Version 1.4.1

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## Version 1.4.1 2020-05-31
+
+* [Extra] added parameters to `phase3.ps1` script
+* [Extra] unified verbosity in phases output
+
 ## Version 1.4.0 2020-05-01
 
 * [Extra] added `rkhunter` package to `provision.sh` script

README.md

@@ -42,12 +42,31 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 
   |Package|Version|
   |-------|-------|
-  |puppet-agent|5.5.19|
   |conemu|latest|
   |dotnetfx|latest|
   |sysinternals|latest|
+
 * latest Nuget poweshell module
-* puppet agent settings will be customized (`server=foreman.spcph.local`). Please adjust it (`/extra/scripts/phase-3.ps1`) to suit your needs. Puppet is set to be cleared and stopped after generalize phase
+* `phase3.ps1` Puppet agent settings will be customized (`server=foreman.spcph.local`) with parameters:
+  * `Version` - puppet chocolatey version, for example "5.5.20"
+  * `AddPrivateChoco` ($true/$false) - if set to true, private MyGet repository will be added as `public`
+  * `PuppetMaster` (foreman.spcph.local) - if set, in `puppet.conf` section server will point to that variable
+
+  Example of usage:
+
+  `.\phase3.ps1 -Version 5.5.20 -AddPrivateChoco $true -PuppetMaster foreman.example.com`
+
+  Puppet is set to clear any temp SSL keys and to be stopped after generalize phase
+
+* `phase5b-docker.ps1` - Docker settings can be customised
+  * `requiredVersion` - which version of docker module to install - defaults to 19.03.1
+  * `installCompose` ($true/$false) - install docker-compose from chocolatey packages
+  * `dockerLocation` - of set, will default docker images and settings there. On empty, docker location is not being set.
+  * `configDockerLocation` - default place for docker's config file
+
+  Example of usage
+
+  `.\phase5b-docker.ps1 -requiredVersion "19.03.1" -installCompose $true -dockerLocation "d:\docker" -configDockerLocation "C:\ProgramData\Docker\config"`
 
 ### Linux Machines
 
@@ -66,9 +85,7 @@ New-NetFirewallRule -DisplayName "Packer_http_server" -Direction Inbound -Action
 * [Optional] Linux machine with separated disk for docker
 * [Optional] Linux machine for vagrant
 
-Be aware, turning off latest System Center Virtual Machine Agent will cause System Center fail to deploy machines
-
-### Info
+  Be aware, turning off latest System Center Virtual Machine Agent will cause System Center fail to deploy machines
 
 * adjust `/files/provision.sh` to modify package's versions/servers.
 * change `"provision_script_options"` variable to:
@@ -78,11 +95,12 @@ Be aware, turning off latest System Center Virtual Machine Agent will cause Syst
   * -u (true/false) - switch yum update all on/off (usable when creating previous than `latest` version of OS)
   * -z (true/false) - switch Zabbix-agent installation
   * -c (true/false) - switch Cockpit installation (CentOS8 only)
-Example:
 
-```json
-"provision_script_options": "-p false -u true -w true -h false -z false"
-```
+  Example:
+
+  ```json
+  "provision_script_options": "-p false -u true -w true -h false -z false"
+   ```
 
 * `prepare_neofetch.sh` -  default banner during after the login - change required fields you'd like to see in `provision.sh`
 
@@ -156,7 +174,7 @@ This template uses this image name in Autounattendes.xml. If youre using differe
 </InstallFrom>
 ```
 
-## Windows Server Images
+## Templates Windows Server
 
 ### Hyper-V Generation 2 Windows Server 1903 Standard Image
 

extra/scripts/phase-1.ps1

@@ -9,6 +9,7 @@ $choco_install_count_max=99
 
 function whichWindows {
 $version=(Get-WMIObject win32_operatingsystem).name
+ if ($version) {
     switch -Regex ($version) {
         '(Server 2016)' {
             $global:os="2016"
@@ -44,25 +45,32 @@ $version=(Get-WMIObject win32_operatingsystem).name
                 }
         }
         '(Windows 10)' {
-            Write-Output 'Windows 10 found'
+            Write-Output 'Phase 1 [INFO] - Windows 10 found'
             $global:os="10"
         }
         default
             {Write-Output "unknown"}
     }
+ }
+ else {
+     throw "Buildnumber empty, cannot continue"
+ }
 }
 function printWindowsVersion {
     if ($global:os) {
-        Write-Output "Windows Server "$global:os" found."
+        Write-Output "Phase 1 [INFO] - Windows Server "$global:os" found."
     }
     else {
-        Write-Output "Unknown version of Windows Server found."
+        Write-Output "Phase 1 [INFO] - Unknown version of Windows Server found."
     }
 }
-whichWindows
+
 # Phase 1 - Mandatory generic stuff
-Write-Output "Start of Phase-1"
+Write-Output "Phase 1 [START] - Start of Phase 1"
 Import-Module ServerManager
+# let's check which windows
+whichWindows
+
 #2016/1709/1803/1903/1809
 if ($global:os -notlike '2019') {
    # Install-WindowsFeature NET-Framework-Core,NET-Framework-Features,PowerShell-V2 -IncludeManagementTools
@@ -89,7 +97,7 @@ try {
     Enable-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -Verbose
 }
 catch {
-    Write-Output "Phase 1 - setting firewall went wrong"
+    Write-Output "Phase 1 [ERROR] - setting firewall went wrong"
 }
 
 # Terminal services and sysprep registry entries
@@ -100,7 +108,7 @@ try {
     Set-ItemProperty -Path 'HKLM:\SYSTEM\Setup\Status\SysprepStatus'  -Name  'GeneralizationState' -Value 7 -Verbose -Force
 }
 catch {
-    Write-Output "Phase 1 - setting registry went wrong"
+    Write-Output "Phase 1 [ERROR] - setting registry went wrong"
 }
 
 # remove Windows Defender (2016)
@@ -110,7 +118,7 @@ if ($global:os -eq '2016') {
       Remove-WindowsFeature -Name Windows-Defender-Features -IncludeManagementTools -ErrorAction SilentlyContinue -Verbose
   }
   catch {
-      Write-Output "Phase 1 - removing Windows Defender went wrong, not critical"
+      Write-Output "Phase 1 [INFO] - removing Windows Defender went wrong, not critical"
   }
 }
 
@@ -119,32 +127,32 @@ if ($global:os -eq '2019') {
         Remove-WindowsFeature -Name Windows-Defender -IncludeManagementTools -ErrorAction SilentlyContinue -Verbose
     }
     catch {
-        Write-Output "Phase 1 - removing Windows Defender went wrong, not critical"
+        Write-Output "Phase 1 [WARN] - removing Windows Defender went wrong, not critical"
     }
   }
 # Install chocolatey
 do {
     try {
-        Write-Output "Phase 1 - installing Chocolatey, attempt $choco_install_count of $choco_install_count_max"
+        Write-Output "Phase 1 [INFO] - installing Chocolatey, attempt $choco_install_count of $choco_install_count_max"
         Get-ExecutionPolicy
         Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force -Verbose;
         [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
         Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) -ErrorAction Stop
-        Write-Output "Phase 1 - installing Chocolatey exit code is: $LASTEXITCODE"
+        Write-Output "Phase 1 [INFO] - installing Chocolatey exit code is: $LASTEXITCODE"
         if ($LASTEXITCODE -eq 0) {
             $choco_install_success=$true
-            Write-Output "Phase 1 - Chocolatey install succesful"
+            Write-Output "Phase 1 [INFO] - Chocolatey install succesful"
         }
     }
     catch {
-        Write-Output "Phase 1 - Chocolatey install problem, attempt $choco_install_count of $choco_install_count_max"
+        Write-Output "Phase 1 [WARN]- Chocolatey install problem, attempt $choco_install_count of $choco_install_count_max"
     }
     $choco_install_count++
   }
 until ($choco_install_count -eq $choco_install_count_max -or $choco_install_success)
 
 if (-not $choco_install_success) {
-    Write-Output "Phase 1 - Chocolatey install problem, critical, exiting"
+    Write-Output "Phase 1 [ERROR] - Chocolatey install problem, critical, exiting"
     exit (1)
 }
 
@@ -153,5 +161,5 @@ if (Test-Path 'HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem') {
     Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem'-name "LongPathsEnabled" -Value 1 -Verbose -Force
 }
 
-Write-Output "End of Phase 1"
+Write-Output "Phase 1 [END] - End of Phase 1"
 exit 0

extra/scripts/phase-2.ps1

@@ -9,60 +9,60 @@ $packages_attempt_max=4
 $packages_exit_codes=@(0,1605,1614,1641,3010)
 
 
-Write-Output "Start of Phase 2"
+Write-Output "Phase 2 [START] - Start of Phase 2"
 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
   try {
     Set-TimeZone -Id "Central European Standard Time" -Verbose
   }
   catch {
-    Write-Output "Phase 2 - set timezone went wrong"
+    Write-Output "Phase 2 [INFO] - set timezone went wrong"
     $goterror=1
   }
   try {
-    Write-Output "Setting high performance power plan"
+    Write-Output "Phase 2 [INFO] - Setting high performance power plan"
     powercfg.exe /s 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c
   }
   catch {
-    Write-Output "Phase 2 - set powercfg went wrong"
+    Write-Output "Phase 2 [ERROR] - Set powercfg went wrong"
     $goterror=1
   }
   choco feature enable -n allowEmptyChecksums
-  Write-Output "Phase 2 - Chocolatey packagess installing, $packages_count to go"
+  Write-Output "Phase 2 [INFO] - Chocolatey packagess installing, $packages_count to go"
   #safely install packages
   foreach ($package in $packages) {
     $packages_attempt=1
     $packages_success=$false
     do {
       try {
-        Write-Output "Phase 2 - Chocolatey installing $package attempt nr. $packages_attempt of $packages_attempt_max"
-        choco upgrade $package -y --no-progress
-        Write-Output "Phase 2 - Chocolatey installing $package attempt nr. $packages_attempt exit code: $LASTEXITCODE"
+        Write-Output "Phase 2 [INFO] - Chocolatey installing $package attempt nr. $packages_attempt of $packages_attempt_max"
+        choco upgrade $package -y --no-progress --limit-output
+        Write-Output "Phase 2 [INFO] - Chocolatey installing $package attempt nr. $packages_attempt exit code: $LASTEXITCODE"
         if ($packages_exit_codes.Contains($LASTEXITCODE)) {
             $packages_success=$true
             $packages_success_count++
-            Write-Output "Phase 2 - Chocolatey installing $package installed succesfuly in $packages_attempt attempt of $packages_attempt_max"
+            Write-Output "Phase 2 [INFO] - Chocolatey installing $package installed succesfuly in $packages_attempt attempt of $packages_attempt_max"
         }
         else {
           $goterror=1
         }
       }
       catch {
-        Write-Output "Phase 2 - Packages installing retry nr. $packages_attempt of $packages_attempt_max "
+        Write-Output "Phase 2 [INFO] - Packages installing retry nr. $packages_attempt of $packages_attempt_max "
       }
       $packages_attempt++
     }
     until ($packages_attempt -eq $packages_attempt_max -or $packages_success)
   }
   if (-not $packages_success) {
     $goterror=1
-    Write-Output "End of Phase 2 chocolatey packages went wrong"
-    Write-Output "End of Phase 2 Succesfuly installed $packages_success_count of $packages_count"
+    Write-Output "Phase 2 [ERROR] - chocolatey packages installation went wrong"
+    Write-Output "Phase 2 [WARN] - End of Phase 2 Succesfuly installed $packages_success_count of $packages_count"
     exit (1)
   }
-  Write-Output "End of Phase 2 Succesfuly installed $packages_success_count of $packages_count"
-  Write-Output "End of Phase 2"
+  Write-Output "Phase 2 [INFO] - Succesfuly installed $packages_success_count of $packages_count"
+  Write-Output "Phase 2 [END] - End of Phase 2"
   if ($goterror) {
-    Write-Output "End of Phase 2 something went wrong"
+    Write-Output "Phase 2 [ERROR] - something went wrong"
     exit (1)
   }
   else {

extra/scripts/phase-3.ps1

@@ -1,19 +1,65 @@
 # Phase 3 - stuff which is not generic
 # Uncomment next line to skip this
-
 # exit 0
-Write-Output "Start of Phase 3"
-    $puppet_version="5.5.19"
-    # add your stuff here
+param(
+    [Parameter()]
+    [ValidateNotNullOrEmpty()]
+    [string]$Version="5.5.20",
+    [Parameter()]
+    [ValidateNotNullOrEmpty()]
+    [ValidateSet('true','false','$true','$false','0','1')]
+    [boolean]$AddPrivateChoco=$true,
+    [Parameter()]
+    [ValidateNotNullOrEmpty()]
+    [string]$PuppetMaster="foreman.spcph.local"
+)
+
+Write-Output "Phase 3 [START] - Start of Phase 3"
+$PuppetConfig="$Env:ProgramData\PuppetLabs\puppet\etc\puppet.conf"
+
+Write-Output "Phase 3 [INFO] - Puppet version  is: $Version"
+Write-Output "Phase 3 [INFO] - AddPrivateChoco is: $AddPrivateChoco"
+Write-Output "Phase 3 [INFO] - PuppetMaster    is: $PuppetMaster"
+Write-Output "Phase 3 [INFO] - PuppetConfig    is: $PuppetConfig"
+
+
     # add my myget source
     [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
     try {
-        choco source add -n=public -s"https://www.myget.org/F/public-choco" --priority=10
+        # this is private my-get repo - not everybody needs it
+        if ($AddPrivateChoco) {
+          Write-Output "Phase 3 [INFO] - adding myget repository"
+          $ErrorActionPreference = "Stop"
+          choco source add -n=public -s"https://www.myget.org/F/public-choco" --priority=10
+          if ($LASTEXITCODE -ne 0) {
+            exit (1)
+          }
+        }
+    }
+    catch {
+        Write-Output "Phase 3 [ERROR] - Install source failed"
+        exit (1)
+    }
+    try {
         # install puppet/stop/clean
-        choco install puppet-agent --version $puppet_version -ia '"PUPPET_MASTER_SERVER=foreman.spcph.local"' -y --no-progress
+        Write-Output "Phase 3 [INFO] - Installing puppet in version: $Version"
+        $ErrorActionPreference = "Stop"
+        choco install puppet-agent --version $Version -y --no-progress --limit-output
+        if ($LASTEXITCODE -ne 0) {
+          exit (1)
+        }
+        if (Test-Path -Path $PuppetConfig) {
+            Write-Output "Phase 3 [INFO] - Puppet config found in: $PuppetConfig"
+            $filecontent=Get-Content $PuppetConfig
+            $filecontent -replace "(^server=).*","server=$PuppetMaster"|Set-Content $PuppetConfig
+        }
+        else {
+            Write-Output "Phase 3 [INFO] - Puppet config not found"
+        }
     }
     catch {
-        Write-Output "Phase 3 - Install source or install puppet-agent failed"
+        Write-Output "Phase 3 [ERROR] - install puppet-agent failed"
+        exit (1)
     }
     try {
         Get-Service -name puppet -ErrorAction Silentlycontinue|Stop-Service -Force -ErrorAction Silentlycontinue
@@ -22,7 +68,8 @@ Write-Output "Start of Phase 3"
         Remove-Item "c:\ProgramData\PuppetLabs\puppet\etc\ssl\" -Recurse -Force -ErrorAction Silentlycontinue
     }
     catch {
-        Write-Output "Phase 3 - Cleaning or stopping "
+        Write-Output "Phase 3 [ERROR] - Cleaning or stopping failed"
+        exit (1)
     }
-Write-Output "End of Phase 3"
+Write-Output "Phase 3 [END] - End of Phase 3"
 exit 0

extra/scripts/phase-5b.docker.ps1

@@ -6,10 +6,10 @@ param (
   [string] $configDockerLocation = "C:\ProgramData\Docker\config"
 )
 
-Write-Output "Start Phase 5b-Docker"
-Write-Output "Required Version of docker is: $requiredVersion"
-Write-Output "Install compose is set to: $installCompose"
-Write-Output "Docker location is set to: $dockerLocation"
+Write-Output "Phase 5 [START] - Start Phase 5b-Docker"
+Write-Output "Phase 5 [INFO] - Required Version of docker is: $requiredVersion"
+Write-Output "Phase 5 [INFO] - Install compose is set to: $installCompose"
+Write-Output "Phase 5 [INFO] - Docker location is set to: $dockerLocation"
 
 try {
   Write-Output "Phase 5b-docker - Install Dockermsftprovider"
@@ -34,7 +34,7 @@ catch {
 
 if ($installCompose) {
   try {
-    choco install docker-compose -y
+    choco install docker-compose -y --no-progress --limit-output
   }
   catch {
     Write "Phase 5b-docker failed - Install docker-compose problem"