From 7b636e9d6a8020c33a997421ddbcfd8c4287e3a3 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Mon, 7 Oct 2013 08:51:35 -0700 Subject: [PATCH 1/9] Replace Cygwin with OpenSSH 6.2 wip --- answer_files/2012/Autounattend.xml | 81 ++++++++++++------- scripts/.gitignore | 3 + scripts/chef.bat | 6 ++ scripts/chocolatey.bat | 4 + scripts/echo.bat | 2 + scripts/hotfix-KB2842230.ps1 | 18 +++++ scripts/install-chef.sh | 8 -- scripts/install-cygwin-sshd.bat | 42 ---------- scripts/install-puppet.sh | 9 --- scripts/install-virtualbox-tools.sh | 31 ------- scripts/openssh-6.2.bat | 33 ++++++++ scripts/postinstall.sh | 29 ------- scripts/puppet-enterprise.bat | 8 ++ scripts/puppet.bat | 8 ++ scripts/virtualbox-tools.bat | 6 ++ ...nstall-vmware-tools.sh => vmware-tools.sh} | 0 ...nstall-win-updates.ps1 => win-updates.ps1} | 11 +-- vagrantfile-windows_2008_r2.template | 3 +- vagrantfile-windows_2012.template | 5 +- windows_2012.json | 36 ++++++--- 20 files changed, 172 insertions(+), 171 deletions(-) create mode 100644 scripts/.gitignore create mode 100644 scripts/chef.bat create mode 100644 scripts/chocolatey.bat create mode 100644 scripts/echo.bat create mode 100644 scripts/hotfix-KB2842230.ps1 delete mode 100644 scripts/install-chef.sh delete mode 100644 scripts/install-cygwin-sshd.bat delete mode 100644 scripts/install-puppet.sh delete mode 100644 scripts/install-virtualbox-tools.sh create mode 100644 scripts/openssh-6.2.bat delete mode 100755 scripts/postinstall.sh create mode 100644 scripts/puppet-enterprise.bat create mode 100644 scripts/puppet.bat create mode 100644 scripts/virtualbox-tools.bat rename scripts/{install-vmware-tools.sh => vmware-tools.sh} (100%) rename scripts/{install-win-updates.ps1 => win-updates.ps1} (91%) diff --git a/answer_files/2012/Autounattend.xml b/answer_files/2012/Autounattend.xml index 2c0f2338..a013f6a5 100644 --- a/answer_files/2012/Autounattend.xml +++ b/answer_files/2012/Autounattend.xml @@ -116,115 +116,134 @@ 2 true - - cmd.exe /c a:\install-cygwin-sshd.bat - Install Cygwin SSH - 3 - true - cmd.exe /c winrm quickconfig -q winrm quickconfig -q - 4 + 3 true cmd.exe /c winrm quickconfig -transport:http winrm quickconfig -transport:http - 5 + 4 true cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"} Win RM MaxTimoutms - 6 + 5 true cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"} Win RM MaxMemoryPerShellMB - 7 + 6 true cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"} Win RM AllowUnencrypted - 8 + 7 true cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"} Win RM auth Basic - 9 + 8 true cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"} Win RM client auth Basic - 10 + 9 true cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} Win RM listener Address/Port - 11 + 10 true cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes Win RM adv firewall enable - 12 + 11 true cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" Win RM port open - 13 + 12 true cmd.exe /c net stop winrm Stop Win RM Service - 14 + 13 true - cmd.exe /c sc config winrm start= auto + cmd.exe /c sc config winrm start=auto Win RM Autostart - 15 + 14 true cmd.exe /c net start winrm Start Win RM Service - 16 + 15 true - cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install-win-updates.ps1 - Install Windows Updates - 17 - true + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f + 16 + Show file extensions in Explorer %SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f - 18 + 17 Enable QuickEdit mode - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f + 18 + Show Run command in Start Menu + + + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f 19 - Show file extensions in Explorer + Show Administrative Tools in Start Menu - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f + %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f 20 - Show Run command in Start Menu + Zero Hibernation File - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f + %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f 21 - Show Administrative Tools in Start Menu + Disable Hibernation Mode + + + + cmd.exe /c a:\openssh-6.2.bat + Install OpenSSH + 99 + true false diff --git a/scripts/.gitignore b/scripts/.gitignore new file mode 100644 index 00000000..e4fe1a6c --- /dev/null +++ b/scripts/.gitignore @@ -0,0 +1,3 @@ +*.exe +*.msi +*.msu \ No newline at end of file diff --git a/scripts/chef.bat b/scripts/chef.bat new file mode 100644 index 00000000..ea294ea6 --- /dev/null +++ b/scripts/chef.bat @@ -0,0 +1,6 @@ + +if not exist "C:\Windows\Temp\chef.msi" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.opscode.com/chef/install.msi', 'C:\Windows\Temp\chef.msi')" +) +msiexec /qb /i C:\Windows\Temp\chef.msi +powershell -Command "Start-Sleep 1" diff --git a/scripts/chocolatey.bat b/scripts/chocolatey.bat new file mode 100644 index 00000000..2c64a35e --- /dev/null +++ b/scripts/chocolatey.bat @@ -0,0 +1,4 @@ + + +powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" +cmd /c setx /m PATH "%path%;C:\\Chocolatey\bin" diff --git a/scripts/echo.bat b/scripts/echo.bat new file mode 100644 index 00000000..0bf34e03 --- /dev/null +++ b/scripts/echo.bat @@ -0,0 +1,2 @@ + +set > echo.txt diff --git a/scripts/hotfix-KB2842230.ps1 b/scripts/hotfix-KB2842230.ps1 new file mode 100644 index 00000000..0c0b9d3a --- /dev/null +++ b/scripts/hotfix-KB2842230.ps1 @@ -0,0 +1,18 @@ + +$winver = [System.Environment]::OSVersion.Version +# Windows 8 / Windows 2012 require KB2842230 hotfix +# The Windows Remote Management (WinRM) service does not use the customized value of the MaxMemoryPerShellMB quota. +# Instead, the WinRM service uses the default value, which is 150 MB. +if ($winver.Major -eq 6 -and ($winver.Minor -eq 2 -or $winver.Minor -eq 3)) { + + #$HotfixUrl = "http://hotfixv4.microsoft.com/Windows%208%20RTM/nosp/Fix452763/9200/free/463941_intl_x64_zip.exe" + $HotfixMsu = "A:\Windows8-RT-KB2842230-x64.msu" + if (Test-Path $HotfixMsu) { + Write-Host "Executing KB2842230 hotfix" + start-process -NoNewWindow -FilePath "wusa.exe" -ArgumentList "$HotfixMsu /quiet /norestart" + + # Damn thing exists immediately. + Start-Sleep -s 60 + Write-Host "A reboot will be required before Chocolatey can be used via Puppet" + } +} diff --git a/scripts/install-chef.sh b/scripts/install-chef.sh deleted file mode 100644 index 54bf0c47..00000000 --- a/scripts/install-chef.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -x - -wget http://www.opscode.com/chef/install.msi -O chef-client-latest.msi -msiexec /qb /i chef-client-latest.msi -rm chef-client-latest.msi - -sleep 1 diff --git a/scripts/install-cygwin-sshd.bat b/scripts/install-cygwin-sshd.bat deleted file mode 100644 index ed385bb8..00000000 --- a/scripts/install-cygwin-sshd.bat +++ /dev/null @@ -1,42 +0,0 @@ -REM http://webcache.googleusercontent.com/search?q=cache:SjoPPpuQxuoJ:www.tcm.phy.cam.ac.uk/~mr349/cygwin_install.html+install+cygwin+ssh+commandline&cd=2&hl=nl&ct=clnk&gl=be&source=www.google.be - -REM create the cygwin directory -cmd /c mkdir %SystemDrive%\cygwin - -cmd /c bitsadmin /transfer CygwinSetupExe /download /priority normal http://www.cygwin.com/setup-x86_64.exe %SystemDrive%\cygwin\cygwin-setup.exe - -REM goto a temp directory -cd %SystemDrive%\windows\temp - -REM run the installation -cmd /c %SystemDrive%\cygwin\cygwin-setup.exe -q -R %SystemDrive%\cygwin -P openssh,openssl,curl,cygrunsrv,wget,rebase,vim -s http://cygwin.mirrors.pair.com - -%SystemDrive%\cygwin\bin\bash -c 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin cygrunsrv -R sshd' - -REM /bin/ash is the right shell for this command -cmd /c %SystemDrive%\cygwin\bin\ash -c /bin/rebaseall - -cmd /c %SystemDrive%\cygwin\bin\bash -c 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin mkgroup -l'>%SystemDrive%\cygwin\etc\group - -cmd /c %SystemDrive%\cygwin\bin\bash -c 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin mkpasswd -l'>%SystemDrive%\cygwin\etc\passwd - -%SystemDrive%\cygwin\bin\sleep 1 - -%SystemDrive%\cygwin\bin\bash -c 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin /bin/ssh-host-config -y -c "ntsecbinmode tty" -w "abc&&123!!" ' - -%SystemDrive%\cygwin\bin\sleep 2 - -cmd /c if exist %Systemroot%\system32\netsh.exe netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="c:\cygwin\usr\sbin\sshd.exe" SSHD enable=yes - -cmd /c if exist %Systemroot%\system32\netsh.exe netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22 - -%SystemDrive%\cygwin\bin\sleep 2 - -# net start sshd - -# Fix corrupt recycle bin -# http://www.winhelponline.com/blog/fix-corrupted-recycle-bin-windows-7-vista/ -cmd /c rd /s /q c:\$Recycle.bin - -copy a:\sudo %SystemDrive%\cygwin\usr\local\bin -cmd /c %SystemDrive%\cygwin\bin\chmod 755 %SystemDrive%\cygwin\usr\local\bin\sudo \ No newline at end of file diff --git a/scripts/install-puppet.sh b/scripts/install-puppet.sh deleted file mode 100644 index a0d839ec..00000000 --- a/scripts/install-puppet.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -set -x - -wget --no-check-certificate http://pm.puppetlabs.com/puppet-enterprise/3.0.1/puppet-enterprise-3.0.1.msi -O puppet.msi -msiexec /qn /i puppet.msi -rm -rf puppet.msi -cmd.exe /c setx /m PATH "%path%;C:\\Program Files (x86)\\Puppet Labs\\Puppet Enterprise\\bin" - -sleep 1 diff --git a/scripts/install-virtualbox-tools.sh b/scripts/install-virtualbox-tools.sh deleted file mode 100644 index 06116662..00000000 --- a/scripts/install-virtualbox-tools.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -set -x - -if [ "$PACKER_BUILDER_TYPE" != "virtualbox" ]; then - echo "not building virtualbox, skipping" - exit -fi - -# 7zip will allow us to extract a file from an ISO -wget http://downloads.sourceforge.net/sevenzip/7z920-x64.msi -msiexec /qb /i 7z920-x64.msi - -# There needs to be Oracle CA (Certificate Authority) certificates installed in order -# to prevent user intervention popups which will undermine a silent installation. -cmd /c certutil -addstore -f "TrustedPublisher" A:\\oracle-cert.cer - -mkdir /home/vagrant/virtualbox -chown -R vagrant /home/vagrant/virtualbox - -# Extract and install -/cygdrive/c/Program\ Files/7-Zip/7z.exe x -y C:\\cygwin\\VBoxGuestAdditions*.iso -ovirtualbox -cmd.exe /c .\\virtualbox\\VBoxWindowsAdditions.exe /S - -rm -rf /home/vagrant/VBoxGuestAdditions.iso -rm -rf /home/vagrant/virtualbox - -msiexec /qb /x 7z920-x64.msi -rm -rf 7z920-x64.msi - -#cmd /c shutdown.exe /r /t 0 /d p:4:1 /c "Vagrant reboot for VBoxWindowsAdditions" -sleep 1 diff --git a/scripts/openssh-6.2.bat b/scripts/openssh-6.2.bat new file mode 100644 index 00000000..02fb75a5 --- /dev/null +++ b/scripts/openssh-6.2.bat @@ -0,0 +1,33 @@ + +@rem setup openssh +if exist a:\openssh-6.2.exe ( + copy a:\openssh-6.2.exe C:\windows\Temp +) else ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.mls-software.com/files/setupssh-6.2p2-1-v1(x64).exe', 'C:\Windows\Temp\openssh-6.2.exe')" +) +cmd /c C:\Windows\temp\openssh-6.2.exe /S /port=22 /privsep=1 /password=D@rj33l1ng + +@rem ensure vagrant can log in +mkdir "C:\Users\vagrant" +cmd /c C:\Windows\System32\icacls.exe "C:\Users\vagrant" /grant vagrant:(OI)(CI)F +cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\bin" /grant vagrant:(OI)RX +cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\usr\sbin" /grant vagrant:(OI)RX +powershell -Command "(Get-Content 'C:\Program Files\OpenSSH\etc\passwd') | Foreach-Object { $_ -replace '/home/(\w+)', '/cygdrive/c/Users/$1' } | Set-Content 'C:\Program Files\OpenSSH\etc\passwd'" + +@rem use Windows\Temp as /tmp location +rd /S /Q "C:\Program Files\OpenSSH\tmp" +cmd /c ""C:\Program Files\OpenSSH\bin\junction.exe" /accepteula "C:\Program Files\OpenSSH\tmp" C:\Windows\Temp" +cmd /c C:\Windows\System32\icacls.exe "C:\Windows\Temp" /grant vagrant:(OI)(CI)F + +@rem vagrant public key useful later +mkdir "C:\Users\vagrant\.ssh" +if exist a:\vagrant.pub ( + copy a:\vagrant.pub C:\Users\vagrant\.ssh\authorized_keys +) else ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub', 'C:\Users\vagrant\.ssh\authorized_keys')" +) + +@rem configure firewall +netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=OpenSSHd enable=yes +netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="C:\Program Files\OpenSSH\usr\sbin\sshd.exe" enable=yes +netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22 diff --git a/scripts/postinstall.sh b/scripts/postinstall.sh deleted file mode 100755 index 5b4a3b17..00000000 --- a/scripts/postinstall.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh -set -x - -# Create the home directory -mkdir -p /home/vagrant -chown vagrant /home/vagrant -cd /home/vagrant - -# Install ssh certificates -mkdir /home/vagrant/.ssh -chmod 700 /home/vagrant/.ssh -cd /home/vagrant/.ssh -wget --no-check-certificate 'https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub' -O authorized_keys -chown -R vagrant /home/vagrant/.ssh -cd .. - -# Install rpm,apt-get like code for cygwin -# http://superuser.com/questions/40545/upgrading-and-installing-packages-through-the-cygwin-command-line -wget http://apt-cyg.googlecode.com/svn/trunk/apt-cyg -chmod +x apt-cyg -mv apt-cyg /usr/local/bin/ - -cat <<'EOF' > /bin/sudo -#!/usr/bin/bash -exec "$@" -EOF -chmod 755 /bin/sudo - -sleep 1 diff --git a/scripts/puppet-enterprise.bat b/scripts/puppet-enterprise.bat new file mode 100644 index 00000000..ac33ea83 --- /dev/null +++ b/scripts/puppet-enterprise.bat @@ -0,0 +1,8 @@ + +if not exist "C:\Windows\Temp\puppet.msi" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://pm.puppetlabs.com/puppet-enterprise/3.0.1/puppet-enterprise-3.0.1.msi', 'C:\Windows\Temp\puppet.msi')" +) +msiexec /qn /i C:\Windows\Temp\puppet.msi +cmd /c setx /m PATH "%path%;C:\\Program Files (x86)\\Puppet Labs\\Puppet Enterprise\\bin" + +powershell -Command "Start-Sleep 1" \ No newline at end of file diff --git a/scripts/puppet.bat b/scripts/puppet.bat new file mode 100644 index 00000000..93726700 --- /dev/null +++ b/scripts/puppet.bat @@ -0,0 +1,8 @@ + +if not exist "C:\Windows\Temp\puppet.msi" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://downloads.puppetlabs.com/windows/puppet-3.3.0.msi', 'C:\Windows\Temp\puppet.msi')" +) +msiexec /qn /i C:\Windows\Temp\puppet.msi +cmd /c setx /m PATH "%path%;C:\\Program Files (x86)\\Puppet Labs\\Puppet\\bin" + +powershell -Command "Start-Sleep 1" diff --git a/scripts/virtualbox-tools.bat b/scripts/virtualbox-tools.bat new file mode 100644 index 00000000..37afd1ea --- /dev/null +++ b/scripts/virtualbox-tools.bat @@ -0,0 +1,6 @@ + +@rem There needs to be Oracle CA (Certificate Authority) certificates installed in order +@rem to prevent user intervention popups which will undermine a silent installation. + +cmd /c certutil -addstore -f "TrustedPublisher" A:\oracle-cert.cer +cmd /c E:\VBoxWindowsAdditions.exe /S diff --git a/scripts/install-vmware-tools.sh b/scripts/vmware-tools.sh similarity index 100% rename from scripts/install-vmware-tools.sh rename to scripts/vmware-tools.sh diff --git a/scripts/install-win-updates.ps1 b/scripts/win-updates.ps1 similarity index 91% rename from scripts/install-win-updates.ps1 rename to scripts/win-updates.ps1 index 2e965048..7c85455c 100755 --- a/scripts/install-win-updates.ps1 +++ b/scripts/win-updates.ps1 @@ -15,14 +15,11 @@ function Check-ContinueRestartOrEnd() { Write-Host "No Restart Required" Check-WindowsUpdates if (($global:MoreUpdates -eq 1) -and ($script:Cycles -le $global:MaxCycles)) { - Stop-Service $script:ServiceName -Force - Set-Service -Name $script:ServiceName -StartupType Disabled -Status Stopped Install-WindowsUpdates } elseif ($script:Cycles -gt $global:MaxCycles) { Write-Host "Exceeded Cycle Count - Stopping" } else { Write-Host "Done Installing Windows Updates" - Set-Service -Name $script:ServiceName -StartupType Automatic -Status Running } } 1 { @@ -158,13 +155,11 @@ $script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher() $script:SearchResult = New-Object -ComObject 'Microsoft.Update.UpdateColl' $script:Cycles = 0 -$script:ServiceName = "sshd" - -Stop-Service $script:ServiceName -Force -Set-Service -Name $script:ServiceName -StartupType Disabled -Status Stopped Check-WindowsUpdates if ($global:MoreUpdates -eq 1) { Install-WindowsUpdates } else { Check-ContinueRestartOrEnd -} \ No newline at end of file +} + + diff --git a/vagrantfile-windows_2008_r2.template b/vagrantfile-windows_2008_r2.template index db1c3042..b0a611ef 100644 --- a/vagrantfile-windows_2008_r2.template +++ b/vagrantfile-windows_2008_r2.template @@ -4,7 +4,8 @@ Vagrant.configure("2") do |config| config.vm.define "vagrant-windows-2008-r2" config.vm.box = "windows_2008_r2" - + config.vm.base_mac = "{{ .BaseMacAddress }}" + # You should be using the vagrant-windows Vagrant Plugin! # Admin user name and password config.winrm.username = "vagrant" diff --git a/vagrantfile-windows_2012.template b/vagrantfile-windows_2012.template index 2d4caf22..8dcac579 100644 --- a/vagrantfile-windows_2012.template +++ b/vagrantfile-windows_2012.template @@ -3,8 +3,9 @@ Vagrant.configure("2") do |config| config.vm.define "vagrant-windows-2012" - config.vm.box = "vagrant_windows_2012" - + config.vm.box = "windows_2012" + config.vm.base_mac = "{{ .BaseMacAddress }}" + # You should be using the vagrant-windows Vagrant Plugin! # Admin user name and password config.winrm.username = "vagrant" diff --git a/windows_2012.json b/windows_2012.json index 3f1c889b..31d14333 100644 --- a/windows_2012.json +++ b/windows_2012.json @@ -9,12 +9,17 @@ "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Vagrant Shutdown\"", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Vagrant Shutdown\"", "guest_os_type": "windows8srv-64", "disk_size": 61440, "vnc_port_min": 5900, "vnc_port_max": 5980, - "floppy_files": ["./answer_files/2012/Autounattend.xml", "./scripts/install-cygwin-sshd.bat", "./scripts/install-win-updates.ps1"], + "floppy_files": [ + "./answer_files/2012/Autounattend.xml", + "./scripts/win-updates.ps1", + "./scripts/openssh-6.2.exe", + "./scripts/openssh-6.2.bat" + ], "vmx_data": { "RemoteDisplay.vnc.enabled": "false", "RemoteDisplay.vnc.port": "5900", @@ -26,19 +31,23 @@ "iso_url": "./iso/en_windows_server_2012_x64_dvd_915478.iso", "iso_checksum_type": "md5", "iso_checksum": "da91135483e24689bfdaf05d40301506", - "headless": true, + "headless": false, "boot_wait": "5m", "ssh_username": "vagrant", "ssh_password": "vagrant", - "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Vagrant Shutdown\"", + "ssh_wait_timeout": "8h", + "shutdown_command": "shutdown /s /t 2400 /f /d p:4:1 /c \"Vagrant Shutdown\"", + "shutdown_timeout": "8h", "guest_os_type": "Windows2012_64", "disk_size": 61440, + "guest_additions_attach": "true", "floppy_files": [ "./answer_files/2012/Autounattend.xml", - "./scripts/oracle-cert.cer", - "./scripts/install-cygwin-sshd.bat", - "./scripts/install-win-updates.ps1" + "./scripts/win-updates.ps1", + "./scripts/hotfix-KB2842230.ps1", + "./scripts/Windows8-RT-KB2842230-x64.msu", + "./scripts/openssh-6.2.bat", + "./scripts/oracle-cert.cer" ], "vboxmanage": [ ["modifyvm", "{{.Name}}", "--memory", "2048"], @@ -47,11 +56,18 @@ }], "provisioners": [{ "type": "shell", - "scripts": ["./scripts/postinstall.sh", "./scripts/install-vmware-tools.sh", "./scripts/install-virtualbox-tools.sh", "./scripts/install-chef.sh"] + "remote_path": "/tmp/script.bat", + "execute_command": "cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/echo.bat", + "./scripts/virtualbox-tools.bat", + "./scripts/puppet.bat", + "./scripts/chef.bat", + "./scripts/chocolatey.bat" + ] }], "post-processors": [{ "type": "vagrant", - "keep_input_artifact": false, "output": "windows_2012_{{.Provider}}.box", "vagrantfile_template": "vagrantfile-windows_2012.template" }] From a09d7a64156d1b97b366af7c04101473c4e15926 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Mon, 7 Oct 2013 13:11:27 -0700 Subject: [PATCH 2/9] Add missing TEMP environment variable; fixes chocolatey.bat wip --- answer_files/2012/Autounattend.xml | 7 ------- scripts/chocolatey.bat | 1 - scripts/echo.bat | 2 -- scripts/openssh-6.2.bat | 16 +++++++--------- scripts/vagrant-ssh.bat | 8 ++++++++ windows_2012.json | 24 ++++++++++-------------- 6 files changed, 25 insertions(+), 33 deletions(-) delete mode 100644 scripts/echo.bat create mode 100644 scripts/vagrant-ssh.bat diff --git a/answer_files/2012/Autounattend.xml b/answer_files/2012/Autounattend.xml index a013f6a5..fa37e817 100644 --- a/answer_files/2012/Autounattend.xml +++ b/answer_files/2012/Autounattend.xml @@ -231,13 +231,6 @@ 22 true - - - cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\hotfix-KB2842230.ps1 - Install Windows Updates - 23 - true - --> cmd.exe /c a:\openssh-6.2.bat diff --git a/scripts/chocolatey.bat b/scripts/chocolatey.bat index 2c64a35e..e69432fc 100644 --- a/scripts/chocolatey.bat +++ b/scripts/chocolatey.bat @@ -1,4 +1,3 @@ - powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" cmd /c setx /m PATH "%path%;C:\\Chocolatey\bin" diff --git a/scripts/echo.bat b/scripts/echo.bat deleted file mode 100644 index 0bf34e03..00000000 --- a/scripts/echo.bat +++ /dev/null @@ -1,2 +0,0 @@ - -set > echo.txt diff --git a/scripts/openssh-6.2.bat b/scripts/openssh-6.2.bat index 02fb75a5..dd73d75b 100644 --- a/scripts/openssh-6.2.bat +++ b/scripts/openssh-6.2.bat @@ -6,9 +6,12 @@ if exist a:\openssh-6.2.exe ( powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.mls-software.com/files/setupssh-6.2p2-1-v1(x64).exe', 'C:\Windows\Temp\openssh-6.2.exe')" ) cmd /c C:\Windows\temp\openssh-6.2.exe /S /port=22 /privsep=1 /password=D@rj33l1ng +cmd /c echo PermitUserEnvironment yes >> "C:\Program Files\OpenSSH\etc\sshd_config" +powershell -Command "Start-Sleep -s 10" +net stop opensshd @rem ensure vagrant can log in -mkdir "C:\Users\vagrant" +mkdir "C:\Users\vagrant\.ssh" cmd /c C:\Windows\System32\icacls.exe "C:\Users\vagrant" /grant vagrant:(OI)(CI)F cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\bin" /grant vagrant:(OI)RX cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\usr\sbin" /grant vagrant:(OI)RX @@ -18,16 +21,11 @@ powershell -Command "(Get-Content 'C:\Program Files\OpenSSH\etc\passwd') | Forea rd /S /Q "C:\Program Files\OpenSSH\tmp" cmd /c ""C:\Program Files\OpenSSH\bin\junction.exe" /accepteula "C:\Program Files\OpenSSH\tmp" C:\Windows\Temp" cmd /c C:\Windows\System32\icacls.exe "C:\Windows\Temp" /grant vagrant:(OI)(CI)F - -@rem vagrant public key useful later -mkdir "C:\Users\vagrant\.ssh" -if exist a:\vagrant.pub ( - copy a:\vagrant.pub C:\Users\vagrant\.ssh\authorized_keys -) else ( - powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub', 'C:\Users\vagrant\.ssh\authorized_keys')" -) +echo TEMP=C:\\Windows\\Temp > C:\Users\vagrant\.ssh\environment @rem configure firewall netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=OpenSSHd enable=yes netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="C:\Program Files\OpenSSH\usr\sbin\sshd.exe" enable=yes netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22 + +net start opensshd diff --git a/scripts/vagrant-ssh.bat b/scripts/vagrant-ssh.bat new file mode 100644 index 00000000..113978ad --- /dev/null +++ b/scripts/vagrant-ssh.bat @@ -0,0 +1,8 @@ + +@rem vagrant public key +mkdir "C:\Users\vagrant\.ssh" +if exist a:\vagrant.pub ( + copy a:\vagrant.pub C:\Users\vagrant\.ssh\authorized_keys +) else ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub', 'C:\Users\vagrant\.ssh\authorized_keys')" +) diff --git a/windows_2012.json b/windows_2012.json index 31d14333..993db922 100644 --- a/windows_2012.json +++ b/windows_2012.json @@ -17,7 +17,6 @@ "floppy_files": [ "./answer_files/2012/Autounattend.xml", "./scripts/win-updates.ps1", - "./scripts/openssh-6.2.exe", "./scripts/openssh-6.2.bat" ], "vmx_data": { @@ -36,7 +35,7 @@ "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "8h", - "shutdown_command": "shutdown /s /t 2400 /f /d p:4:1 /c \"Vagrant Shutdown\"", + "shutdown_command": "shutdown /s /t 4800 /f /d p:4:1 /c \"Vagrant Shutdown\"", "shutdown_timeout": "8h", "guest_os_type": "Windows2012_64", "disk_size": 61440, @@ -44,8 +43,6 @@ "floppy_files": [ "./answer_files/2012/Autounattend.xml", "./scripts/win-updates.ps1", - "./scripts/hotfix-KB2842230.ps1", - "./scripts/Windows8-RT-KB2842230-x64.msu", "./scripts/openssh-6.2.bat", "./scripts/oracle-cert.cer" ], @@ -55,16 +52,15 @@ ] }], "provisioners": [{ - "type": "shell", - "remote_path": "/tmp/script.bat", - "execute_command": "cmd /c C:/Windows/Temp/script.bat", - "scripts": [ - "./scripts/echo.bat", - "./scripts/virtualbox-tools.bat", - "./scripts/puppet.bat", - "./scripts/chef.bat", - "./scripts/chocolatey.bat" - ] + "type": "shell", + "remote_path": "/tmp/script.bat", + "execute_command": "{{ .Vars }} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/virtualbox-tools.bat", + "./scripts/puppet.bat", + "./scripts/chef.bat", + "./scripts/chocolatey.bat" + ] }], "post-processors": [{ "type": "vagrant", From 5f29bbececbb658bd39d5fae58dd35c97ef47e00 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Mon, 7 Oct 2013 17:22:03 -0700 Subject: [PATCH 3/9] Rollup vm guest tools into one script wip --- scripts/chocolatey.bat | 1 + scripts/hotfix-KB2842230.bat | 20 ++++++++++++++++++++ scripts/hotfix-KB2842230.ps1 | 18 ------------------ scripts/openssh-6.2.bat | 20 +++++--------------- scripts/vagrant-ssh.bat | 2 +- scripts/virtualbox-tools.bat | 6 ------ scripts/vm-guest-tools.bat | 31 +++++++++++++++++++++++++++++++ scripts/vmware-tools.sh | 34 ---------------------------------- windows_2012.json | 18 +++++++++++------- 9 files changed, 69 insertions(+), 81 deletions(-) create mode 100644 scripts/hotfix-KB2842230.bat delete mode 100644 scripts/hotfix-KB2842230.ps1 delete mode 100644 scripts/virtualbox-tools.bat create mode 100644 scripts/vm-guest-tools.bat delete mode 100644 scripts/vmware-tools.sh diff --git a/scripts/chocolatey.bat b/scripts/chocolatey.bat index e69432fc..f3bfb0b2 100644 --- a/scripts/chocolatey.bat +++ b/scripts/chocolatey.bat @@ -1,3 +1,4 @@ +set TEMP=C:\Windows\Temp powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" cmd /c setx /m PATH "%path%;C:\\Chocolatey\bin" diff --git a/scripts/hotfix-KB2842230.bat b/scripts/hotfix-KB2842230.bat new file mode 100644 index 00000000..b96c8994 --- /dev/null +++ b/scripts/hotfix-KB2842230.bat @@ -0,0 +1,20 @@ +:: Windows 8 / Windows 2012 require KB2842230 hotfix +:: The Windows Remote Management (WinRM) service does not use the customized value of the MaxMemoryPerShellMB quota. +:: Instead, the WinRM service uses the default value, which is 150 MB. +:: http://hotfixv4.microsoft.com/Windows%208%20RTM/nosp/Fix452763/9200/free/463941_intl_x64_zip.exe + +@echo off +set hotfix="C:\Windows\Temp\Windows8-RT-KB2842230-x64.msu" +if not exist %hotfix% goto :eof + +:: get windows version +for /f "tokens=2 delims=[]" %%G in ('ver') do (set _version=%%G) +for /f "tokens=2,3,4 delims=. " %%G in ('echo %_version%') do (set _major=%%G& set _minor=%%H& set _build=%%I) + +:: 6.2 or 6.3 +if %_major% neq 6 goto :eof +if %_minor% lss 2 goto :eof +if %_minor% gtr 3 goto :eof + +@echo on +start /wait wusa "%hotfix%" /quiet /norestart diff --git a/scripts/hotfix-KB2842230.ps1 b/scripts/hotfix-KB2842230.ps1 deleted file mode 100644 index 0c0b9d3a..00000000 --- a/scripts/hotfix-KB2842230.ps1 +++ /dev/null @@ -1,18 +0,0 @@ - -$winver = [System.Environment]::OSVersion.Version -# Windows 8 / Windows 2012 require KB2842230 hotfix -# The Windows Remote Management (WinRM) service does not use the customized value of the MaxMemoryPerShellMB quota. -# Instead, the WinRM service uses the default value, which is 150 MB. -if ($winver.Major -eq 6 -and ($winver.Minor -eq 2 -or $winver.Minor -eq 3)) { - - #$HotfixUrl = "http://hotfixv4.microsoft.com/Windows%208%20RTM/nosp/Fix452763/9200/free/463941_intl_x64_zip.exe" - $HotfixMsu = "A:\Windows8-RT-KB2842230-x64.msu" - if (Test-Path $HotfixMsu) { - Write-Host "Executing KB2842230 hotfix" - start-process -NoNewWindow -FilePath "wusa.exe" -ArgumentList "$HotfixMsu /quiet /norestart" - - # Damn thing exists immediately. - Start-Sleep -s 60 - Write-Host "A reboot will be required before Chocolatey can be used via Puppet" - } -} diff --git a/scripts/openssh-6.2.bat b/scripts/openssh-6.2.bat index dd73d75b..28664143 100644 --- a/scripts/openssh-6.2.bat +++ b/scripts/openssh-6.2.bat @@ -1,31 +1,21 @@ -@rem setup openssh -if exist a:\openssh-6.2.exe ( - copy a:\openssh-6.2.exe C:\windows\Temp -) else ( - powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.mls-software.com/files/setupssh-6.2p2-1-v1(x64).exe', 'C:\Windows\Temp\openssh-6.2.exe')" -) +:: setup openssh +powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.mls-software.com/files/setupssh-6.2p2-1-v1(x64).exe', 'C:\Windows\Temp\openssh-6.2.exe')" cmd /c C:\Windows\temp\openssh-6.2.exe /S /port=22 /privsep=1 /password=D@rj33l1ng -cmd /c echo PermitUserEnvironment yes >> "C:\Program Files\OpenSSH\etc\sshd_config" -powershell -Command "Start-Sleep -s 10" -net stop opensshd -@rem ensure vagrant can log in +:: ensure vagrant can log in mkdir "C:\Users\vagrant\.ssh" cmd /c C:\Windows\System32\icacls.exe "C:\Users\vagrant" /grant vagrant:(OI)(CI)F cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\bin" /grant vagrant:(OI)RX cmd /c C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\usr\sbin" /grant vagrant:(OI)RX powershell -Command "(Get-Content 'C:\Program Files\OpenSSH\etc\passwd') | Foreach-Object { $_ -replace '/home/(\w+)', '/cygdrive/c/Users/$1' } | Set-Content 'C:\Program Files\OpenSSH\etc\passwd'" -@rem use Windows\Temp as /tmp location +:: use Windows\Temp as /tmp location rd /S /Q "C:\Program Files\OpenSSH\tmp" cmd /c ""C:\Program Files\OpenSSH\bin\junction.exe" /accepteula "C:\Program Files\OpenSSH\tmp" C:\Windows\Temp" cmd /c C:\Windows\System32\icacls.exe "C:\Windows\Temp" /grant vagrant:(OI)(CI)F -echo TEMP=C:\\Windows\\Temp > C:\Users\vagrant\.ssh\environment -@rem configure firewall +:: configure firewall netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=OpenSSHd enable=yes netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="C:\Program Files\OpenSSH\usr\sbin\sshd.exe" enable=yes netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22 - -net start opensshd diff --git a/scripts/vagrant-ssh.bat b/scripts/vagrant-ssh.bat index 113978ad..bd571d75 100644 --- a/scripts/vagrant-ssh.bat +++ b/scripts/vagrant-ssh.bat @@ -1,5 +1,5 @@ -@rem vagrant public key +:: vagrant public key mkdir "C:\Users\vagrant\.ssh" if exist a:\vagrant.pub ( copy a:\vagrant.pub C:\Users\vagrant\.ssh\authorized_keys diff --git a/scripts/virtualbox-tools.bat b/scripts/virtualbox-tools.bat deleted file mode 100644 index 37afd1ea..00000000 --- a/scripts/virtualbox-tools.bat +++ /dev/null @@ -1,6 +0,0 @@ - -@rem There needs to be Oracle CA (Certificate Authority) certificates installed in order -@rem to prevent user intervention popups which will undermine a silent installation. - -cmd /c certutil -addstore -f "TrustedPublisher" A:\oracle-cert.cer -cmd /c E:\VBoxWindowsAdditions.exe /S diff --git a/scripts/vm-guest-tools.bat b/scripts/vm-guest-tools.bat new file mode 100644 index 00000000..629216f8 --- /dev/null +++ b/scripts/vm-guest-tools.bat @@ -0,0 +1,31 @@ + +if "%PACKER_BUILDER_TYPE%" eq "vmware" goto :vmware +if "%PACKER_BUILDER_TYPE%" eq "virtualbox" goto :virtualbox +goto :eof + +:vmware + +if not exist "C:\Windows\Temp\7z920-x64.msi" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://downloads.sourceforge.net/sevenzip/7z920-x64.msi', 'C:\Windows\Temp\7z920-x64.msi')" +) +cmd /c msiexec /qb /i C:\Windows\Temp\7z920-x64.msi + +if not exist "C:\Windows\Temp\VMWare\setup.exe" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://softwareupdate.vmware.com/cds/vmw-desktop/ws/10.0.0/1295980/windows/packages/tools-windows-9.6.0.exe.tar', 'C:\Windows\Temp\vmware-tools.exe.tar')" + cmd /c "C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\vmware-tools.exe.tar -oC:\Windows\Temp + cmd /c C:\Windows\Temp\tools-windows-9.6.0 + cmd /c ""C:\Program Files\7-Zip\7z.exe" x "C:\Program Files (x86)\VMWare\tools-windows\windows.iso" -oC:\Windows\Temp\VMWare" + del /F /S /Q "C:\Program Files (x86)\VMWare" +) + +cmd /c C:\Windows\Temp\VMWare\setup.exe /S /v"/qn REBOOT=R\" +cmd /c msiexec /qb /x C:\Windows\Temp\7z920-x64.msi +goto :eof + +:virtualbox +:: There needs to be Oracle CA (Certificate Authority) certificates installed in order +:: to prevent user intervention popups which will undermine a silent installation. + +cmd /c certutil -addstore -f "TrustedPublisher" A:\oracle-cert.cer +cmd /c E:\VBoxWindowsAdditions.exe /S +goto :eof diff --git a/scripts/vmware-tools.sh b/scripts/vmware-tools.sh deleted file mode 100644 index 51870330..00000000 --- a/scripts/vmware-tools.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -set -x - -if [ "$PACKER_BUILDER_TYPE" != "vmware" ]; then - echo "not building vmware, skipping" - exit -fi - -# 7zip will allow us to extract a file from an ISO -wget http://downloads.sourceforge.net/sevenzip/7z920-x64.msi -msiexec /qb /i 7z920-x64.msi - -# Download VMware Tools For Windows -mkdir /home/vagrant/vmware -chown -R vagrant /home/vagrant/vmware -cd /home/vagrant/vmware -wget http://softwareupdate.vmware.com/cds/vmw-desktop/ws/10.0.0/1295980/windows/packages/tools-windows-9.6.0.exe.tar -tar -xvf /home/vagrant/vmware/tools-windows-9.6.0.exe.tar -rm -rf /home/vagrant/vmware/tools-windows-9.6.0.exe.tar -chown -R vagrant /home/vagrant/vmware - -# Install the VMware Tools -/home/vagrant/vmware/tools-windows-9.6.0.exe -rm -rf /home/vagrant/vmware/tools-windows-9.6.0.exe -/cygdrive/c/Program\ Files/7-Zip/7z.exe x C:\\Program\ Files\ \(x86\)\\VMware\\tools-windows\\windows.iso -rm -rf C:\\Program\ Files\ \(x86\)\\VMware\\tools-windows\\windows.iso -chown -R vagrant /home/vagrant/vmware -cmd.exe /c "C:\\cygwin\\home\\vagrant\\vmware\\setup.exe /S /v\"/qn REBOOT=R\"" -rm -rf /home/vagrant/vmware -cd /home/vagrant -msiexec /qb /x 7z920-x64.msi -rm -rf 7z920-x64.msi - -sleep 1 diff --git a/windows_2012.json b/windows_2012.json index 993db922..f62c95ed 100644 --- a/windows_2012.json +++ b/windows_2012.json @@ -4,12 +4,12 @@ "iso_url": "./iso/en_windows_server_2012_x64_dvd_915478.iso", "iso_checksum_type": "md5", "iso_checksum": "da91135483e24689bfdaf05d40301506", - "headless": true, + "headless": false, "boot_wait": "5m", "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Vagrant Shutdown\"", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", "guest_os_type": "windows8srv-64", "disk_size": 61440, "vnc_port_min": 5900, @@ -34,9 +34,8 @@ "boot_wait": "5m", "ssh_username": "vagrant", "ssh_password": "vagrant", - "ssh_wait_timeout": "8h", - "shutdown_command": "shutdown /s /t 4800 /f /d p:4:1 /c \"Vagrant Shutdown\"", - "shutdown_timeout": "8h", + "ssh_wait_timeout": "2h", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", "guest_os_type": "Windows2012_64", "disk_size": 61440, "guest_additions_attach": "true", @@ -52,15 +51,20 @@ ] }], "provisioners": [{ + "type": "file", "source": "./scripts/Windows8-RT-KB2842230-x64.msu", "destination": "/tmp/Windows8-RT-KB2842230-x64.msu" + }, { "type": "shell", "remote_path": "/tmp/script.bat", - "execute_command": "{{ .Vars }} cmd /c C:/Windows/Temp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ - "./scripts/virtualbox-tools.bat", + "./scripts/hotfix-KB2842230.bat", + "./scripts/vm-guest-tools.bat", "./scripts/puppet.bat", "./scripts/chef.bat", "./scripts/chocolatey.bat" ] + }, { + "type": "shell", "inline": ["rm -rf /tmp/*"] }], "post-processors": [{ "type": "vagrant", From 3300d5f4b020cddff6c22f47dceb2bb45cebeee6 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Tue, 8 Oct 2013 12:04:04 -0700 Subject: [PATCH 4/9] Ensure win-updates fires correctly wip --- answer_files/2012/Autounattend.xml | 21 +++++++++++++++------ scripts/openssh-6.2.bat | 4 ++++ scripts/win-updates.ps1 | 8 ++++++++ 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/answer_files/2012/Autounattend.xml b/answer_files/2012/Autounattend.xml index fa37e817..362b285c 100644 --- a/answer_files/2012/Autounattend.xml +++ b/answer_files/2012/Autounattend.xml @@ -224,20 +224,29 @@ 21 Disable Hibernation Mode - + --> + + cmd.exe /c a:\openssh-6.2.bat Install OpenSSH 99 true + + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1 + Install Windows Updates + 100 + true + + false diff --git a/scripts/openssh-6.2.bat b/scripts/openssh-6.2.bat index 28664143..0ecb88ad 100644 --- a/scripts/openssh-6.2.bat +++ b/scripts/openssh-6.2.bat @@ -15,6 +15,10 @@ rd /S /Q "C:\Program Files\OpenSSH\tmp" cmd /c ""C:\Program Files\OpenSSH\bin\junction.exe" /accepteula "C:\Program Files\OpenSSH\tmp" C:\Windows\Temp" cmd /c C:\Windows\System32\icacls.exe "C:\Windows\Temp" /grant vagrant:(OI)(CI)F +if "%1" neq "START" ( + cmd /c net stop opensshd +) + :: configure firewall netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=OpenSSHd enable=yes netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="C:\Program Files\OpenSSH\usr\sbin\sshd.exe" enable=yes diff --git a/scripts/win-updates.ps1 b/scripts/win-updates.ps1 index 7c85455c..7cd3e36e 100755 --- a/scripts/win-updates.ps1 +++ b/scripts/win-updates.ps1 @@ -15,11 +15,14 @@ function Check-ContinueRestartOrEnd() { Write-Host "No Restart Required" Check-WindowsUpdates if (($global:MoreUpdates -eq 1) -and ($script:Cycles -le $global:MaxCycles)) { + Stop-Service $script:ServiceName -Force + Set-Service -Name $script:ServiceName -StartupType Disabled -Status Stopped Install-WindowsUpdates } elseif ($script:Cycles -gt $global:MaxCycles) { Write-Host "Exceeded Cycle Count - Stopping" } else { Write-Host "Done Installing Windows Updates" + Set-Service -Name $script:ServiceName -StartupType Automatic -Status Running } } 1 { @@ -155,6 +158,11 @@ $script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher() $script:SearchResult = New-Object -ComObject 'Microsoft.Update.UpdateColl' $script:Cycles = 0 +$script:ServiceName = "OpenSSHd" + +Stop-Service $script:ServiceName -Force +Set-Service -Name $script:ServiceName -StartupType Disabled -Status Stopped + Check-WindowsUpdates if ($global:MoreUpdates -eq 1) { Install-WindowsUpdates From 1772b0320893ab31a4887e95d732e1f237c75333 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Wed, 9 Oct 2013 06:20:11 -0700 Subject: [PATCH 5/9] Cleanup Windows 2012 template wip --- answer_files/2012/Autounattend.xml | 2 -- windows_2012.json | 6 ++++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/answer_files/2012/Autounattend.xml b/answer_files/2012/Autounattend.xml index 362b285c..f9b2520d 100644 --- a/answer_files/2012/Autounattend.xml +++ b/answer_files/2012/Autounattend.xml @@ -224,7 +224,6 @@ 21 Disable Hibernation Mode - - cmd.exe /c a:\openssh-6.2.bat diff --git a/windows_2012.json b/windows_2012.json index f62c95ed..9d80a384 100644 --- a/windows_2012.json +++ b/windows_2012.json @@ -4,12 +4,13 @@ "iso_url": "./iso/en_windows_server_2012_x64_dvd_915478.iso", "iso_checksum_type": "md5", "iso_checksum": "da91135483e24689bfdaf05d40301506", - "headless": false, + "headless": true, "boot_wait": "5m", "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "2h", "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "shutdown_timeout": "2h", "guest_os_type": "windows8srv-64", "disk_size": 61440, "vnc_port_min": 5900, @@ -30,7 +31,7 @@ "iso_url": "./iso/en_windows_server_2012_x64_dvd_915478.iso", "iso_checksum_type": "md5", "iso_checksum": "da91135483e24689bfdaf05d40301506", - "headless": false, + "headless": true, "boot_wait": "5m", "ssh_username": "vagrant", "ssh_password": "vagrant", @@ -68,6 +69,7 @@ }], "post-processors": [{ "type": "vagrant", + "only": ["virtualbox", "vmware"], "output": "windows_2012_{{.Provider}}.box", "vagrantfile_template": "vagrantfile-windows_2012.template" }] From 1fcdcec0563d63965a33b21f630f51ee954df5b1 Mon Sep 17 00:00:00 2001 From: dylanmei Date: Wed, 9 Oct 2013 16:27:58 -0700 Subject: [PATCH 6/9] Changes to accomodate windows 2008 r2 wip --- answer_files/2008_r2/Autounattend.xml | 80 ++++++++++++++++----------- scripts/chef.bat | 5 +- scripts/chocolatey.bat | 2 +- scripts/puppet-enterprise.bat | 8 ++- scripts/puppet.bat | 8 ++- scripts/vagrant-ssh.bat | 2 +- scripts/vm-guest-tools.bat | 32 ++++++----- windows_2008_r2.json | 30 +++++++--- windows_2012.json | 12 +--- 9 files changed, 106 insertions(+), 73 deletions(-) diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index a4cf2424..45ff5a62 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -115,115 +115,133 @@ 2 true - - cmd.exe /c a:\install-cygwin-sshd.bat - Install Cygwin SSH - 3 - true - cmd.exe /c winrm quickconfig -q winrm quickconfig -q - 4 + 3 true cmd.exe /c winrm quickconfig -transport:http winrm quickconfig -transport:http - 5 + 4 true cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"} Win RM MaxTimoutms - 6 + 5 true cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"} Win RM MaxMemoryPerShellMB - 7 + 6 true cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"} Win RM AllowUnencrypted - 8 + 7 true cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"} Win RM auth Basic - 9 + 8 true cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"} Win RM client auth Basic - 10 + 9 true cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} Win RM listener Address/Port - 11 + 10 true cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes Win RM adv firewall enable - 12 + 11 true cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" Win RM port open - 13 + 12 true cmd.exe /c net stop winrm Stop Win RM Service - 14 + 13 true - cmd.exe /c sc config winrm start= auto + cmd.exe /c sc config winrm start=auto Win RM Autostart - 15 + 14 true cmd.exe /c net start winrm Start Win RM Service - 16 + 15 true - cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install-win-updates.ps1 - Install Windows Updates - 17 - true + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f + 16 + Show file extensions in Explorer %SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f - 18 + 17 Enable QuickEdit mode - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f + 18 + Show Run command in Start Menu + + + %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f 19 - Show file extensions in Explorer + Show Administrative Tools in Start Menu - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f + %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f 20 - Show Run command in Start Menu + Zero Hibernation File - %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f + %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f 21 - Show Administrative Tools in Start Menu + Disable Hibernation Mode + + + + + cmd.exe /c a:\openssh-6.2.bat + Install OpenSSH + 99 + true + + + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1 + Install Windows Updates + 100 + true false diff --git a/scripts/chef.bat b/scripts/chef.bat index ea294ea6..59929205 100644 --- a/scripts/chef.bat +++ b/scripts/chef.bat @@ -1,6 +1,7 @@ if not exist "C:\Windows\Temp\chef.msi" ( - powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.opscode.com/chef/install.msi', 'C:\Windows\Temp\chef.msi')" + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.opscode.com/chef/install.msi', 'C:\Windows\Temp\chef.msi')" Date: Thu, 10 Oct 2013 10:46:18 -0700 Subject: [PATCH 7/9] Fix quotes in vm-guest-tools script --- scripts/chef.bat | 2 +- scripts/vm-guest-tools.bat | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/chef.bat b/scripts/chef.bat index 59929205..f7a34d34 100644 --- a/scripts/chef.bat +++ b/scripts/chef.bat @@ -4,4 +4,4 @@ if not exist "C:\Windows\Temp\chef.msi" ( ) msiexec /qb /i C:\Windows\Temp\chef.msi -start /wait powershell -Command "Start-Sleep 1" Date: Wed, 16 Oct 2013 09:02:38 -0700 Subject: [PATCH 8/9] Scripts relying on setting the PATH variable were overwriting eachother. --- scripts/chocolatey.bat | 6 +++++- scripts/openssh-6.2.bat | 3 +++ scripts/puppet-enterprise.bat | 5 +++-- scripts/puppet.bat | 5 +++-- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/scripts/chocolatey.bat b/scripts/chocolatey.bat index e711cc22..acd2bcd8 100644 --- a/scripts/chocolatey.bat +++ b/scripts/chocolatey.bat @@ -1,4 +1,8 @@ set TEMP=C:\Windows\Temp powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" > C:\Windows\Temp\PATH +set /p PATH= C:\Windows\Temp\PATH + if "%1" neq "START" ( cmd /c net stop opensshd ) diff --git a/scripts/puppet-enterprise.bat b/scripts/puppet-enterprise.bat index 07fb114a..63aa36f6 100644 --- a/scripts/puppet-enterprise.bat +++ b/scripts/puppet-enterprise.bat @@ -5,6 +5,7 @@ if not exist "C:\Windows\Temp\puppet.msi" ( :: http://docs.puppetlabs.com/pe/latest/install_windows.html msiexec /qn /i C:\Windows\Temp\puppet.msi /log C:\Windows\Temp\puppet.log -cmd /c setx /m PATH "%path%;C:\\Program Files (x86)\\Puppet Labs\\Puppet Enterprise\\bin" -powershell -Command "Start-Sleep 1" > C:\Windows\Temp\PATH +set /p PATH=> C:\Windows\Temp\PATH +set /p PATH= Date: Wed, 16 Oct 2013 10:46:37 -0700 Subject: [PATCH 9/9] Escape parens when installing vmware-tools --- scripts/vm-guest-tools.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/vm-guest-tools.bat b/scripts/vm-guest-tools.bat index 792a80fb..7bf3f84c 100644 --- a/scripts/vm-guest-tools.bat +++ b/scripts/vm-guest-tools.bat @@ -13,7 +13,7 @@ if not exist "C:\Windows\Temp\VMWare\setup.exe" ( powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://softwareupdate.vmware.com/cds/vmw-desktop/ws/10.0.0/1295980/windows/packages/tools-windows-9.6.0.exe.tar', 'C:\Windows\Temp\vmware-tools.exe.tar')"