cloud-mu 3.1.4 → 3.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ansible/roles/mu-windows/README.md +33 -0
- data/ansible/roles/mu-windows/defaults/main.yml +2 -0
- data/ansible/roles/mu-windows/handlers/main.yml +2 -0
- data/ansible/roles/mu-windows/meta/main.yml +53 -0
- data/ansible/roles/mu-windows/tasks/main.yml +20 -0
- data/ansible/roles/mu-windows/tests/inventory +2 -0
- data/ansible/roles/mu-windows/tests/test.yml +5 -0
- data/ansible/roles/mu-windows/vars/main.yml +2 -0
- data/cloud-mu.gemspec +4 -2
- data/cookbooks/mu-tools/recipes/selinux.rb +2 -1
- data/cookbooks/mu-tools/recipes/windows-client.rb +140 -144
- data/cookbooks/mu-tools/resources/windows_users.rb +44 -43
- data/extras/image-generators/AWS/win2k12.yaml +16 -13
- data/extras/image-generators/AWS/win2k16.yaml +16 -13
- data/extras/image-generators/AWS/win2k19.yaml +19 -0
- data/modules/mu.rb +72 -9
- data/modules/mu/adoption.rb +14 -2
- data/modules/mu/cloud.rb +111 -10
- data/modules/mu/clouds/aws.rb +23 -7
- data/modules/mu/clouds/aws/container_cluster.rb +640 -692
- data/modules/mu/clouds/aws/dnszone.rb +49 -45
- data/modules/mu/clouds/aws/firewall_rule.rb +177 -214
- data/modules/mu/clouds/aws/role.rb +17 -8
- data/modules/mu/clouds/aws/search_domain.rb +1 -1
- data/modules/mu/clouds/aws/server.rb +734 -1027
- data/modules/mu/clouds/aws/userdata/windows.erb +2 -1
- data/modules/mu/clouds/aws/vpc.rb +297 -786
- data/modules/mu/clouds/aws/vpc_subnet.rb +286 -0
- data/modules/mu/clouds/google/bucket.rb +1 -1
- data/modules/mu/clouds/google/container_cluster.rb +21 -17
- data/modules/mu/clouds/google/function.rb +8 -2
- data/modules/mu/clouds/google/server.rb +102 -32
- data/modules/mu/clouds/google/vpc.rb +1 -1
- data/modules/mu/config.rb +12 -1
- data/modules/mu/config/server.yml +1 -0
- data/modules/mu/defaults/AWS.yaml +51 -28
- data/modules/mu/groomers/ansible.rb +54 -17
- data/modules/mu/groomers/chef.rb +13 -7
- data/modules/mu/master/ssl.rb +0 -1
- data/modules/mu/mommacat.rb +8 -0
- data/modules/tests/ecs.yaml +23 -0
- data/modules/tests/includes-and-params.yaml +2 -1
- data/modules/tests/server-with-scrub-muisms.yaml +1 -0
- data/modules/tests/win2k12.yaml +25 -0
- data/modules/tests/win2k16.yaml +25 -0
- data/modules/tests/win2k19.yaml +25 -0
- data/requirements.txt +1 -0
- metadata +50 -4
- data/extras/image-generators/AWS/windows.yaml +0 -18
- data/modules/tests/needwork/win2k12.yaml +0 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a2a3a37b9669c04e28e4b5a0d2f80a2de02478dabac733c90e9d36dae452528c
|
4
|
+
data.tar.gz: 654354392527c27ac2825bce89b992f209577cbf97dbdce29ceeb23565cf733d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d09fbaa85a8bfa880b35aad227367a4b156635d847ca9f697a7e6cbc93600b0b59fd495dd180e2d6955f160dab83f81335e7d47a6c2027c6598fd8b82da97c2a
|
7
|
+
data.tar.gz: b49216fcc464945f3f27b0927c59b3e41b906ddaf09f7b87433a37eec54330462cf246058fa9959d3d1ec90ee1570fc3921bc7e0da0a1552c1d4664832e4d42e
|
@@ -0,0 +1,33 @@
|
|
1
|
+
Role Name
|
2
|
+
=========
|
3
|
+
|
4
|
+
Used during image builds for Windows 2012R2, 2016, and 2019. Runs all updates and installs chocolatey, git, openssh, and ruby.
|
5
|
+
|
6
|
+
Requirements
|
7
|
+
------------
|
8
|
+
|
9
|
+
Windows host with internet connectivity and no other major services running.
|
10
|
+
|
11
|
+
License
|
12
|
+
-------
|
13
|
+
|
14
|
+
Copyright:: Copyright (c) 2020 eGlobalTech, Inc., all rights reserved
|
15
|
+
|
16
|
+
Licensed under the BSD-3 license (the "License");
|
17
|
+
you may not use this file except in compliance with the License.
|
18
|
+
You may obtain a copy of the License in the root of the project or at
|
19
|
+
|
20
|
+
http://egt-labs.com/mu/LICENSE.html
|
21
|
+
|
22
|
+
Unless required by applicable law or agreed to in writing, software
|
23
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
24
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
25
|
+
See the License for the specific language governing permissions and
|
26
|
+
limitations under the License.
|
27
|
+
|
28
|
+
Author Information
|
29
|
+
------------------
|
30
|
+
|
31
|
+
Current developers: John Stange, Robert Patt-Corner, Ryan Bolyard
|
32
|
+
|
33
|
+
egt-labs-admins@egt-labs.com
|
@@ -0,0 +1,53 @@
|
|
1
|
+
galaxy_info:
|
2
|
+
author: your name
|
3
|
+
description: your description
|
4
|
+
company: your company (optional)
|
5
|
+
|
6
|
+
# If the issue tracker for your role is not on github, uncomment the
|
7
|
+
# next line and provide a value
|
8
|
+
# issue_tracker_url: http://example.com/issue/tracker
|
9
|
+
|
10
|
+
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
11
|
+
# - BSD-3-Clause (default)
|
12
|
+
# - MIT
|
13
|
+
# - GPL-2.0-or-later
|
14
|
+
# - GPL-3.0-only
|
15
|
+
# - Apache-2.0
|
16
|
+
# - CC-BY-4.0
|
17
|
+
license: license (GPL-2.0-or-later, MIT, etc)
|
18
|
+
|
19
|
+
min_ansible_version: 2.4
|
20
|
+
|
21
|
+
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
22
|
+
# min_ansible_container_version:
|
23
|
+
|
24
|
+
#
|
25
|
+
# Provide a list of supported platforms, and for each platform a list of versions.
|
26
|
+
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
27
|
+
# To view available platforms and versions (or releases), visit:
|
28
|
+
# https://galaxy.ansible.com/api/v1/platforms/
|
29
|
+
#
|
30
|
+
# platforms:
|
31
|
+
# - name: Fedora
|
32
|
+
# versions:
|
33
|
+
# - all
|
34
|
+
# - 25
|
35
|
+
# - name: SomePlatform
|
36
|
+
# versions:
|
37
|
+
# - all
|
38
|
+
# - 1.0
|
39
|
+
# - 7
|
40
|
+
# - 99.99
|
41
|
+
|
42
|
+
galaxy_tags: []
|
43
|
+
# List tags for your role here, one per line. A tag is a keyword that describes
|
44
|
+
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
45
|
+
# remove the '[]' above, if you add tags to this list.
|
46
|
+
#
|
47
|
+
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
48
|
+
# Maximum 20 tags per role.
|
49
|
+
|
50
|
+
dependencies: []
|
51
|
+
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
52
|
+
# if you add dependencies to this list.
|
53
|
+
|
@@ -0,0 +1,20 @@
|
|
1
|
+
---
|
2
|
+
- name: Install all updates with automatic reboots
|
3
|
+
win_updates:
|
4
|
+
reboot: yes
|
5
|
+
reboot_timeout: 1800
|
6
|
+
|
7
|
+
- name: Install git
|
8
|
+
win_chocolatey:
|
9
|
+
name: git
|
10
|
+
state: present
|
11
|
+
|
12
|
+
- name: Install ruby
|
13
|
+
win_chocolatey:
|
14
|
+
name: ruby
|
15
|
+
state: present
|
16
|
+
|
17
|
+
- name: Install openssh
|
18
|
+
win_chocolatey:
|
19
|
+
name: openssh
|
20
|
+
state: present
|
data/cloud-mu.gemspec
CHANGED
@@ -17,8 +17,8 @@ end
|
|
17
17
|
|
18
18
|
Gem::Specification.new do |s|
|
19
19
|
s.name = 'cloud-mu'
|
20
|
-
s.version = '3.1.
|
21
|
-
s.date = '2020-
|
20
|
+
s.version = '3.1.5'
|
21
|
+
s.date = '2020-03-03'
|
22
22
|
s.require_paths = ['modules']
|
23
23
|
s.required_ruby_version = '>= 2.4'
|
24
24
|
s.summary = "The eGTLabs Mu toolkit for unified cloud deployments"
|
@@ -52,6 +52,7 @@ EOF
|
|
52
52
|
s.add_runtime_dependency 'net-ssh-multi', '~> 1.2', '>= 1.2.1'
|
53
53
|
s.add_runtime_dependency 'netaddr', '~> 2.0'
|
54
54
|
s.add_runtime_dependency 'nokogiri', "~> 1.10"
|
55
|
+
s.add_runtime_dependency 'openssl-oaep', "~> 0.1"
|
55
56
|
s.add_runtime_dependency 'optimist', "~> 3.0"
|
56
57
|
s.add_runtime_dependency 'rack', "~> 2.0"
|
57
58
|
s.add_runtime_dependency 'ruby-graphviz', "~> 1.2"
|
@@ -61,5 +62,6 @@ EOF
|
|
61
62
|
s.add_runtime_dependency 'slack-notifier', "~> 2.3"
|
62
63
|
s.add_runtime_dependency 'solve', '~> 4.0'
|
63
64
|
s.add_runtime_dependency 'thin', "~> 1.7"
|
65
|
+
s.add_runtime_dependency 'winrm', "~> 2.3", ">= 2.3.4"
|
64
66
|
s.add_runtime_dependency 'yard', "~> 0.9"
|
65
67
|
end
|
@@ -4,7 +4,8 @@
|
|
4
4
|
#
|
5
5
|
# Copyright:: 2019, The Authors, All Rights Reserved.
|
6
6
|
|
7
|
-
if !node['application_attributes']['skip_recipes'].include?('selinux')
|
7
|
+
if !node['application_attributes']['skip_recipes'].include?('selinux') and
|
8
|
+
(platform_family?("rhel") or platform_family?("amazon"))
|
8
9
|
|
9
10
|
selinux_state "SELinux Enforcing" do
|
10
11
|
action :enforcing
|
@@ -184,153 +184,149 @@ if !node['application_attributes']['skip_recipes'].include?('windows-client')
|
|
184
184
|
# end
|
185
185
|
# }
|
186
186
|
|
187
|
-
reboot "Cygwin LSA" do
|
188
|
-
action :nothing
|
189
|
-
reason "Enabling Cygwin LSA support"
|
190
|
-
end
|
191
|
-
|
192
|
-
powershell_script "Configuring Cygwin LSA support" do
|
193
|
-
code <<-EOH
|
194
|
-
Invoke-Expression '& #{cygwindir}/bin/bash.exe --login -c "echo yes | /bin/cyglsa-config"'
|
195
|
-
EOH
|
196
|
-
not_if {
|
197
|
-
lsa_found = false
|
198
|
-
if registry_key_exists?("HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa")
|
199
|
-
registry_get_values("HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa").each { |val|
|
200
|
-
if val[:name] == "Authentication Packages"
|
201
|
-
lsa_found = true if val[:data].grep(/cyglsa64\.dll/)
|
202
|
-
break
|
203
|
-
end
|
204
|
-
}
|
205
|
-
end
|
206
|
-
lsa_found
|
207
|
-
}
|
208
|
-
notifies :reboot_now, "reboot[Cygwin LSA]", :immediately
|
209
|
-
end
|
210
|
-
|
211
|
-
powershell_script "enable Cygwin sshd" do
|
212
|
-
code <<-EOH
|
213
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "ssh-host-config -y -c ntsec -w ''#{sshd_password}'' -u #{sshd_user}"'
|
214
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "sed -i.bak ''s/#.*StrictModes.*yes/StrictModes no/'' /etc/sshd_config"'
|
215
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "sed -i.bak ''s/#.*PasswordAuthentication.*yes/PasswordAuthentication no/'' /etc/sshd_config"'
|
216
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "chown #{sshd_user} /var/empty /var/log/sshd.log /etc/ssh*; chmod 755 /var/empty"'
|
217
|
-
EOH
|
218
|
-
sensitive true
|
219
|
-
not_if %Q{Get-Service "sshd"}
|
220
|
-
end
|
221
|
-
powershell_script "set unix-style Cygwin sshd permissions" do
|
222
|
-
code <<-EOH
|
223
|
-
if((Get-WmiObject win32_computersystem).partofdomain){
|
224
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkpasswd -d > /etc/passwd"'
|
225
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkgroup -l -d > /etc/group"'
|
226
|
-
} else {
|
227
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkpasswd -l > /etc/passwd"'
|
228
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkgroup -l > /etc/group"'
|
229
|
-
}
|
230
|
-
Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "chown #{sshd_user} /var/empty /var/log/sshd.log /etc/ssh*; chmod 755 /var/empty"'
|
231
|
-
EOH
|
232
|
-
end
|
233
|
-
|
234
|
-
include_recipe 'mu-activedirectory'
|
235
|
-
|
236
|
-
::Chef::Recipe.send(:include, Chef::Mixin::PowershellOut)
|
237
|
-
|
238
|
-
template "c:/bin/cygwin/etc/sshd_config" do
|
239
|
-
source "sshd_config.erb"
|
240
|
-
mode 0644
|
241
|
-
cookbook "mu-tools"
|
242
|
-
ignore_failure true
|
243
|
-
end
|
244
|
-
|
245
|
-
ec2config_user= windows_vault[node['windows_ec2config_username_field']]
|
246
|
-
ec2config_password = windows_vault[node['windows_ec2config_password_field']]
|
247
|
-
login_dom = "."
|
248
|
-
|
249
|
-
if in_domain?
|
250
|
-
|
251
|
-
ad_vault = chef_vault_item(node['ad']['domain_admin_vault'], node['ad']['domain_admin_item'])
|
252
|
-
login_dom = node['ad']['netbios_name']
|
253
|
-
|
254
|
-
windows_users node['ad']['computer_name'] do
|
255
|
-
username ad_vault[node['ad']['domain_admin_username_field']]
|
256
|
-
password ad_vault[node['ad']['domain_admin_password_field']]
|
257
|
-
domain_name node['ad']['domain_name']
|
258
|
-
netbios_name node['ad']['netbios_name']
|
259
|
-
dc_ips node['ad']['dc_ips']
|
260
|
-
ssh_user sshd_user
|
261
|
-
ssh_password sshd_password
|
262
|
-
ec2config_user ec2config_user
|
263
|
-
ec2config_password ec2config_password
|
264
|
-
end
|
265
|
-
|
266
|
-
aws_windows "ec2" do
|
267
|
-
username ec2config_user
|
268
|
-
service_username "#{node['ad']['netbios_name']}\\#{ec2config_user}"
|
269
|
-
password ec2config_password
|
270
|
-
end
|
271
|
-
|
272
|
-
scheduled_tasks "tasks" do
|
273
|
-
username ad_vault[node['ad']['domain_admin_username_field']]
|
274
|
-
password ad_vault[node['ad']['domain_admin_password_field']]
|
275
|
-
end
|
276
|
-
|
277
|
-
sshd_service "sshd" do
|
278
|
-
service_username "#{node['ad']['netbios_name']}\\#{sshd_user}"
|
279
|
-
username sshd_user
|
280
|
-
password sshd_password
|
281
|
-
end
|
282
|
-
|
283
|
-
begin
|
284
|
-
resources('service[sshd]')
|
285
|
-
escue Chef::Exceptions::ResourceNotFound
|
286
|
-
service "sshd" do
|
287
|
-
action [:enable, :start]
|
288
|
-
sensitive true
|
289
|
-
end
|
290
|
-
end
|
291
|
-
else
|
292
|
-
windows_users node['hostname'] do
|
293
|
-
username node['windows_admin_username']
|
294
|
-
password windows_vault[node['windows_auth_password_field']]
|
295
|
-
ssh_user sshd_user
|
296
|
-
ssh_password sshd_password
|
297
|
-
ec2config_user ec2config_user
|
298
|
-
ec2config_password ec2config_password
|
299
|
-
end
|
300
|
-
|
301
|
-
aws_windows "ec2" do
|
302
|
-
username ec2config_user
|
303
|
-
service_username ".\\#{ec2config_user}"
|
304
|
-
password ec2config_password
|
305
|
-
end
|
306
|
-
|
307
|
-
scheduled_tasks "tasks" do
|
308
|
-
username node['windows_admin_username']
|
309
|
-
password windows_vault[node['windows_auth_password_field']]
|
310
|
-
end
|
311
|
-
|
312
|
-
sshd_service "sshd" do
|
313
|
-
username sshd_user
|
314
|
-
service_username ".\\#{sshd_user}"
|
315
|
-
password sshd_password
|
316
|
-
end
|
317
|
-
begin
|
318
|
-
resources('service[sshd]')
|
319
|
-
rescue Chef::Exceptions::ResourceNotFound
|
320
|
-
service "Cygwin sshd as '#{sshd_user}'" do
|
321
|
-
service_name "sshd"
|
322
|
-
action [:enable, :start]
|
323
|
-
sensitive true
|
324
|
-
end
|
325
|
-
end
|
326
|
-
end
|
187
|
+
# reboot "Cygwin LSA" do
|
188
|
+
# action :nothing
|
189
|
+
# reason "Enabling Cygwin LSA support"
|
190
|
+
# end
|
191
|
+
#
|
192
|
+
# powershell_script "Configuring Cygwin LSA support" do
|
193
|
+
# code <<-EOH
|
194
|
+
# Invoke-Expression '& #{cygwindir}/bin/bash.exe --login -c "echo yes | /bin/cyglsa-config"'
|
195
|
+
# EOH
|
196
|
+
# not_if {
|
197
|
+
# lsa_found = false
|
198
|
+
# if registry_key_exists?("HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa")
|
199
|
+
# registry_get_values("HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa").each { |val|
|
200
|
+
# if val[:name] == "Authentication Packages"
|
201
|
+
# lsa_found = true if val[:data].grep(/cyglsa64\.dll/)
|
202
|
+
# break
|
203
|
+
# end
|
204
|
+
# }
|
205
|
+
# end
|
206
|
+
# lsa_found
|
207
|
+
# }
|
208
|
+
# notifies :reboot_now, "reboot[Cygwin LSA]", :immediately
|
209
|
+
# end
|
210
|
+
#
|
211
|
+
# powershell_script "enable Cygwin sshd" do
|
212
|
+
# code <<-EOH
|
213
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "ssh-host-config -y -c ntsec -w ''#{sshd_password}'' -u #{sshd_user}"'
|
214
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "sed -i.bak ''s/#.*StrictModes.*yes/StrictModes no/'' /etc/sshd_config"'
|
215
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash.exe --login -c "sed -i.bak ''s/#.*PasswordAuthentication.*yes/PasswordAuthentication no/'' /etc/sshd_config"'
|
216
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "chown #{sshd_user} /var/empty /var/log/sshd.log /etc/ssh*; chmod 755 /var/empty"'
|
217
|
+
# EOH
|
218
|
+
# sensitive true
|
219
|
+
# not_if %Q{Get-Service "sshd"}
|
220
|
+
# end
|
221
|
+
# powershell_script "set unix-style Cygwin sshd permissions" do
|
222
|
+
# code <<-EOH
|
223
|
+
# if((Get-WmiObject win32_computersystem).partofdomain){
|
224
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkpasswd -d > /etc/passwd"'
|
225
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkgroup -l -d > /etc/group"'
|
226
|
+
# } else {
|
227
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkpasswd -l > /etc/passwd"'
|
228
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "mkgroup -l > /etc/group"'
|
229
|
+
# }
|
230
|
+
# Invoke-Expression -Debug '& #{cygwindir}/bin/bash --login -c "chown #{sshd_user} /var/empty /var/log/sshd.log /etc/ssh*; chmod 755 /var/empty"'
|
231
|
+
# EOH
|
232
|
+
# end
|
233
|
+
#
|
234
|
+
# include_recipe 'mu-activedirectory'
|
235
|
+
#
|
236
|
+
# ::Chef::Recipe.send(:include, Chef::Mixin::PowershellOut)
|
237
|
+
#
|
238
|
+
# template "c:/bin/cygwin/etc/sshd_config" do
|
239
|
+
# source "sshd_config.erb"
|
240
|
+
# mode 0644
|
241
|
+
# cookbook "mu-tools"
|
242
|
+
# ignore_failure true
|
243
|
+
# end
|
244
|
+
#
|
245
|
+
# ec2config_user= windows_vault[node['windows_ec2config_username_field']]
|
246
|
+
# ec2config_password = windows_vault[node['windows_ec2config_password_field']]
|
247
|
+
# login_dom = "."
|
248
|
+
#
|
249
|
+
# if in_domain?
|
250
|
+
#
|
251
|
+
# ad_vault = chef_vault_item(node['ad']['domain_admin_vault'], node['ad']['domain_admin_item'])
|
252
|
+
# login_dom = node['ad']['netbios_name']
|
253
|
+
#
|
254
|
+
# windows_users node['ad']['computer_name'] do
|
255
|
+
# username ad_vault[node['ad']['domain_admin_username_field']]
|
256
|
+
# password ad_vault[node['ad']['domain_admin_password_field']]
|
257
|
+
# domain_name node['ad']['domain_name']
|
258
|
+
# netbios_name node['ad']['netbios_name']
|
259
|
+
# dc_ips node['ad']['dc_ips']
|
260
|
+
# ssh_user sshd_user
|
261
|
+
# ssh_password sshd_password
|
262
|
+
# ec2config_user ec2config_user
|
263
|
+
# ec2config_password ec2config_password
|
264
|
+
# end
|
265
|
+
#
|
266
|
+
# aws_windows "ec2" do
|
267
|
+
# username ec2config_user
|
268
|
+
# service_username "#{node['ad']['netbios_name']}\\#{ec2config_user}"
|
269
|
+
# password ec2config_password
|
270
|
+
# end
|
271
|
+
#
|
272
|
+
# scheduled_tasks "tasks" do
|
273
|
+
# username ad_vault[node['ad']['domain_admin_username_field']]
|
274
|
+
# password ad_vault[node['ad']['domain_admin_password_field']]
|
275
|
+
# end
|
276
|
+
#
|
277
|
+
# sshd_service "sshd" do
|
278
|
+
# service_username "#{node['ad']['netbios_name']}\\#{sshd_user}"
|
279
|
+
# username sshd_user
|
280
|
+
# password sshd_password
|
281
|
+
# end
|
282
|
+
#
|
283
|
+
# begin
|
284
|
+
# resources('service[sshd]')
|
285
|
+
# escue Chef::Exceptions::ResourceNotFound
|
286
|
+
# service "sshd" do
|
287
|
+
# action [:enable, :start]
|
288
|
+
# sensitive true
|
289
|
+
# end
|
290
|
+
# end
|
291
|
+
# else
|
292
|
+
# windows_users node['hostname'] do
|
293
|
+
# username node['windows_admin_username']
|
294
|
+
# password windows_vault[node['windows_auth_password_field']]
|
295
|
+
# ssh_user sshd_user
|
296
|
+
# ssh_password sshd_password
|
297
|
+
# ec2config_user ec2config_user
|
298
|
+
# ec2config_password ec2config_password
|
299
|
+
# end
|
300
|
+
#
|
301
|
+
# aws_windows "ec2" do
|
302
|
+
# username ec2config_user
|
303
|
+
# service_username ".\\#{ec2config_user}"
|
304
|
+
# password ec2config_password
|
305
|
+
# end
|
306
|
+
#
|
307
|
+
# scheduled_tasks "tasks" do
|
308
|
+
# username node['windows_admin_username']
|
309
|
+
# password windows_vault[node['windows_auth_password_field']]
|
310
|
+
# end
|
311
|
+
#
|
312
|
+
# sshd_service "sshd" do
|
313
|
+
# username sshd_user
|
314
|
+
# service_username ".\\#{sshd_user}"
|
315
|
+
# password sshd_password
|
316
|
+
# end
|
317
|
+
# begin
|
318
|
+
# resources('service[sshd]')
|
319
|
+
# rescue Chef::Exceptions::ResourceNotFound
|
320
|
+
# service "Cygwin sshd as '#{sshd_user}'" do
|
321
|
+
# service_name "sshd"
|
322
|
+
# action [:enable, :start]
|
323
|
+
# sensitive true
|
324
|
+
# end
|
325
|
+
# end
|
326
|
+
# end
|
327
327
|
end
|
328
328
|
|
329
329
|
else
|
330
330
|
Chef::Log.info("mu-tools::windows-client: Unsupported platform #{node['platform']}")
|
331
331
|
end
|
332
332
|
end
|
333
|
-
# Copyright:: Copyright (c) 2014 eGlobalTech, Inc., all rights reserved
|
334
|
-
#
|
335
|
-
# Cookbook Name:: mu-tools
|
336
|
-
# Recipe:: windows-client
|