Windows vagrant box with virtual box

# title

.gitignore

windows.box

setup_vagrant_base_box.powershell

# Create the vagrant box
# username: vagrant, password: vagrant


# Disable popups when installing software
reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /d 0 /t REG_DWORD /f /reg:64

# Set network connection profile to private -- necessary to setup winrm
# Get-NetConnectionProfile will output the current Name
Set-NetConnectionProfile -Name Network -NetworkCategory Private

# Set up winrm
# use `winrm get winrm/config` to see current values
winrm quickconfig -q
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
# Start winrm automatically on boot
# Note that the executable is fully speciefied and the space between = and auto
.\sc.exe config WinRM start= auto

# Set unrestricted execution policy in powershell
Set-ExecutionPolicy -ExecutionPolicy Unrestricted

# Allow powershell remote access (not necessary, already done?)
Enable-PSRemoting -Force

# Enable remote access to computer
# Can be done by looking for "allow remote access" in Cortana
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
# Disable Network Level Authentication
# Not sure the following is completely sufficient, compared to cliking in GUI
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f

# Install all updates --- by clickety clicks
# Or by first installing a power shell module manager
(new-object Net.WebClient).DownloadString("http://psget.net/GetPsGet.ps1") | iex
# then installing PSWindowsUpdate
Install-Module -ModuleUrl https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc/file/41459/43/PSWindowsUpdate.zip
# then running it
Get-WUInstall
# at which point, it might want to reboot

# disable auto reboot after windows update
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v NotAutoRebootWithLoggedOnUsers /t REG_DWORD /v 1 /f

# clean up the drive: this requires clickety clicks
cleanmgr.exe /d c

# install chocolatey
(new-object Net.WebClient).DownloadString("https://chocolatey.org/install.ps1") | iex

# install secure delete
choco install -y sdelete

# zero out free space. Apparently, that's goot for disk optimization.
sdelete.exe -z c:

VagrantFile

# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
  config.vm.guest = :windows
  config.vm.communicator = "winrm"
  config.vm.boot_timeout = 600
  config.vm.graceful_halt_timeout = 600

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # config.vm.network "forwarded_port", guest: 80, host: 8080
  config.vm.network :forwarded_port, guest: 3389, host: 3389
  config.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true

  config.vm.provider "virtualbox" do |vb|
     vb.name = "EppiReviewer"
  end
end

# Packaging the base box can be done with
# vagrant package --base VirtualBoxVMName --output /path/to/output/windows.box --vagrantfile /path/to/initial/Vagrantfile