Last active
January 3, 2016 17:39
-
-
Save davidroberts63/8497405 to your computer and use it in GitHub Desktop.
Windows Vagrant base box setup scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Powershell Script to prepare the windows install to be used with vagrant-windows | |
| Set-ExecutionPolicy -executionpolicy remotesigned -force | |
| # Disable UAC | |
| New-ItemProperty -Path HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableLUA -PropertyType DWord -Value 0 -Force | Out-Null | |
| Write-Host "User Access Control (UAC) has been disabled." -ForegroundColor Green | |
| # Disable the shutdown tracker | |
| # Reference: http://www.askvg.com/how-to-disable-remove-annoying-shutdown-event-tracker-in-windows-server-2003-2008/ | |
| If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability")) { | |
| New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" | |
| } | |
| New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonOn" -PropertyType DWord -Value 0 -Force -ErrorAction continue | |
| New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonUI" -PropertyType DWord -Value 0 -Force -ErrorAction continue | |
| Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonOn" -Value 0 | |
| Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonUI" -Value 0 | |
| Write-Host "Shutdown Tracker has been disabled." -ForegroundColor Green | |
| # Disable Automatic Updates | |
| # Reference: http://www.benmorris.me/2012/05/1st-test-blog-post.html | |
| $AutoUpdate = (New-Object -com "Microsoft.Update.AutoUpdate").Settings | |
| $AutoUpdate.NotificationLevel = 1 | |
| $AutoUpdate.Save() | |
| Write-Host "Windows Update has been disabled." -ForegroundColor Green | |
| # Disable Complex Passwords | |
| # Reference: http://vlasenko.org/2011/04/27/removing-password-complexity-requirements-from-windows-server-2008-core/ | |
| $seccfg = [IO.Path]::GetTempFileName() | |
| secedit /export /cfg $seccfg | |
| (Get-Content $seccfg) | Foreach-Object {$_ -replace "PasswordComplexity\s*=\s*1", "PasswordComplexity=0"} | Set-Content $seccfg | |
| secedit /configure /db $env:windir\security\new.sdb /cfg $seccfg /areas SECURITYPOLICY | |
| del $seccfg | |
| Write-Host "Complex Passwords have been disabled." -ForegroundColor Green | |
| # Set network to private | |
| # Skip network location setting for pre-Vista operating systems and any joined to a domain | |
| if([environment]::OSVersion.version.Major -lt 6) { return } | |
| if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return } | |
| $networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) | |
| $connections = $networkListManager.GetNetworkConnections() | |
| $connections | % {$_.GetNetwork().SetCategory(1)} # Set network type to private | |
| Write-Host "All networks set to private" -ForegroundColor Green | |
| # Enable Remote Desktop | |
| # Reference: http://social.technet.microsoft.com/Forums/windowsserver/en-US/323d6bab-e3a9-4d9d-8fa8-dc4277be1729/enable-remote-desktop-connections-with-powershell | |
| (Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices).SetAllowTsConnections(1,1) | |
| (Get-WmiObject -Class "Win32_TSGeneralSetting" -Namespace root\cimv2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) | |
| Write-Host "Enabled Remote Desktop" -ForegroundColor Green | |
| # Enable WinRM Control | |
| winrm quickconfig -q | |
| winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="512"}' | |
| winrm set winrm/config '@{MaxTimeoutms="1800000"}' | |
| winrm set winrm/config/service '@{AllowUnencrypted="true"}' | |
| winrm set winrm/config/service/auth '@{Basic="true"}' | |
| Write-Host "WinRM has been configured and enabled." -ForegroundColor Green | |
| # Disable Windows Firewall | |
| &netsh "advfirewall" "set" "allprofiles" "state" "off" | |
| Write-Host "Windows Firewall has been disabled." -ForegroundColor Green | |
| # Create local vagrant user | |
| $userDirectory = [ADSI]"WinNT://$env:ComputerName" | |
| # Determine if 'vagrant' user already exists. Update if so. | |
| $user = $userDirectory.PSBase.Children | Where-Object { $_.PSBase.SchemaClassName -eq "User" -and $_.Name -eq "vagrant" } | |
| if ($user) | |
| { | |
| Write-Host "vagrant user already exists, will just update it" | |
| } | |
| else | |
| { | |
| Write-Host "vagrant user does not exist, creating" | |
| $user = $userDirectory.Create("User", "vagrant") | |
| } | |
| $user.SetPassword("vagrant") | |
| $user.SetInfo() | |
| $user.UserFlags = 65536 # ADS_UF_DONT_EXPIRE_PASSWD. Would set it not to not allow changing password but it's disabled on Win 8 by default. | |
| $user.SetInfo() | |
| $user.FullName = "vagrant" | |
| $user.SetInfo() | |
| $admin = $userDirectory.PSBase.Children.Find("Administrators") | |
| $isAdmin = $admin.PSBase.Invoke("Members") | % { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } | Where-Object { $_ -eq "vagrant" } | |
| if (!$isAdmin) { $admin.Add("WinNT://$env:ComputerName/vagrant") } | |
| Write-Host "User: 'vagrant' has been created as a local administrator." -ForegroundColor Green | |
| # Install Puppet | |
| $puppetTempDir = Join-Path $env:TEMP "puppet" | |
| $tempDir = Join-Path $puppetTempDir "puppetInstall" | |
| if (![System.IO.Directory]::Exists($tempDir)) {[System.IO.Directory]::CreateDirectory($tempDir)} | |
| $file = Join-Path $tempDir "puppet-3.3.0.msi" | |
| if ((Test-Path $file) -eq $false) | |
| { | |
| $url = "http://downloads.puppetlabs.com/windows/puppet-3.3.0.msi" | |
| Write-Host "Downloading $url to $file" | |
| $downloader = new-object System.Net.WebClient | |
| $downloader.DownloadFile($url, $file) | |
| } | |
| $localcommand="\\localhost\root\cimv2:Win32_Product" | |
| $msi = [wmiclass]"$localcommand" | |
| $result = $msi.Install($file, "quiet=true", $true) | |
| Write-Host "Puppet installed." -ForegroundColor Green | |
| $PuppetInstallPath = "$env:SystemDrive\Program Files (x86)\Puppet Labs\Puppet\bin" | |
| if (!(Test-Path $PuppetInstallPath)) {$PuppetInstallPath = "$env:SystemDrive\Program Files\Puppet Labs\Puppet\bin";} | |
| # Get the PATH variable | |
| # https://github.com/ferventcoder/vagrant-windows-puppet/blob/master/boxes/win7x64pro-vagrant/shell/InstallPuppet.ps1#L27-L40 | |
| $envPath = $env:PATH | |
| if (!$envPath.ToLower().Contains($PuppetInstallPath.ToLower())) { | |
| Write-Host "PATH environment variable does not have `'$PuppetInstallPath`' in it. Adding..." | |
| $ActualPath = [Environment]::GetEnvironmentVariable('Path', [System.EnvironmentVariableTarget]::Machine) | |
| $StatementTerminator = ";" | |
| $HasStatementTerminator = $ActualPath -ne $null -and $ActualPath.EndsWith($StatementTerminator) | |
| If (!$HasStatementTerminator -and $ActualPath -ne $null) {$PuppetInstallPath = $StatementTerminator + $PuppetInstallPath} | |
| [Environment]::SetEnvironmentVariable('Path', $ActualPath + $PuppetInstallPath, [System.EnvironmentVariableTarget]::Machine) | |
| } | |
| Write-Host "Done. You need to restart the computer." -ForegroundColor Yellow |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Powershell Script to prepare the windows install to be used with vagrant-windows | |
| Set-ExecutionPolicy -executionpolicy remotesigned -force | |
| # Disable UAC | |
| New-ItemProperty -Path HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableLUA -PropertyType DWord -Value 0 -Force | Out-Null | |
| Write-Host "User Access Control (UAC) has been disabled." -ForegroundColor Green | |
| # Disable the shutdown tracker | |
| # Reference: http://www.askvg.com/how-to-disable-remove-annoying-shutdown-event-tracker-in-windows-server-2003-2008/ | |
| If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability")) { | |
| New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" | |
| } | |
| New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonOn" -PropertyType DWord -Value 0 -Force -ErrorAction continue | |
| New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonUI" -PropertyType DWord -Value 0 -Force -ErrorAction continue | |
| Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonOn" -Value 0 | |
| Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" -Name "ShutdownReasonUI" -Value 0 | |
| Write-Host "Shutdown Tracker has been disabled." -ForegroundColor Green | |
| # Disable Automatic Updates | |
| # Reference: http://www.benmorris.me/2012/05/1st-test-blog-post.html | |
| $AutoUpdate = (New-Object -com "Microsoft.Update.AutoUpdate").Settings | |
| $AutoUpdate.NotificationLevel = 1 | |
| $AutoUpdate.Save() | |
| Write-Host "Windows Update has been disabled." -ForegroundColor Green | |
| # Disable Complex Passwords | |
| # Reference: http://vlasenko.org/2011/04/27/removing-password-complexity-requirements-from-windows-server-2008-core/ | |
| $seccfg = [IO.Path]::GetTempFileName() | |
| secedit /export /cfg $seccfg | |
| (Get-Content $seccfg) | Foreach-Object {$_ -replace "PasswordComplexity\s*=\s*1", "PasswordComplexity=0"} | Set-Content $seccfg | |
| secedit /configure /db $env:windir\security\new.sdb /cfg $seccfg /areas SECURITYPOLICY | |
| del $seccfg | |
| Write-Host "Complex Passwords have been disabled." -ForegroundColor Green | |
| # Set network to private | |
| # Skip network location setting for pre-Vista operating systems and any joined to a domain | |
| if([environment]::OSVersion.version.Major -lt 6) { return } | |
| if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return } | |
| $networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) | |
| $connections = $networkListManager.GetNetworkConnections() | |
| $connections | % {$_.GetNetwork().SetCategory(1)} # Set network type to private | |
| Write-Host "All networks set to private" -ForegroundColor Green | |
| # Enable Remote Desktop | |
| # Reference: http://social.technet.microsoft.com/Forums/windowsserver/en-US/323d6bab-e3a9-4d9d-8fa8-dc4277be1729/enable-remote-desktop-connections-with-powershell | |
| (Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices).SetAllowTsConnections(1,1) | |
| (Get-WmiObject -Class "Win32_TSGeneralSetting" -Namespace root\cimv2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) | |
| Write-Host "Enabled Remote Desktop" -ForegroundColor Green | |
| # Enable WinRM Control | |
| winrm quickconfig -q | |
| winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="512"}' | |
| winrm set winrm/config '@{MaxTimeoutms="1800000"}' | |
| winrm set winrm/config/service '@{AllowUnencrypted="true"}' | |
| winrm set winrm/config/service/auth '@{Basic="true"}' | |
| Write-Host "WinRM has been configured and enabled." -ForegroundColor Green | |
| # Disable Windows Firewall | |
| &netsh "advfirewall" "set" "allprofiles" "state" "off" | |
| Write-Host "Windows Firewall has been disabled." -ForegroundColor Green | |
| # Create local vagrant user | |
| $userDirectory = [ADSI]"WinNT://$env:ComputerName" | |
| # Determine if 'vagrant' user already exists. Update if so. | |
| $user = $userDirectory.PSBase.Children | Where-Object { $_.PSBase.SchemaClassName -eq "User" -and $_.Name -eq "vagrant" } | |
| if ($user) | |
| { | |
| Write-Host "vagrant user already exists, will just update it" | |
| } | |
| else | |
| { | |
| Write-Host "vagrant user does not exist, creating" | |
| $user = $userDirectory.Create("User", "vagrant") | |
| } | |
| $user.SetPassword("vagrant") | |
| $user.SetInfo() | |
| $user.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD | |
| $user.SetInfo() | |
| $user.FullName = "vagrant" | |
| $user.SetInfo() | |
| $admin = $userDirectory.PSBase.Children.Find("Administrators") | |
| $isAdmin = $admin.PSBase.Invoke("Members") | % { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } | Where-Object { $_ -eq "vagrant" } | |
| if (!$isAdmin) { $admin.Add("WinNT://$env:ComputerName/vagrant") } | |
| Write-Host "User: 'vagrant' has been created as a local administrator." -ForegroundColor Green | |
| # Install Puppet | |
| $puppetTempDir = Join-Path $env:TEMP "puppet" | |
| $tempDir = Join-Path $puppetTempDir "puppetInstall" | |
| if (![System.IO.Directory]::Exists($tempDir)) {[System.IO.Directory]::CreateDirectory($tempDir)} | |
| $file = Join-Path $tempDir "puppet-3.3.0.msi" | |
| $url = "http://downloads.puppetlabs.com/windows/puppet-3.3.0.msi" | |
| Write-Host "Downloading $url to $file" | |
| $downloader = new-object System.Net.WebClient | |
| $downloader.DownloadFile($url, $file) | |
| $localcommand="\\localhost\root\cimv2:Win32_Product" | |
| $msi = [wmiclass]"$localcommand" | |
| $result = $msi.Install($file, "quiet=true", $true) | |
| Write-Host "Puppet installed." -ForegroundColor Green | |
| $PuppetInstallPath = "$env:SystemDrive\Program Files (x86)\Puppet Labs\Puppet\bin" | |
| if (!(Test-Path $PuppetInstallPath)) {$PuppetInstallPath = "$env:SystemDrive\Program Files\Puppet Labs\Puppet\bin";} | |
| # Get the PATH variable | |
| # https://github.com/ferventcoder/vagrant-windows-puppet/blob/master/boxes/win7x64pro-vagrant/shell/InstallPuppet.ps1#L27-L40 | |
| $envPath = $env:PATH | |
| if (!$envPath.ToLower().Contains($PuppetInstallPath.ToLower())) { | |
| Write-Host "PATH environment variable does not have `'$PuppetInstallPath`' in it. Adding..." | |
| $ActualPath = [Environment]::GetEnvironmentVariable('Path', [System.EnvironmentVariableTarget]::Machine) | |
| $StatementTerminator = ";" | |
| $HasStatementTerminator = $ActualPath -ne $null -and $ActualPath.EndsWith($StatementTerminator) | |
| If (!$HasStatementTerminator -and $ActualPath -ne $null) {$PuppetInstallPath = $StatementTerminator + $PuppetInstallPath} | |
| [Environment]::SetEnvironmentVariable('Path', $ActualPath + $PuppetInstallPath, [System.EnvironmentVariableTarget]::Machine) | |
| } | |
| Write-Host "Done. You need to restart the computer." -ForegroundColor Yellow | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| # Vagrantfile API/syntax version. Don't touch unless you know what you're doing! | |
| VAGRANTFILE_API_VERSION = "2" | |
| Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| | |
| config.vm.box = "windows-server-2012x64" | |
| config.vm.guest = :windows | |
| config.vm.communicator = "winrm" | |
| config.winrm.timeout = 500 | |
| config.vm.network :forwarded_port, guest: 80, host: 8080 | |
| config.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true | |
| config.vm.network :private_network, ip: "192.168.33.11" | |
| config.windows.set_work_network = true | |
| # config.vm.synced_folder "../data", "/vagrant_data" | |
| # Provider-specific configuration so you can fine-tune various | |
| # backing providers for Vagrant. These expose provider-specific options. | |
| # Example for VirtualBox: | |
| # | |
| config.vm.provider :virtualbox do |vb| | |
| # Don't boot with headless mode | |
| vb.gui = true | |
| # Use VBoxManage to customize the VM. For example to change memory: | |
| vb.customize ["modifyvm", :id, "--memory", "2048"] | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment