Created
February 11, 2022 22:15
-
-
Save dg1an3/0795724413c20433af6ec14c7a7d84ee to your computer and use it in GitHub Desktop.
Imaging Lab DSC nodes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Powershell DSC resources for setting up an imaging network, based on the PSAutoLab PowerShelllab network | |
| #> | |
| Configuration ImagingLab | |
| { | |
| Import-DscResource -ModuleName PSDesiredStateConfiguration -ModuleVersion 1.1 | |
| Import-DscResource -ModuleName ComputerManagementDSC -ModuleVersion 8.5.0 | |
| Import-DscResource -ModuleName NetworkingDSC -ModuleVersion 8.2.0 | |
| Import-DscResource -ModuleName xNetworking | |
| Import-DscResource -ModuleName DSCR_FileContent -ModuleVersion 2.4.2 | |
| Import-Module PsIni | |
| $couchDbAdmin = $configurationData.nonNodeData.CouchDBAdmin | |
| $couchDbPassword = $configurationData.nonNodeData.CouchDBAdminPassword | |
| $userPass = "$($couchDbAdmin):$couchDbPassword" | |
| $userPassEncoded = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($userPass)) | |
| $couchDbServer = $configurationData.nonNodeData.CouchDbServer | |
| $couchDbPort = $configurationData.nonNodeData.CouchDbPort | |
| $couchDbUri = "http://$($couchDbServer):$couchDbPort" | |
| Node SRV1 # = MOSAIQ_APP server | |
| { | |
| # use this to ensure dependent computers are known | |
| WindowsFeature NoPS2 | |
| { | |
| Ensure = 'Absent' | |
| Name = "PowerShell-V2" | |
| } | |
| File AppDirectory | |
| { | |
| DestinationPath = "$Env:SystemDrive\IMAGING_APP" | |
| Ensure = "Present" | |
| Type = "Directory" | |
| } | |
| File ImagingAppReadme | |
| { | |
| DestinationPath = "$Env:SystemDrive\IMAGING_APP\readme.txt" | |
| Ensure = 'Present' | |
| Type = 'File' | |
| Contents = "This is where the application is installed" | |
| Force = $True | |
| DependsOn = '[File]ImagingAppDirectory' | |
| } | |
| $imagingAppShareName = $configurationData.nonNodeData.ImagingAppShareName | |
| Write-host "Creating SMB share for $imagingAppShareName" | |
| SMBShare DataShare | |
| { | |
| Name = $mosaiqAppShareName | |
| Description = "Mosaiq App shared folder" | |
| Ensure = 'Present' | |
| Path = "$Env:SystemDrive\MOSAIQ_APP" | |
| FullAccess = "company\domain admins" | |
| DependsOn = '[File]MosaiqAppDirectory' | |
| } | |
| # this resource is responsible for downloading the couch installer | |
| Script CouchInstaller | |
| { | |
| GetScript = | |
| { | |
| Get-Item "$env:TEMP\apache-couchdb-3.2.0.msi" | |
| } | |
| SetScript = | |
| { | |
| # need to tell powershell to use TLS12 to access the installer | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
| Invoke-WebRequest -Uri "https://couchdb.neighbourhood.ie/downloads/3.2.0/win/apache-couchdb-3.2.0.msi" _ | |
| -OutFile "$env:TEMP\apache-couchdb-3.2.0.msi" -Wait | |
| } | |
| TestScript = | |
| { | |
| Test-Path "$env:TEMP\apache-couchdb-3.2.0.msi" | |
| } | |
| } | |
| # the firewall may be set up by the couchdb installer | |
| xFirewall CouchDBTCP | |
| { | |
| Name = 'CouchDBTCP' | |
| DisplayName = 'CouchDB (TCP-in)' | |
| Action = 'Allow' | |
| Direction = 'Inbound' | |
| LocalPort = ('5984', '6984') | |
| Protocol = 'TCP' | |
| Profile = 'Any' | |
| Enabled = 'True' | |
| } | |
| # form the couchdb installer parameters for quiet install | |
| $couchInstallParams = | |
| @{ | |
| INSTALLSERVICE=1 | |
| ADMINUSER=$couchDbAdmin | |
| ADMINPASSWORD=$couchDbPassword | |
| APPLICATIONFOLDER="""$($Node.CouchDBLocalFolder)""" | |
| } | |
| $couchInstallArgs = ($couchInstallParams.GetEnumerator() | % { "$($_.Name)=$($_.Value)" }) -join ' ' | |
| Write-Host "Couchdb installer will be called with $couchInstallArgs" | |
| Package CouchDB | |
| { | |
| Ensure = 'Present' | |
| Path = "$env:TEMP\apache-couchdb-3.2.0.msi" | |
| Name = "Apache CouchDB" | |
| ProductId = "4CD776E0-FADF-4831-AF56-E80E39F34CFC" | |
| Arguments = $couchInstallArgs | |
| DependsOn = @('[Script]CouchInstaller', '[xFirewall]CouchDBTCP') | |
| } | |
| # resource to ensure that the couch bind address is set | |
| # needs to stop/restart service in order to apply | |
| Script CouchBindAddress | |
| { | |
| TestScript = | |
| @" | |
| `$couchIni = Get-IniContent '$($Node.CouchDBLocalFolder)\etc\local.ini' | |
| `$couchIni.chttpd.bind_address -eq '0.0.0.0' | |
| "@ | |
| GetScript = | |
| @" | |
| `$couchIni = Get-IniContent '$($Node.CouchDBLocalFolder)\etc\local.ini' | |
| `$couchIni.chttpd.bind_address | |
| "@ | |
| SetScript = | |
| @" | |
| Stop-Service 'Apache CouchDB' | |
| `$couchIni = Get-IniContent '$($Node.CouchDBLocalFolder)\etc\local.ini' | |
| `$couchIni.chttpd.port = '$couchDbPort' | |
| `$couchIni.chttpd.bind_address = '0.0.0.0' | |
| `$couchIni.httpd.bind_address = '0.0.0.0' | |
| Out-IniFile -InputObject `$couchIni -FilePath '$($Node.CouchDBLocalFolder)\etc\local.ini' | |
| Start-Service 'Apache CouchDB' | |
| "@ | |
| DependsOn = '[Package]CouchDB' | |
| } | |
| # test resource to see if we can connect to couch around the outside | |
| Script TestCouch_All_Dbs | |
| { | |
| TestScript = | |
| @" | |
| Test-NetConnection -ComputerName $couchDbServer -Port $couchDbPort | |
| try | |
| { | |
| `$result = Invoke-WebRequest -Uri $($couchDbUri)/_all_dbs -Headers @{ Authorization = 'Basic $userPassEncoded' } -UseBasicParsing | |
| `$result.StatusCode -eq 200 | |
| } | |
| catch | |
| { | |
| `$False | |
| } | |
| "@ | |
| GetScript = "@{}" | |
| SetScript = "@{}" | |
| DependsOn = '[Package]CouchDB' | |
| } | |
| LocalConfigurationManager | |
| { | |
| RebootNodeIfNeeded = $True | |
| ConfigurationMode = 'ApplyAndAutoCorrect' | |
| ActionAfterReboot = 'ContinueConfiguration' | |
| RefreshMode = 'Push' | |
| } | |
| } | |
| Node SRV2 # = PLATFORM server | |
| { | |
| # use this to ensure dependent computers are known | |
| HostsFile Hosts | |
| { | |
| Hostname = "SRV1.company.pri" | |
| IPAddress = "192.168.3.50" | |
| Ensure = 'Present' | |
| } | |
| WindowsFeature NoPS2 | |
| { | |
| Ensure = 'Absent' | |
| Name = "PowerShell-V2" | |
| } | |
| # test resource to see if we can connect to couch | |
| Script TestCouch_All_Dbs | |
| { | |
| TestScript = | |
| @" | |
| Test-NetConnection -ComputerName $couchDbServer -Port $couchDbPort | |
| try | |
| { | |
| `$result = Invoke-WebRequest -Uri $($couchDbUri)/_all_dbs -Headers @{ Authorization = 'Basic $userPassEncoded' } -UseBasicParsing | |
| `$result.StatusCode -eq 200 | |
| } | |
| catch | |
| { | |
| `$False | |
| } | |
| "@ | |
| GetScript = "@{}" | |
| SetScript = "@{}" | |
| } | |
| LocalConfigurationManager | |
| { | |
| RebootNodeIfNeeded = $True | |
| ConfigurationMode = 'ApplyAndAutoCorrect' | |
| ActionAfterReboot = 'ContinueConfiguration' | |
| RefreshMode = 'Push' | |
| } | |
| } | |
| } | |
| <# | |
| Preparing nodes for deployment | |
| ------------------------------ | |
| Invoke-Command -ScriptBlock { | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
| Install-PackageProvider -Name nuget -Force -ForceBootstrap | |
| Install-Module -Name ComputerManagementDSC -RequiredVersion 8.5.0 -Force | |
| Install-Module -Name NetworkingDSC -RequiredVersion 8.2.0 -Force | |
| Install-Module -Name DSCR_FileContent -RequiredVersion 2.4.2 -Force | |
| Install-Module -Name PsIni -Force | |
| } -ComputerName SRV1, SRV2 | |
| Invoke-Command -ScriptBlock { | |
| Import-Module ComputerManagementDSC,NetworkingDSC,DSCR_FileContent,PsIni | |
| Get-Module ComputerManagementDSC,NetworkingDSC,DSCR_FileContent,PsIni | |
| } -ComputerName SRV1,SRV2 | |
| Preparing node mofs | |
| ------------------- | |
| . .\ImagingLab.ps1 | |
| ImagingLab -OutputPath C:\DSCConfig\ImagingLab -ConfigurationData imaginglabconfiguration.psd1 | |
| Start-DscConfiguration -Force -Wait -Verbose -Path C:\DSCConfigs\ImagingLab | |
| Cleaning up nodes | |
| ----------------- | |
| Remove-DscConfigurationDocument -CimSession srv1,srv2 -Stage Current,Pending,Previous | |
| Invoke-Command -ScriptBlock { (Get-WmiObject -Class Win32_Product | ?{ $_.Name -eq 'Apache CouchDB' }).Uninstall() } -ComputerName srv1 | |
| #> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @{ | |
| AllNodes = | |
| @( | |
| @{ | |
| NodeName = "*" | |
| Folders = "Work" | |
| RemoveFeatures = "PowerShell-v2", "Telnet-Client" | |
| AddFeatures = "Windows-Server-Backup" | |
| MaxSecurityLog = 1GB | |
| Services = "Bits", "Winrm" | |
| PSDscAllowPlainTextPassword = $True | |
| PSDscAllowDomainUser = $True | |
| }, | |
| @{ | |
| NodeName = "SRV1" | |
| AddFeatures = "NLB" | |
| Role = "FilePrint" | |
| Services = "Winmgmt" | |
| CouchDBLocalFolder = "$env:SystemDrive\CouchDB" | |
| }, | |
| @{ | |
| NodeName = "SRV2" | |
| Role = "Dev" | |
| } | |
| ) | |
| NonNodeData = | |
| @{ | |
| Domain = "Company" | |
| ImagingAppShareName = "imaging_app" | |
| CouchDbAdmin = "admin" | |
| CouchDbAdminPassword = "P@ssw0rd" | |
| CouchDbServer = "srv1" | |
| CouchDbPort = "5984" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment