Version 1.0.9

CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## Version 1.0.9 2019-09-30
+
+* [BREAKING CHANGE] - CentOS Machines now support templating and previous version creation
+  * all CentOS deploys now consists of main template file (./templates) and var_file (./variables). This will allow to have more than 'latest' version of release when needed.
+* [Extra] reworked scripts
+* [CentOS] Upgrade Zabbix repository (4.2)
+* [CentOS] Provision script now supports flags to install or not specific portion of packages.
+* [Windows] Upgrade to dotnetfx chocolatey package (.net 4.8 by default)
+
 ## Version 1.0.8 2019-05-25
 
 * switch to packer `1.4` branch - be aware of syntax changes

README.md

@@ -2,16 +2,16 @@
 
 ## Requirements
 
-* packer <=`1.4.1`. Do not use packer below 1.4.0. For previous packer versions use previous releases from this repository
-* [OPTIONAL] Vagrant >= `2.2.3`
+* packer <=`1.4.3`. Do not use packer below 1.4.0. For previous packer versions use previous releases from this repository
 * Microsoft Hyper-V Server 2016/2019 or Microsoft Windows Server 2016/2019 (not 2012/R2)
+* [OPTIONAL] Vagrant >= `2.2.5` - for `vagrant` version of scripts
 
 ## Usage
 
 ### Install packer from Chocolatey
 
 ```cmd
-choco install packer --version=1.4.1
+choco install packer --version=1.4.3
 ```
 
 ### Add firewal exclusions for TCP ports 8000-9000 (default range)
@@ -22,7 +22,7 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 
 ```
 
-### To adjust to your Hyper-V, please check variables below:
+### To adjust to your Hyper-V, please check variables below
 
 * proper VLAN (possible passing as variable `-var 'vlan_id=0'` )
 * proper Hyper-V Virtual Switch name (access to Internet will be required) (possible passing as variable `-var 'switch_name=vSwitch'` )
@@ -32,8 +32,6 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 
 ### Scripts
 
-* `validate_all.sh` - validates all templates.
-
 ### Windows Machines
 
 * all available updates will be applied (3 passes)
@@ -42,9 +40,9 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 
   |Package|Version|
   |-------|-------|
-  |puppet-agent|5.5.12|
+  |puppet-agent|5.5.16|
   |conemu|latest|
-  |dotnet4.7.2|latest|
+  |dotnetfx|latest|
   |sysinternals|latest|
 * latest Nuget poweshell module
 * puppet agent settings will be customized (`server=foreman.spcph.local`). Please adjust it (`/extra/scripts/phase-3.ps1`) to suit your needs. Puppet won't be running after generalize phase
@@ -53,16 +51,27 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 
 * Repositories:
   * EPEL 7
-  * Zabbix 4.x
-  * Puppet 5.x
-  * Webmin
+  * Zabbix 4.2
+  * Puppet 5.x [can be switch off by -p false]
+  * Webmin/Usermin (can be switched off by setting )
   * Neofetch
 * latest System Center Virtual Machine Agent available (with versioning, so you always can go back)
 
 #### Info
 
-* adjust `/files/provision.sh` to modify package's versions/servers
-* `neofetch` packageas default banner during after the login - change required fields you'd like to see in `provision.sh`
+* adjust `/files/provision.sh` to modify package's versions/servers.
+* change "provision_script_options" variable to:
+  * -p (true/false) - switch Install Puppet on/off
+  * -w (true/false) - switch Install Webmin on/off
+  * -h (true/false) - switch Install Hyper-V integration services on/off
+  * -u (true/false) - switch yum update all on/off (usable when creating previous than `latest` version of OS)
+Example:
+
+```json
+"provision_script_options": "-p false -u true -w true -h false"
+```
+
+* `prepare_neofetch.sh`  default banner during after the login - change required fields you'd like to see in `provision.sh`
 
 ## Templates Windows 2016
 
@@ -162,9 +171,13 @@ Run `hv_win2016_1809_g2.cmd` (Windows)
 
 ## Templates CentOS 7.x
 
+### Hyper-V Generation 2 CentOS 7.7 Image
+
+Run `hv_centos77_g2.cmd`
+
 ### Hyper-V Generation 2 CentOS 7.6 Image
 
-Run `hv_centos76_g2.cmd` (Windows)
+Run `hv_centos77_g2.cmd`
 
 ### Warnings - CentOS
 
@@ -179,11 +192,15 @@ Run `hv_centos76_g2.cmd` (Windows)
 
 ### Vagrant support
 
-Experimental support for vagrant machines `vagrant_hv_centos76_g2.cmd`
+Experimental support for vagrant machines `hv_centos76_g2_vagrant.cmd`
+
+### Hyper-V Generation 2 CentOS 7.7 Image with extra docker volume
+
+Run `hv_centos77_g2_docker.cmd`
 
 ### Hyper-V Generation 2 CentOS 7.6 Image with extra docker volume
 
-Run `hv_centos76_g2_docker.cmd` (Windows)
+Run `hv_centos76_g2_docker.cmd`
 
 ### Warnings - CentOS Docker
 
@@ -204,7 +221,7 @@ Run `hv_centos76_g2_docker.cmd` (Windows)
 During the deployment secure keys are stored in *.vmcx file and are separated from *.vhdx file. To countermeasure it - there is added extra step in a form of (`/usr/local/bin/uefi.sh`) script that will check for existence of CentOS folder in EFI and will add extra entry in UEFI.
 In manual setup you can run it as a part of your deploy. In SCVMM deployment I'd recommend using `RunOnce` feature.
 
-### On Windows Server 2019/Windows 10 1809 image boots to fast for packer to react.
+### On Windows Server 2019/Windows 10 1809 image boots to fast for packer to react
 
 [https://github.com/hashicorp/packer/issues/7278#issuecomment-468492880](https://github.com/hashicorp/packer/issues/7278#issuecomment-468492880)
 
@@ -223,7 +240,7 @@ No resolution so far, template needs to be changed to pass real IP address, or t
 [https://github.com/hashicorp/packer/issues/5023](https://github.com/hashicorp/packer/issues/5023)
 Will be fixed in 1.4.x revision
 
-### I have problem how to find a proper WIM  name in Windows ISO to pick proper version.
+### I have problem how to find a proper WIM  name in Windows ISO to pick proper version
 
 You can use number. If you have 4 images on the list of choice - use `ImageIndex` with proper `Value`
 

extra/files/gen1-vb/1903/Autounattend.xml

@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="utf-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend">
+    <settings pass="windowsPE">
+        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <SetupUILanguage>
+                <UILanguage>en-US</UILanguage>
+            </SetupUILanguage>
+            <InputLocale>en-US</InputLocale>
+            <SystemLocale>en-US</SystemLocale>
+            <UILanguage>en-US</UILanguage>
+            <UILanguageFallback>en-US</UILanguageFallback>
+            <UserLocale>en-US</UserLocale>
+        </component>
+        <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <DiskConfiguration>
+                <Disk wcm:action="add">
+                    <CreatePartitions>
+                        <CreatePartition wcm:action="add">
+                            <Type>Primary</Type>
+                            <Order>1</Order>
+                            <Size>350</Size>
+                        </CreatePartition>
+                        <CreatePartition wcm:action="add">
+                            <Order>2</Order>
+                            <Type>Primary</Type>
+                            <Extend>true</Extend>
+                        </CreatePartition>
+                    </CreatePartitions>
+                    <ModifyPartitions>
+                        <ModifyPartition wcm:action="add">
+                            <Active>true</Active>
+                            <Format>NTFS</Format>
+                            <Label>boot</Label>
+                            <Order>1</Order>
+                            <PartitionID>1</PartitionID>
+                        </ModifyPartition>
+                        <ModifyPartition wcm:action="add">
+                            <Format>NTFS</Format>
+                            <Label>Windows 2016</Label>
+                            <Letter>C</Letter>
+                            <Order>2</Order>
+                            <PartitionID>2</PartitionID>
+                        </ModifyPartition>
+                    </ModifyPartitions>
+                    <DiskID>0</DiskID>
+                    <WillWipeDisk>true</WillWipeDisk>
+                </Disk>
+            </DiskConfiguration>
+            <ImageInstall>
+                <OSImage>
+                    <InstallFrom>
+                        <MetaData wcm:action="add">
+                            <Key>/IMAGE/INDEX </Key>
+                            <Value>1</Value>
+                        </MetaData>
+                    </InstallFrom>
+                    <InstallTo>
+                        <DiskID>0</DiskID>
+                        <PartitionID>2</PartitionID>
+                    </InstallTo>
+                </OSImage>
+            </ImageInstall>
+            <UserData>
+                <ProductKey>
+                  <!--  <Key>6XBNX-4JQGW-QX6QG-74P76-72V67</Key> -->
+                    <WillShowUI>OnError</WillShowUI>
+                </ProductKey>
+                <AcceptEula>true</AcceptEula>
+                <FullName>Vagrant</FullName>
+                <Organization>Hashicorp</Organization>
+            </UserData>
+        </component>
+    </settings>
+    <settings pass="specialize">
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <OEMInformation>
+                <HelpCustomized>false</HelpCustomized>
+            </OEMInformation>
+            <ComputerName>vagrant-1903</ComputerName>
+            <TimeZone>Pacific Standard Time</TimeZone>
+            <RegisteredOwner />
+        </component>
+        <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+        </component>
+        <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <IEHardenAdmin>false</IEHardenAdmin>
+            <IEHardenUser>false</IEHardenUser>
+        </component>
+        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <SkipAutoActivation>true</SkipAutoActivation>
+        </component>
+    </settings>
+    <settings pass="oobeSystem">
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <AutoLogon>
+                <Password>
+                    <Value>vagrant</Value>
+                    <PlainText>true</PlainText>
+                </Password>
+                <Enabled>true</Enabled>
+                <Username>vagrant</Username>
+            </AutoLogon>
+            <FirstLogonCommands>
+                <SynchronousCommand wcm:action="add">
+                    <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
+                    <Description>Set Execution Policy 64 Bit</Description>
+                    <Order>1</Order>
+                    <RequiresUserInput>true</RequiresUserInput>
+                </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
+                    <Description>Set Execution Policy 32 Bit</Description>
+                    <Order>2</Order>
+                    <RequiresUserInput>true</RequiresUserInput>
+                </SynchronousCommand>
+                      <SynchronousCommand wcm:action="add">
+                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\bootstrap.ps1</CommandLine>
+                    <Description>Fix public network</Description>
+                    <Order>3</Order>
+                    <RequiresUserInput>true</RequiresUserInput>
+                </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
+                    <Order>4</Order>
+                    <Description>Disable password expiration for vagrant user</Description>
+                </SynchronousCommand>
+            </FirstLogonCommands>
+            <UserAccounts>
+                <AdministratorPassword>
+                    <Value>vagrant</Value>
+                    <PlainText>true</PlainText>
+                </AdministratorPassword>
+                <LocalAccounts>
+                    <LocalAccount wcm:action="add">
+                        <Password>
+                            <Value>vagrant</Value>
+                            <PlainText>true</PlainText>
+                        </Password>
+                        <DisplayName>Vagrant User</DisplayName>
+                        <Group>Administrators</Group>
+                        <Name>vagrant</Name>
+                    </LocalAccount>
+                </LocalAccounts>
+            </UserAccounts>
+        </component>
+    </settings>
+    <settings pass="offlineServicing">
+        <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <EnableLUA>false</EnableLUA>
+        </component>
+    </settings>
+    <cpi:offlineImage cpi:source="wim://vboxsrv/vagrant/iso%202016/sources/install.wim#Windows Server 2016 Technical Preview 5 SERVERSTANDARD" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
+</unattend>

extra/files/gen1-vb/1903/unattend.xml

@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="utf-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend">
+    <settings pass="generalize">
+        <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <SkipRearm>1</SkipRearm>
+        </component>
+        <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls>
+            <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices>
+        </component>
+    </settings>
+    <settings pass="oobeSystem">
+        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <InputLocale>en-US</InputLocale>
+            <SystemLocale>en-US</SystemLocale>
+            <UILanguage>en-US</UILanguage>
+            <UserLocale>en-US</UserLocale>
+        </component>
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <OOBE>
+                <HideEULAPage>true</HideEULAPage>
+                <ProtectYourPC>1</ProtectYourPC>
+                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+            </OOBE>
+            <TimeZone>UTC</TimeZone>
+            <UserAccounts>
+                <AdministratorPassword>
+                    <Value>dgBhAGcAcgBhAG4AdABBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAFAAYQBzAHMAdwBvAHIAZAA=</Value>
+                    <PlainText>false</PlainText>
+                </AdministratorPassword>
+                <LocalAccounts>
+                    <LocalAccount wcm:action="add">
+                        <Password>
+                            <Value>dgBhAGcAcgBhAG4AdABQAGEAcwBzAHcAbwByAGQA</Value>
+                            <PlainText>false</PlainText>
+                        </Password>
+                        <Group>administrators</Group>
+                        <DisplayName>Vagrant</DisplayName>
+                        <Name>vagrant</Name>
+                        <Description>Vagrant User</Description>
+                    </LocalAccount>
+                </LocalAccounts>
+            </UserAccounts>
+        </component>
+    </settings>
+    <settings pass="specialize">
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <!--<ProductKey>6XBNX-4JQGW-QX6QG-74P76-72V67</ProductKey>-->
+            <ComputerName>vagrant-1903</ComputerName>
+        </component>
+    </settings>
+    <cpi:offlineImage cpi:source="wim:c:/users/jacqueline/desktop/iso%202016/sources/install.wim#Windows Server 2016 Technical Preview 5 SERVERSTANDARDCORE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
+</unattend>

extra/files/gen2-centos/ks.cfg

@@ -102,6 +102,7 @@ mc
 curl
 wget
 yum-priorities
+yum-versionlock
 yum-utils
 yum-cron
 openssh-server