Last active
December 19, 2017 20:47
-
-
Save praveenc/d1068891ae1fc35cc9bfc51442cd98bd to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-WindowsFeature "Web-Server","Web-Mgmt-Tools","Web-App-Dev","Web-Http-Redirect","Web-Asp-Net45" | |
| # Create drop folders for builds | |
| $vaultroot = "c:\dkvault" | |
| if(-not (Test-Path "$vaultroot")) | |
| { | |
| Write-Host "Creating vault_config ..." -ForegroundColor Green | |
| mkdir "$vaultroot\vault_config" | Out-Null | |
| Write-Host "Creating vault_policies ..." -ForegroundColor Green | |
| mkdir "$vaultroot\vault_policies" | Out-Null | |
| } | |
| $vault_config = @" | |
| backend "file" { | |
| path = "c:\\dkvault\\secrets" | |
| } | |
| listener "tcp" { | |
| address = "127.0.0.1:8200" | |
| tls_disable = 1 | |
| } | |
| "@ | |
| $vault_dev_policy = @" | |
| path "fccs/DEV/*" { | |
| policy = "read" | |
| capabilities = ["read","list"] | |
| } | |
| "@ | |
| $vault_config_filepath = Join-Path "$vaultroot" -ChildPath "vault_config\filesys_config.hcl" | |
| $vault_devpolicy_filepath = Join-Path "$vaultroot" -ChildPath "vault_policies\fccs_dev_policy.hcl" | |
| # Write Filesystem Config to file | |
| Set-Content "$vault_config_filepath" -Value $vault_config -Encoding Default | |
| # Write DEV Policy Config to file | |
| Set-Content "$vault_devpolicy_filepath" -Value $vault_dev_policy -Encoding Default | |
| # Set timezone to Eastern Standard Time | |
| Invoke-Expression "& c:\windows\system32\tzutil.exe /s ""Eastern Standard Time""" | |
| # Create Self-Signed Certificate for IIS | |
| New-SelfSignedCertificate -Dnsname dkvault -CertStoreLocation Cert:\LocalMachine\My | |
| # Install chocolatey | |
| # Don't forget to ensure ExecutionPolicy above | |
| Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) | |
| # Install latest powershell, dotnet4.6.2 and other utilities | |
| choco install 7zip -y | |
| choco install visualstudiocode -y | |
| choco install vault -y | |
| choco install nssm -y | |
| # Add Env variable VAULT_ADDR | |
| [System.Environment]::SetEnvironmentVariable("VAULT_ADDR","http://127.0.0.1:8200","Machine") | |
| refreshenv | |
| # Install vault as a service using nssm | |
| #nssm install <servicename> <program> [<arguments>] | |
| Write-Host "Installing vault using nssm ..." -ForegroundColor Green | |
| Write-Host "Vault-Config: $vault_config_filepath" -ForegroundColor Yellow | |
| nssm install hashicorpvault "C:\ProgramData\chocolatey\lib\vault\tools\vault.exe" "server -config=$vault_config_filepath" | |
| Start-Sleep -Seconds 10 | |
| # Disable ScheduledDefrag Automatic Scheduled Task on Win 2012R2 | |
| Get-ScheduledTask -TaskName ScheduledDefrag | Disable-ScheduledTask | |
| # Disable Regular Maintenance Automatic Scheduled Task on Win 2012R2 | |
| Get-ScheduledTask -TaskName "Regular Maintenance" | Disable-ScheduledTask | |
| # Disable Themes Service | |
| $svcname = Get-Service Themes | Select-Object -ExpandProperty Name -ErrorAction SilentlyContinue | |
| if($svcname) | |
| { | |
| Stop-Service $svcname -PassThru -ErrorAction SilentlyContinue | |
| Invoke-Expression "& sc.exe config $svcname start= demand" | |
| } | |
| # Disable Smart Card Service | |
| $svcs = Get-Service -DisplayName Smart*Card* | Where-Object {$_.Status -eq 'Running'} | Select-Object -ExpandProperty Name -ErrorAction SilentlyContinue | |
| if($svcs.Count -gt 1) | |
| { | |
| foreach($svcname in $svcs) | |
| { | |
| Stop-Service $svcname -PassThru -ErrorAction SilentlyContinue | |
| Invoke-Expression "& sc.exe config $svcname start= demand" | |
| } | |
| } | |
| # Restart Computer | |
| Start-Sleep -Seconds 5 | |
| Restart-Computer -Force |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment