diff --git a/.gitignore b/.gitignore index fc6ad69..856332c 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,6 @@ launcher/src/version.rc2 .vscode .idea .vagrant/ +scripts/packer/iso +*.box + diff --git a/Vagrantfile b/Vagrantfile index 90bec47..9eca980 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -9,7 +9,8 @@ Vagrant.configure("2") do |config| config.vm.define "cmderdev-10" do |win10| win10.vm.hostname = "cmderdev-10" - win10.vm.box = "cmderdev-10" + win10.vm.box = "dgames/cmderdev-10" + config.vm.box_version = "1.0.0" # win10.vm.network :private_network, ip: "192.168.56.101" diff --git a/scripts/packer/README.md b/scripts/packer/README.md new file mode 100644 index 0000000..4537bfa --- /dev/null +++ b/scripts/packer/README.md @@ -0,0 +1,8 @@ +# Packer Support - Release Notes + +Most of the Packer support for Cmder is shamelessly being borrowed from the following repositories. + +- [StefanScherer/packer-windows](https://github.com/StefanScherer/packer-windows) +- [Baune8D/packer-windows-desktop](https://github.com/Baune8D/packer-windows-desktop) + +Thank you both for the good work! diff --git a/scripts/packer/answer_files/10_efi/Autounattend.xml b/scripts/packer/answer_files/10_efi/Autounattend.xml new file mode 100644 index 0000000..4c04083 --- /dev/null +++ b/scripts/packer/answer_files/10_efi/Autounattend.xml @@ -0,0 +1,228 @@ + + + + + + + + + + 1 + 500 + EFI + + + 2 + 128 + MSR + + + 3 + true + Primary + + + 0 + true + + + + true + Vagrant + Vagrant + + W269N-WFGWX-YVC9B-4J6C9-T83GX + Never + + + + + + 0 + 3 + + OnError + false + + + + + + en-US + + en-US + en-US + en-US + en-US + en-US + + + + + false + + + + + en-US + en-US + en-US + en-US + + + + + vagrant + true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Home</NetworkLocation> + <ProtectYourPC>1</ProtectYourPC> + </OOBE> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine> + <Description>Network prompt</Description> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File e:\fixnetwork.ps1</CommandLine> + <Description>Fix public network</Description> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File e:\disable-winrm.ps1</CommandLine> + <Description>Disable WinRM</Description> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine> + <Order>6</Order> + <Description>Show file extensions in Explorer</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine> + <Order>7</Order> + <Description>Enable QuickEdit mode</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine> + <Order>8</Order> + <Description>Show Run command in Start Menu</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine> + <Order>9</Order> + <Description>Show Administrative Tools in Start Menu</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine> + <Order>10</Order> + <Description>Zero Hibernation File</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine> + <Order>11</Order> + <Description>Disable Hibernation Mode</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Order>12</Order> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine> + <Order>13</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine> + <Order>14</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <!-- WITHOUT WINDOWS UPDATES --> + <!-- + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File e:\enable-winrm.ps1</CommandLine> + <Description>Enable WinRM</Description> + <Order>99</Order> + </SynchronousCommand> + --> + <!-- END WITHOUT WINDOWS UPDATES --> + <!-- WITH WINDOWS UPDATES --> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c e:\microsoft-updates.bat</CommandLine> + <Order>98</Order> + <Description>Enable Microsoft Updates</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File e:\disable-screensaver.ps1</CommandLine> + <Description>Disable Screensaver</Description> + <Order>99</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File e:\win-updates.ps1</CommandLine> + <Description>Install Windows Updates</Description> + <Order>100</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <!-- END WITH WINDOWS UPDATES --> + </FirstLogonCommands> + <ShowWindowsLive>false</ShowWindowsLive> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OEMInformation> + <HelpCustomized>false</HelpCustomized> + </OEMInformation> + <!-- Rename computer here. --> + <ComputerName>vagrant-win10</ComputerName> + <TimeZone>Pacific Standard Time</TimeZone> + <RegisteredOwner/> + </component> + <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <cpi:offlineImage xmlns:cpi="urn:schemas-microsoft-com:cpi" cpi:source="catalog:d:/sources/install_windows 7 ENTERPRISE.clg"/> +</unattend> diff --git a/scripts/packer/answer_files/11/Autounattend.xml b/scripts/packer/answer_files/11/Autounattend.xml new file mode 100644 index 0000000..4e790d9 --- /dev/null +++ b/scripts/packer/answer_files/11/Autounattend.xml @@ -0,0 +1,298 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> + <servicing/> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" + publicKeyToken="31bf3856ad364e35" language="neutral" + versionScope="nonSxS" processorArchitecture="amd64" + xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> + + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>E:\viostor\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>E:\NetKVM\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>E:\Balloon\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>E:\pvpanic\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>E:\qemupciserial\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>E:\qxldod\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>E:\vioinput\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>E:\viorng\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>E:\vioscsi\w10\amd64</Path> + </PathAndCredentials> + + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>E:\vioserial\w10\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + + <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Type>Primary</Type> + <Extend>true</Extend> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Extend>false</Extend> + <Format>NTFS</Format> + <Letter>C</Letter> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>Windows 11</Label> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <UserData> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Vagrant</Organization> + + <!-- + NOTE: If you are re-configuring this for use of a retail key + and using a retail ISO, you need to adjust the <ProductKey> block + below to look like this: + + <ProductKey> + <Key>W269N-WFGWX-YVC9B-4J6C9-T83GX</Key> + <WillShowUI>Never</WillShowUI> + </ProductKey> + + Notice the addition of the `<Key>` element. + --> + </UserData> + <ImageInstall> + <OSImage> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>1</PartitionID> + </InstallTo> + <WillShowUI>OnError</WillShowUI> + <InstallToAvailablePartition>false</InstallToAvailablePartition> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows 11 Enterprise Evaluation</Value> + </MetaData> + </InstallFrom> + </OSImage> + </ImageInstall> + </component> + <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Home</NetworkLocation> + <ProtectYourPC>1</ProtectYourPC> + </OOBE> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine> + <Description>Network prompt</Description> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\fixnetwork.ps1</CommandLine> + <Description>Fix public network</Description> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-winrm.ps1</CommandLine> + <Description>Disable WinRM</Description> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine> + <Order>6</Order> + <Description>Show file extensions in Explorer</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine> + <Order>7</Order> + <Description>Enable QuickEdit mode</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine> + <Order>8</Order> + <Description>Show Run command in Start Menu</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine> + <Order>9</Order> + <Description>Show Administrative Tools in Start Menu</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine> + <Order>10</Order> + <Description>Zero Hibernation File</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine> + <Order>11</Order> + <Description>Disable Hibernation Mode</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Order>12</Order> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine> + <Order>13</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine> + <Order>14</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <!-- WITHOUT WINDOWS UPDATES --> + <!-- + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\enable-winrm.ps1</CommandLine> + <Description>Enable WinRM</Description> + <Order>99</Order> + </SynchronousCommand> + --> + <!-- END WITHOUT WINDOWS UPDATES --> + <!-- WITH WINDOWS UPDATES --> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c a:\microsoft-updates.bat</CommandLine> + <Order>98</Order> + <Description>Enable Microsoft Updates</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-screensaver.ps1</CommandLine> + <Description>Disable Screensaver</Description> + <Order>99</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1</CommandLine> + <Description>Install Windows Updates</Description> + <Order>100</Order> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <!-- END WITH WINDOWS UPDATES --> + </FirstLogonCommands> + <ShowWindowsLive>false</ShowWindowsLive> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OEMInformation> + <HelpCustomized>false</HelpCustomized> + </OEMInformation> + <!-- Rename computer here. --> + <ComputerName>vagrant-11</ComputerName> + <TimeZone>Pacific Standard Time</TimeZone> + <RegisteredOwner/> + </component> + <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <cpi:offlineImage xmlns:cpi="urn:schemas-microsoft-com:cpi" cpi:source="catalog:d:/sources/install_windows 7 ENTERPRISE.clg"/> +</unattend> diff --git a/scripts/packer/build_windows_10.bat b/scripts/packer/build_windows_10.bat new file mode 100644 index 0000000..f19aa28 --- /dev/null +++ b/scripts/packer/build_windows_10.bat @@ -0,0 +1,3 @@ +@echo off + +packer build --force --only=%~1-iso windows_10.json diff --git a/scripts/packer/build_windows_10.sh b/scripts/packer/build_windows_10.sh new file mode 100755 index 0000000..030806a --- /dev/null +++ b/scripts/packer/build_windows_10.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +packer build --force --only=$1-iso windows_10.json diff --git a/scripts/packer/build_windows_11.bat b/scripts/packer/build_windows_11.bat new file mode 100644 index 0000000..50f803c --- /dev/null +++ b/scripts/packer/build_windows_11.bat @@ -0,0 +1,4 @@ +@echo off + +packer build --only=%1-iso windows_11.json + diff --git a/scripts/packer/build_windows_11.sh b/scripts/packer/build_windows_11.sh new file mode 100755 index 0000000..947b947 --- /dev/null +++ b/scripts/packer/build_windows_11.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +packer build --only=$1-iso windows_11.json + diff --git a/scripts/packer/floppy/ReadMe.txt b/scripts/packer/floppy/ReadMe.txt new file mode 100644 index 0000000..0886ff3 --- /dev/null +++ b/scripts/packer/floppy/ReadMe.txt @@ -0,0 +1,38 @@ +: Release v1.2 - Stuart Pearson 16th Nov 2015 +: +: Command line tool to pin and unpin exe / lnk files to the Windows 10 taskbar and start menu. +: +: PinTo10 is a command line tool to pin and unpin .exe or .lnk files to or from the Windows 10 taskbar and start menu. +: With it you can pin or unpin up to 10 different shortcuts to either the taskbar or start menu in one run of the command. +: It replaces functionality that Microsoft have removed from their Windows 10 scripting interface. +: +: The exe needs to be run with at least one pair of switches specified for each function to Pin / Unpin to Taskbar / Start Menu... +: +: To pin an application or shortcut to the taskbar (replace XX with 01-10)... +: /PTFOLXX: Followed by the folder containing the file you want to pin. +: /PTFILEXX: Followed by the name of the file you want to pin. +: +: To unpin an application or shortcut to the taskbar (replace XX with 01-10)... +: /UTFOLXX: Followed by the folder containing the file you want to unpin. +: /UTFILEXX: Followed by the name of the file you want to unpin. + +: To pin an application or shortcut to the start menu (replace XX with 01-10)... +: /PSFOLXX: Followed by the folder containing the file you want to pin. +: /PSFILEXX: Followed by the name of the file you want to pin. + +: To unpin an application or shortcut to the start menu (replace XX with 01-10)... +: /USFOLXX: Followed by the folder containing the file you want to unpin. +: /USFILEXX: Followed by the name of the file you want to unpin. + + +: Example for pinning two shortcuts to the taskbar... +PinTo10.exe /PTFOL01:'%USERPROFILE:%\Desktop' /PTFILE01:'Word 2016.lnk' /PTFOL02:'%USERPROFILE:%\Desktop' /PTFILE02:'Excel 2016.lnk' + +: Example for unpinning a file to the taskbar... +PinTo10.exe /UTFOL01:'C\Windows' /UTFILE01:'notepad.exe' + +: Example for pinning a file to the start menu... +PinTo10.exe /PSFOL01:'C\Windows' /PSFILE01:'notepad.exe' + +: Example for unpinning a file from the start menu... +PinTo10.exe /USFOL01:'%USERPROFILE:%\Desktop' /USFILE01:'Word 2016.lnk' \ No newline at end of file diff --git a/scripts/packer/floppy/WindowsPowershell.lnk b/scripts/packer/floppy/WindowsPowershell.lnk new file mode 100755 index 0000000..74db524 Binary files /dev/null and b/scripts/packer/floppy/WindowsPowershell.lnk differ diff --git a/scripts/packer/scripts/chocolatey.bat b/scripts/packer/scripts/chocolatey.bat new file mode 100644 index 0000000..d4c0e6d --- /dev/null +++ b/scripts/packer/scripts/chocolatey.bat @@ -0,0 +1 @@ +powershell -NoProfile -ExecutionPolicy unrestricted -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" diff --git a/scripts/packer/scripts/chocopacks.ps1 b/scripts/packer/scripts/chocopacks.ps1 new file mode 100644 index 0000000..95cc2e8 --- /dev/null +++ b/scripts/packer/scripts/chocopacks.ps1 @@ -0,0 +1,26 @@ +choco install -y boxstarter.winconfig + +# Editors +choco install -y notepadplusplus + +# Terminals +choco install -y microsoft-windows-terminal +choco install -y fluent-terminal +choco install -y hyper +choco install -y tabby +choco install -y conemu + +# other +choco install -y poshgit + +# IDE/Software development +choco install -y vscode +choco install -y visualstudio2022community --execution-timeout 9000 --package-parameters "--add Microsoft.VisualStudio.Workload.NativeDesktop;includeRecommended" + +md C:\users\vagrant\bin +if (test-path "a:/set-shortcut.ps1") { + copy "a:/set-shortcut.ps1" C:\users\vagrant\bin +} elseif (test-path "e:/set-shortcut.ps1") { + copy "e:/set-shortcut.ps1" C:\users\vagrant\bin +} + diff --git a/scripts/packer/scripts/compact.bat b/scripts/packer/scripts/compact.bat new file mode 100644 index 0000000..a956e44 --- /dev/null +++ b/scripts/packer/scripts/compact.bat @@ -0,0 +1,39 @@ +if "%PACKER_BUILDER_TYPE:~0,6%"=="hyperv" ( + echo "Skip compact steps in Hyper-V build." + goto :eof +) +if not exist "C:\Windows\Temp\7z1900-x64.msi" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://www.7-zip.org/a/7z1900-x64.msi', 'C:\Windows\Temp\7z1900-x64.msi')" <NUL +) +msiexec /qb /i C:\Windows\Temp\7z1900-x64.msi + +if not exist "C:\Windows\Temp\ultradefrag.zip" ( + powershell -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://downloads.sourceforge.net/project/ultradefrag/stable-release/6.1.0/ultradefrag-portable-6.1.0.bin.amd64.zip', 'C:\Windows\Temp\ultradefrag.zip')" <NUL +) + +if not exist "C:\Windows\Temp\ultradefrag-portable-6.1.0.amd64\udefrag.exe" ( + cmd /c ""C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\ultradefrag.zip -oC:\Windows\Temp" +) + +if not exist "C:\Windows\Temp\SDelete.zip" ( + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://download.sysinternals.com/files/SDelete.zip', 'C:\Windows\Temp\SDelete.zip')" <NUL + powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://vagrantboxes.blob.core.windows.net/box/sdelete/v1.6.1/sdelete.exe', 'C:\Windows\Temp\sdelete.exe')" <NUL +) + +if not exist "C:\Windows\Temp\sdelete.exe" ( + cmd /c ""C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\SDelete.zip -oC:\Windows\Temp" +) + +msiexec /qb /x C:\Windows\Temp\7z1900-x64.msi + +net stop wuauserv +rmdir /S /Q C:\Windows\SoftwareDistribution\Download +mkdir C:\Windows\SoftwareDistribution\Download +net start wuauserv + +if "%PACKER_BUILDER_TYPE%" neq "hyperv-iso" ( + cmd /c C:\Windows\Temp\ultradefrag-portable-6.1.0.amd64\udefrag.exe --optimize --repeat C: + + cmd /c %SystemRoot%\System32\reg.exe ADD HKCU\Software\Sysinternals\SDelete /v EulaAccepted /t REG_DWORD /d 1 /f + cmd /c C:\Windows\Temp\sdelete.exe -q -z C: +) diff --git a/scripts/packer/scripts/compile-dotnet-assemblies.bat b/scripts/packer/scripts/compile-dotnet-assemblies.bat new file mode 100644 index 0000000..2c0fe0d --- /dev/null +++ b/scripts/packer/scripts/compile-dotnet-assemblies.bat @@ -0,0 +1,17 @@ +::http://support.microsoft.com/kb/2570538 +::http://robrelyea.wordpress.com/2007/07/13/may-be-helpful-ngen-exe-executequeueditems/ + +if "%PROCESSOR_ARCHITECTURE%"=="AMD64" goto 64BIT + +%windir%\microsoft.net\framework\v4.0.30319\ngen.exe update /force /queue > NUL +%windir%\microsoft.net\framework\v4.0.30319\ngen.exe executequeueditems > NUL + +exit 0 + +:64BIT +%windir%\microsoft.net\framework\v4.0.30319\ngen.exe update /force /queue > NUL +%windir%\microsoft.net\framework64\v4.0.30319\ngen.exe update /force /queue > NUL +%windir%\microsoft.net\framework\v4.0.30319\ngen.exe executequeueditems > NUL +%windir%\microsoft.net\framework64\v4.0.30319\ngen.exe executequeueditems > NUL + +exit 0 diff --git a/scripts/packer/scripts/debloat-windows.ps1 b/scripts/packer/scripts/debloat-windows.ps1 new file mode 100644 index 0000000..f65f266 --- /dev/null +++ b/scripts/packer/scripts/debloat-windows.ps1 @@ -0,0 +1,33 @@ +if ($env:PACKER_BUILDER_TYPE -And $($env:PACKER_BUILDER_TYPE).startsWith("hyperv")) { + Write-Output Skip debloat steps in Hyper-V build. +} +else { + Write-Output Downloading debloat zip + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + $url = "https://github.com/StefanScherer/Debloat-Windows-10/archive/master.zip" + (New-Object System.Net.WebClient).DownloadFile($url, "$env:TEMP\debloat.zip") + Expand-Archive -Path $env:TEMP\debloat.zip -DestinationPath $env:TEMP -Force + + #Write-Output Disable scheduled tasks + #. $env:TEMP\Debloat-Windows-10-master\utils\disable-scheduled-tasks.ps1 + #Write-Output Block telemetry + #. $env:TEMP\Debloat-Windows-10-master\scripts\block-telemetry.ps1 + #Write-Output Disable services + #. $env:TEMP\Debloat-Windows-10-master\scripts\disable-services.ps1 + Write-Output Disable Windows Defender + if ($(Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ProductName.StartsWith("Windows 10")) { + . $env:TEMP\Debloat-Windows-10-master\scripts\disable-windows-defender.ps1 + } + else { + Uninstall-WindowsFeature Windows-Defender + } + Write-Output Optimize Windows Update + . $env:TEMP\Debloat-Windows-10-master\scripts\optimize-windows-update.ps1 + #Write-Output Disable Windows Update + #Set-Service wuauserv -StartupType Disabled + #Write-Output Remove OneDrive + #. $env:TEMP\Debloat-Windows-10-master\scripts\remove-onedrive.ps1 + + Remove-Item $env:TEMP\debloat.zip + Remove-Item -recurse $env:TEMP\Debloat-Windows-10-master +} diff --git a/scripts/packer/scripts/dis-updates.bat b/scripts/packer/scripts/dis-updates.bat new file mode 100644 index 0000000..3ff0c8f --- /dev/null +++ b/scripts/packer/scripts/dis-updates.bat @@ -0,0 +1,20 @@ +rem http://www.windows-commandline.com/disable-automatic-updates-command-line/ +reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f + +rem remove optional WSUS server settings +reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /f + +rem even harder, disable windows update service +rem sc config wuauserv start= disabled +rem net stop wuauserv +set logfile=C:\Windows\Temp\win-updates.log + +if exist %logfile% ( + echo Show Windows Updates log file %logfile% + dir %logfile% + type %logfile% + rem output of type command is not fully shown in packer/ssh session, so try PowerShell + rem but it will hang if log file is about 22 KByte + rem powershell -command "Get-Content %logfile%" + echo End of Windows Updates log file %logfile% +) diff --git a/scripts/packer/scripts/disable-screensaver.ps1 b/scripts/packer/scripts/disable-screensaver.ps1 new file mode 100644 index 0000000..dd0a029 --- /dev/null +++ b/scripts/packer/scripts/disable-screensaver.ps1 @@ -0,0 +1,4 @@ +Write-Output "Disabling Screensaver" +Set-ItemProperty "HKCU:\Control Panel\Desktop" -Name ScreenSaveActive -Value 0 -Type DWord +& powercfg -x -monitor-timeout-ac 0 +& powercfg -x -monitor-timeout-dc 0 diff --git a/scripts/packer/scripts/disable-winrm.ps1 b/scripts/packer/scripts/disable-winrm.ps1 new file mode 100644 index 0000000..28b92bd --- /dev/null +++ b/scripts/packer/scripts/disable-winrm.ps1 @@ -0,0 +1,8 @@ +netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block +netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes +$winrmService = Get-Service -Name WinRM +if ($winrmService.Status -eq "Running") { + Disable-PSRemoting -Force +} +Stop-Service winrm +Set-Service -Name winrm -StartupType Disabled diff --git a/scripts/packer/scripts/docker/disable-windows-defender.ps1 b/scripts/packer/scripts/docker/disable-windows-defender.ps1 new file mode 100644 index 0000000..9c1de70 --- /dev/null +++ b/scripts/packer/scripts/docker/disable-windows-defender.ps1 @@ -0,0 +1,4 @@ +$DefenderInstalled = Get-Command -Module Defender +if($null -ne $DefenderInstalled) { + Set-MpPreference -DisableRealtimeMonitoring $true +} diff --git a/scripts/packer/scripts/enable-rdp.bat b/scripts/packer/scripts/enable-rdp.bat new file mode 100644 index 0000000..f7dcaab --- /dev/null +++ b/scripts/packer/scripts/enable-rdp.bat @@ -0,0 +1,2 @@ +netsh advfirewall firewall add rule name="Open Port 3389" dir=in action=allow protocol=TCP localport=3389 +reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f diff --git a/scripts/packer/scripts/enable-winrm.ps1 b/scripts/packer/scripts/enable-winrm.ps1 new file mode 100644 index 0000000..a8df090 --- /dev/null +++ b/scripts/packer/scripts/enable-winrm.ps1 @@ -0,0 +1,27 @@ +write-host "==> 'enable-winrm.ps1' - START..." +write-host "====> Getting Connections..." +Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private + +write-host "====> Enable PSRemoting..." +Enable-PSRemoting -Force + +write-host "====> WINRM Quick Config..." +winrm quickconfig -q +winrm quickconfig -transport:http + +write-host "====> WINRM Set Config..." +winrm set winrm/config '@{MaxTimeoutms="1800000"}' +winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}' +winrm set winrm/config/service '@{AllowUnencrypted="true"}' +winrm set winrm/config/service/auth '@{Basic="true"}' +winrm set winrm/config/client/auth '@{Basic="true"}' +winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}' + +write-host "====> Configure Firewall..." +netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes +netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow remoteip=any +write-host "====> Set WINRM Service Statup..." +Set-Service winrm -startuptype "auto" +write-host "====> Restart WINRM Service..." +Restart-Service winrm +write-host "==> 'enable-winrm.ps1' - END..." diff --git a/scripts/packer/scripts/fixnetwork.ps1 b/scripts/packer/scripts/fixnetwork.ps1 new file mode 100644 index 0000000..4dd4b32 --- /dev/null +++ b/scripts/packer/scripts/fixnetwork.ps1 @@ -0,0 +1,30 @@ +# You cannot enable Windows PowerShell Remoting on network connections that are set to Public +# Spin through all the network locations and if they are set to Public, set them to Private +# using the INetwork interface: +# http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx +# For more info, see: +# http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx + +function Set-NetworkTypeToPrivate { + [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPositionalParameters', '')] + param() + # Network location feature was only introduced in Windows Vista - no need to bother with this + # if the operating system is older than Vista + if ([environment]::OSVersion.version.Major -lt 6) { return } + + # You cannot change the network location if you are joined to a domain, so abort + if (1, 3, 4, 5 -contains (Get-CimInstance win32_computersystem).DomainRole) { return } + + # Get network connections + $networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) + $connections = $networkListManager.GetNetworkConnections() + + $connections | ForEach-Object { + Write-Output $_.GetNetwork().GetName() "category was previously set to" $_.GetNetwork().GetCategory() + #$_.GetNetwork().SetCategory(1) + Write-Output $_.GetNetwork().GetName() "changed to category" $_.GetNetwork().GetCategory() + } + +} + +Set-NetworkTypeToPrivate diff --git a/scripts/packer/scripts/microsoft-updates.bat b/scripts/packer/scripts/microsoft-updates.bat new file mode 100644 index 0000000..52efc0f --- /dev/null +++ b/scripts/packer/scripts/microsoft-updates.bat @@ -0,0 +1,12 @@ +net stop wuauserv + +reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v EnableFeaturedSoftware /t REG_DWORD /d 1 /f + +reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v IncludeRecommendedUpdates /t REG_DWORD /d 1 /f + +echo Set ServiceManager = CreateObject("Microsoft.Update.ServiceManager") > "%temp%\temp.vbs" +echo Set NewUpdateService = ServiceManager.AddService2("7971f918-a847-4430-9279-4a52d1efe18d",7,"") >> "%temp%\temp.vbs" + +cscript "%temp%\temp.vbs" + +net start wuauserv diff --git a/scripts/packer/scripts/microsoft-updates.ps1 b/scripts/packer/scripts/microsoft-updates.ps1 new file mode 100644 index 0000000..2427d2d --- /dev/null +++ b/scripts/packer/scripts/microsoft-updates.ps1 @@ -0,0 +1,12 @@ +Stop-Service -Name 'wuauserv' + +Set-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update' -Name 'EnableFeaturedSoftware' -Value 1 -Type DWord +Set-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update' -Name 'IncludeRecommendedUpdates' -Value 1 -Type DWord + +"Set ServiceManager = CreateObject(""Microsoft.Update.ServiceManager"")" | Out-File -FilePath 'C:\temp.vbs' +"Set NewUpdateService = ServiceManager.AddService2(""7971f918-a847-4430-9279-4a52d1efe18d"",7,"""")" | Out-File -FilePath 'C:\temp.vbs' -Append + +cscript C:\temp.vbs +Remove-Item -Path 'C:\temp.vbs' -Force + +Start-Service -Name 'wuauserv' diff --git a/scripts/packer/scripts/pin-powershell.bat b/scripts/packer/scripts/pin-powershell.bat new file mode 100644 index 0000000..8dd85fa --- /dev/null +++ b/scripts/packer/scripts/pin-powershell.bat @@ -0,0 +1,16 @@ +rem https://connect.microsoft.com/PowerShell/feedback/details/1609288/pin-to-taskbar-no-longer-working-in-windows-10 + +set ps_link=A:\WindowsPowerShell.lnk +if exist e:\WindowsPowerShell.lnk ( + set ps_link=e:\WindowsPowerShell.lnk +) + +set pin_to_10=A:\PinTo10.exe +if exist e:\PinTo10.exe ( + set pin_to_10=e:\PinTo10.exe +) + + +copy "%ps_link%" "%TEMP%\Windows PowerShell.lnk" +%pin_to_10% /PTFOL01:'%TEMP%' /PTFILE01:'Windows PowerShell.lnk' +exit /b 0 diff --git a/scripts/packer/scripts/set-powerplan.ps1 b/scripts/packer/scripts/set-powerplan.ps1 new file mode 100644 index 0000000..f0a2b1a --- /dev/null +++ b/scripts/packer/scripts/set-powerplan.ps1 @@ -0,0 +1,19 @@ +Try { + Write-Output "Set power plan to high performance" + + $HighPerf = powercfg -l | ForEach-Object { if ($_.contains("High performance")) { $_.split()[3] } } + + # $HighPerf cannot be $null, we try activate this power profile with powercfg + if ($null -eq $HighPerf) { + throw "Error: HighPerf is null" + } + + $CurrPlan = $(powercfg -getactivescheme).split()[3] + + if ($CurrPlan -ne $HighPerf) { powercfg -setactive $HighPerf } + +} +Catch { + Write-Warning -Message "Unable to set power plan to high performance" + Write-Warning $Error[0] +} diff --git a/scripts/packer/scripts/set-shortcut.ps1 b/scripts/packer/scripts/set-shortcut.ps1 new file mode 100644 index 0000000..7e0a8e9 --- /dev/null +++ b/scripts/packer/scripts/set-shortcut.ps1 @@ -0,0 +1,21 @@ +[CmdletBinding()] +param( + [Parameter()] + [string]$SourceExe, + [string]$Arguments, + [string]$DestinationPath, + [string]$WorkingDirectory, + [String]$IconLocation +) + +if ($IconLocation -eq '') { + $IconLocation = $SourceExe +} + +$WshShell = New-Object -comObject WScript.Shell +$Shortcut = $WshShell.CreateShortcut($destinationPath) +$Shortcut.TargetPath = $SourceExe +$Shortcut.Arguments = $Arguments +$shortcut.WorkingDirectory = $WorkingDirectory +$shortcut.IconLocation = $IconLocation +$Shortcut.Save() diff --git a/scripts/packer/scripts/set-winrm-automatic.bat b/scripts/packer/scripts/set-winrm-automatic.bat new file mode 100644 index 0000000..fba5809 --- /dev/null +++ b/scripts/packer/scripts/set-winrm-automatic.bat @@ -0,0 +1,2 @@ +echo Set WinRM start type to auto +sc config winrm start= auto diff --git a/scripts/packer/scripts/uac-enable.bat b/scripts/packer/scripts/uac-enable.bat new file mode 100644 index 0000000..278ac00 --- /dev/null +++ b/scripts/packer/scripts/uac-enable.bat @@ -0,0 +1 @@ +reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /f /v EnableLUA /t REG_DWORD /d 1 diff --git a/scripts/packer/scripts/vm-guest-tools.ps1 b/scripts/packer/scripts/vm-guest-tools.ps1 new file mode 100644 index 0000000..8aa86b6 --- /dev/null +++ b/scripts/packer/scripts/vm-guest-tools.ps1 @@ -0,0 +1,96 @@ +if (!( Test-Path "C:\Windows\Temp\7z1900-x64.msi")) { + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.7-zip.org/a/7z1900-x64.msi', 'C:\Windows\Temp\7z1900-x64.msi') +} +if (!(Test-Path "C:\Windows\Temp\7z1900-x64.msi")) { + Start-Sleep 5; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.7-zip.org/a/7z1900-x64.msi', 'C:\Windows\Temp\7z1900-x64.msi') +} +cmd /c msiexec /qb /i C:\Windows\Temp\7z1900-x64.msi + +if ("$env:PACKER_BUILDER_TYPE" -eq "vmware-iso") { + + Write-Output "Using VMware" + if (Test-Path "C:\Users\vagrant\windows.iso") { + Move-Item -force C:\Users\vagrant\windows.iso C:\Windows\Temp + } + + if (!(Test-Path "C:\Windows\Temp\windows.iso")) { + Try { + # Disabling the progress bar speeds up IWR https://github.com/PowerShell/PowerShell/issues/2138 + $ProgressPreference = 'SilentlyContinue' + $pageContentLinks = (Invoke-WebRequest('https://softwareupdate.vmware.com/cds/vmw-desktop/ws') -UseBasicParsing).Links | where-object { $_.href -Match "[0-9]" } | Select-Object href | ForEach-Object { $_.href.Trim('/') } + $versionObject = $pageContentLinks | ForEach-Object { new-object System.Version ($_) } | sort-object -Descending | select-object -First 1 -Property:Major, Minor, Build + $newestVersion = $versionObject.Major.ToString() + "." + $versionObject.Minor.ToString() + "." + $versionObject.Build.ToString() | out-string + $newestVersion = $newestVersion.TrimEnd("`r?`n") + + $nextURISubdirectoryObject = (Invoke-WebRequest("https://softwareupdate.vmware.com/cds/vmw-desktop/ws/$newestVersion/") -UseBasicParsing).Links | where-object { $_.href -Match "[0-9]" } | Select-Object href | where-object { $_.href -Match "[0-9]" } + $nextUriSubdirectory = $nextURISubdirectoryObject.href | Out-String + $nextUriSubdirectory = $nextUriSubdirectory.TrimEnd("`r?`n") + $newestVMwareToolsURL = "https://softwareupdate.vmware.com/cds/vmw-desktop/ws/$newestVersion/$nextURISubdirectory/windows/packages/tools-windows.tar" + Write-Output "The latest version of VMware tools has been determined to be downloadable from $newestVMwareToolsURL" + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile("$newestVMwareToolsURL", 'C:\Windows\Temp\vmware-tools.tar') + } + Catch { + Write-Output "Unable to determine the latest version of VMware tools. Falling back to hardcoded URL." + (New-Object System.Net.WebClient).DownloadFile('https://softwareupdate.vmware.com/cds/vmw-desktop/ws/15.5.5/16285975/windows/packages/tools-windows.tar', 'C:\Windows\Temp\vmware-tools.tar') + } + cmd /c "C:\PROGRA~1\7-Zip\7z.exe" x C:\Windows\Temp\vmware-tools.tar -oC:\Windows\Temp + Move-Item c:\windows\temp\VMware-tools-windows-*.iso c:\windows\temp\windows.iso + Try { Remove-Item "C:\Program Files (x86)\VMWare" -Recurse -Force -ErrorAction Stop } Catch { Write-Output "Directory didn't exist to be removed." } + } + + cmd /c "C:\PROGRA~1\7-Zip\7z.exe" x "C:\Windows\Temp\windows.iso" -oC:\Windows\Temp\VMWare + cmd /c C:\Windows\Temp\VMWare\setup.exe /S /v"/qn REBOOT=R\" + + Remove-Item -Force "C:\Windows\Temp\vmware-tools.tar" + Remove-Item -Force "C:\Windows\Temp\windows.iso" + Remove-Item -Force -Recurse "C:\Windows\Temp\VMware" +} + +if ("$env:PACKER_BUILDER_TYPE" -eq "virtualbox-iso") { + Write-Output "Using Virtualbox" + if (Test-Path "C:\Users\vagrant\VBoxGuestAdditions.iso") { + Move-Item -Force C:\Users\vagrant\VBoxGuestAdditions.iso C:\Windows\Temp + } + + if (!(Test-Path "C:\Windows\Temp\VBoxGuestAdditions.iso")) { + Try { + $pageContentLinks = (Invoke-WebRequest('https://download.virtualbox.org/virtualbox') -UseBasicParsing).Links | where-object { $_.href -Match "[0-9]" } | Select-Object href | where-object { $_.href -NotMatch "BETA" } | where-object { $_.href -NotMatch "RC" } | where-object { $_.href -Match "[0-9]\.[0-9]" } | ForEach-Object { $_.href.Trim('/') } + $versionObject = $pageContentLinks | ForEach-Object { new-object System.Version ($_) } | sort-object -Descending | select-object -First 1 -Property:Major, Minor, Build + $newestVersion = $versionObject.Major.ToString() + "." + $versionObject.Minor.ToString() + "." + $versionObject.Build.ToString() | out-string + $newestVersion = $newestVersion.TrimEnd("`r?`n") + + $nextURISubdirectoryObject = (Invoke-WebRequest("https://download.virtualbox.org/virtualbox/$newestVersion/") -UseBasicParsing).Links | Select-Object href | where-object { $_.href -Match "GuestAdditions" } + $nextUriSubdirectory = $nextURISubdirectoryObject.href | Out-String + $nextUriSubdirectory = $nextUriSubdirectory.TrimEnd("`r?`n") + $newestVboxToolsURL = "https://download.virtualbox.org/virtualbox/$newestVersion/$nextUriSubdirectory" + Write-Output "The latest version of VirtualBox tools has been determined to be downloadable from $newestVboxToolsURL" + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile("$newestVboxToolsURL", 'C:\Windows\Temp\VBoxGuestAdditions.iso') + } + Catch { + Write-Output "Unable to determine the latest version of VBox tools. Falling back to hardcoded URL." + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://download.virtualbox.org/virtualbox/6.1.8/VBoxGuestAdditions_6.1.8.iso', 'C:\Windows\Temp\VBoxGuestAdditions.iso') + } + } + + cmd /c ""C:\PROGRA~1\7-Zip\7z.exe" x C:\Windows\Temp\VBoxGuestAdditions.iso -oC:\Windows\Temp\virtualbox" + Get-ChildItem "C:\Windows\Temp\virtualbox\cert\" -Filter vbox*.cer | Foreach-Object { C:\Windows\Temp\virtualbox\cert\VBoxCertUtil add-trusted-publisher $_.FullName --root $_.FullName } + cmd /c C:\Windows\Temp\virtualbox\VBoxWindowsAdditions.exe /S + cmd /c rd /S /Q "C:\Windows\Temp\virtualbox" +} + +if ("$env:PACKER_BUILDER_TYPE" -eq "parallels-iso") { + Write-Output "Using Parallels Desktop" + # This is required when using Parallels Desktop + # Currently the installation of Parallels Tools is broken if you're installing in Windows Server & Windows Server Core + # You will encounter an error in printui.dll module not found message. + # This feature will add the required libraries for printing services. + + # Parallels Tools is required for sync_folder to work. + # Vagrantfile config: v.update_guest_tools = true will be installed with no issues + if ($(Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ProductName.StartsWith("Windows Server")) { + Write-Output "Installing Print Server service" + Install-WindowsFeature -Name Print-Server + } +} + +cmd /c msiexec /qb /x C:\Windows\Temp\7z1900-x64.msi diff --git a/scripts/packer/scripts/win-updates.ps1 b/scripts/packer/scripts/win-updates.ps1 new file mode 100644 index 0000000..c64fd14 --- /dev/null +++ b/scripts/packer/scripts/win-updates.ps1 @@ -0,0 +1,260 @@ +[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', '')] +param($global:RestartRequired = 0, + $global:MoreUpdates = 0, + $global:MaxCycles = 5, + $MaxUpdatesPerCycle = 500, + $BeginWithRestart = 0) + +$Logfile = "C:\Windows\Temp\win-updates.log" + +$enable_winrm_script = 'a:\enable-winrm.ps1' +if (test-path 'e:\enable-winrm.ps1') { + $enable_winrm_script = 'e:\enable-winrm.ps1' +} + +function LogWrite { + Param ([string]$logstring) + $now = Get-Date -format s + Add-Content $Logfile -value "$now $logstring" + Write-Output $logstring +} + +function Check-ContinueRestartOrEnd() { + $RegistryKey = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" + $RegistryEntry = "InstallWindowsUpdates" + switch ($global:RestartRequired) { + 0 { + $prop = (Get-ItemProperty $RegistryKey).$RegistryEntry + if ($prop) { + LogWrite "Restart Registry Entry Exists - Removing It" + Remove-ItemProperty -Path $RegistryKey -Name $RegistryEntry -ErrorAction SilentlyContinue + } + + LogWrite "No Restart Required" + Check-WindowsUpdates + + if (($global:MoreUpdates -eq 1) -and ($script:Cycles -le $global:MaxCycles)) { + Install-WindowsUpdates + } + elseif ($script:Cycles -gt $global:MaxCycles) { + LogWrite "Exceeded Cycle Count - Stopping" + LogWrite "==> Running '$enable_winrm_script'..." + & $enable_winrm_script + } + else { + LogWrite "Done Installing Windows Updates" + LogWrite "==> Running '$enable_winrm_script'..." + & $enable_winrm_script + } + } + 1 { + $prop = (Get-ItemProperty $RegistryKey).$RegistryEntry + if (-not $prop) { + LogWrite "Restart Registry Entry Does Not Exist - Creating It" + Set-ItemProperty -Path $RegistryKey -Name $RegistryEntry -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File $($script:ScriptPath) -MaxUpdatesPerCycle $($MaxUpdatesPerCycle)" + } + else { + LogWrite "Restart Registry Entry Exists Already" + } + + LogWrite "Restart Required - Restarting..." + Restart-Computer + } + default { + LogWrite "Unsure If A Restart Is Required" + break + } + } +} + +function Install-WindowsUpdates() + { + [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '')] + [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseSingularNouns', '')] + param() + $script:Cycles++ + LogWrite "Evaluating Available Updates with limit of $($MaxUpdatesPerCycle):" + $UpdatesToDownload = New-Object -ComObject 'Microsoft.Update.UpdateColl' + $script:i = 0; + $CurrentUpdates = $SearchResult.Updates + while ($script:i -lt $CurrentUpdates.Count -and $script:CycleUpdateCount -lt $MaxUpdatesPerCycle) { + $Update = $CurrentUpdates.Item($script:i) + if ($null -ne $Update) { + [bool]$addThisUpdate = $false + if ($Update.InstallationBehavior.CanRequestUserInput) { + LogWrite "> Skipping: $($Update.Title) because it requires user input" + } + else { + if (!($Update.EulaAccepted)) { + LogWrite "> Note: $($Update.Title) has a license agreement that must be accepted. Accepting the license." + $Update.AcceptEula() + [bool]$addThisUpdate = $true + $script:CycleUpdateCount++ + } + else { + [bool]$addThisUpdate = $true + $script:CycleUpdateCount++ + } + } + + if ([bool]$addThisUpdate) { + LogWrite "Adding: $($Update.Title)" + $UpdatesToDownload.Add($Update) | Out-Null + } + } + $script:i++ + } + + if ($UpdatesToDownload.Count -eq 0) { + LogWrite "No Updates To Download..." + } + else { + LogWrite 'Downloading Updates...' + $ok = 0; + while (! $ok) { + try { + $Downloader = $UpdateSession.CreateUpdateDownloader() + $Downloader.Updates = $UpdatesToDownload + $Downloader.Download() + $ok = 1; + } + catch { + LogWrite $_.Exception | Format-List -force + LogWrite "Error downloading updates. Retrying in 30s." + $script:attempts = $script:attempts + 1 + Start-Sleep -s 30 + } + } + } + + $UpdatesToInstall = New-Object -ComObject 'Microsoft.Update.UpdateColl' + [bool]$rebootMayBeRequired = $false + LogWrite 'The following updates are downloaded and ready to be installed:' + foreach ($Update in $SearchResult.Updates) { + if (($Update.IsDownloaded)) { + LogWrite "> $($Update.Title)" + $UpdatesToInstall.Add($Update) | Out-Null + + if ($Update.InstallationBehavior.RebootBehavior -gt 0) { + [bool]$rebootMayBeRequired = $true + } + } + } + + if ($UpdatesToInstall.Count -eq 0) { + LogWrite 'No updates available to install...' + $global:MoreUpdates = 0 + $global:RestartRequired = 0 + LogWrite "==> Running '$enable_winrm_script'..." + & $enable_winrm_script + break + } + + if ($rebootMayBeRequired) { + LogWrite 'These updates may require a reboot' + $global:RestartRequired = 1 + } + + LogWrite 'Installing updates...' + + $Installer = $script:UpdateSession.CreateUpdateInstaller() + $Installer.Updates = $UpdatesToInstall + $InstallationResult = $Installer.Install() + + LogWrite "Installation Result: $($InstallationResult.ResultCode)" + LogWrite "Reboot Required: $($InstallationResult.RebootRequired)" + LogWrite 'Listing of updates installed and individual installation results:' + if ($InstallationResult.RebootRequired) { + $global:RestartRequired = 1 + } + else { + $global:RestartRequired = 0 + } + + for ($i = 0; $i -lt $UpdatesToInstall.Count; $i++) { + New-Object -TypeName PSObject -Property @{ + Title = $UpdatesToInstall.Item($i).Title + Result = $InstallationResult.GetUpdateResult($i).ResultCode + } + LogWrite "Item: $($UpdatesToInstall.Item($i).Title)" + LogWrite "Result: $($InstallationResult.GetUpdateResult($i).ResultCode)" + } + + Check-ContinueRestartOrEnd +} + +function Check-WindowsUpdates() { + [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '')] + [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseSingularNouns', '')] + param() + LogWrite "Checking For Windows Updates" + $Username = $env:USERDOMAIN + "\" + $env:USERNAME + LogWrite "Script: $script:ScriptPath `nScript User: $Username `nStarted: $(Get-Date)" + + $script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher() + $script:successful = $FALSE + $script:attempts = 0 + $script:maxAttempts = 12 + while (-not $script:successful -and $script:attempts -lt $script:maxAttempts) { + try { + $script:SearchResult = $script:UpdateSearcher.Search("IsInstalled=0 and Type='Software' and IsHidden=0") + $script:successful = $TRUE + } + catch { + LogWrite $_.Exception | Format-List -force + LogWrite "Search call to UpdateSearcher was unsuccessful. Retrying in 10s." + $script:attempts = $script:attempts + 1 + Start-Sleep -s 10 + } + } + + if ($SearchResult.Updates.Count -ne 0) { + $Message = "There are " + $SearchResult.Updates.Count + " more updates." + LogWrite $Message + try { + for ($i = 0; $i -lt $script:SearchResult.Updates.Count; $i++) { + LogWrite $script:SearchResult.Updates.Item($i).Title + LogWrite $script:SearchResult.Updates.Item($i).Description + LogWrite $script:SearchResult.Updates.Item($i).RebootRequired + LogWrite $script:SearchResult.Updates.Item($i).EulaAccepted + } + $global:MoreUpdates = 1 + } + catch { + LogWrite $_.Exception | Format-List -force + LogWrite "Showing SearchResult was unsuccessful. Rebooting." + $global:RestartRequired = 1 + $global:MoreUpdates = 0 + Check-ContinueRestartOrEnd + LogWrite "Show never happen to see this text!" + Restart-Computer + } + } + else { + LogWrite 'There are no applicable updates' + $global:RestartRequired = 0 + $global:MoreUpdates = 0 + } +} + +$script:ScriptName = $MyInvocation.MyCommand.ToString() +$script:ScriptPath = $MyInvocation.MyCommand.Path +$script:UpdateSession = New-Object -ComObject 'Microsoft.Update.Session' +$script:UpdateSession.ClientApplicationID = 'Packer Windows Update Installer' +$script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher() +$script:SearchResult = New-Object -ComObject 'Microsoft.Update.UpdateColl' +$script:Cycles = 0 +$script:CycleUpdateCount = 0 + +if ($BeginWithRestart) { + $global:RestartRequired = 1 + Check-ContinueRestartOrEnd +} + +Check-WindowsUpdates +if ($global:MoreUpdates -eq 1) { + Install-WindowsUpdates +} +else { + Check-ContinueRestartOrEnd +} diff --git a/scripts/packer/vagrantfile-windows_10.template b/scripts/packer/vagrantfile-windows_10.template new file mode 100644 index 0000000..bf31db8 --- /dev/null +++ b/scripts/packer/vagrantfile-windows_10.template @@ -0,0 +1,91 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.require_version ">= 1.6.2" + +Vagrant.configure("2") do |config| + config.vm.define "vagrant-windows-10-preview" + config.vm.box = "windows_10_preview" + config.vm.communicator = "winrm" + + # Admin user name and password + config.winrm.username = "vagrant" + config.winrm.password = "vagrant" + + config.vm.guest = :windows + config.windows.halt_timeout = 15 + + config.vm.network :forwarded_port, guest: 3389, host: 3389, id: "rdp", auto_correct: true + + config.vm.provider :virtualbox do |v, override| + #v.gui = true + v.customize ["modifyvm", :id, "--memory", 2048] + v.customize ["modifyvm", :id, "--cpus", 2] + v.customize ["modifyvm", :id, "--vram", 128] + v.customize ["modifyvm", :id, "--clipboard", "bidirectional"] + v.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ] + end + + config.vm.provider :vmware_fusion do |v, override| + v.gui = true + v.vmx["memsize"] = "2048" + v.vmx["numvcpus"] = "2" + v.vmx["ethernet0.virtualDev"] = "vmxnet3" + v.vmx["RemoteDisplay.vnc.enabled"] = "false" + v.vmx["RemoteDisplay.vnc.port"] = "5900" + v.vmx["scsi0.virtualDev"] = "lsisas1068" + v.vmx["gui.fitguestusingnativedisplayresolution"] = "TRUE" + v.vmx["mks.enable3d"] = "TRUE" + v.vmx["mks.forceDiscreteGPU"] = "TRUE" + v.vmx["gui.fullscreenatpoweron"] = "TRUE" + v.vmx["gui.viewmodeatpoweron"] = "fullscreen" + v.vmx["gui.lastPoweredViewMode"] = "fullscreen" + v.vmx["sound.startconnected"] = "FALSE" + v.vmx["sound.present"] = "FALSE" + v.vmx["sound.autodetect"] = "TRUE" + v.enable_vmrun_ip_lookup = false + v.whitelist_verified = true + v.vmx["hgfs.linkRootShare"] = "FALSE" + end + + config.vm.provider :vmware_workstation do |v, override| + v.gui = true + v.vmx["memsize"] = "2048" + v.vmx["numvcpus"] = "2" + v.vmx["ethernet0.virtualDev"] = "vmxnet3" + v.vmx["RemoteDisplay.vnc.enabled"] = "false" + v.vmx["RemoteDisplay.vnc.port"] = "5900" + v.vmx["scsi0.virtualDev"] = "lsisas1068" + v.enable_vmrun_ip_lookup = false + v.whitelist_verified = true + v.vmx["hgfs.linkRootShare"] = "FALSE" + end + + config.vm.provider "hyperv" do |v| + v.cpus = 2 + v.maxmemory = 2048 + v.linked_clone = true + end + + config.vm.provider :libvirt do |libvirt, override| + libvirt.memory = 2048 + libvirt.cpus = 2 + + # Use WinRM for the default synced folder; or disable it if + # WinRM is not available. Linux hosts don't support SMB, + # and Windows guests don't support NFS/9P/rsync + # See https://github.com/Cimpress-MCP/vagrant-winrm-syncedfolders + if Vagrant.has_plugin?("vagrant-winrm-syncedfolders") + override.vm.synced_folder ".", "/vagrant", type: "winrm" + else + override.vm.synced_folder ".", "/vagrant", disabled: true + end + + # Enable Hyper-V enlightments, see + # https://blog.wikichoon.com/2014/07/enabling-hyper-v-enlightenments-with-kvm.html + libvirt.hyperv_feature :name => 'stimer', :state => 'on' + libvirt.hyperv_feature :name => 'relaxed', :state => 'on' + libvirt.hyperv_feature :name => 'vapic', :state => 'on' + libvirt.hyperv_feature :name => 'synic', :state => 'on' + end +end diff --git a/scripts/packer/windows_10.json b/scripts/packer/windows_10.json new file mode 100644 index 0000000..2cfce20 --- /dev/null +++ b/scripts/packer/windows_10.json @@ -0,0 +1,230 @@ +{ + "builders": [ + { + "boot_command": ["a<wait>a<wait>a"], + "boot_wait": "-1s", + "cd_files": [ + "{{user `autounattend`}}", + "./scripts/packer/floppy/WindowsPowershell.lnk", + "./scripts/packer/floppy/PinTo10.exe", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.ps1", + "./scripts/packer/scripts/win-updates.ps1", + "./scripts/packer/scripts/set-shortcut.ps1" + ], + "communicator": "winrm", + "configuration_version": "10.0", + "cpus": "{{user `cpus`}}", + "disk_size": "{{user `disk_size`}}", + "enable_dynamic_memory": false, + "enable_mac_spoofing": true, + "enable_secure_boot": true, + "enable_virtualization_extensions": true, + "generation": "2", + "guest_additions_mode": "disable", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "switch_name": "Default Switch", + "type": "hyperv-iso", + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{ user `winrm_timeout` }}", + "winrm_username": "vagrant" + }, + { + "boot_command": ["a<wait>a<wait>a"], + "boot_wait": "-1s", + "cd_files": [ + "{{user `autounattend`}}", + "./scripts/packer/floppy/WindowsPowershell.lnk", + "./scripts/packer/floppy/PinTo10.exe", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.ps1", + "./scripts/packer/scripts/win-updates.ps1", + "./scripts/packer/scripts/set-shortcut.ps1" + ], + "communicator": "winrm", + "cpus": "{{user `cpus`}}", + "disk_adapter_type": "lsisas1068", + "disk_size": "{{user `disk_size`}}", + "disk_type_id": "1", + "guest_os_type": "windows9-64", + "headless": "{{user `headless`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "vmware-iso", + "version": "19", + "vm_name": "{{user `vm_name`}}", + "vmx_data": { + "firmware": "efi", + "RemoteDisplay.vnc.enabled": "false", + "RemoteDisplay.vnc.port": "5900" + }, + "vmx_remove_ethernet_interfaces": true, + "vnc_port_max": 5980, + "vnc_port_min": 5900, + "winrm_password": "vagrant", + "winrm_timeout": "{{ user `winrm_timeout` }}", + "winrm_username": "vagrant" + }, + { + "boot_command": ["a<wait>a<wait>a"], + "boot_wait": "-1s", + "cd_files": [ + "{{user `autounattend`}}", + "./scripts/packer/floppy/WindowsPowershell.lnk", + "./scripts/packer/floppy/PinTo10.exe", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.ps1", + "./scripts/packer/scripts/win-updates.ps1", + "./scripts/packer/scripts/set-shortcut.ps1" + ], + "communicator": "winrm", + "cpus": "{{user `cpus`}}", + "disk_size": "{{user `disk_size`}}", + "firmware": "efi", + "guest_additions_mode": "disable", + "guest_os_type": "Windows10_64", + "headless": "{{user `headless`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "virtualbox-iso", + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{ user `winrm_timeout` }}", + "winrm_username": "vagrant" + }, + { + "boot_command": "", + "boot_wait": "6m", + "communicator": "winrm", + "cpus": "{{user `cpus`}}", + "disk_size": "{{user `disk_size`}}", + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/packer/floppy/WindowsPowershell.lnk", + "./scripts/packer/floppy/PinTo10.exe", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.ps1", + "./scripts/packer/scripts/win-updates.ps1", + "./scripts/packer/scripts/set-shortcut.ps1" + ], + "guest_os_type": "win-10", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "parallels-iso", + "parallels_tools_flavor": "win", + "prlctl": [ + [ + "set", + "{{.Name}}", + "--efi-boot", + "off" + ] + ], + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{ user `winrm_timeout` }}", + "winrm_username": "vagrant" + } + ], + "post-processors": [ + { + "keep_input_artifact": false, + "output": "cmderdev-10_{{.Provider}}.box", + "type": "vagrant", + "vagrantfile_template": "vagrantfile-windows_10.template" + } + ], + "provisioners": [ + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/enable-rdp.bat" + ], + "type": "windows-shell" + }, + { + "scripts": [ + "./scripts/packer/scripts/vm-guest-tools.ps1", + "./scripts/packer/scripts/debloat-windows.ps1" + ], + "type": "powershell" + }, + { + "restart_timeout": "{{user `restart_timeout`}}", + "type": "windows-restart" + }, + { + "scripts": [ + "./scripts/packer/scripts/set-powerplan.ps1", + "./scripts/packer/scripts/docker/disable-windows-defender.ps1" + ], + "type": "powershell" + }, + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/chocolatey.bat" + ], + "type": "windows-shell" + }, + { + "scripts": [ + "./scripts/packer/scripts/chocopacks.ps1" + ], + "type": "powershell" + }, + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/pin-powershell.bat", + "./scripts/packer/scripts/compile-dotnet-assemblies.bat", + "./scripts/packer/scripts/set-winrm-automatic.bat", + "./scripts/packer/scripts/uac-enable.bat", + "./scripts/packer/scripts/dis-updates.bat", + "./scripts/packer/scripts/compact.bat" + ], + "type": "windows-shell" + } + ], + "variables": { + "autounattend": "./scripts/packer/answer_files/10_efi/Autounattend.xml", + "cpus": "2", + "disk_size": "262144", + "disk_type_id": "1", + "memory": "4096", + "headless": "false", + "iso_url": "./scripts/packer/iso/Windows_10.iso", + "iso_checksum": "none", + "restart_timeout": "5m", + "vhv_enable": "false", + "virtio_win_iso": "~/virtio-win.iso", + "vm_name": "cmderdev10", + "winrm_timeout": "6h", + "vmx_version": "14" + } +} diff --git a/scripts/packer/windows_11.json b/scripts/packer/windows_11.json new file mode 100644 index 0000000..fc00e3a --- /dev/null +++ b/scripts/packer/windows_11.json @@ -0,0 +1,241 @@ +{ + "builders": [ + { + "boot_command": [ + "<leftShiftOn><f10><leftShiftOff><wait>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassTPMCheck /d 1<return>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassSecureBootCheck /d 1<return><wait>", + "exit<return>", + "<wait><return>" + ], + "boot_wait": "2m", + "communicator": "winrm", + "configuration_version": "8.0", + "cpus": "2", + "disk_size": "{{user `disk_size`}}", + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.bat", + "./scripts/packer/scripts/win-updates.ps1" + ], + "guest_additions_mode": "none", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "switch_name": "{{user `switch_name`}}", + "type": "hyperv-iso", + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{user `winrm_timeout`}}", + "winrm_username": "vagrant" + }, + { + "boot_command": [ + "<leftShiftOn><f10><leftShiftOff><wait>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassTPMCheck /d 1<return>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassSecureBootCheck /d 1<return><wait>", + "exit<return>", + "<wait><return>" + ], + "boot_wait": "2m", + "communicator": "winrm", + "cpus": 2, + "disk_adapter_type": "lsisas1068", + "disk_size": "{{user `disk_size`}}", + "disk_type_id": "{{user `disk_type_id`}}", + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.bat", + "./scripts/packer/scripts/win-updates.ps1" + ], + "guest_os_type": "windows9-64", + "headless": "{{user `headless`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "vmware-iso", + "version": "{{user `vmx_version`}}", + "vm_name": "{{user `vm_name`}}", + "vmx_data": { + "RemoteDisplay.vnc.enabled": "false", + "RemoteDisplay.vnc.port": "5900" + }, + "vmx_remove_ethernet_interfaces": true, + "vnc_port_max": 5980, + "vnc_port_min": 5900, + "winrm_password": "vagrant", + "winrm_timeout": "{{user `winrm_timeout`}}", + "winrm_username": "vagrant" + }, + { + "boot_command": [ + "<leftShiftOn><f10><leftShiftOff><wait>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassTPMCheck /d 1<return>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassSecureBootCheck /d 1<return><wait>", + "exit<return>", + "<wait><return>" + ], + "boot_wait": "2m", + "communicator": "winrm", + "cpus": 2, + "disk_size": "{{user `disk_size`}}", + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.bat", + "./scripts/packer/scripts/win-updates.ps1" + ], + "guest_additions_mode": "disable", + "guest_os_type": "Windows10_64", + "headless": "{{user `headless`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "virtualbox-iso", + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{user `winrm_timeout`}}", + "winrm_username": "vagrant" + }, + { + "boot_command": [ + "<leftShiftOn><f10><leftShiftOff><wait>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassTPMCheck /d 1<return>", + "reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassSecureBootCheck /d 1<return><wait>", + "exit<return>", + "<wait><return>" + ], + "boot_wait": "2m", + "communicator": "winrm", + "cpus": 2, + "disk_size": "{{user `disk_size`}}", + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/packer/scripts/fixnetwork.ps1", + "./scripts/packer/scripts/disable-screensaver.ps1", + "./scripts/packer/scripts/disable-winrm.ps1", + "./scripts/packer/scripts/enable-winrm.ps1", + "./scripts/packer/scripts/microsoft-updates.bat", + "./scripts/packer/scripts/win-updates.ps1" + ], + "guest_os_type": "win-10", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "memory": "{{user `memory`}}", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "type": "parallels-iso", + "parallels_tools_flavor": "win", + "parallels_tools_mode": "disable", + "prlctl": [ + [ + "set", + "{{.Name}}", + "--adaptive-hypervisor", + "on" + ], + [ + "set", + "{{.Name}}", + "--efi-boot", + "off" + ] + ], + "vm_name": "{{user `vm_name`}}", + "winrm_password": "vagrant", + "winrm_timeout": "{{user `winrm_timeout`}}", + "winrm_username": "vagrant" + } + ], + "post-processors": [ + { + "keep_input_artifact": false, + "output": "windows_11_{{.Provider}}.box", + "type": "vagrant", + "vagrantfile_template": "vagrantfile-windows_10.template" + } + ], + "provisioners": [ + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/enable-rdp.bat" + ], + "type": "windows-shell" + }, + { + "scripts": [ + "./scripts/packer/scripts/vm-guest-tools.ps1", + "./scripts/packer/scripts/debloat-windows.ps1" + ], + "type": "powershell" + }, + { + "restart_timeout": "{{user `restart_timeout`}}", + "type": "windows-restart" + }, + { + "scripts": [ + "./scripts/packer/scripts/set-powerplan.ps1", + "./scripts/packer/scripts/docker/disable-windows-defender.ps1" + ], + "type": "powershell" + }, + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/chocolatey.bat" + ], + "type": "windows-shell" + }, + { + "scripts": [ + "./scripts/packer/scripts/chocopacks.ps1" + ], + "type": "powershell" + }, + { + "execute_command": "{{ .Vars }} cmd /c \"{{ .Path }}\"", + "remote_path": "/tmp/script.bat", + "scripts": [ + "./scripts/packer/scripts/pin-powershell.bat", + "./scripts/packer/scripts/compile-dotnet-assemblies.bat", + "./scripts/packer/scripts/set-winrm-automatic.bat", + "./scripts/packer/scripts/uac-enable.bat", + "./scripts/packer/scripts/dis-updates.bat", + "./scripts/packer/scripts/compact.bat" + ], + "type": "windows-shell" + } + ], + "variables": { + "autounattend": "./scripts/packer/answer_files/11/Autounattend.xml", + "disk_size": "61440", + "disk_type_id": "1", + "memory": "4096", + "headless": "false", + "iso_checksum": "sha256:e8b1d2a1a85a09b4bf6154084a8be8e3c814894a15a7bcf3e8e63fcfa9a528cb", + "iso_url": "https://software-download.microsoft.com/download/sg/22000.194.210913-1444.co_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso", + "restart_timeout": "5m", + "vhv_enable": "false", + "virtio_win_iso": "~/virtio-win.iso", + "vm_name": "windows_11", + "winrm_timeout": "6h", + "vmx_version": "14" + } +}