x-a-n-d-e-r-k/PreDeploy.ps1

## PreDeploy.ps1
Import-Module WebAdministration

$port = 80
$ssl = $false

$wa = Get-Website | Where {$_.Name -eq $OctopusWebSiteName}
$ap = Get-WebAppPoolState | Where {$_.Name -eq $appPoolName}


if($wa -eq $null)
{
        write-host "no web application setup, creating..."

        if($ap -eq $null)
        {
            write-host "no App Pool creating..."
            New-WebAppPool $appPoolName
            Set-ItemProperty IIS:\AppPools\$appPoolName managedRuntimeVersion v4.0
        }

        $webApp = New-Website -Name $OctopusWebSiteName -Port $port -HostHeader $hostHeader -ApplicationPool $appPoolName -Ssl:$ssl -PhysicalPath c:\inetpub\wwwroot

        if($hostHeaderAlt -ne $null)
        {
            write-host "adding alt host header"
            New-WebBinding -Name $siteName -IPAddress "*" -Port $port -HostHeader $hostHeaderAlt
        }
}
else
{
        write-host "Web Application Already setup, skipping..."
}

if($webApplication -ne $null)
{
    write-host "Web Application defined. Checking if it already exists."
    $app = Get-WebApplication -Site $OctopusWebSiteName -Name $webApplication
    if ($app -eq $null)
    {
        write-host "Web Application does not exist. Creating ..."
        New-WebApplication -Site $OctopusWebSiteName -Name $webApplication -PhysicalPath "D:\Octopus\Tentacle\Applications\$OctopusPackageNameAndVersion" -ApplicationPool $appPoolName
    }
    else
    {
        write-host "Web Application does exist. Updating physical path ..."
        $path = 'IIS:\Sites\' + $OctopusWebsiteName + '\' + $webApplication
        write-host "Looking for $path"
        Set-ItemProperty $path -Name PhysicalPath -Value "D:\Octopus\Tentacle\Applications\$OctopusPackageNameAndVersion"
    }
}

if($allowWindowsAuth)
{
    $windowsAuthServer = Get-WebConfigurationLock -PSPath "IIS:\" -Filter //windowsAuthentication #-Name enabled

    Write-Host "value: " $windowsAuthServer.Value

    if($windowsAuthServer.Value -ne $null)
    {
        Write-Host "Unlocking Windows Auth Override on Server"
        Remove-WebConfigurationLock -PSPath "IIS:\" -Filter //windowsAuthentication
    }
    else
    {
        Write-Host "Windows Auth Override on Server already set to Allow, skipping..."
    }

    $webAppSetForWindowAuth = Get-WebConfigurationProperty -filter /system.WebServer/security/authentication/windowsAuthentication -name enabled -location $OctopusWebSiteName


    if(!$webAppSetForWindowAuth.Value)
    {
        Write-Host "Windows Auth not set for this web app, enabling"
        Set-WebConfigurationProperty -filter /system.WebServer/security/authentication/windowsAuthentication -name enabled -value true -location $OctopusWebSiteName
    }
    else
    {
         Write-Host "Windows Auth is already enabled for the web app $OctopusWebsiteName , skipping..."
    }
}
else
{
    Write-Host "Use WindowsAuth Not configured, moving on"
}


# I don't think this is needed anymore since all apps by default allow anonymous auth
#cmd /c %windir%\system32\inetsrv\appcmd unlock config /section:anonymousAuthentication


$original_file = 'Web.config'
$destination_file =  'Web.config'
$searchText = 'ELMAH_EMAIL_SUBJECT'
$newText = $OctopusProjectName + ' - Env:' + $OctopusEnvironmentName + ' Server: ' + $OctopusMachineName + ' Ver: ' + $OctopusPackageVersion

Write-Host "Setting Elmah Email Subject to: " + $newText
(Get-Content $original_file) | Foreach-Object {
    $_ -replace $searchText, $newText
    } | Set-Content $destination_file

Write-Host "Setting ACLs for App_Data folder to let Pulse log correctly"


$directory = "D:\Octopus\Tentacle\Applications\" + $OctopusPackageNameAndVersion + "\App_Data\Pulse.sdf"
Write-Host "checking ACL on: " $directory

if (Test-Path $directory)
{
	$acl = Get-Acl $directory
	$permission = "IIS AppPool\$appPoolName","Read,ExecuteFile,Write","Allow"
	$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission
	Write-Host "Setting ACL on: " $directory
	$acl.SetAccessRule($accessRule)
	$acl | Set-Acl $directory
}
else
{
	throw "The dir/file $directory can't be found"
}
	Import-Module WebAdministration

	$port = 80
	$ssl = $false

	$wa = Get-Website \| Where {$_.Name -eq $OctopusWebSiteName}
	$ap = Get-WebAppPoolState \| Where {$_.Name -eq $appPoolName}


	if($wa -eq $null)
	{
	write-host "no web application setup, creating..."

	if($ap -eq $null)
	{
	write-host "no App Pool creating..."
	New-WebAppPool $appPoolName
	Set-ItemProperty IIS:\AppPools\$appPoolName managedRuntimeVersion v4.0
	}

	$webApp = New-Website -Name $OctopusWebSiteName -Port $port -HostHeader $hostHeader -ApplicationPool $appPoolName -Ssl:$ssl -PhysicalPath c:\inetpub\wwwroot

	if($hostHeaderAlt -ne $null)
	{
	write-host "adding alt host header"
	New-WebBinding -Name $siteName -IPAddress "*" -Port $port -HostHeader $hostHeaderAlt
	}
	}
	else
	{
	write-host "Web Application Already setup, skipping..."
	}

	if($webApplication -ne $null)
	{
	write-host "Web Application defined. Checking if it already exists."
	$app = Get-WebApplication -Site $OctopusWebSiteName -Name $webApplication
	if ($app -eq $null)
	{
	write-host "Web Application does not exist. Creating ..."
	New-WebApplication -Site $OctopusWebSiteName -Name $webApplication -PhysicalPath "D:\Octopus\Tentacle\Applications\$OctopusPackageNameAndVersion" -ApplicationPool $appPoolName
	}
	else
	{
	write-host "Web Application does exist. Updating physical path ..."
	$path = 'IIS:\Sites\' + $OctopusWebsiteName + '\' + $webApplication
	write-host "Looking for $path"
	Set-ItemProperty $path -Name PhysicalPath -Value "D:\Octopus\Tentacle\Applications\$OctopusPackageNameAndVersion"
	}
	}

	if($allowWindowsAuth)
	{
	$windowsAuthServer = Get-WebConfigurationLock -PSPath "IIS:\" -Filter //windowsAuthentication #-Name enabled

	Write-Host "value: " $windowsAuthServer.Value

	if($windowsAuthServer.Value -ne $null)
	{
	Write-Host "Unlocking Windows Auth Override on Server"
	Remove-WebConfigurationLock -PSPath "IIS:\" -Filter //windowsAuthentication
	}
	else
	{
	Write-Host "Windows Auth Override on Server already set to Allow, skipping..."
	}

	$webAppSetForWindowAuth = Get-WebConfigurationProperty -filter /system.WebServer/security/authentication/windowsAuthentication -name enabled -location $OctopusWebSiteName


	if(!$webAppSetForWindowAuth.Value)
	{
	Write-Host "Windows Auth not set for this web app, enabling"
	Set-WebConfigurationProperty -filter /system.WebServer/security/authentication/windowsAuthentication -name enabled -value true -location $OctopusWebSiteName
	}
	else
	{
	Write-Host "Windows Auth is already enabled for the web app $OctopusWebsiteName , skipping..."
	}
	}
	else
	{
	Write-Host "Use WindowsAuth Not configured, moving on"
	}


	# I don't think this is needed anymore since all apps by default allow anonymous auth
	#cmd /c %windir%\system32\inetsrv\appcmd unlock config /section:anonymousAuthentication


	$original_file = 'Web.config'
	$destination_file = 'Web.config'
	$searchText = 'ELMAH_EMAIL_SUBJECT'
	$newText = $OctopusProjectName + ' - Env:' + $OctopusEnvironmentName + ' Server: ' + $OctopusMachineName + ' Ver: ' + $OctopusPackageVersion

	Write-Host "Setting Elmah Email Subject to: " + $newText
	(Get-Content $original_file) \| Foreach-Object {
	$_ -replace $searchText, $newText
	} \| Set-Content $destination_file

	Write-Host "Setting ACLs for App_Data folder to let Pulse log correctly"


	$directory = "D:\Octopus\Tentacle\Applications\" + $OctopusPackageNameAndVersion + "\App_Data\Pulse.sdf"
	Write-Host "checking ACL on: " $directory

	if (Test-Path $directory)
	{
	$acl = Get-Acl $directory
	$permission = "IIS AppPool\$appPoolName","Read,ExecuteFile,Write","Allow"
	$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission
	Write-Host "Setting ACL on: " $directory
	$acl.SetAccessRule($accessRule)
	$acl \| Set-Acl $directory
	}
	else
	{
	throw "The dir/file $directory can't be found"
	}