vagrant-uplift 0.2.1902.18

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 5d87292c8668a405ab0d16e13e3fbef281058c77a5976bb4461749bdb7a2f032
+  data.tar.gz: cea9495057318c1f2a826d899d62b2e185b7f103a5633ae2e81db8ecc9807187
+SHA512:
+  metadata.gz: db4236e3ca8e99f457939fa64133d7274579bc67fcde29082f91374043d42ebcb2a7a8750848c1a0a43b32327e1ae14d769653927299f13f1a6b3943549216f5
+  data.tar.gz: 49cbd51d6c8c788da147a1a42f8f8a0bc268b33a745777e197db8fff8b88163af3d7666a3d39b4511acb5f629100eebbc05bb506ea10d5959b9d81da00b5bb13

data/bin/console

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/scripts/vagrant/uplift.vagrant.core/uplift.fix-second-network.ps1

@@ -0,0 +1,59 @@
+param ([String] $ip, [String] $dns)
+
+# fail on errors and include uplift helpers
+$ErrorActionPreference = "Stop"
+
+Import-Module Uplift.Core
+
+Write-UpliftMessage "Fixing up network settings..."
+Write-UpliftEnv
+
+# if (Test-Path C:\Users\vagrant\enable-winrm-after-customization.bat) {
+#   Write-UpliftMessage "Nothing to do in vCloud."
+#   exit 0
+# }
+# if (! (Test-Path 'C:\Program Files\VMware\VMware Tools')) {
+#   Write-UpliftMessage "Nothing to do for other providers than VMware."
+#   exit 0
+# }
+
+$subnet = $ip -replace "\.\d+$", ""
+
+Write-UpliftMessage " - ip    : $ip"
+Write-UpliftMessage " - subnet: $subnet"
+
+$name = (Get-NetIPAddress -AddressFamily IPv4 `
+   | Where-Object -FilterScript { ($_.IPAddress).StartsWith($subnet) } `
+   ).InterfaceAlias
+
+if (!$name) {
+  $name = (Get-NetIPAddress -AddressFamily IPv4 `
+     | Where-Object -FilterScript { ($_.IPAddress).StartsWith("169.254.") } `
+     ).InterfaceAlias
+}
+
+if ($name) {
+  Write-UpliftMessage "Set IP address to $ip of interface $name"
+  & netsh.exe int ip set address "$name" static $ip 255.255.255.0 "$subnet.1"
+
+  Confirm-UpliftExitCode $LASTEXITCODE "Cannot set IP address to $ip of interface $name" @(0,1)
+
+  if ($dns) {
+    Write-UpliftMessage "Set DNS server address to $dns of interface $name"
+    & netsh.exe interface ipv4 add dnsserver "$name" address=$dns index=1
+
+    Confirm-UpliftExitCode $LASTEXITCODE "Cannot set DNS server address to $dns of interface $name" @(0,1)
+  }
+} else {
+
+  Write-UpliftMessage "Running ipconfig /all"
+  ipconfig /all
+  Confirm-UpliftExitCode $LASTEXITCODE "Cannot run ipconfig"
+
+  $errorMessage = "Could not find a interface with subnet $subnet.xx"
+
+  Write-UpliftMessage $errorMessage
+  throw $errorMessage
+}
+
+exit 0

data/lib/scripts/vagrant/uplift.vagrant.dc12/dc.dsc.ps1

@@ -0,0 +1,128 @@
+# fail on errors and include uplift helpers
+$ErrorActionPreference = "Stop"
+
+Import-Module Uplift.Core
+
+Write-UpliftMessage "Installing primary controller..."
+Write-UpliftEnv
+
+$domainName          =  Get-UpliftEnvVariable "UPLF_DC_DOMAIN_NAME"
+$domainAdminName     =  Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_NAME"
+$domainAdminPassword =  Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_PASSWORD"
+
+$isPartOfDomain = (Get-CimInstance -Class Win32_ComputerSystem).PartOfDomain
+
+if($isPartOfDomain -eq $True) {
+    Write-UpliftMessage "This computer is already part of domain. No domain join or reboot is required"
+    exit 0
+}
+
+Write-UpliftMessage "Fixing DC promo settings..."
+Set-UpliftDCPromoSettings $domainAdminPassword
+
+Configuration Install_DomainController {
+
+    Import-DscResource -ModuleName 'PSDesiredStateConfiguration'
+    Import-DscResource -ModuleName 'xActiveDirectory'
+    Import-DscResource -ModuleName 'xNetworking'
+    
+    Node localhost
+    {
+        $domainName           = $Node.DomainName
+        $domainAdminName      = $Node.DomainAdminName
+        $domainAdminPassword  = $Node.DomainAdminPassword
+
+        $securePassword   = ConvertTo-SecureString $domainAdminPassword -AsPlainText -Force
+        $domainAdminCreds = New-Object System.Management.Automation.PSCredential(
+            $domainAdminName, 
+            $securePassword
+        )
+
+        $safeModeAdminCreds = $domainAdminCreds
+
+        LocalConfigurationManager
+        {
+            ConfigurationMode = 'ApplyOnly'
+            RebootNodeIfNeeded = $false
+            RefreshMode = "Push"
+        }
+
+        WindowsFeature DNS
+        {
+            Ensure = "Present"
+            Name   = "DNS"
+        }
+
+        xDnsServerAddress DnsServerAddress
+        {
+            Address        = '127.0.0.1'
+            InterfaceAlias = 'Ethernet'
+            AddressFamily  = 'IPv4'
+            DependsOn      = "[WindowsFeature]DNS"
+        }
+
+        WindowsFeature ADDSInstall
+        {
+            Ensure = "Present"
+            Name   = "AD-Domain-Services"
+        }
+
+        WindowsFeature ADDSRSAT
+        {
+            Ensure = "Present"
+            Name   = "RSAT-ADDS-Tools"
+        }
+
+        WindowsFeature RSAT
+        {
+            Ensure = "Present"
+            Name   = "RSAT"
+        }
+
+        xADDomain PrimaryDomainController
+        {
+            DomainName = $domainName
+
+            # Windows 2016 fix
+            # http://vcloud-lab.com/entries/active-directory/powershell-dsc-xactivedirectory-error-a-netbios-domain-name-must-be-specified-
+            DomainNetBIOSName = $domainName.Split('.')[0]
+            
+            DomainAdministratorCredential = $domainAdminCreds
+            SafemodeAdministratorPassword = $safeModeAdminCreds
+            
+            DatabasePath = "C:\NTDS"
+            LogPath      = "C:\NTDS"
+            SysvolPath   = "C:\SYSVOL"
+            
+            DependsOn = @(
+                "[WindowsFeature]ADDSInstall", 
+                "[WindowsFeature]RSAT", 
+                "[WindowsFeature]ADDSRSAT", 
+                "[xDnsServerAddress]DnsServerAddress"
+            )
+        }
+    }
+}
+
+$config = @{
+    AllNodes = @(
+        @{
+            NodeName = 'localhost'
+
+            PSDscAllowDomainUser        = $true
+            PSDscAllowPlainTextPassword = $true
+            
+            RetryCount       = 10           
+            RetryIntervalSec = 30
+
+            DomainName           = $domainName
+            DomainAdminName      = $domainAdminName
+            DomainAdminPassword  = $domainAdminPassword
+        }
+    )
+}
+
+$configuration = Get-Command Install_DomainController
+Start-UpliftDSCConfiguration $configuration $config 
+
+exit 0

data/lib/scripts/vagrant/uplift.vagrant.dc12/dc.replica.dsc.ps1

@@ -0,0 +1,117 @@
+# fail on errors and include uplift helpers
+$ErrorActionPreference = "Stop"
+
+Import-Module Uplift.Core
+
+Write-UpliftMessage "Installing replica domain controller..."
+Write-UpliftEnv
+
+$domainName =           Get-UpliftEnvVariable "UPLF_DC_DOMAIN_NAME"
+$domainAdminName =      Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_NAME"
+$domainAdminPassword =  Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_PASSWORD"
+
+Write-UpliftMessage "Fixing DC promo settings..."
+Set-UpliftDCPromoSettings $domainAdminPassword
+
+# disable IP6 to ensure replica controller can be promoted
+Write-UpliftMessage "Disabling IP6 interfaces..."
+Disable-UpliftIP6Interface
+
+Configuration Install_ReplicaDomainController {
+
+    Import-DscResource -ModuleName xActiveDirectory
+    Import-DscResource -ModuleName xNetworking
+    
+    Node localhost
+    {
+        $domainName = $Node.DomainName
+        $domainAdminName = $Node.DomainAdminName
+        $domainAdminPassword = $Node.DomainAdminPassword
+
+        $securePassword = ConvertTo-SecureString $domainAdminPassword -AsPlainText -Force
+        
+        $domainAdminCreds = New-Object System.Management.Automation.PSCredential($domainAdminName, $securePassword)
+        $safeModeAdminCreds = $domainAdminCreds
+        $dnsDelegationCreds = $domainAdminCreds
+
+        LocalConfigurationManager
+        {
+            ConfigurationMode = 'ApplyOnly'
+            RebootNodeIfNeeded = $false
+            RefreshMode = "Push"
+        }
+
+        # WindowsFeature DNS
+        # {
+        #     Ensure = "Present"
+        #     Name   = "DNS"
+        # }
+
+        # xDnsServerAddress DnsServerAddress
+        # {
+        #     Address        = '127.0.0.1'
+        #     InterfaceAlias = 'Ethernet'
+        #     AddressFamily  = 'IPv4'
+        #     DependsOn      = "[WindowsFeature]DNS"
+        # }
+
+        WindowsFeature ADDSInstall
+        {
+            Ensure = "Present"
+            Name   = "AD-Domain-Services"
+        }
+
+        # WindowsFeature ADDSRSAT
+        # {
+        #     Ensure = "Present"
+        #     Name   = "RSAT-ADDS-Tools"
+        # }
+
+        # WindowsFeature RSAT
+        # {
+        #     Ensure = "Present"
+        #     Name   = "RSAT"
+        # }
+
+        xADDomainController ReplicaDomainController
+        {
+            DomainName = $domainName
+            # win16 fix
+            # http://vcloud-lab.com/entries/active-directory/powershell-dsc-xactivedirectory-error-a-netbios-domain-name-must-be-specified-
+            # DomainNetBIOSName = $domainName.Split('.')[0]
+            
+            DomainAdministratorCredential = $domainAdminCreds
+            SafemodeAdministratorPassword = $safeModeAdminCreds
+            
+            DependsOn = @(
+                "[WindowsFeature]ADDSInstall" 
+                # "[WindowsFeature]RSAT", 
+                # "[WindowsFeature]ADDSRSAT",
+                #"[xDnsServerAddress]DnsServerAddress"
+            )
+        }
+    }
+}
+
+$config = @{
+    AllNodes = @(
+        @{
+            NodeName = 'localhost'
+
+            PSDscAllowDomainUser        = $true
+            PSDscAllowPlainTextPassword = $true
+            
+            RetryCount       = 10           
+            RetryIntervalSec = 30
+
+            DomainName           = $domainName
+            DomainAdminName      = $domainAdminName
+            DomainAdminPassword  = $domainAdminPassword
+        }
+    )
+}
+
+$configuration = Get-Command Install_ReplicaDomainController
+Start-UpliftDSCConfiguration $configuration $config 
+
+exit 0

data/lib/scripts/vagrant/uplift.vagrant.dc12/dc.users.dsc.ps1

@@ -0,0 +1,147 @@
+# fail on errors and include uplift helpers
+$ErrorActionPreference = "Stop"
+
+Import-Module Uplift.Core
+
+Write-UpliftMessage "Installing new domain controller..."
+Write-UpliftEnv
+
+function WaitForAdServices($tries) {
+    
+    # Somehow Win2016 might stuck at "Applying computer settings"
+    # that happens for several minutes, them all comes back
+    # could be a feature setup after DC/Defender removal, could be DNS thing
+
+    # so waiting for 5 minutes, and then fail
+    $user = "vagrant"  
+
+    # 10 sec timout
+    $timeOut = 30000
+
+    # 10 minutes (6 * 10 sec => 10 times)
+    if($null -eq $tries) {
+        $tries = 6 * 10
+    }
+
+    $current = 0;
+    $hasError = $false
+
+    do {
+
+        try {
+            Write-UpliftMessage "[$current/$tries] waiting for AD services to come online, resolving user: [$user]"
+            $user = Get-ADUser "vagrant"  
+            
+            $hasError = $false
+
+            Write-UpliftMessage "[$current/$tries] No error! Nice!"
+        } catch {
+
+            Write-UpliftMessage "Failed with $_"
+            Write-UpliftMessage "Sleeping [$timeOut] milliseconds..."
+
+            $current++;
+            Start-Sleep -Milliseconds $timeOut
+            $hasError = $true
+        }
+
+        if($hasError -eq $false) {
+            break;
+        }
+
+        if($current -gt $tries) {
+            break;
+        }
+    }
+    while($hasError -eq $true)
+}
+
+$domainName =           Get-UpliftEnvVariable "UPLF_DC_DOMAIN_NAME"
+$vagrantUserName =      Get-UpliftEnvVariable "UPLF_VAGRANT_USER_NAME"
+$vagrantUserPassword =  Get-UpliftEnvVariable "UPLF_VAGRANT_USER_PASSWORD"
+$domainUserName =       Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_NAME"
+$domainUserPassword =   Get-UpliftEnvVariable "UPLF_DC_DOMAIN_ADMIN_PASSWORD"
+
+# ensuring AD services are up and running
+Write-UpliftMessage "Starting NTDS service..."
+start-service NTDS 
+
+Write-UpliftMessage "Starting ADWS service..."
+start-service ADWS 
+
+# wait until AD comes up after reboot and applying setting
+Write-UpliftMessage "Waiting for host to apply setting and make AD available...";
+WaitForAdServices
+
+$securePassword     = ConvertTo-SecureString $domainUserPassword -AsPlainText -Force
+
+$domainAdminCreds   = New-Object System.Management.Automation.PSCredential(
+    $domainUserName, 
+    $securePassword
+)
+$safeModeAdminCreds = $domainAdminCreds
+
+$vagrantSecurePassword = ConvertTo-SecureString $vagrantUserPassword -AsPlainText -Force
+$vagrantCreds          = New-Object System.Management.Automation.PSCredential(
+    $vagrantUserName, 
+    $vagrantSecurePassword
+)
+
+Configuration Configure_DomainUsers {
+
+    Import-DscResource -ModuleName xActiveDirectory
+    Import-DscResource -ModuleName xNetworking
+    
+    Node localhost
+    {
+        LocalConfigurationManager
+        {
+            ConfigurationMode = 'ApplyOnly'
+            RebootNodeIfNeeded = $false
+            RefreshMode = "Push"
+        }
+
+        xADUser DomainAdmin
+        {
+            DomainName = $Node.DomainName 
+            DomainAdministratorCredential = $vagrantCreds 
+            UserName = $domainUserName
+            Password = $domainAdminCreds
+            Ensure = "Present"
+        }
+    }
+}
+
+$config = @{
+    AllNodes = @(
+        @{
+            NodeName = 'localhost'
+            PSDscAllowPlainTextPassword = $true
+            PSDscAllowDomainUser = $true
+            RetryCount = 10           
+            RetryIntervalSec = 30
+
+            DomainName = $domainName.Split('.')[0]
+        }
+    )
+}
+
+$configuration = Get-Command Configure_DomainUsers
+Start-UpliftDSCConfiguration $configuration $config 
+
+# ensuring group memebership
+Write-UpliftMessage "Ensuring group memberships..."
+try {
+    Write-UpliftMessage "[1/2] Ensuring group memberships..."
+
+    Add-ADGroupMember 'Domain Admins' 'vagrant',' admin'
+} catch {
+    Write-UpliftMessage "[2/2] Ensuring group memberships..."
+    
+    # try twice to ensure the following random issue
+    # Attempting to perform the InitializeDefaultDrives operation on the 'ActiveDirectory' provider failed
+
+    Add-ADGroupMember 'Domain Admins' 'vagrant',' admin'
+}
+
+exit 0