Skip to content

Instantly share code, notes, and snippets.

@wikijm
Forked from dragon788/chocolatey.repository.build
Last active November 3, 2017 21:10
Show Gist options
  • Save wikijm/bddc7f850550ce1370872a698f043b8a to your computer and use it in GitHub Desktop.
Save wikijm/bddc7f850550ce1370872a698f043b8a to your computer and use it in GitHub Desktop.
Setup Chocolatey.Server simply and easily by getting and configuring the IIS requirements (for IIS7.5 and higher) and replacing the default site.
# Boxstarter options
$Boxstarter.RebootOk=$true # Allow reboots?
$Boxstarter.NoPassword=$false # Is this a machine with no login password?
$Boxstarter.AutoLogin=$true # Save my password securely and auto-login after a reboot
# Unrestricted is only good for testing, don't use that in production
Update-ExecutionPolicy RemoteSigned
Disable-InternetExplorerESC
Disable-UAC
#Enable-RemoteDesktop
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles
#Install IIS and needed features
cinst IIS-WebServerRole -Source WindowsFeatures
cinst IIS-WebServer -Source WindowsFeatures # This will pull in a bunch of other things
cinst IIS-Metabase -Source WindowsFeatures
cinst IIS-BasicAuthentication -Source WindowsFeatures
cinst IIS-ISAPIExtensions -Source WindowsFeatures
cinst IIS-ISAPIFilter -Source WindowsFeatures
cinst IIS-NetFxExtensibility -Source WindowsFeatures
cinst IIS-NetFxExtensibility45 -Source WindowsFeatures #2012 only
cinst IIS-ASPNET -Source WindowsFeatures
cinst IIS-ASPNET45 -Source WindowsFeatures #2012 only
cinst chocolatey.server #the server package we'll copy to IIS
$webToolsDir = "C:\ProgramData\chocolatey\lib\chocolatey.server\tools\chocolatey.server\*"
$webInstallDir = "C:\inetpub\wwwroot"
Copy-Item $webToolsDir $webInstallDir -recurse -force
$projectName = "ChocolateyServer"
Import-Module WebAdministration
Remove-WebSite -Name "Default Web Site" -ErrorAction SilentlyContinue
Remove-WebSite -Name "$projectName" -ErrorAction SilentlyContinue
New-WebSite -ID 1 -Name "$projectName" -Port 80 -PhysicalPath "$webInstallDir" -Force
Import-Module WebAdministration
$appPoolPath = "IIS:\AppPools\$projectName"
#$pool = new-object
Write-Warning "You can safely ignore the next error if it occurs related to getting an app pool that doesn't exist"
$pool = Get-Item $appPoolPath
if ($pool -eq $null) {
Write-Host "Creating the app pool `'$appPoolPath`'"
$pool = New-Item $appPoolPath
}
# Set appropriate permissions for automatic pool user
$pool | Set-Item
Set-itemproperty $appPoolPath -Name "managedRuntimeVersion" -Value "v4.0"
#Set-itemproperty $appPoolPath -Name "managedPipelineMode" -Value "Integrated"
# For IIS7 or IIS6 use this instead of the IIS AppPool below
#$networkSvc = 'NT AUTHORITY\NETWORK SERVICE'
# After IIS7 they moved towards AppPool permissions
# http://www.iis.net/learn/manage/configuring-security/application-pool-identities
$networkSvc = "IIS AppPool\$projectName"
Write-Host "Setting folder permissions on `'$webInstallDir`' to 'Read' for user $networkSvc"
$acl = Get-Acl $webInstallDir
$acl.SetAccessRuleProtection($False, $True)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$networkSvc","Read", "ContainerInherit, ObjectInherit", "None", "Allow");
$acl.AddAccessRule($rule);
Set-Acl $webInstallDir $acl
$webInstallAppDataDir = Join-Path $webInstallDir 'App_Data'
Write-Host "Setting folder permissions on `'$webInstallAppDataDir`' to 'Modify' for user $networkSvc"
$acl = Get-Acl $webInstallAppDataDir
$acl.SetAccessRuleProtection($False, $True)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$networkSvc","Modify", "ContainerInherit, ObjectInherit", "None", "Allow");
$acl.AddAccessRule($rule);
Set-Acl $webInstallAppDataDir $acl
# Delete IISStart files
Remove-Item $webInstallDir\iisstart.*
# Start pool after permissions set
Start-WebAppPool "$projectName"
Write-Host "Creating the site `'$projectName`' with appPool `'$projectName`'"
New-WebApplication "$projectName" -Site "$projectName" -PhysicalPath $srcDir -ApplicationPool "$projectName" -Force
& START http://localhost
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment