diff --git a/ch1-lab-setup/windows/2021-05-25-15-42-24.077-VBoxSVC-7983.log b/ch1-lab-setup/windows/2021-05-25-15-42-24.077-VBoxSVC-7983.log new file mode 100644 index 0000000..4471489 --- /dev/null +++ b/ch1-lab-setup/windows/2021-05-25-15-42-24.077-VBoxSVC-7983.log @@ -0,0 +1,7 @@ +Log created: 2021-05-25T15:42:24.773837000Z +Process ID: 7983 (0x1f2f) +Parent PID: 2118 (0x846) +Executable: /usr/lib/virtualbox/VBoxSVC +Arg[0]: /usr/lib/virtualbox/VBoxSVC +Arg[1]: --auto-shutdown +AddRef: illegal refcnt=3221225469 state=2 diff --git a/ch1-lab-setup/windows/CreateUser.ps1 b/ch1-lab-setup/windows/CreateUser.ps1 new file mode 100644 index 0000000..55584a7 --- /dev/null +++ b/ch1-lab-setup/windows/CreateUser.ps1 @@ -0,0 +1,12 @@ +$password = ConvertTo-SecureString -String "Hoanglinh90" -AsPlainText -Force +$user = Ansible +$op = Get-LocalUser | Where-Object {$_.Name -eq $user} +if (-not $op) +{ + New-LocalUser Ansible -Password $password -FullName "Ansible" -AccountNeverExpires -PasswordNeverExpires -UserMayNotChangePassword -Description "Ansible Account."| Out-Null + Add-LocalGroupMember -Group "Administrators" -Member "Ansible" +} +else +{ + Write-Host "User exited" +} diff --git a/ch1-lab-setup/windows/OpenSSH.ps1 b/ch1-lab-setup/windows/OpenSSH.ps1 new file mode 100644 index 0000000..2b91a1d --- /dev/null +++ b/ch1-lab-setup/windows/OpenSSH.ps1 @@ -0,0 +1,32 @@ +$opensshDir = "C:\Program Files\OpenSSH" +if (-not (Test-Path $opensshDir)) +{ + ## Define the OpenSSH latest release url + $url = 'https://github.com/PowerShell/Win32-OpenSSH/releases/latest/' + ## Create a web request to retrieve the latest release download link + $request = [System.Net.WebRequest]::Create($url) + $request.AllowAutoRedirect=$false + $response=$request.GetResponse() + $source = $([String]$response.GetResponseHeader("Location")).Replace('tag','download') + '/OpenSSH-Win64.zip' + ## Download the latest OpenSSH for Windows package to the current working directory + $webClient = [System.Net.WebClient]::new() + $webClient.DownloadFile($source, (Get-Location).Path + '\OpenSSH-Win64.zip') + + Get-ChildItem *.zip + # Extract the ZIP to a temporary location + Expand-Archive -Path .\OpenSSH-Win64.zip -DestinationPath ($env:temp) -Force + # Move the extracted ZIP contents from the temporary location to C:\Program Files\OpenSSH\ + Move-Item "$($env:temp)\OpenSSH-Win64" -Destination "C:\Program Files\OpenSSH\" -Force + # Unblock the files in C:\Program Files\OpenSSH\ + Get-ChildItem -Path "C:\Program Files\OpenSSH\" | Unblock-File + & 'C:\Program Files\OpenSSH\install-sshd.ps1' + ## changes the sshd service's startup type from manual to automatic. + Set-Service sshd -StartupType Automatic + ## starts the sshd service. + Start-Service sshd + New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH +} +else +{ + Write-Host "Openssh is already installed" +} diff --git a/ch1-lab-setup/windows/SETUP.md b/ch1-lab-setup/windows/SETUP.md index db5c65d..65eb722 100644 --- a/ch1-lab-setup/windows/SETUP.md +++ b/ch1-lab-setup/windows/SETUP.md @@ -1,10 +1,38 @@ # Lab setup for windows managed node ## Build windows server using Vagrant +run your vagrant Windows2019 +``` bash +vagrant up +Bringing machine 'win2019' up with 'virtualbox' +``` ## Install and configure OpenSSH on windows node -## Copy ssh public key from Ansible control host (ubuntu11) to windows13 +Download the newest OpenSSH server from GitHub ( https://github.com/PowerShell/Win32-OpenSSH/releases ) +In our case it is v8.1.0.0p1-Beta, 64-bit version. +Open the downloaded file and copy the "OpenSSH-Win64" folder to "C:\Program Files". + +```powershell as administrator +setx PATH "$env:path;C:\Program Files\OpenSSH" -m +cd "C:\Program Files\OpenSSH"; .\install-sshd.ps1 +Set-Service sshd -StartupType Automatic; Set-Service ssh-agent -StartupType Automatic; Start-Service sshd; Start-Service ssh-agent +``` +- allow firewall +```powershell as administrator +New-NetFirewallRule -DisplayName "OpenSSH-Server-In-TCP" -Direction Inbound -LocalPort 22 -Protocol TCP -Action Allow +``` -## Ssh from ubuntu11 to windows13 without password +## Copy ssh public key from Ansible control host (ubuntu11) to windows13 +SSH to VM +```create SSH-Keygen +ssh-keygen +## powershell module install Repair-AuthorizedKeyPermission +Install-Module -Force OpenSSHUtils -Scope AllUsers +``` +```copy public key from ansible control host to windows server 2019 revise your located link on control host +scp /home/linhnh/.ssh/id_rsa.pub Ansible@192.168.100.31:C:\Users\ansible\.ssh\authorized_keys +ssh --% Ansible@192.168.100.31 powershell -c $ConfirmPreference = 'None'; Repair-AuthorizedKeyPermission C:\Users\ansible\.ssh\authorized_keys +``` +## Ssh from ubuntu11 to windows13 without password \ No newline at end of file diff --git a/ch1-lab-setup/windows/playbook.yml b/ch1-lab-setup/windows/playbook.yml new file mode 100644 index 0000000..dea2ca5 --- /dev/null +++ b/ch1-lab-setup/windows/playbook.yml @@ -0,0 +1,8 @@ +- name: Ensure user Ansible is present + ansible.windows.win_user: + name: Ansible + password: Hoanglinh90 + state: present + password_expired: yes + groups: + - Administrator \ No newline at end of file diff --git a/ch1-lab-setup/windows/vagrantfile b/ch1-lab-setup/windows/vagrantfile new file mode 100644 index 0000000..83f4c6d --- /dev/null +++ b/ch1-lab-setup/windows/vagrantfile @@ -0,0 +1,19 @@ +Vagrant.configure("2") do |config| + config.vm.define "srv2019" do | srv | + srv.vm.box = "StefanScherer/windows_2019" + srv.vm.network "private_network", ip: "192.168.100.31" + end + config.vm.provider "virtualbox" do |v| + v.memory =1028 + v.cpus = 2 + end + config.vm.provision "shell", path: "CreateUser.ps1" + config.vm.provision "shell", path: "OpenSSH.ps1" + # config.vm.synced_folder ".", "/vagrant" + # config.vm.provision "ansible_local" do |ansible| + # ansible.install_mode = "pip" + # ansible.become = true + # ansible.verbose = "vv" + # ansible.playbook = "playbook.yml" + # end +end