration>
<UserData>
<AcceptEula>true</AcceptEula>
<!-- <FullName>Spamasaurus Rex</FullName>
<Organization>Spamasaurus Rex</Organization> -->
<ProductKey>
<Key><<img-productkey>></Key>
<WillShowUI>Never</WillShowUI>
</ProductKey>
</UserData>
<ImageInstall>
<OSImage>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>1</PartitionID>
</InstallTo>
<WillShowUI>OnError</WillShowUI>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/INDEX</Key>
<Value>4</Value>
</MetaData>
</InstallFrom>
</OSImage>
</ImageInstall>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAccounts>
<AdministratorPassword>
<Value><<img-password>></Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<AutoLogon>
<Password>
<Value><<img-password>></Value>
<PlainText>true</PlainText>
</Password>
<Username>administrator</Username>
<Enabled>true</Enabled>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set execution policy 64bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set execution policy 32bit</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine>
<Description>Disable new network prompt</Description>
<Order>3</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Set-NetworkProfile.ps1</CommandLine>
<Description>Set network profile to private</Description>
<Order>4</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Disable-WinRM.ps1</CommandLine>
<Description>Disable WinRM</Description>
<Order>5</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c a:\Install-VMwareTools.cmd</CommandLine>
<Order>13</Order>
<Description>Install VMware Tools</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Enable-WinRM.ps1</CommandLine>
<Description>Enable WinRM</Description>
<Order>99</Order>
</SynchronousCommand>
</FirstLogonCommands>
<ShowWindowsLive>false</ShowWindowsLive>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<OEMInformation>
<HelpCustomized>false</HelpCustomized>
</OEMInformation>
<!-- Rename computer here. -->
<ComputerName>packer-template</ComputerName>
<TimeZone>W. Europe Standard Time</TimeZone>
<RegisteredOwner/>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
</settings>
</unattend>

27
packer/variables.pkr.hcl Normal file
View File

@ -0,0 +1,27 @@
variable "vcenter_server" {}
variable "vsphere_username" {}
variable "vsphere_password" {}
variable "vsphere_host" {}
variable "vsphere_hostip" {}
variable "vsphere_datacenter" {}
variable "vsphere_templatefolder" {}
variable "vsphere_folder" {}
variable "vsphere_datastore" {}
variable "vsphere_network" {}
variable "vm_name" {}
variable "vm_guestos" {}
variable "winrm_password" {}
variable "iso_url" {}
variable "iso_checksum" {}
variable "iso_paths" {}
variable "repo_username" {}
variable "repo_password" {}
local "iso_authenticatedurl" {
expression = "https://${var.repo_username}:${var.repo_password}@${var.iso_url}"
sensitive = true
}

313
packer/windowsserver2019.pkr.hcl Normal file
View File

@ -0,0 +1,313 @@
packer {
required_plugins {
windows-update = {
version = ">= 0.12.0"
source = "github.com/rgl/windows-update"
}
}
}
source "vsphere-iso" "srv2019-template" {
vcenter_server = var.vcenter_server
username = var.vsphere_username
password = var.vsphere_password
insecure_connection = "true"
vm_name = "${var.vm_guestos}-${var.vm_name}-template"
datacenter = var.vsphere_datacenter
host = var.vsphere_host
folder = var.vsphere_folder
datastore = var.vsphere_datastore
guest_os_type = "windows9Server64Guest"
boot_order = "disk,cdrom"
boot_command = [""]
boot_wait = "5m"
communicator = "winrm"
winrm_username = "administrator"
winrm_password = var.winrm_password
winrm_timeout = "10m"
RAM = 4096
CPUs = 2
network_adapters {
network = var.vsphere_network
network_card = "vmxnet3"
}
storage {
disk_size = 20480
disk_thin_provisioned = true
}
disk_controller_type = ["lsilogic-sas"]
usb_controller = ["xhci"]
floppy_files = [
"packer/preseed/Server2019/Autounattend.xml",
"packer/preseed/Server2019/Sysprep_Unattend.xml",
"scripts/Set-NetworkProfile.ps1",
"scripts/Disable-WinRM.ps1",
"scripts/Enable-WinRM.ps1",
"scripts/Install-VMwareTools.cmd"
]
iso_url = local.iso_authenticatedurl
iso_checksum = var.iso_checksum
iso_paths = var.iso_paths
shutdown_command = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
shutdown_timeout = "1h"
export {
images = false
output_directory = "/scratch/srv2019-template"
}
remove_cdrom = true
}
source "vsphere-iso" "srv2019-virtual" {
vcenter_server = var.vcenter_server
username = var.vsphere_username
password = var.vsphere_password
insecure_connection = "true"
vm_name = "${var.vm_guestos}-${var.vm_name}-virtual"
datacenter = var.vsphere_datacenter
host = var.vsphere_host
folder = var.vsphere_folder
datastore = var.vsphere_datastore
guest_os_type = "windows9Server64Guest"
boot_order = "disk,cdrom"
boot_command = [""]
boot_wait = "5m"
communicator = "winrm"
winrm_password = var.winrm_password
winrm_timeout = "10m"
winrm_username = "administrator"
RAM = 4096
CPUs = 2
network_adapters {
network = var.vsphere_network
network_card = "vmxnet3"
}
storage {
disk_size = 20480
disk_thin_provisioned = true
}
disk_controller_type = ["lsilogic-sas"]
usb_controller = ["xhci"]
floppy_files = [
"packer/preseed/Server2019/Autounattend.xml",
"packer/preseed/Server2019/Sysprep_Unattend.xml",
"scripts/Set-NetworkProfile.ps1",
"scripts/Disable-WinRM.ps1",
"scripts/Enable-WinRM.ps1",
"scripts/Install-VMwareTools.cmd"
]
iso_url = local.iso_authenticatedurl
iso_checksum = var.iso_checksum
iso_paths = var.iso_paths
shutdown_command = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
shutdown_timeout = "1h"
export {
images = false
output_directory = "/scratch/srv2019-virtual"
}
remove_cdrom = true
}
source "vsphere-iso" "srv2019-baremetal" {
vcenter_server = var.vcenter_server
username = var.vsphere_username
password = var.vsphere_password
insecure_connection = "true"
vm_name = "${var.vm_guestos}-${var.vm_name}-baremetal"
datacenter = var.vsphere_datacenter
host = var.vsphere_host
folder = var.vsphere_folder
datastore = var.vsphere_datastore
guest_os_type = "windows9Server64Guest"
boot_order = "disk,cdrom"
boot_command = [""]
boot_wait = "5m"
communicator = "winrm"
winrm_username = "administrator"
winrm_password = var.winrm_password
winrm_timeout = "10m"
RAM = 4096
CPUs = 2
network_adapters {
network = var.vsphere_network
network_card = "vmxnet3"
}
storage {
disk_size = 20480
disk_thin_provisioned = true
}
disk_controller_type = ["pvscsi"]
usb_controller = ["xhci"]
floppy_files = [
"packer/preseed/Server2019/pvscsi/Autounattend.xml",
"packer/preseed/Server2019/Sysprep_Unattend.xml",
"scripts/Set-NetworkProfile.ps1",
"scripts/Disable-WinRM.ps1",
"scripts/Enable-WinRM.ps1",
"scripts/Install-VMwareTools.cmd"
]
iso_url = local.iso_authenticatedurl
iso_checksum = var.iso_checksum
iso_paths = var.iso_paths
shutdown_command = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
shutdown_timeout = "1h"
export {
images = false
output_directory = "/scratch/srv2019-baremetal"
}
remove_cdrom = true
}
build {
// sources = [
// "source.vsphere-iso.srv2019-template",
// "source.vsphere-iso.srv2019-virtual",
// "source.vsphere-iso.srv2019-baremetal"
// ]
sources = [
"source.vsphere-iso.srv2019-template",
"source.vsphere-iso.srv2019-virtual"
]
provisioner "windows-update" {
}
// provisioner "powershell" {
// scripts = [
// "scripts/Install-Prerequisites.ps1",
// "scripts/Install-WinGet.ps1"
// ]
// }
// provisioner "powershell" {
// inline = [
// "winget install mozilla.firefox",
// "winget install 7zip.7zip",
// "winget install microsoft.dotnetframework"
// ]
// // valid_exit_codes = [0, 3010]
// }
provisioner "powershell" {
inline = [
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12",
"Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
]
}
provisioner "powershell" {
inline = [
"choco config set --name=limit-output --value=LimitOutput",
"choco install -y dotnetfx",
"choco install -y 7zip.install",
"choco install -y sysinternals",
"choco install -y firefox"
]
valid_exit_codes = [0, 3010]
}
provisioner "windows-update" {
}
provisioner "powershell" {
only = ["vsphere-iso.srv2019-virtual"]
inline = [
"New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False"
]
}
provisioner "file" {
only = ["vsphere-iso.srv2019-virtual"]
destination = "C:\\Payload\\"
source = "scripts/payload/"
}
provisioner "powershell" {
only = ["vsphere-iso.srv2019-virtual"]
scripts = [
"scripts/Register-ScheduledTask.ps1"
]
}
post-processors {
post-processor "vsphere" {
only = ["vsphere-iso.srv2019-template"]
host = var.vcenter_server
username = var.vsphere_username
password = var.vsphere_password
insecure = true
vm_name = "Windows-Server-2019-LTSC"
datacenter = var.vsphere_datacenter
cluster = var.vsphere_host
vm_folder = var.vsphere_templatefolder
vm_network = var.vsphere_network
datastore = var.vsphere_datastore
disk_mode = "thin"
keep_input_artifact = true
overwrite = true
}
post-processor "vsphere-template" {
only = ["vsphere-iso.srv2019-template"]
host = var.vcenter_server
username = var.vsphere_username
password = var.vsphere_password
insecure = true
datacenter = var.vsphere_datacenter
folder = var.vsphere_templatefolder
reregister_vm = false
}
}
post-processor "shell-local" {
only = ["vsphere-iso.srv2019-virtual"]
inline = [
"pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
" -OVFFile '/scratch/srv2019-virtual/${var.vm_guestos}-${var.vm_name}-virtual.ovf' \\",
" -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
"pwsh -file scripts/Update-Manifest.ps1 \\",
" -ManifestFileName '/scratch/srv2019-virtual/${var.vm_guestos}-${var.vm_name}-virtual.mf'",
"ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
" '/scratch/srv2019-virtual/${var.vm_guestos}-${var.vm_name}-virtual.ovf' \\",
" /output/Windows-Server-2019-LTSC.ova"
]
}
post-processor "shell-local" {
only = ["vsphere-iso.srv2019-baremetal"]
inline = [
"qemu-img convert -f vmdk -O raw \\",
" /scratch/srv2019-baremetal/${var.vm_guestos}-${var.vm_name}-baremetal-disk-0.vmdk \\",
" /tmp/${var.vm_guestos}-${var.vm_name}.raw",
"gzip -c \\",
" /tmp/${var.vm_guestos}-${var.vm_name}.raw \\",
" > /output/Windows-Server-2019-LTSC.raw.gz"
]
}
}

52
scripts/Copy-DatastoreItem.ps1
View File

@ -1,52 +0,0 @@
[CmdletBinding()]
Param(
[Parameter(Mandatory)]
[string]$VMName,
[Parameter(Mandatory)]
[string]$VSphereFQDN,
[Parameter(Mandatory)]
[string]$VSphereUsername,
[Parameter(Mandatory)]
[string]$VSpherePassword
)
$PowerCliConfigurationSplat = @{
Scope = 'User'
ParticipateInCEIP = $False
Confirm = $False
InvalidCertificateAction = 'Ignore'
}
Set-PowerCLIConfiguration @PowerCliConfigurationSplat
$ConnectVIServerSplat = @{
Server = $VSphereFQDN
User = "$VSphereUsername"
Password = "$VSpherePassword"
WarningAction = 'SilentlyContinue'
}
Connect-VIServer @ConnectVIServerSplat | Out-Null
$GetVMSplat = @{
Name = $VMName
}
$VM = Get-VM @GetVMSplat
$GetHarddiskSplat = @{
VM = $VM
}
$Harddisk = Get-Harddisk @GetHarddiskSplat
$VMFolder = ($Harddisk.Filename.Substring(0, $Harddisk.Filename.LastIndexOf('/')) -split ' ')[1]
$NewDatastoreDriveSplat = @{
Name = 'ds'
Datastore = ($VM | Get-Datastore)
}
New-DatastoreDrive @NewDatastoreDriveSplat
$CopyDatastoreItemSplat = @{
Item = "ds:\$($VMFolder)\*.vmdk"
Destination = (Get-Item $PWD)
}
Copy-DatastoreItem @CopyDatastoreItemSplat
Disconnect-VIServer * -Confirm:$False

8
scripts/Disable-WinRM.ps1 Normal file
View File

@ -0,0 +1,8 @@
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
$winrmService = Get-Service -Name WinRM
if ($winrmService.Status -eq "Running"){
Disable-PSRemoting -Force
}
Stop-Service winrm
Set-Service -Name winrm -StartupType Disabled

18
scripts/Enable-WinRM.ps1 Normal file
View File

@ -0,0 +1,18 @@
$NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$Connections = $NetworkListManager.GetNetworkConnections()
$Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) }
Enable-PSRemoting -Force
winrm quickconfig -q
winrm quickconfig -transport:http
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}'
netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public new remoteip=any
Set-Service winrm -startuptype "auto"
Restart-Service winrm

40
scripts/Install-Prerequisites.ps1 Normal file
View File

@ -0,0 +1,40 @@
[CmdletBinding()]
Param(
# No parameters
)
$RequiredPSModules = @(
'ntobjectmanager' # Provides cmdlet 'Set-ExecutionAlias'
)
$InstallPackageProviderSplat = @{
Name = 'NuGet'
MinimumVersion = '2.8.5.201'
Force = $True
Confirm = $False
}
Install-PackageProvider @InstallPackageProviderSplat
$SetPSRepositorySplat = @{
Name = 'PSGallery'
InstallationPolicy = 'Trusted'
}
Set-PSRepository @SetPSRepositorySplat
$InstallModuleSplat = @{
Name = $RequiredPSModules
Force = $True
Confirm = $False
}
Install-Module @InstallModuleSplat
$SetPSRepositorySplat = @{
Name = 'PSGallery'
InstallationPolicy = 'Untrusted'
}
Set-PSRepository @SetPSRepositorySplat
# Double check whether the required PowerShell modules are available
ForEach ($Module in $RequiredPSModules) {
If ([boolean](Get-Module -Name $Module -ListAvailable) -ne $True) {
Write-Error -Message "Missing PowerShell module '$($Module)'"
Exit 1
}
}

2
scripts/Install-VMwareTools.cmd Normal file
View File

@ -0,0 +1,2 @@
@rem Silent mode, basic UI, no reboot
e:\setup64 /s /v "/qb REBOOT=R"

74
scripts/Install-WinGet.ps1 Normal file
View File

@ -0,0 +1,74 @@
#Requires -Modules 'NtObjectManager'
[CmdletBinding()]
Param(
# None
)
# Download dependencies
$AppxDependencies = @(
@{
ShortName = 'vclibs'
QualifiedName = 'Microsoft.VCLibs.140.00_8wekyb3d8bbwe'
},
@{
ShortName = 'vclibsuwp'
QualifiedName = 'Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe'
}
)
ForEach ($Dependency in $AppxDependencies) {
$InvokeWebRequestSplat = @{
Uri = 'https://store.rg-adguard.net/api/GetFiles'
Method = 'POST'
ContentType = 'application/x-www-form-urlencoded'
Body = "type=PackageFamilyName&url=$($Dependency.QualifiedName)&ring=RP&lang=en-US"
UseBasicParsing = $True
}
$InvokeWebRequestSplat = @{
Uri = ((Invoke-WebRequest @InvokeWebRequestSplat).Links | Where-Object {$_.OuterHTML -match '.appx' -and $_.outerHTML -match 'x64'}).href
OutFile = "$env:temp/$($Dependency.ShortName).appx"
}
Invoke-WebRequest @InvokeWebRequestSplat
}
# Download latest release (along with license) from github
$InvokeRestMethodSplat = @{
Uri = "https://api.github.com/repos/microsoft/winget-cli/releases/latest"
Method = 'GET'
}
$LatestRelease = Invoke-RestMethod @InvokeRestMethodSplat
$InvokeWebRequestSplat = @{
Uri = ($LatestRelease.assets | Where-Object {$_.name -like '*.msixbundle'}).browser_download_url
OutFile = "$env:temp\winget.msixbundle"
}
Invoke-WebRequest @InvokeWebRequestSplat
$InvokeWebRequestSplat = @{
Uri = ($LatestRelease.assets | Where-Object {$_.name -like '*license*.xml'}).browser_download_url
OutFile = "$env:temp\wingetlicense.xml"
}
Invoke-WebRequest @InvokeWebRequestSplat
# Install dependencies
$AppxDependencies.ShortName | ForEach-Object {
$AddAppxPackageSplat = @{
Path = "$env:temp/$($_).appx"
}
Add-AppxPackage @AddAppxPackageSplat
}
# Install winget
$AddAppxProvisionedPackageSplat = @{
Online = $True
PackagePath = "$env:temp\winget.msixbundle"
LicensePath = "$env:temp\wingetlicense.xml"
}
Add-AppxProvisionedPackage @AddAppxProvisionedPackageSplat
# Create reparse point
$SetExecutionAliasSplat = @{
Path = "$([System.Environment]::SystemDirectory)\winget.exe"
PackageName = "Microsoft.DesktopAppInstaller_8wekyb3d8bbwe"
EntryPoint = "Microsoft.DesktopAppInstaller_8wekyb3d8bbwe!winget"
Target = "$((Get-AppxPackage Microsoft.DesktopAppInstaller).InstallLocation)\AppInstallerCLI.exe"
AppType = 'Desktop'
Version = 3
}
Set-ExecutionAlias @SetExecutionAliasSplat
& explorer.exe "shell:appsFolder\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe!winget"

7
scripts/Register-ScheduledTask.ps1 Normal file
View File

@ -0,0 +1,7 @@
[CmdletBinding()]
Param(
# No parameters
)
# Create scheduled task
& schtasks.exe /Create /TN 'FirstBoot' /SC ONSTART /RU SYSTEM /TR "powershell.exe -file C:\Payload\Apply-FirstBootConfig.ps1"

30
scripts/Remove-Resources.ps1
View File

@ -16,7 +16,7 @@ $PowerCliConfigurationSplat = @{
Confirm = $False Confirm = $False
InvalidCertificateAction = 'Ignore' InvalidCertificateAction = 'Ignore'
} }
Set-PowerCLIConfiguration @PowerCliConfigurationSplat Set-PowerCLIConfiguration @PowerCliConfigurationSplat | Out-Null
$ConnectVIServerSplat = @{ $ConnectVIServerSplat = @{
Server = $VSphereFQDN Server = $VSphereFQDN
@ -26,14 +26,26 @@ $ConnectVIServerSplat = @{
} }
Connect-VIServer @ConnectVIServerSplat | Out-Null Connect-VIServer @ConnectVIServerSplat | Out-Null
$RemoveVMSplat = @{ $GetVMSplat = @{
VM = "$($VMName)*" Name = "*$($VMName)*"
DeletePermanently = $True ErrorAction = 'SilentlyContinue'
Confirm = $False }
ErrorAction = 'SilentlyContinue' If ([boolean](Get-VM @GetVMSplat)) {
$RemoveVMSplat = @{
VM = Get-VM @GetVMSplat
DeletePermanently = $True
Confirm = $False
ErrorAction = 'SilentlyContinue'
}
Remove-VM @RemoveVMSplat
} }
Remove-VM @RemoveVMSplat
# Also delete ISO/floppy? Disconnect-VIServer * -Confirm:$False
Disconnect-VIServer * -Confirm:$False $RemoveItemSplat = @{
Path = "/scratch/*"
Recurse = $True
Force = $True
Confirm = $False
}
Remove-Item @RemoveItemSplat

23
scripts/Set-NetworkProfile.ps1 Normal file
View File

@ -0,0 +1,23 @@
# You cannot enable Windows PowerShell Remoting on network connections that are set to Public
# Spin through all the network locations and if they are set to Public, set them to Private
# using the INetwork interface:
# http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx
# For more info, see:
# http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx
# Network location feature was only introduced in Windows Vista - no need to bother with this
# if the operating system is older than Vista
if([environment]::OSVersion.version.Major -lt 6) { return }
# You cannot change the network location if you are joined to a domain, so abort
if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }
# Get network connections
$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$connections = $networkListManager.GetNetworkConnections()
$connections |foreach {
Write-Host $_.GetNetwork().GetName()"category was previously set to"$_.GetNetwork().GetCategory()
$_.GetNetwork().SetCategory(1)
Write-Host $_.GetNetwork().GetName()"changed to category"$_.GetNetwork().GetCategory()
}

292
scripts/Update-OvfConfiguration.ps1
View File

@ -1,15 +1,6 @@
#Requires -Modules 'powershell-yaml' #Requires -Modules 'powershell-yaml'
[CmdletBinding()] [CmdletBinding()]
Param( Param(
[Parameter(Mandatory)]
[ValidateScript({
If ([boolean]($_.IndexOfAny([io.path]::GetInvalidFileNameChars()) -lt 0)) {
$True
} Else {
Throw 'Provided input contains invalid characters; aborting.'
}
})]
[string]$TemplateName,
[Parameter(Mandatory)] [Parameter(Mandatory)]
[ValidateScript({ [ValidateScript({
If (Test-Path($_)) { If (Test-Path($_)) {
@ -18,11 +9,12 @@ Param(
Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting." Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting."
} }
})] })]
[string]$OVFFile [string]$OVFFile,
[hashtable]$Parameter
) )
$GetContentSplat = @{ $GetContentSplat = @{
Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".$($TemplateName).yml") Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".yml")
Raw = $True Raw = $True
} }
$RawContent = Get-Content @GetContentSplat $RawContent = Get-Content @GetContentSplat
@ -30,7 +22,24 @@ $ConvertFromYamlSplat = @{
Yaml = $RawContent Yaml = $RawContent
AllDocuments = $True AllDocuments = $True
} }
$OVFConfig = ConvertFrom-Yaml @ConvertFromYamlSplat $YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat
# Check if the respective .yml file declared substitutions which need to be parsed
If (($YamlDocuments.Count -gt 1) -and $YamlDocuments[-1].Variables) {
ForEach ($Pattern in $YamlDocuments[-1].Variables) {
$RawContent = $RawContent -replace "\{\{ ($($Pattern.Name)) \}\}", [string](Invoke-Expression -Command $Pattern.Expression)
}
# Perform conversion to Yaml again, now with parsed file contents
$ConvertFromYamlSplat = @{
Yaml = $RawContent
AllDocuments = $True
}
$YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat
$OVFConfig = $YamlDocuments[0..($YamlDocuments.Count - 2)]
}
Else {
$OVFConfig = $YamlDocuments
}
$SourceFile = Get-Item -Path $OVFFile $SourceFile = Get-Item -Path $OVFFile
$GetContentSplat = @{ $GetContentSplat = @{
@ -38,7 +47,77 @@ $GetContentSplat = @{
} }
$XML = [xml](Get-Content @GetContentSplat) $XML = [xml](Get-Content @GetContentSplat)
$NS = [System.Xml.XmlNamespaceManager]$XML.NameTable $NS = [System.Xml.XmlNamespaceManager]$XML.NameTable
[void]$NS.AddNamespace('Any', $XML.DocumentElement.xmlns) [void]$NS.AddNamespace('ns', $XML.DocumentElement.xmlns)
[void]$NS.AddNamespace('ovf', $XML.DocumentElement.ovf)
[void]$NS.AddNamespace('rasd', $XML.DocumentElement.rasd)
[void]$NS.AddNamespace('vmw', $XML.DocumentElement.vmw)
# Create copy of existing 'Item/ResourceType'=17 (=Hard disk) node
$XMLDiskTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='17']", $NS).ParentNode.CloneNode($True)
ForEach ($Disk in $OVFConfig.DynamicDisks) {
# Determine next free available 'diskId'
$XMLDisks = $XML.SelectNodes("//ns:DiskSection/ns:Disk[contains(@ovf:diskId,'vmdisk')]", $NS)
$DiskId = 1
While ($XMLDisks.DiskId -contains "vmdisk$($DiskId)") {
$DiskId++
}
# Add new 'Disk' node (under 'DiskSection')
$XMLDisk = $XML.CreateElement('Disk', $XML.DocumentElement.xmlns)
$PowersMap = @{
KB = 10
MB = 20
GB = 30
TB = 40
PB = 50
}
If ($PowersMap.Keys -notcontains $Disk.UnitSize) {
# Invalid UnitSize; skipping adding new disk
Continue
}
[void]$XMLDisk.SetAttribute('capacityAllocationUnits', $NS.LookupNamespace('ovf'), "byte * 2^$($PowersMap[$Disk.UnitSize])")
[void]$XMLDisk.SetAttribute('format', $NS.LookupNamespace('ovf'), 'http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized')
[void]$XMLDisk.SetAttribute('diskId', $NS.LookupNamespace('ovf'), "vmdisk$($DiskId)")
[void]$XMLDisk.SetAttribute('capacity', $NS.LookupNamespace('ovf'), '${{vmconfig.disksize.{0}}}' -f $DiskId)
[void]$XMLDisk.SetAttribute('populatedSize', $NS.LookupNamespace('ovf'), 0)
[void]$XML.SelectSingleNode('//ns:DiskSection', $NS).AppendChild($XMLDisk)
# Add new 'Item/ResourceType' node (under 'VirtualHardwareSection')
$XMLDiskItem = $XMLDiskTemplate.CloneNode($True)
$XMLDiskItem.SelectSingleNode('rasd:AddressOnParent', $NS).InnerText = ($DiskId - 1)
$XMLDiskItem.SelectSingleNode('rasd:ElementName', $NS).InnerText = "Hard Disk $($DiskId)"
$XMLDiskItem.SelectSingleNode('rasd:HostResource', $NS).InnerText = "ovf:/disk/vmdisk$($DiskId)"
# Determine next free available and highest 'InstanceID'
$InstanceIDs = $XML.SelectNodes('//ns:VirtualHardwareSection/ns:Item/rasd:InstanceID', $NS).InnerText
$InstanceID = 1
While ($InstanceIDs -contains $InstanceID) {
$InstanceID++
}
$HighestInstanceID = ($InstanceIDs | Measure-Object -Maximum).Maximum
$XMLDiskItem.SelectSingleNode('rasd:InstanceID', $NS).InnerText = $InstanceID
[void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
$XMLDiskItem,
$XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:InstanceID[.='$($HighestInstanceID)']", $NS).ParentNode
)
$OVFConfig.PropertyCategories[0].ProductProperties += @{
Key = "vmconfig.disksize.$($DiskId)"
Type = If ([boolean]$Disk.Constraints.Minimum -or [boolean]$Disk.Constraints.Maximum) {
"Int($($Disk.Constraints.Minimum)..$($Disk.Constraints.Maximum))"
}
Else {
'Int'
}
Label = "Disk $($DiskId) size*"
Description = "$($Disk.Description) (in $($Disk.UnitSize))".Trim()
DefaultValue = "$($Disk.Constraints.Minimum)"
Configurations = '*'
UserConfigurable = 'true'
}
}
Write-Host "Inserted $($OVFConfig.DynamicDisks.Count) new node(s) into 'DiskSection' and 'VirtualHardwareSection' respectively"
If ($OVFConfig.DeploymentConfigurations.Count -gt 0) { If ($OVFConfig.DeploymentConfigurations.Count -gt 0) {
$XMLSection = $XML.CreateElement('DeploymentOptionSection', $XML.DocumentElement.xmlns) $XMLSection = $XML.CreateElement('DeploymentOptionSection', $XML.DocumentElement.xmlns)
@ -49,36 +128,72 @@ If ($OVFConfig.DeploymentConfigurations.Count -gt 0) {
ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) { ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) {
$XMLConfig = $XML.CreateElement('Configuration', $XML.DocumentElement.xmlns) $XMLConfig = $XML.CreateElement('Configuration', $XML.DocumentElement.xmlns)
$XMLConfigAttrId = $XML.CreateAttribute('id', $XML.DocumentElement.ovf) [void]$XMLConfig.SetAttribute('id', $NS.LookupNamespace('ovf'), $Configuration.Id)
$XMLConfigAttrId.Value = $Configuration.Id
$XMLConfigLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns) $XMLConfigLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
$XMLConfigLabel.InnerText = $Configuration.Label $XMLConfigLabel.InnerText = $Configuration.Label
$XMLConfigDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns) $XMLConfigDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns)
$XMLConfigDescription.InnerText = $Configuration.Description $XMLConfigDescription.InnerText = $Configuration.Description
[void]$XMLConfig.Attributes.Append($XMLConfigAttrId)
[void]$XMLConfig.AppendChild($XMLConfigLabel) [void]$XMLConfig.AppendChild($XMLConfigLabel)
[void]$XMLConfig.AppendChild($XMLConfigDescription) [void]$XMLConfig.AppendChild($XMLConfigDescription)
[void]$XMLSection.AppendChild($XMLConfig) [void]$XMLSection.AppendChild($XMLConfig)
} }
[void]$XML.SelectSingleNode('//Any:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//Any:NetworkSection', $NS)) [void]$XML.SelectSingleNode('//ns:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//ns:NetworkSection', $NS))
Write-Host "Inserted 'DeploymentOptionSection' with $($Configuration.Count) nodes" Write-Host "Inserted 'DeploymentOptionSection' with $($Configuration.Count) nodes"
If ($OVFConfig.DeploymentConfigurations.Count -eq $OVFConfig.DeploymentConfigurations.Size.Count) {
# Create copies of existing 'Item/ResourceType' nodes
$XMLCPUTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='3']", $NS).ParentNode.CloneNode($True)
$XMLMemoryTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='4']", $NS).ParentNode.CloneNode($True)
# Delete existing nodes
ForEach ($Node in $XML.SelectNodes("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='3' or .='4']", $NS).ParentNode) {
[void]$Node.ParentNode.RemoveChild($Node)
}
# Add adjusted 'Item/ResourceType' nodes
ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) {
$XMLCPU = $XMLCPUTemplate.CloneNode($True)
[void]$XMLCPU.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Configuration.Id)
$XMLCPU.SelectSingleNode('rasd:ElementName', $NS).InnerText = '{0} virtual CPU(s)' -f $Configuration.Size.CPU
$XMLCPU.SelectSingleNode('rasd:VirtualQuantity', $NS).InnerText = $Configuration.Size.CPU
$XMLMemory = $XMLMemoryTemplate.CloneNode($True)
[void]$XMLMemory.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Configuration.Id)
$XMLMemory.SelectSingleNode('rasd:ElementName', $NS).InnerText = '{0}MB of memory' -f $Configuration.Size.Memory
$XMLMemory.SelectSingleNode('rasd:VirtualQuantity', $NS).InnerText = $Configuration.Size.Memory
[void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
$XMLCPU,
$XML.SelectSingleNode('//ns:VirtualHardwareSection/ns:System', $NS)
)
[void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
$XMLMemory,
$XML.SelectSingleNode('//ns:VirtualHardwareSection/ns:System', $NS)
)
}
}
} }
$XMLAttrTransport = $XML.CreateAttribute('transport', $XML.DocumentElement.ovf) [void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).SetAttribute('transport', $NS.LookupNamespace('ovf'), 'com.vmware.guestInfo')
$XMLAttrTransport.Value = 'com.vmware.guestInfo' ForEach ($ExtraConfig in $OVFConfig.AdvancedOptions) {
[void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).Attributes.Append($XMLAttrTransport) $XMLExtraConfig = $XML.CreateElement('vmw:ExtraConfig', $XML.DocumentElement.vmw)
$XMLProductSection = $XML.SelectSingleNode('//Any:ProductSection', $NS) [void]$XMLExtraConfig.SetAttribute('required', $NS.LookupNamespace('ovf'), "$([boolean]$ExtraConfig.Required)".ToLower())
[void]$XMLExtraConfig.SetAttribute('key', $NS.LookupNamespace('vmw'), $ExtraConfig.Key)
[void]$XMLExtraConfig.SetAttribute('value', $NS.LookupNamespace('vmw'), $ExtraConfig.Value)
[void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).AppendChild($XMLExtraConfig)
}
Write-Host "Added $($OVFConfig.AdvancedOptions.Count) 'vmw:ExtraConfig' node(s)"
$XMLProductSection = $XML.SelectSingleNode('//ns:ProductSection', $NS)
If ($XMLProductSection -eq $Null) { If ($XMLProductSection -eq $Null) {
$XMLProductSection = $XML.CreateElement('ProductSection', $XML.DocumentElement.xmlns) $XMLProductSection = $XML.CreateElement('ProductSection', $XML.DocumentElement.xmlns)
[void]$XML.SelectSingleNode('//Any:VirtualSystem', $NS).AppendChild($XMLProductSection) [void]$XML.SelectSingleNode('//ns:VirtualSystem', $NS).AppendChild($XMLProductSection)
Write-Host "Inserted 'ProductSection'" Write-Host "Inserted 'ProductSection'"
} Else { } Else {
ForEach ($Child in $XMLProductSection.SelectNodes('//Any:ProductSection/child::*', $NS)) { ForEach ($Child in $XMLProductSection.SelectNodes('//ns:ProductSection/child::*', $NS)) {
[void]$Child.ParentNode.RemoveChild($Child) [void]$Child.ParentNode.RemoveChild($Child)
} }
Write-Host "Destroyed pre-existing children in 'ProductSection'" Write-Host "Destroyed pre-existing children in 'ProductSection'"
@ -99,85 +214,65 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
ForEach ($Property in $Category.ProductProperties) { ForEach ($Property in $Category.ProductProperties) {
$XMLProperty = $XML.CreateElement('Property', $XML.DocumentElement.xmlns) $XMLProperty = $XML.CreateElement('Property', $XML.DocumentElement.xmlns)
$XMLPropertyAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('key', $NS.LookupNamespace('ovf'), $Property.Key)
$XMLPropertyAttrKey.Value = $Property.Key
$XMLPropertyAttrType = $XML.CreateAttribute('type', $XML.DocumentElement.ovf)
Switch -regex ($Property.Type) { Switch -regex ($Property.Type) {
'boolean' { '^boolean' {
$XMLPropertyAttrType.Value = 'boolean' [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'boolean')
} }
'int' { '^int' {
$XMLPropertyAttrType.Value = 'uint8' [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'uint16')
$Qualifiers = @() $Qualifiers = @()
If ($Property.Type -match 'int\((\d*)\.\.(\d*)\)') { If ($Property.Type -match '^int\((\d*)\.\.(\d*)\)') {
If ($Matches[1]) { If ($Matches[1]) {
$Qualifiers += "MinValue($($Matches[1]))" $Qualifiers += "MinValue($($Matches[1]))"
} }
If ($Matches[2]) { If ($Matches[2]) {
$Qualifiers += "MaxValue($($Matches[2]))" $Qualifiers += "MaxValue($($Matches[2]))"
} }
$XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
$XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
} }
} }
'ip' { '^ip' {
$XMLPropertyAttrType.Value = 'string' [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
$XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.vmw) [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('vmw'), 'Ip')
$XMLPropertyAttrQualifiers.Value = 'Ip'
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
} }
'password' { '^password' {
$XMLPropertyAttrType.Value = 'string' [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
$XMLPropertyAttrPassword = $XML.CreateAttribute('password', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('password', $NS.LookupNamespace('ovf'), 'true')
$XMLPropertyAttrPassword.Value = 'true' $Qualifiers = @()
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrPassword) If ($Property.Type -match '^password\((\d*)\.\.(\d*)\)') {
If ($Matches[1]) {
$Qualifiers += "MinLen($($Matches[1]))"
}
If ($Matches[2]) {
$Qualifiers += "MaxLen($($Matches[2]))"
}
[void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
}
}
'^string' {
[void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
$Qualifiers = @()
If ($Property.Type -match '^string\((\d*)\.\.(\d*)\)') {
If ($Matches[1]) {
$Qualifiers += "MinLen($($Matches[1]))"
}
If ($Matches[2]) {
$Qualifiers += "MaxLen($($Matches[2]))"
}
[void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
} ElseIf ($Property.Type -match '^string\[(.*)\]') {
[void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), "ValueMap{$($Matches[1] -replace '","', '", "')}")
}
}
}
[void]$XMLProperty.SetAttribute('userConfigurable', $NS.LookupNamespace('ovf'), "$([boolean]$Property.UserConfigurable)".ToLower())
$Qualifiers = @()
If ($Property.Type -match 'password\((\d*)\.\.(\d*)\)') {
If ($Matches[1]) {
$Qualifiers += "MinLen($($Matches[1]))"
}
If ($Matches[2]) {
$Qualifiers += "MaxLen($($Matches[2]))"
}
$XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
$XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
}
}
'string' {
$XMLPropertyAttrType.Value = 'string'
$Qualifiers = @()
If ($Property.Type -match 'string\((\d*)\.\.(\d*)\)') {
If ($Matches[1]) {
$Qualifiers += "MinLen($($Matches[1]))"
}
If ($Matches[2]) {
$Qualifiers += "MaxLen($($Matches[2]))"
}
$XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
$XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
} ElseIf ($Property.Type -match 'string\[(.*)\]') {
$XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
$XMLPropertyAttrQualifiers.Value = "ValueMap{$($Matches[1] -replace '","', '", "')}"
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
}
}
}
$XMLPropertyAttrUserConfigurable = $XML.CreateAttribute('userConfigurable', $XML.DocumentElement.ovf)
$XMLPropertyAttrUserConfigurable.Value = "$([boolean]$Property.UserConfigurable)".ToLower()
$XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
If ($Property.Type -eq 'boolean') { If ($Property.Type -eq 'boolean') {
$XMLPropertyAttrValue.Value = "$([boolean]$Property.DefaultValue)".ToLower() [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), "$([boolean]$Property.DefaultValue)".ToLower())
} Else { } Else {
$XMLPropertyAttrValue.Value = $Property.DefaultValue [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), $Property.DefaultValue)
} }
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrKey)
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrType)
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrUserConfigurable)
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)
If ($Property.Label) { If ($Property.Label) {
$XMLPropertyLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns) $XMLPropertyLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
@ -191,30 +286,19 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
} }
If (($Property.Configurations.Count -eq 1) -and ($Property.Configurations -eq '*')) { If (($Property.Configurations.Count -eq 1) -and ($Property.Configurations -eq '*')) {
$XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $OVFConfig.DeploymentConfigurations.Id -join ' ')
$XMLPropertyAttrConfiguration.Value = $OVFConfig.DeploymentConfigurations.Id -join ' '
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)
} ElseIf ($Property.Configurations.Count -gt 0) { } ElseIf ($Property.Configurations.Count -gt 0) {
$XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Property.Configurations -join ' ')
$XMLPropertyAttrConfiguration.Value = $Property.Configurations -join ' '
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)
} }
If ($Property.Value.Count -eq 1) { If ($Property.Value.Count -eq 1) {
$XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf) [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), $Property.Value)
$XMLPropertyAttrValue.Value = $Property.Value
[void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)
} ElseIf ($Property.Value.Count -gt 1) { } ElseIf ($Property.Value.Count -gt 1) {
ForEach ($Value in $Property.Value) { ForEach ($Value in $Property.Value) {
$XMLValue = $XML.CreateElement('Value', $XML.DocumentElement.xmlns) $XMLValue = $XML.CreateElement('Value', $XML.DocumentElement.xmlns)
$XMLValueAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf) [void]$XMLValue.SetAttribute('value', $NS.LookupNamespace('ovf'), $Value)
$XMLValueAttrValue.Value = $Value [void]$XMLValue.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Value)
$XMLValueAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
$XMLValueAttrConfiguration.Value = $Value
[void]$XMLValue.Attributes.Append($XMLValueAttrValue)
[void]$XMLValue.Attributes.Append($XMLValueAttrConfiguration)
[void]$XMLProperty.AppendChild($XMLValue) [void]$XMLProperty.AppendChild($XMLValue)
} }
@ -225,4 +309,4 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
Write-Host "Inserted $($Category.ProductProperties.Count) new node(s) into 'ProductSection'" Write-Host "Inserted $($Category.ProductProperties.Count) new node(s) into 'ProductSection'"
} }
$XML.Save($SourceFile.FullName) $XML.Save($SourceFile.FullName)

168
scripts/Update-OvfConfiguration.yml Normal file
View File

@ -0,0 +1,168 @@
DeploymentConfigurations:
- Id: domainmember-small
Label: 'Domain member [SMALL: 1 vCPU/2GB RAM]'
Description: Windows Server joined to an Active Directory domain.
Size:
CPU: 1
Memory: 2048
- Id: domainmember-medium
Label: 'Domain member [MEDIUM: 2 vCPU/4GB RAM]'
Description: Windows Server joined to an Active Directory domain.
Size:
CPU: 2
Memory: 4096
- Id: domainmember-large
Label: 'Domain member [LARGE: 4 vCPU/8GB RAM]'
Description: Windows Server joined to an Active Directory domain.
Size:
CPU: 4
Memory: 8192
- Id: standalone-small
Label: 'Stand-alone [SMALL: 1 vCPU/2GB RAM]'
Description: Stand-alone Windows Server.
Size:
CPU: 1
Memory: 2048
- Id: standalone-medium
Label: 'Stand-alone [MEDIUM: 2 vCPU/4GB RAM]'
Description: Stand-alone Windows Server.
Size:
CPU: 2
Memory: 4096
- Id: standalone-large
Label: 'Stand-alone [LARGE: 4 vCPU/8GB RAM]'
Description: Stand-alone Windows Server.
Size:
CPU: 4
Memory: 8192
DynamicDisks:
- Description: Data
UnitSize: GB
Constraints:
Minimum: 10
Maximum: 500
- Description: Scratch
UnitSize: GB
Constraints:
Minimum: 5
Maximum: ''
PropertyCategories:
- Name: 0) Deployment information
ProductProperties:
- Key: deployment.type
Type: string
Value:
- domainmember-small
- domainmember-medium
- domainmember-large
- standalone-small
- standalone-medium
- standalone-large
UserConfigurable: false
- Name: 1) Operating System
ProductProperties:
- Key: guestinfo.hostname
Type: string(1..15)
Label: Hostname*
Description: '(max length: 15 characters)'
DefaultValue: ''
Configurations: '*'
UserConfigurable: true
- Key: guestinfo.administratorpw
Type: password(7..)
Label: Local administrator password*
Description: Must meet password complexity rules
DefaultValue: password
Configurations:
- standalone-small
- standalone-medium
- standalone-large
UserConfigurable: true
- Key: guestinfo.ntpserver
Type: string(1..)
Label: Time server*
Description: A comma-separated list of timeservers
DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org
Configurations:
- standalone-small
- standalone-medium
- standalone-large
UserConfigurable: true
- Name: 2) Networking
ProductProperties:
- Key: guestinfo.ipaddress
Type: ip
Label: IP Address*
Description: ''
DefaultValue: ''
Configurations: '*'
UserConfigurable: true
- Key: guestinfo.prefixlength
Type: int(8..32)
Label: Subnet prefix length*
Description: ''
DefaultValue: '24'
Configurations: '*'
UserConfigurable: true
- Key: guestinfo.dnsserver
Type: ip
Label: DNS server*
Description: ''
DefaultValue: ''
Configurations: '*'
UserConfigurable: true
- Key: guestinfo.gateway
Type: ip
Label: Gateway*
Description: ''
DefaultValue: ''
Configurations: '*'
UserConfigurable: true
- Name: 3) Active Directory membership
ProductProperties:
- Key: addsconfig.domainname
Type: string(1..)
Label: Domain name*
Description: Must be able to be resolved through provided DNS server
DefaultValue: example.org
Configurations:
- domainmember-small
- domainmember-medium
- domainmember-large
UserConfigurable: true
- Key: addsconfig.username
Type: string(1..)
Label: Domain account username*
Description: ''
DefaultValue: username
Configurations:
- domainmember-small
- domainmember-medium
- domainmember-large
UserConfigurable: true
- Key: addsconfig.password
Type: password(1..)
Label: Domain account password*
Description: ''
DefaultValue: password
Configurations:
- domainmember-small
- domainmember-medium
- domainmember-large
UserConfigurable: true
AdvancedOptions:
- Key: appliance.name
Value: "{{ appliance.name }}"
Required: false
- Key: appliance.version
Value: "{{ appliance.version }}"
Required: false
---
Variables:
- Name: appliance.name
Expression: |
$Parameter['appliance.name']
- Name: appliance.version
Expression: |
$Parameter['appliance.version']

238
scripts/payload/Apply-FirstBootConfig.ps1 Normal file
View File

@ -0,0 +1,238 @@
[CmdletBinding()]
Param(
# No parameters
)
$SetLocationSplat = @{
Path = $PSScriptRoot
}
Set-Location @SetLocationSplat
$NewEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
ErrorAction = 'SilentlyContinue'
}
New-EventLog @NewEventLogSplat
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Information'
EventID = 1
Message = "FirstBoot sequence initiated [working directory: '$PWD']"
}
Write-EventLog @WriteEventLogSplat
$VMwareToolsExecutable = "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe"
[xml]$ovfEnv = & $VMwareToolsExecutable --cmd "info-get guestinfo.ovfEnv" | Out-String
$ovfProperties = $ovfEnv.ChildNodes.NextSibling.PropertySection.Property
$ovfPropertyValues = @{}
foreach ($ovfProperty in $ovfProperties) {
$ovfPropertyValues[$ovfProperty.key] = $ovfProperty.Value
}
# Check for mandatory values
Switch -regex ($ovfPropertyValues['deployment.type']) {
'^domainmember' {
$MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'addsconfig.domainname', 'addsconfig.username', 'addsconfig.password'), @()
}
'^standalone' {
$MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'guestinfo.administratorpw', 'guestinfo.ntpserver'), @()
}
default {
# Mandatory values missing, cannot provision.
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Error'
EventID = 66
Message = "Unexpected or no value set for property 'deployment.type', cannot provision."
}
Write-EventLog @WriteEventLogSplat
& schtasks.exe /Change /TN 'FirstBoot' /DISABLE
Stop-Computer -Force
Exit
}
}
ForEach ($Property in $MandatoryProperties) {
If (!$ovfPropertyValues[$Property]) {
$MissingProperties += $Property
}
}
If ($MissingProperties.Length -gt 0) {
# Mandatory values missing, cannot provision.
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Error'
EventID = 66
Message = "Missing values for mandatory properties $(($MissingProperties | ForEach-Object {"'{0}'" -f $_}) -join ', '), cannot provision."
}
Write-EventLog @WriteEventLogSplat
& schtasks.exe /Change /TN 'FirstBoot' /DISABLE
Stop-Computer -Force
Exit
}
# Set hostname and description
If ($Env:ComputerName -ne $ovfPropertyValues['guestinfo.hostname']) {
$RenameComputerSplat = @{
NewName = $ovfPropertyValues['guestinfo.hostname']
Force = $True
Confirm = $False
}
Rename-Computer @RenameComputerSplat
$SetCimInstanceSplat = @{
InputObject = (Get-CimInstance -ClassName 'Win32_OperatingSystem')
Property = @{
Description = $ovfPropertyValues['guestinfo.hostname']
}
}
Set-CimInstance @SetCimInstanceSplat
# Restart the computer to apply changes
Restart-Computer -Force
Exit
}
# Configure network interface
If ((Get-WmiObject -Class 'Win32_NetworkAdapterConfiguration').IPAddress -NotContains $ovfPropertyValues['guestinfo.ipaddress']) {
$NewNetIPAddressSplat = @{
InterfaceAlias = (Get-NetAdapter).Name
AddressFamily = 'IPv4'
IPAddress = $ovfPropertyValues['guestinfo.ipaddress']
PrefixLength = $ovfPropertyValues['guestinfo.prefixlength']
DefaultGateway = $ovfPropertyValues['guestinfo.gateway']
}
$IPAddress = New-NetIPAddress @NewNetIPAddressSplat
# Wait for network connection to become available
$Timestamp, $TimeoutMinutes = (Get-Date), 5
Do {
If ($Timestamp.AddMinutes($TimeoutMinutes) -lt (Get-Date)) {
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Warning'
EventID = 13
Message = "Timeout after $($TimeoutMinutes) minutes waiting for network connection to become available."
}
Write-EventLog @WriteEventLogSplat
Break
}
Start-Sleep -Milliseconds 250
$GetNetIPAddressSplat = @{
IPAddress = $ovfPropertyValues['guestinfo.ipaddress']
InterfaceIndex = $IPAddress.InterfaceIndex
AddressFamily = 'IPv4'
ErrorAction = 'SilentlyContinue'
}
} Until ((Get-NetIPAddress @GetNetIPAddressSplat).AddressState -eq 'Preferred')
$OldErrorActionPreference, $ErrorActionPreference = $ErrorActionPreference, 'SilentlyContinue'
$TestNetConnectionSplat = @{
ComputerName = ([IPAddress]$ovfPropertyValues['guestinfo.dnsserver']).IPAddressToString
InformationLevel = 'Quiet'
}
$SetDnsClientServerAddressSplat = @{
InterfaceAlias = (Get-NetAdapter).Name
ServerAddresses = If (
[boolean]($ovfPropertyValues['guestinfo.dnsserver'] -as [IPaddress]) -and (Test-NetConnection @TestNetConnectionSplat)) {
($ovfPropertyValues['guestinfo.dnsserver'])
} else {
('127.0.0.1')
}
Validate = $False
}
Set-DnsClientServerAddress @SetDnsClientServerAddressSplat
$ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL
}
Switch -regex ($ovfPropertyValues['deployment.type']) {
'^domainmember' {
# Join Active Directory domain as member
If (!(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) {
$AddComputerSplat = @{
DomainName = $ovfPropertyValues['addsconfig.domainname']
Credential = New-Object System.Management.Automation.PSCredential(
$ovfPropertyValues['addsconfig.username'],
(ConvertTo-SecureString $ovfPropertyValues['addsconfig.password'] -AsPlainText -Force)
)
# OUPath = $ovfPropertyValues['addsconfig.organizationalunit']
Restart = $True
Force = $True
Confirm = $False
}
Add-Computer @AddComputerSplat
# Previous cmdlet performs a reboot on completion; so these are commented out
# Restart-Computer -Force
# Exit
}
}
'^standalone' {
# Change password of built-in Administrator
$BuiltinAdministrator = (Get-LocalUser | Where-Object {$_.SID -match '-500'})
$ConvertToSecureStringSplat = @{
String = $ovfPropertyValues['guestinfo.administratorpw']
AsPlainText = $True
Force = $True
}
$SetLocalUserSplat = @{
InputObject = $BuiltinAdministrator
Password = ConvertTo-SecureString @ConvertToSecureStringSplat
PasswordNeverExpires = $True
AccountNeverExpires = $True
### This setting is not allowed on the last administrator
# UserMayChangePassword = $False
Confirm = $False
}
Set-LocalUser @SetLocalUserSplat
}
}
# Iterate through and invoke all payload scripts
#! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots)
$GetItemSplat = @{
Path = "$($PSScriptRoot)\Scripts\*.ps1"
}
ForEach ($Script in (Get-Item @GetItemSplat)) {
Try {
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Information'
EventID = 4
Message = "Running script: '$($Script.FullName)'"
}
Write-EventLog @WriteEventLogSplat
& $Script.FullName -Parameter $ovfPropertyValues
}
Catch {
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Error'
EventID = 66
Message = @"
Error occurred while executing script '$($Script.Name)':
$($_.Exception.Message)
"@
}
Write-EventLog @WriteEventLogSplat
}
}
$WriteEventLogSplat = @{
LogName = 'Application'
Source = 'FirstBoot'
EntryType = 'Information'
EventID = 42
Message = 'FirstBoot sequence applied and finished'
}
Write-EventLog @WriteEventLogSplat
& schtasks.exe /Change /TN 'FirstBoot' /DISABLE