Initial commit.
This commit is contained in:
commit
e100d7b13e
|
@ -0,0 +1,5 @@
|
|||
.vagrant/
|
||||
packer_cache/
|
||||
*.exe
|
||||
*.msi
|
||||
*.msu
|
|
@ -0,0 +1,3 @@
|
|||
# Metasploitable3
|
||||
|
||||
Welcome to the repo for the latest version of Metaploitable.
|
|
@ -0,0 +1,122 @@
|
|||
# -*- mode: ruby -*-
|
||||
# vi: set ft=ruby :
|
||||
|
||||
# All Vagrant configuration is done below. The "2" in Vagrant.configure
|
||||
# configures the configuration version (we support older styles for
|
||||
# backwards compatibility). Please don't change it unless you know what
|
||||
# you're doing.
|
||||
Vagrant.configure("2") do |config|
|
||||
# The most common configuration options are documented and commented below.
|
||||
# For a complete reference, please see the online documentation at
|
||||
# https://docs.vagrantup.com.
|
||||
|
||||
# Every Vagrant development environment requires a box. You can search for
|
||||
# boxes at https://atlas.hashicorp.com/search.
|
||||
config.vm.box = "metasploitable3"
|
||||
config.vm.hostname = "metasploitable3"
|
||||
config.vm.communicator = "winrm"
|
||||
|
||||
# Install Chocolatey
|
||||
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
|
||||
# Install BoxStarter
|
||||
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Install 7zip
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Adjust password policy
|
||||
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Add users and add to groups
|
||||
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Unpatched IIS
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Chinese caidao.asp backdoor
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_caidao.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Apache Struts
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Glassfish
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Jenkins (1.8)
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Configure Firewall to open up vulnerable services
|
||||
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Disable automatic box update checking. If you disable this, then
|
||||
# boxes will only be checked for updates when the user runs
|
||||
# `vagrant box outdated`. This is not recommended.
|
||||
# config.vm.box_check_update = false
|
||||
|
||||
# Create a forwarded port mapping which allows access to a specific port
|
||||
# within the machine from a port on the host machine. In the example below,
|
||||
# accessing "localhost:8080" will access port 80 on the guest machine.
|
||||
# config.vm.network "forwarded_port", guest: 80, host: 8080
|
||||
|
||||
# Create a private network, which allows host-only access to the machine
|
||||
# using a specific IP.
|
||||
# config.vm.network "private_network", ip: "192.168.33.10"
|
||||
|
||||
# Create a public network, which generally matched to bridged network.
|
||||
# Bridged networks make the machine appear as another physical device on
|
||||
# your network.
|
||||
# config.vm.network "public_network"
|
||||
|
||||
# Share an additional folder to the guest VM. The first argument is
|
||||
# the path on the host to the actual folder. The second argument is
|
||||
# the path on the guest to mount the folder. And the optional third
|
||||
# argument is a set of non-required options.
|
||||
# config.vm.synced_folder "../data", "/vagrant_data"
|
||||
|
||||
# Provider-specific configuration so you can fine-tune various
|
||||
# backing providers for Vagrant. These expose provider-specific options.
|
||||
# Example for VirtualBox:
|
||||
#
|
||||
# config.vm.provider "virtualbox" do |vb|
|
||||
# # Display the VirtualBox GUI when booting the machine
|
||||
# vb.gui = true
|
||||
#
|
||||
# # Customize the amount of memory on the VM:
|
||||
# vb.memory = "1024"
|
||||
# end
|
||||
#
|
||||
# View the documentation for the provider you are using for more
|
||||
# information on available options.
|
||||
|
||||
# Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
|
||||
# such as FTP and Heroku are also available. See the documentation at
|
||||
# https://docs.vagrantup.com/v2/push/atlas.html for more information.
|
||||
# config.push.define "atlas" do |push|
|
||||
# push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
|
||||
# end
|
||||
|
||||
# Enable provisioning with a shell script. Additional provisioners such as
|
||||
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
|
||||
# documentation for more information about their specific syntax and use.
|
||||
# config.vm.provision "shell", inline: <<-SHELL
|
||||
# apt-get update
|
||||
# apt-get install -y apache2
|
||||
# SHELL
|
||||
end
|
|
@ -0,0 +1,303 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<unattend xmlns="urn:schemas-microsoft-com:unattend">
|
||||
<servicing/>
|
||||
<settings pass="windowsPE">
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<DiskConfiguration>
|
||||
<Disk wcm:action="add">
|
||||
<CreatePartitions>
|
||||
<CreatePartition wcm:action="add">
|
||||
<Order>1</Order>
|
||||
<Type>Primary</Type>
|
||||
<Extend>true</Extend>
|
||||
</CreatePartition>
|
||||
</CreatePartitions>
|
||||
<ModifyPartitions>
|
||||
<ModifyPartition wcm:action="add">
|
||||
<Extend>false</Extend>
|
||||
<Format>NTFS</Format>
|
||||
<Letter>C</Letter>
|
||||
<Order>1</Order>
|
||||
<PartitionID>1</PartitionID>
|
||||
<Label>Windows 2008R2</Label>
|
||||
</ModifyPartition>
|
||||
</ModifyPartitions>
|
||||
<DiskID>0</DiskID>
|
||||
<WillWipeDisk>true</WillWipeDisk>
|
||||
</Disk>
|
||||
<WillShowUI>OnError</WillShowUI>
|
||||
</DiskConfiguration>
|
||||
<UserData>
|
||||
<AcceptEula>true</AcceptEula>
|
||||
<FullName>Vagrant Administrator</FullName>
|
||||
<Organization>Vagrant Inc.</Organization>
|
||||
<!-- Product Key from http://technet.microsoft.com/en-us/library/jj612867.aspx -->
|
||||
<ProductKey>
|
||||
<!-- Do not uncomment the Key element if you are using trial ISOs -->
|
||||
<!-- You must uncomment the Key element (and optionally insert your own key) if you are using retail or volume license ISOs -->
|
||||
<!--<Key>YC6KT-GKW9T-YTKYR-T4X34-R7VHC</Key>-->
|
||||
<WillShowUI>Never</WillShowUI>
|
||||
</ProductKey>
|
||||
</UserData>
|
||||
<ImageInstall>
|
||||
<OSImage>
|
||||
<InstallTo>
|
||||
<DiskID>0</DiskID>
|
||||
<PartitionID>1</PartitionID>
|
||||
</InstallTo>
|
||||
<WillShowUI>OnError</WillShowUI>
|
||||
<InstallToAvailablePartition>false</InstallToAvailablePartition>
|
||||
<InstallFrom>
|
||||
<MetaData wcm:action="add">
|
||||
<Key>/IMAGE/NAME</Key>
|
||||
<Value>Windows Server 2008 R2 SERVERSTANDARD</Value>
|
||||
</MetaData>
|
||||
</InstallFrom>
|
||||
</OSImage>
|
||||
</ImageInstall>
|
||||
</component>
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<SetupUILanguage>
|
||||
<UILanguage>en-US</UILanguage>
|
||||
</SetupUILanguage>
|
||||
<InputLocale>en-US</InputLocale>
|
||||
<SystemLocale>en-US</SystemLocale>
|
||||
<UILanguage>en-US</UILanguage>
|
||||
<UILanguageFallback>en-US</UILanguageFallback>
|
||||
<UserLocale>en-US</UserLocale>
|
||||
</component>
|
||||
</settings>
|
||||
<settings pass="offlineServicing">
|
||||
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<EnableLUA>false</EnableLUA>
|
||||
</component>
|
||||
</settings>
|
||||
<settings pass="oobeSystem">
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<UserAccounts>
|
||||
<AdministratorPassword>
|
||||
<Value>vagrant</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</AdministratorPassword>
|
||||
<LocalAccounts>
|
||||
<LocalAccount wcm:action="add">
|
||||
<Password>
|
||||
<Value>vagrant</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</Password>
|
||||
<Description>Vagrant User</Description>
|
||||
<DisplayName>vagrant</DisplayName>
|
||||
<Group>administrators</Group>
|
||||
<Name>vagrant</Name>
|
||||
</LocalAccount>
|
||||
</LocalAccounts>
|
||||
</UserAccounts>
|
||||
<OOBE>
|
||||
<HideEULAPage>true</HideEULAPage>
|
||||
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
||||
<NetworkLocation>Home</NetworkLocation>
|
||||
</OOBE>
|
||||
<AutoLogon>
|
||||
<Password>
|
||||
<Value>vagrant</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</Password>
|
||||
<Username>vagrant</Username>
|
||||
<Enabled>true</Enabled>
|
||||
</AutoLogon>
|
||||
<FirstLogonCommands>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
|
||||
<Description>Set Execution Policy 64 Bit</Description>
|
||||
<Order>1</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
|
||||
<Description>Set Execution Policy 32 Bit</Description>
|
||||
<Order>2</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine>
|
||||
<Description>winrm quickconfig -q</Description>
|
||||
<Order>3</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine>
|
||||
<Description>winrm quickconfig -transport:http</Description>
|
||||
<Order>4</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine>
|
||||
<Description>Win RM MaxTimoutms</Description>
|
||||
<Order>5</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine>
|
||||
<Description>Win RM MaxMemoryPerShellMB</Description>
|
||||
<Order>6</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxShellsPerUser="50"}</CommandLine>
|
||||
<Description>Win RM MaxShellsPerUser</Description>
|
||||
<Order>7</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxProcessesPerShell="50"}</CommandLine>
|
||||
<Description>Win RM MaxProcessesPerShell</Description>
|
||||
<Order>8</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/service @{MaxConcurrentOperationsPerUser="50"}</CommandLine>
|
||||
<Description>Win RM ConcurrentOperationsPerUser</Description>
|
||||
<Order>9</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine>
|
||||
<Description>Win RM AllowUnencrypted</Description>
|
||||
<Order>10</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine>
|
||||
<Description>Win RM auth Basic</Description>
|
||||
<Order>11</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine>
|
||||
<Description>Win RM client auth Basic</Description>
|
||||
<Order>12</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine>
|
||||
<Description>Win RM listener Address/Port</Description>
|
||||
<Order>13</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine>
|
||||
<Description>Win RM adv firewall enable</Description>
|
||||
<Order>14</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine>
|
||||
<Description>Win RM port open</Description>
|
||||
<Order>15</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c net stop winrm </CommandLine>
|
||||
<Description>Stop Win RM Service </Description>
|
||||
<Order>16</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine>
|
||||
<Description>Win RM Autostart</Description>
|
||||
<Order>17</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c net start winrm</CommandLine>
|
||||
<Description>Start Win RM Service</Description>
|
||||
<Order>18</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine>
|
||||
<Order>19</Order>
|
||||
<Description>Show file extensions in Explorer</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine>
|
||||
<Order>20</Order>
|
||||
<Description>Enable QuickEdit mode</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine>
|
||||
<Order>21</Order>
|
||||
<Description>Show Run command in Start Menu</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine>
|
||||
<Order>22</Order>
|
||||
<Description>Show Administrative Tools in Start Menu</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine>
|
||||
<Order>23</Order>
|
||||
<Description>Zero Hibernation File</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine>
|
||||
<Order>24</Order>
|
||||
<Description>Disable Hibernation Mode</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
|
||||
<Order>25</Order>
|
||||
<Description>Disable password expiration for vagrant user</Description>
|
||||
</SynchronousCommand>
|
||||
<!-- WITHOUT WINDOWS UPDATES -->
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart</CommandLine>
|
||||
<Description>Install OpenSSH</Description>
|
||||
<Order>99</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<!-- END WITHOUT WINDOWS UPDATES -->
|
||||
<!-- WITH WINDOWS UPDATES -->
|
||||
<!--<SynchronousCommand wcm:action="add">-->
|
||||
<!--<CommandLine>cmd.exe /c a:\microsoft-updates.bat</CommandLine>-->
|
||||
<!--<Order>98</Order>-->
|
||||
<!--<Description>Enable Microsoft Updates</Description>-->
|
||||
<!--</SynchronousCommand>-->
|
||||
<!--<SynchronousCommand wcm:action="add">-->
|
||||
<!--<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1 -MaxUpdatesPerCycle 30</CommandLine>-->
|
||||
<!--<Description>Install Windows Updates</Description>-->
|
||||
<!--<Order>100</Order>-->
|
||||
<!--<RequiresUserInput>true</RequiresUserInput>-->
|
||||
<!--</SynchronousCommand>-->
|
||||
<!-- END WITH WINDOWS UPDATES -->
|
||||
</FirstLogonCommands>
|
||||
<ShowWindowsLive>false</ShowWindowsLive>
|
||||
</component>
|
||||
</settings>
|
||||
<settings pass="specialize">
|
||||
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<OEMInformation>
|
||||
<HelpCustomized>false</HelpCustomized>
|
||||
</OEMInformation>
|
||||
<!-- Rename computer here. -->
|
||||
<ComputerName>vagrant-2008R2</ComputerName>
|
||||
<TimeZone>Pacific Standard Time</TimeZone>
|
||||
<RegisteredOwner/>
|
||||
</component>
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
|
||||
</component>
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<!-- Disable IE ESC. -->
|
||||
<IEHardenAdmin>false</IEHardenAdmin>
|
||||
<IEHardenUser>false</IEHardenUser>
|
||||
</component>
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
|
||||
</component>
|
||||
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
||||
<SkipAutoActivation>true</SkipAutoActivation>
|
||||
</component>
|
||||
</settings>
|
||||
<cpi:offlineImage xmlns:cpi="urn:schemas-microsoft-com:cpi" cpi:source="catalog:d:/sources/install_windows server 2008 r2 serverdatacenter.clg"/>
|
||||
</unattend>
|
|
@ -0,0 +1,22 @@
|
|||
### What Is This Directory For?
|
||||
|
||||
You should download your Windows Server ISO images from TechNet/MSDN and place them in this folder. We need to do this because MSDN / TechNet are protected by Microsoft (Live) ID, which does not support HTTP basic authentication or the OAuth2 username / password flow.
|
||||
|
||||
For example, you might want to start with one of the following:
|
||||
|
||||
* Windows Server 2008 R2 + SP1:
|
||||
* File Name: en_windows_server_2008_r2_with_sp1_x64_dvd_617601.iso
|
||||
* SHA1 Hash: D3FD7BF85EE1D5BDD72DE5B2C69A7B470733CD0A
|
||||
* Direct Download: http://msdn.microsoft.com/subscriptions/json/GetDownloadRequest?brand=MSDN&locale=en-us&fileId=44782&activexDisabled=true&akamaiDL=false
|
||||
* Windows Server 2008 R2 + SP1 (Volume License):
|
||||
* File Name: en_windows_server_2008_r2_with_sp1_vl_build_x64_dvd_617403.iso
|
||||
* SHA1 Hash: 7E7E9425041B3328CCF723A0855C2BC4F462EC57
|
||||
* Direct Download: http://msdn.microsoft.com/subscriptions/json/GetDownloadRequest?brand=MSDN&locale=en-us&fileId=44783&activexDisabled=true&akamaiDL=false
|
||||
* Windows Server 2012:
|
||||
* File Name: en_windows_server_2012_x64_dvd_915478.iso
|
||||
* SHA1 Hash: D09E752B1EE480BC7E93DFA7D5C3A9B8AAC477BA
|
||||
* Direct Download: http://msdn.microsoft.com/subscriptions/json/GetDownloadRequest?brand=MSDN&locale=en-us&fileId=50539&activexDisabled=true&akamaiDL=false
|
||||
* Windows Server 2012 (Volume License):
|
||||
* File Name: en_windows_server_2012_vl_x64_dvd_917758.iso
|
||||
* SHA1 Hash: 063BC26ED45C50D3745CCAD52DD7B3F3CE13F36D
|
||||
* Direct Download: http://msdn.microsoft.com/subscriptions/json/GetDownloadRequest?brand=MSDN&locale=en-us&fileId=50573&activexDisabled=true&akamaiDL=false
|
|
@ -0,0 +1,142 @@
|
|||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8282" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
|
||||
This connector uses the NIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log" suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
</Server>
|
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<!--
|
||||
/*
|
||||
* $Id: struts-plugin.xml 722219 2008-12-01 20:41:26Z musachy $
|
||||
*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
-->
|
||||
|
||||
<!DOCTYPE struts PUBLIC
|
||||
"-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
|
||||
"http://struts.apache.org/dtds/struts-2.3.dtd">
|
||||
|
||||
<struts>
|
||||
<constant name="struts.enable.DynamicMethodInvocation" value="true" />
|
||||
<constant name="struts.devMode" value="false" />
|
||||
<!-- Overwrite Convention -->
|
||||
<constant name="struts.convention.action.suffix" value="Controller"/>
|
||||
<constant name="struts.convention.action.mapAllMatches" value="true"/>
|
||||
<constant name="struts.convention.default.parent.package" value="rest-default"/>
|
||||
|
||||
<constant name="struts.convention.package.locators" value="example"/>
|
||||
</struts>
|
Binary file not shown.
|
@ -0,0 +1,46 @@
|
|||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<tomcat-users xmlns="http://tomcat.apache.org/xml"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
|
||||
version="1.0">
|
||||
<!--
|
||||
NOTE: By default, no user is included in the "manager-gui" role required
|
||||
to operate the "/manager/html" web application. If you wish to use this app,
|
||||
you must define such a user - the username and password are arbitrary. It is
|
||||
strongly recommended that you do NOT use one of the users in the commented out
|
||||
section below since they are intended for use with the examples web
|
||||
application.
|
||||
-->
|
||||
<!--
|
||||
NOTE: The sample user and role entries below are intended for use with the
|
||||
examples web application. They are wrapped in a comment and thus are ignored
|
||||
when reading this file. If you wish to configure these users for use with the
|
||||
examples web application, do not forget to remove the <!.. ..> that surrounds
|
||||
them. You will also need to set the passwords to something appropriate.
|
||||
-->
|
||||
<!--
|
||||
<role rolename="tomcat"/>
|
||||
<role rolename="role1"/>
|
||||
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
|
||||
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
|
||||
<user username="role1" password="<must-be-changed>" roles="role1"/>
|
||||
-->
|
||||
<role rolename="manager-gui"/>
|
||||
<user username="sploit" password="sploit" roles="manager-gui"/>
|
||||
</tomcat-users>
|
|
@ -0,0 +1 @@
|
|||
<%eval request("password")%>
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
|
||||
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
|
||||
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
|
||||
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
|
||||
MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
|
||||
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
|
||||
Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
|
||||
dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
|
||||
6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
|
||||
pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
|
||||
9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
|
||||
/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
|
||||
Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
|
||||
+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
|
||||
qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
|
||||
SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
|
||||
u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
|
||||
Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
|
||||
crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
|
||||
FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
|
||||
/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
|
||||
wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
|
||||
4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
|
||||
2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
|
||||
FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
|
||||
CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
|
||||
boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
|
||||
jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
|
||||
S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
|
||||
QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
|
||||
0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
|
||||
NVOFBkpdn627G190
|
||||
-----END CERTIFICATE-----
|
|
@ -0,0 +1,35 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
|
||||
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
|
||||
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
|
||||
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
|
||||
MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
|
||||
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
|
||||
Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
|
||||
bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
|
||||
bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
|
||||
Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
|
||||
ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
|
||||
UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
|
||||
c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
|
||||
MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
|
||||
30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
|
||||
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
|
||||
BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
|
||||
bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
|
||||
AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
|
||||
T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
|
||||
ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
|
||||
mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
|
||||
e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
|
||||
P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
|
||||
dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
|
||||
2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
|
||||
V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
|
||||
HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
|
||||
j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
|
||||
0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
|
||||
lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
|
||||
+AZxAeKCINT+b72x
|
||||
-----END CERTIFICATE-----
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,28 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
|
||||
EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
|
||||
EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
|
||||
ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3
|
||||
MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
|
||||
EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE
|
||||
CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD
|
||||
EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
|
||||
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD
|
||||
BNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv
|
||||
K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e
|
||||
cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY
|
||||
pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n
|
||||
eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB
|
||||
AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
|
||||
HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv
|
||||
9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
|
||||
b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n
|
||||
b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG
|
||||
CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv
|
||||
MA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz
|
||||
91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2
|
||||
RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi
|
||||
DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11
|
||||
GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x
|
||||
LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB
|
||||
-----END CERTIFICATE-----
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1 @@
|
|||
admin;{SSHA256}lmXQf85PwyYmoHqS5TpPzBiN9Rse3GlMI2LNJtY9+pswty71AOxo0Q==;asadmin
|
|
@ -0,0 +1,464 @@
|
|||
<domain application-root="${com.sun.aas.instanceRoot}/applications" version="89" log-root="${com.sun.aas.instanceRoot}/logs">
|
||||
<security-configurations>
|
||||
<authentication-service default="true" name="adminAuth" use-password-credential="true">
|
||||
<security-provider provider-name="adminSpc" name="spcrealm" type="LoginModule">
|
||||
<login-module-config module-class="com.sun.enterprise.admin.util.AdminLoginModule" control-flag="sufficient" name="adminSpecialLM">
|
||||
<property name="config" value="server-config"></property>
|
||||
<property name="auth-realm" value="admin-realm"></property>
|
||||
</login-module-config>
|
||||
</security-provider>
|
||||
<security-provider provider-name="adminFile" name="filerealm" type="LoginModule">
|
||||
<login-module-config module-class="com.sun.enterprise.security.auth.login.FileLoginModule" control-flag="sufficient" name="adminFileLM">
|
||||
<property name="config" value="server-config"></property>
|
||||
<property name="auth-realm" value="admin-realm"></property>
|
||||
</login-module-config>
|
||||
</security-provider>
|
||||
</authentication-service>
|
||||
<authorization-service default="true" name="authorizationService">
|
||||
<security-provider provider-name="simpleAuthorizationProvider" name="simpleAuthorization" type="Simple">
|
||||
<authorization-provider-config name="simpleAuthorizationProviderConfig" support-policy-deploy="false"></authorization-provider-config>
|
||||
</security-provider>
|
||||
</authorization-service>
|
||||
</security-configurations>
|
||||
<managed-job-config></managed-job-config>
|
||||
<system-applications>
|
||||
<application context-root="" object-type="system-admin" name="__admingui" directory-deployed="true" location="${com.sun.aas.installRootURI}/lib/install/applications/__admingui">
|
||||
<module name="__admingui">
|
||||
<engine sniffer="web"></engine>
|
||||
<engine sniffer="security"></engine>
|
||||
</module>
|
||||
</application>
|
||||
</system-applications>
|
||||
<resources>
|
||||
<jdbc-resource pool-name="__TimerPool" object-type="system-admin" jndi-name="jdbc/__TimerPool"></jdbc-resource>
|
||||
<jdbc-resource pool-name="DerbyPool" object-type="system-all" jndi-name="jdbc/__default"></jdbc-resource>
|
||||
<jdbc-connection-pool datasource-classname="org.apache.derby.jdbc.EmbeddedXADataSource" name="__TimerPool" res-type="javax.sql.XADataSource">
|
||||
<property name="databaseName" value="${com.sun.aas.instanceRoot}/lib/databases/ejbtimer"></property>
|
||||
<property name="connectionAttributes" value=";create=true"></property>
|
||||
</jdbc-connection-pool>
|
||||
<jdbc-connection-pool is-isolation-level-guaranteed="false" datasource-classname="org.apache.derby.jdbc.ClientDataSource" name="DerbyPool" res-type="javax.sql.DataSource">
|
||||
<property name="PortNumber" value="1527"></property>
|
||||
<property name="Password" value="APP"></property>
|
||||
<property name="User" value="APP"></property>
|
||||
<property name="serverName" value="localhost"></property>
|
||||
<property name="DatabaseName" value="sun-appserv-samples"></property>
|
||||
<property name="connectionAttributes" value=";create=true"></property>
|
||||
</jdbc-connection-pool>
|
||||
<connector-connection-pool resource-adapter-name="jmsra" max-pool-size="250" steady-pool-size="1" name="jms/__defaultConnectionFactory-Connection-Pool" connection-definition-name="javax.jms.ConnectionFactory"></connector-connection-pool>
|
||||
<connector-resource pool-name="jms/__defaultConnectionFactory-Connection-Pool" object-type="system-all-req" jndi-name="jms/__defaultConnectionFactory"></connector-resource>
|
||||
<managed-scheduled-executor-service object-type="system-all" jndi-name="concurrent/__defaultManagedScheduledExecutorService"></managed-scheduled-executor-service>
|
||||
<managed-executor-service object-type="system-all" jndi-name="concurrent/__defaultManagedExecutorService"></managed-executor-service>
|
||||
<context-service object-type="system-all" jndi-name="concurrent/__defaultContextService"></context-service>
|
||||
<managed-thread-factory object-type="system-all" jndi-name="concurrent/__defaultManagedThreadFactory"></managed-thread-factory>
|
||||
</resources>
|
||||
<servers>
|
||||
<server config-ref="server-config" name="server">
|
||||
<application-ref ref="__admingui" virtual-servers="__asadmin"></application-ref>
|
||||
<resource-ref ref="jdbc/__TimerPool"></resource-ref>
|
||||
<resource-ref ref="jdbc/__default"></resource-ref>
|
||||
<resource-ref ref="jms/__defaultConnectionFactory"></resource-ref>
|
||||
<resource-ref ref="concurrent/__defaultManagedScheduledExecutorService"></resource-ref>
|
||||
<resource-ref ref="concurrent/__defaultManagedExecutorService"></resource-ref>
|
||||
<resource-ref ref="concurrent/__defaultContextService"></resource-ref>
|
||||
<resource-ref ref="concurrent/__defaultManagedThreadFactory"></resource-ref>
|
||||
</server>
|
||||
</servers>
|
||||
<nodes>
|
||||
<node name="localhost-domain1" install-dir="${com.sun.aas.productRoot}" type="CONFIG" node-host="localhost"></node>
|
||||
</nodes>
|
||||
<configs>
|
||||
<config name="server-config">
|
||||
<system-property name="JMS_PROVIDER_PORT" description="Port Number that JMS Service will listen for remote clients connection." value="7676"></system-property>
|
||||
<http-service>
|
||||
<access-log></access-log>
|
||||
<virtual-server network-listeners="http-listener-1,http-listener-2" id="server"></virtual-server>
|
||||
<virtual-server network-listeners="admin-listener" id="__asadmin"></virtual-server>
|
||||
</http-service>
|
||||
<iiop-service>
|
||||
<orb use-thread-pool-ids="thread-pool-1"></orb>
|
||||
<iiop-listener address="0.0.0.0" port="3700" lazy-init="true" id="orb-listener-1"></iiop-listener>
|
||||
<iiop-listener address="0.0.0.0" port="3820" id="SSL" security-enabled="true">
|
||||
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
|
||||
</iiop-listener>
|
||||
<iiop-listener address="0.0.0.0" port="3920" id="SSL_MUTUALAUTH" security-enabled="true">
|
||||
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true"></ssl>
|
||||
</iiop-listener>
|
||||
</iiop-service>
|
||||
<admin-service system-jmx-connector-name="system" type="das-and-server">
|
||||
<jmx-connector address="0.0.0.0" port="8686" name="system" auth-realm-name="admin-realm" security-enabled="false"></jmx-connector>
|
||||
<property name="adminConsoleContextRoot" value="/admin"></property>
|
||||
<property name="adminConsoleDownloadLocation" value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war"></property>
|
||||
<property name="ipsRoot" value="${com.sun.aas.installRoot}/.."></property>
|
||||
<das-config></das-config>
|
||||
</admin-service>
|
||||
<connector-service></connector-service>
|
||||
<transaction-service tx-log-dir="${com.sun.aas.instanceRoot}/logs"></transaction-service>
|
||||
<batch-runtime-configuration></batch-runtime-configuration>
|
||||
<jms-service default-jms-host="default_JMS_host" type="EMBEDDED">
|
||||
<jms-host port="${JMS_PROVIDER_PORT}" name="default_JMS_host" host="localhost"></jms-host>
|
||||
</jms-service>
|
||||
<web-container>
|
||||
<session-config>
|
||||
<session-manager>
|
||||
<store-properties></store-properties>
|
||||
<manager-properties></manager-properties>
|
||||
</session-manager>
|
||||
<session-properties></session-properties>
|
||||
</session-config>
|
||||
</web-container>
|
||||
<ejb-container>
|
||||
<ejb-timer-service></ejb-timer-service>
|
||||
</ejb-container>
|
||||
<rest-config></rest-config>
|
||||
<diagnostic-service></diagnostic-service>
|
||||
<security-service>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
|
||||
<property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile"></property>
|
||||
<property name="jaas-context" value="fileRealm"></property>
|
||||
</auth-realm>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
|
||||
<property name="file" value="${com.sun.aas.instanceRoot}/config/keyfile"></property>
|
||||
<property name="jaas-context" value="fileRealm"></property>
|
||||
</auth-realm>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate"></auth-realm>
|
||||
<jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
|
||||
<property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy"></property>
|
||||
</jacc-provider>
|
||||
<jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory"></jacc-provider>
|
||||
<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
|
||||
<property name="auditOn" value="false"></property>
|
||||
</audit-module>
|
||||
<message-security-config auth-layer="SOAP">
|
||||
<provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="dynamic.username.password" value="false"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="dynamic.username.password" value="false"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
|
||||
</provider-config>
|
||||
</message-security-config>
|
||||
<message-security-config auth-layer="HttpServlet">
|
||||
<provider-config provider-type="server" provider-id="GFConsoleAuthModule" class-name="org.glassfish.admingui.common.security.AdminConsoleAuthModule">
|
||||
<request-policy auth-source="sender"></request-policy>
|
||||
<response-policy></response-policy>
|
||||
<property name="loginPage" value="/login.jsf"></property>
|
||||
<property name="loginErrorPage" value="/loginError.jsf"></property>
|
||||
</provider-config>
|
||||
</message-security-config>
|
||||
<property name="default-digest-algorithm" value="SHA-256"></property>
|
||||
</security-service>
|
||||
<java-config classpath-suffix="" debug-options="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=9009" system-classpath="">
|
||||
<jvm-options>-XX:MaxPermSize=192m</jvm-options>
|
||||
<jvm-options>-client</jvm-options>
|
||||
<jvm-options>-Djava.awt.headless=true</jvm-options>
|
||||
<jvm-options>-Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder</jvm-options>
|
||||
<jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
|
||||
<jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
|
||||
<jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options>
|
||||
<jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
|
||||
<jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options>
|
||||
<jvm-options>-Xmx512m</jvm-options>
|
||||
<jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options>
|
||||
<jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
|
||||
<jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
|
||||
<jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options>
|
||||
<jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
|
||||
<jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
|
||||
<jvm-options>-Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.port=6666</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.maxconn=1</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.ip=127.0.0.1</jvm-options>
|
||||
<jvm-options>-Dgosh.args=--nointeractive</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.poll=5000</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.log.level=2</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.bundles.new.start=true</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.bundles.startTransient=true</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.disableConfigSave=false</jvm-options>
|
||||
<jvm-options>-XX:NewRatio=2</jvm-options>
|
||||
</java-config>
|
||||
<network-config>
|
||||
<protocols>
|
||||
<protocol name="http-listener-1">
|
||||
<http max-connections="250" default-virtual-server="server">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
</protocol>
|
||||
<protocol name="http-listener-2" security-enabled="true">
|
||||
<http max-connections="250" default-virtual-server="server">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
<ssl ssl3-enabled="false" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
|
||||
</protocol>
|
||||
<protocol name="admin-listener">
|
||||
<http encoded-slash-enabled="true" max-connections="250" default-virtual-server="__asadmin">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
</protocol>
|
||||
<protocol name="sec-admin-listener" security-enabled="true">
|
||||
<http encoded-slash-enabled="true" default-virtual-server="__asadmin">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
<ssl ssl3-enabled="false" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" client-auth="want" cert-nickname="s1as" renegotiate-on-client-auth-want="false"></ssl>
|
||||
</protocol>
|
||||
<protocol name="admin-http-redirect">
|
||||
<http-redirect secure="true"></http-redirect>
|
||||
</protocol>
|
||||
<protocol name="pu-protocol">
|
||||
<port-unification>
|
||||
<protocol-finder protocol="sec-admin-listener" classname="org.glassfish.grizzly.config.portunif.HttpProtocolFinder" name="http-finder"></protocol-finder>
|
||||
<protocol-finder protocol="admin-http-redirect" classname="org.glassfish.grizzly.config.portunif.HttpProtocolFinder" name="admin-http-redirect"></protocol-finder>
|
||||
</port-unification>
|
||||
</protocol>
|
||||
</protocols>
|
||||
<network-listeners>
|
||||
<network-listener protocol="http-listener-1" port="8080" name="http-listener-1" thread-pool="http-thread-pool" transport="tcp"></network-listener>
|
||||
<network-listener protocol="http-listener-2" port="8181" name="http-listener-2" thread-pool="http-thread-pool" transport="tcp"></network-listener>
|
||||
<network-listener protocol="pu-protocol" port="4848" name="admin-listener" thread-pool="admin-thread-pool" transport="tcp"></network-listener>
|
||||
</network-listeners>
|
||||
<transports>
|
||||
<transport name="tcp"></transport>
|
||||
</transports>
|
||||
</network-config>
|
||||
<thread-pools>
|
||||
<thread-pool name="admin-thread-pool" max-queue-size="256" max-thread-pool-size="50"></thread-pool>
|
||||
<thread-pool name="http-thread-pool"></thread-pool>
|
||||
<thread-pool name="thread-pool-1" max-thread-pool-size="200"></thread-pool>
|
||||
</thread-pools>
|
||||
<group-management-service>
|
||||
<failure-detection></failure-detection>
|
||||
</group-management-service>
|
||||
<monitoring-service>
|
||||
<module-monitoring-levels></module-monitoring-levels>
|
||||
</monitoring-service>
|
||||
<availability-service></availability-service>
|
||||
</config>
|
||||
<config name="default-config">
|
||||
<http-service>
|
||||
<access-log></access-log>
|
||||
<virtual-server network-listeners="http-listener-1, http-listener-2" id="server">
|
||||
<property name="default-web-xml" value="${com.sun.aas.instanceRoot}/config/default-web.xml"></property>
|
||||
</virtual-server>
|
||||
<virtual-server network-listeners="admin-listener" id="__asadmin"></virtual-server>
|
||||
</http-service>
|
||||
<iiop-service>
|
||||
<orb use-thread-pool-ids="thread-pool-1"></orb>
|
||||
<iiop-listener address="0.0.0.0" port="${IIOP_LISTENER_PORT}" id="orb-listener-1"></iiop-listener>
|
||||
<iiop-listener address="0.0.0.0" port="${IIOP_SSL_LISTENER_PORT}" id="SSL" security-enabled="true">
|
||||
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
|
||||
</iiop-listener>
|
||||
<iiop-listener address="0.0.0.0" port="${IIOP_SSL_MUTUALAUTH_PORT}" id="SSL_MUTUALAUTH" security-enabled="true">
|
||||
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true"></ssl>
|
||||
</iiop-listener>
|
||||
</iiop-service>
|
||||
<admin-service system-jmx-connector-name="system">
|
||||
<jmx-connector address="0.0.0.0" port="${JMX_SYSTEM_CONNECTOR_PORT}" name="system" auth-realm-name="admin-realm" security-enabled="false"></jmx-connector>
|
||||
<property name="adminConsoleDownloadLocation" value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war"></property>
|
||||
<das-config></das-config>
|
||||
</admin-service>
|
||||
<web-container>
|
||||
<session-config>
|
||||
<session-manager>
|
||||
<manager-properties></manager-properties>
|
||||
<store-properties></store-properties>
|
||||
</session-manager>
|
||||
<session-properties></session-properties>
|
||||
</session-config>
|
||||
</web-container>
|
||||
<ejb-container>
|
||||
<ejb-timer-service></ejb-timer-service>
|
||||
</ejb-container>
|
||||
<mdb-container></mdb-container>
|
||||
<jms-service addresslist-behavior="priority" default-jms-host="default_JMS_host" type="EMBEDDED">
|
||||
<jms-host port="${JMS_PROVIDER_PORT}" host="localhost" name="default_JMS_host"></jms-host>
|
||||
</jms-service>
|
||||
<log-service file="${com.sun.aas.instanceRoot}/logs/server.log" log-rotation-limit-in-bytes="2000000">
|
||||
<module-log-levels></module-log-levels>
|
||||
</log-service>
|
||||
<security-service>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
|
||||
<property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile"></property>
|
||||
<property name="jaas-context" value="fileRealm"></property>
|
||||
</auth-realm>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
|
||||
<property name="file" value="${com.sun.aas.instanceRoot}/config/keyfile"></property>
|
||||
<property name="jaas-context" value="fileRealm"></property>
|
||||
</auth-realm>
|
||||
<auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate"></auth-realm>
|
||||
<jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
|
||||
<property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy"></property>
|
||||
</jacc-provider>
|
||||
<jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory"></jacc-provider>
|
||||
<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
|
||||
<property name="auditOn" value="false"></property>
|
||||
</audit-module>
|
||||
<message-security-config auth-layer="SOAP">
|
||||
<provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="dynamic.username.password" value="false"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="dynamic.username.password" value="false"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
</provider-config>
|
||||
<provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
|
||||
<request-policy auth-source="content"></request-policy>
|
||||
<response-policy auth-source="content"></response-policy>
|
||||
<property name="encryption.key.alias" value="s1as"></property>
|
||||
<property name="signature.key.alias" value="s1as"></property>
|
||||
<property name="debug" value="false"></property>
|
||||
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
|
||||
</provider-config>
|
||||
</message-security-config>
|
||||
</security-service>
|
||||
<transaction-service automatic-recovery="true" tx-log-dir="${com.sun.aas.instanceRoot}/logs"></transaction-service>
|
||||
<diagnostic-service></diagnostic-service>
|
||||
<java-config classpath-suffix="" debug-options="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=${JAVA_DEBUGGER_PORT}" system-classpath="">
|
||||
<jvm-options>-XX:MaxPermSize=192m</jvm-options>
|
||||
<jvm-options>-server</jvm-options>
|
||||
<jvm-options>-Djava.awt.headless=true</jvm-options>
|
||||
<jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
|
||||
<jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
|
||||
<jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options>
|
||||
<jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
|
||||
<jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options>
|
||||
<jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options>
|
||||
<jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
|
||||
<jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
|
||||
<jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options>
|
||||
<jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
|
||||
<jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
|
||||
<jvm-options>-XX:NewRatio=2</jvm-options>
|
||||
<jvm-options>-Xmx512m</jvm-options>
|
||||
<jvm-options>-Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.port=${OSGI_SHELL_TELNET_PORT}</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.maxconn=1</jvm-options>
|
||||
<jvm-options>-Dosgi.shell.telnet.ip=127.0.0.1</jvm-options>
|
||||
<jvm-options>-Dgosh.args=--noshutdown -c noop=true</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.poll=5000</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.log.level=3</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.bundles.new.start=true</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.bundles.startTransient=true</jvm-options>
|
||||
<jvm-options>-Dfelix.fileinstall.disableConfigSave=false</jvm-options>
|
||||
</java-config>
|
||||
<availability-service>
|
||||
<web-container-availability></web-container-availability>
|
||||
<ejb-container-availability sfsb-store-pool-name="jdbc/hastore"></ejb-container-availability>
|
||||
<jms-availability></jms-availability>
|
||||
</availability-service>
|
||||
<network-config>
|
||||
<protocols>
|
||||
<protocol name="http-listener-1">
|
||||
<http default-virtual-server="server">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
</protocol>
|
||||
<protocol name="http-listener-2" security-enabled="true">
|
||||
<http default-virtual-server="server">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
<ssl ssl3-enabled="false" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
|
||||
</protocol>
|
||||
<protocol name="admin-listener">
|
||||
<http max-connections="250" default-virtual-server="__asadmin">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
</protocol>
|
||||
<protocol name="sec-admin-listener" security-enabled="true">
|
||||
<http encoded-slash-enabled="true" default-virtual-server="__asadmin">
|
||||
<file-cache></file-cache>
|
||||
</http>
|
||||
<ssl ssl3-enabled="false" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" client-auth="want" cert-nickname="glassfish-instance" renegotiate-on-client-auth-want="false"></ssl>
|
||||
</protocol>
|
||||
<protocol name="admin-http-redirect">
|
||||
<http-redirect secure="true"></http-redirect>
|
||||
</protocol>
|
||||
<protocol name="pu-protocol">
|
||||
<port-unification>
|
||||
<protocol-finder protocol="sec-admin-listener" classname="org.glassfish.grizzly.config.portunif.HttpProtocolFinder" name="http-finder"></protocol-finder>
|
||||
<protocol-finder protocol="admin-http-redirect" classname="org.glassfish.grizzly.config.portunif.HttpProtocolFinder" name="admin-http-redirect"></protocol-finder>
|
||||
</port-unification>
|
||||
</protocol>
|
||||
</protocols>
|
||||
<network-listeners>
|
||||
<network-listener protocol="http-listener-1" port="${HTTP_LISTENER_PORT}" name="http-listener-1" thread-pool="http-thread-pool" transport="tcp"></network-listener>
|
||||
<network-listener protocol="http-listener-2" port="${HTTP_SSL_LISTENER_PORT}" name="http-listener-2" thread-pool="http-thread-pool" transport="tcp"></network-listener>
|
||||
<network-listener protocol="pu-protocol" port="${ASADMIN_LISTENER_PORT}" name="admin-listener" thread-pool="http-thread-pool" transport="tcp"></network-listener>
|
||||
</network-listeners>
|
||||
<transports>
|
||||
<transport name="tcp"></transport>
|
||||
</transports>
|
||||
</network-config>
|
||||
<thread-pools>
|
||||
<thread-pool name="http-thread-pool"></thread-pool>
|
||||
<thread-pool name="thread-pool-1" max-thread-pool-size="200"></thread-pool>
|
||||
<thread-pool name="admin-thread-pool" max-thread-pool-size="50" max-queue-size="256"></thread-pool>
|
||||
</thread-pools>
|
||||
<group-management-service>
|
||||
<failure-detection></failure-detection>
|
||||
</group-management-service>
|
||||
<system-property name="JMS_PROVIDER_PORT" description="Port Number that JMS Service will listen for remote clients connection." value="27676"></system-property>
|
||||
<system-property name="ASADMIN_LISTENER_PORT" value="24848"></system-property>
|
||||
<system-property name="HTTP_LISTENER_PORT" value="28080"></system-property>
|
||||
<system-property name="HTTP_SSL_LISTENER_PORT" value="28181"></system-property>
|
||||
<system-property name="IIOP_LISTENER_PORT" value="23700"></system-property>
|
||||
<system-property name="IIOP_SSL_LISTENER_PORT" value="23820"></system-property>
|
||||
<system-property name="IIOP_SSL_MUTUALAUTH_PORT" value="23920"></system-property>
|
||||
<system-property name="JMX_SYSTEM_CONNECTOR_PORT" value="28686"></system-property>
|
||||
<system-property name="OSGI_SHELL_TELNET_PORT" value="26666"></system-property>
|
||||
<system-property name="JAVA_DEBUGGER_PORT" value="29009"></system-property>
|
||||
<monitoring-service>
|
||||
<module-monitoring-levels></module-monitoring-levels>
|
||||
</monitoring-service>
|
||||
</config>
|
||||
</configs>
|
||||
<property name="administrative.domain.name" value="domain1"></property>
|
||||
<secure-admin special-admin-indicator="4de31578-ac8c-49cf-884e-77faada83599" enabled="true">
|
||||
<secure-admin-principal dn="CN=localhost,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
|
||||
<secure-admin-principal dn="CN=localhost-instance,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
|
||||
</secure-admin>
|
||||
<clusters></clusters>
|
||||
<applications></applications>
|
||||
</domain>
|
|
@ -0,0 +1,3 @@
|
|||
C:\glassfish\bin\asadmin.bat start-domain domain1
|
||||
|
||||
C:\glassfish\bin\asadmin.bat --host localhost --port 4848 enable-secure-admin
|
Binary file not shown.
|
@ -0,0 +1 @@
|
|||
java -jar "%ProgramFiles%\jenkins\jenkins.war" --httpPort=8383
|
Binary file not shown.
|
@ -0,0 +1,4 @@
|
|||
chocolatey feature enable -n=allowGlobalConfirmation
|
||||
choco install 7zip
|
||||
chocolatey feature disable -n=allowGlobalConfirmation
|
||||
exit
|
|
@ -0,0 +1,4 @@
|
|||
chocolatey feature enable -n=allowGlobalConfirmation
|
||||
choco install javaruntime-platformspecific
|
||||
chocolatey feature disable -n=allowGlobalConfirmation
|
||||
exit
|
|
@ -0,0 +1,4 @@
|
|||
chocolatey feature enable -n=allowGlobalConfirmation
|
||||
choco install tomcat
|
||||
chocolatey feature disable -n=allowGlobalConfirmation
|
||||
exit
|
|
@ -0,0 +1 @@
|
|||
secedit.exe /configure /db %windir%\securitynew.sdb /cfg C:\vagrant\resources\security_settings\secconfig.cfg /areas SECURITYPOLICY
|
|
@ -0,0 +1,8 @@
|
|||
netsh advfirewall firewall add rule name="Open Port 8383 for Jenkins" dir=in action=allow protocol=TCP localport=8383
|
||||
netsh advfirewall firewall add rule name="Open Port 5985 for WinRM" dir=in action=allow protocol=TCP localport=5985
|
||||
netsh advfirewall firewall add rule name="Open Port 8282 for Apache Struts" dir=in action=allow protocol=TCP localport=8282
|
||||
netsh advfirewall firewall add rule name="Open Port 80 for IIS" dir=in action=allow protocol=TCP localport=80
|
||||
netsh advfirewall firewall add rule name="Open Port 4848 for GlassFish" dir=in action=allow protocol=TCP localport=4848
|
||||
netsh advfirewall firewall add rule name="Open Port 8080 for GlassFish" dir=in action=allow protocol=TCP localport=8080
|
||||
netsh advfirewall firewall add rule name="Open Port 3389 for Remote Desktop" dir=in action=allow protocol=TCP localport=3389
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
net user leah_organa help_me_obiw@n /ADD
|
||||
net user luke_skywalker use_the_f0rce /ADD
|
||||
net user han_solo sh00t-first /ADD
|
||||
net user artoo_detoo beep_b00p /ADD
|
||||
net user c_three_pio pr0t0c0l /ADD
|
||||
net user ben_kenobi thats_no_moon /ADD
|
||||
net user darth_vader d@rk_sid3 /ADD
|
||||
net user anakin_skywalker yipp33!! /ADD
|
||||
net user jarjar_binks mesah_p@ssw0rd /ADD
|
||||
net user lando_calrissian b@ckstab /ADD
|
||||
net user boba_fett mandalorian1 /ADD
|
||||
net user jabba_hutt not-a-slug12 /ADD
|
||||
net user greedo hanShotFirst! /ADD
|
||||
net user chewbacca rwaaaaawr5 /ADD
|
||||
net user kylo_ren daddy_issues1 /ADD
|
||||
|
||||
net localgroup "Backup Operators" leah_organa /ADD
|
||||
net localgroup "Certificate Service DCOM Access" luke_skywalker /ADD
|
||||
net localgroup "Cryptographic Operators" han_solo /ADD
|
||||
net localgroup "Distributed COM Users" artoo_detoo /ADD
|
||||
net localgroup "Event Log Readers" c_three_pio /ADD
|
||||
net localgroup "Guests" ben_kenobi /ADD
|
||||
net localgroup "IIS_IUSRS" darth_vader /ADD
|
||||
net localgroup "Network Configuration Operators" anakin_skywalker /ADD
|
||||
net localgroup "Performance Log Users" jarjar_binks /ADD
|
||||
net localgroup "Performance Monitor Users" lando_calrissian /ADD
|
||||
net localgroup "Power Users" boba_fett /ADD
|
||||
net localgroup "Print Operators" jabba_hutt /ADD
|
||||
net localgroup "Remote Desktop Users" greedo /ADD
|
||||
net localgroup "Replicator" chewbacca /ADD
|
|
@ -0,0 +1 @@
|
|||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /d 0 /f
|
|
@ -0,0 +1,2 @@
|
|||
netsh advfirewall firewall add rule name="Open Port 3389" dir=in action=allow protocol=TCP localport=3389
|
||||
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
|
|
@ -0,0 +1,12 @@
|
|||
net stop wuauserv
|
||||
|
||||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v EnableFeaturedSoftware /t REG_DWORD /d 1 /f
|
||||
|
||||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v IncludeRecommendedUpdates /t REG_DWORD /d 1 /f
|
||||
|
||||
echo Set ServiceManager = CreateObject("Microsoft.Update.ServiceManager") > A:\temp.vbs
|
||||
echo Set NewUpdateService = ServiceManager.AddService2("7971f918-a847-4430-9279-4a52d1efe18d",7,"") >> A:\temp.vbs
|
||||
|
||||
cscript A:\temp.vbs
|
||||
|
||||
net start wuauserv
|
|
@ -0,0 +1,9 @@
|
|||
cmd /c certutil -addstore -f "Root" A:\addtrust_external_ca.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\baltimore_ca.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\digicert.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\equifax.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\globalsign.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\gte_cybertrust.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\microsoft_root_2011.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\thawte_primary_root.cer
|
||||
cmd /c certutil -addstore -f "Root" A:\utn-userfirst.cer
|
|
@ -0,0 +1,6 @@
|
|||
:: vagrant public key
|
||||
if exist a:\vagrant.pub (
|
||||
copy a:\vagrant.pub C:\Users\vagrant\.ssh\authorized_keys
|
||||
) else (
|
||||
powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/vagrant.pub', 'C:\Users\vagrant\.ssh\authorized_keys')" <NUL
|
||||
)
|
|
@ -0,0 +1,233 @@
|
|||
param($global:RestartRequired=0,
|
||||
$global:MoreUpdates=0,
|
||||
$global:MaxCycles=5,
|
||||
$MaxUpdatesPerCycle=500)
|
||||
|
||||
$Logfile = "C:\Windows\Temp\win-updates.log"
|
||||
|
||||
function LogWrite {
|
||||
Param ([string]$logstring)
|
||||
$now = Get-Date -format s
|
||||
Add-Content $Logfile -value "$now $logstring"
|
||||
Write-Host $logstring
|
||||
}
|
||||
|
||||
function Check-ContinueRestartOrEnd() {
|
||||
$RegistryKey = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
|
||||
$RegistryEntry = "InstallWindowsUpdates"
|
||||
switch ($global:RestartRequired) {
|
||||
0 {
|
||||
$prop = (Get-ItemProperty $RegistryKey).$RegistryEntry
|
||||
if ($prop) {
|
||||
LogWrite "Restart Registry Entry Exists - Removing It"
|
||||
Remove-ItemProperty -Path $RegistryKey -Name $RegistryEntry -ErrorAction SilentlyContinue
|
||||
}
|
||||
|
||||
LogWrite "No Restart Required"
|
||||
Check-WindowsUpdates
|
||||
|
||||
if (($global:MoreUpdates -eq 1) -and ($script:Cycles -le $global:MaxCycles)) {
|
||||
Install-WindowsUpdates
|
||||
} elseif ($script:Cycles -gt $global:MaxCycles) {
|
||||
LogWrite "Exceeded Cycle Count - Stopping"
|
||||
Invoke-Expression "a:\openssh.ps1 -AutoStart"
|
||||
} else {
|
||||
LogWrite "Done Installing Windows Updates"
|
||||
Invoke-Expression "a:\openssh.ps1 -AutoStart"
|
||||
}
|
||||
}
|
||||
1 {
|
||||
$prop = (Get-ItemProperty $RegistryKey).$RegistryEntry
|
||||
if (-not $prop) {
|
||||
LogWrite "Restart Registry Entry Does Not Exist - Creating It"
|
||||
Set-ItemProperty -Path $RegistryKey -Name $RegistryEntry -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File $($script:ScriptPath) -MaxUpdatesPerCycle $($MaxUpdatesPerCycle)"
|
||||
} else {
|
||||
LogWrite "Restart Registry Entry Exists Already"
|
||||
}
|
||||
|
||||
LogWrite "Restart Required - Restarting..."
|
||||
Restart-Computer
|
||||
}
|
||||
default {
|
||||
LogWrite "Unsure If A Restart Is Required"
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function Install-WindowsUpdates() {
|
||||
$script:Cycles++
|
||||
LogWrite "Evaluating Available Updates with limit of $($MaxUpdatesPerCycle):"
|
||||
$UpdatesToDownload = New-Object -ComObject 'Microsoft.Update.UpdateColl'
|
||||
$script:i = 0;
|
||||
$CurrentUpdates = $SearchResult.Updates
|
||||
while($script:i -lt $CurrentUpdates.Count -and $script:CycleUpdateCount -lt $MaxUpdatesPerCycle) {
|
||||
$Update = $CurrentUpdates.Item($script:i)
|
||||
if (($Update -ne $null) -and (!$Update.IsDownloaded)) {
|
||||
[bool]$addThisUpdate = $false
|
||||
if ($Update.InstallationBehavior.CanRequestUserInput) {
|
||||
LogWrite "> Skipping: $($Update.Title) because it requires user input"
|
||||
} else {
|
||||
if (!($Update.EulaAccepted)) {
|
||||
LogWrite "> Note: $($Update.Title) has a license agreement that must be accepted. Accepting the license."
|
||||
$Update.AcceptEula()
|
||||
[bool]$addThisUpdate = $true
|
||||
$script:CycleUpdateCount++
|
||||
} else {
|
||||
[bool]$addThisUpdate = $true
|
||||
$script:CycleUpdateCount++
|
||||
}
|
||||
}
|
||||
|
||||
if ([bool]$addThisUpdate) {
|
||||
LogWrite "Adding: $($Update.Title)"
|
||||
$UpdatesToDownload.Add($Update) |Out-Null
|
||||
}
|
||||
}
|
||||
$script:i++
|
||||
}
|
||||
|
||||
if ($UpdatesToDownload.Count -eq 0) {
|
||||
LogWrite "No Updates To Download..."
|
||||
} else {
|
||||
LogWrite 'Downloading Updates...'
|
||||
$ok = 0;
|
||||
while (! $ok) {
|
||||
try {
|
||||
$Downloader = $UpdateSession.CreateUpdateDownloader()
|
||||
$Downloader.Updates = $UpdatesToDownload
|
||||
$Downloader.Download()
|
||||
$ok = 1;
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Error downloading updates. Retrying in 30s."
|
||||
$script:attempts = $script:attempts + 1
|
||||
Start-Sleep -s 30
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$UpdatesToInstall = New-Object -ComObject 'Microsoft.Update.UpdateColl'
|
||||
[bool]$rebootMayBeRequired = $false
|
||||
LogWrite 'The following updates are downloaded and ready to be installed:'
|
||||
foreach ($Update in $SearchResult.Updates) {
|
||||
if (($Update.IsDownloaded)) {
|
||||
LogWrite "> $($Update.Title)"
|
||||
$UpdatesToInstall.Add($Update) |Out-Null
|
||||
|
||||
if ($Update.InstallationBehavior.RebootBehavior -gt 0){
|
||||
[bool]$rebootMayBeRequired = $true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($UpdatesToInstall.Count -eq 0) {
|
||||
LogWrite 'No updates available to install...'
|
||||
$global:MoreUpdates=0
|
||||
$global:RestartRequired=0
|
||||
Invoke-Expression "a:\openssh.ps1 -AutoStart"
|
||||
break
|
||||
}
|
||||
|
||||
if ($rebootMayBeRequired) {
|
||||
LogWrite 'These updates may require a reboot'
|
||||
$global:RestartRequired=1
|
||||
}
|
||||
|
||||
LogWrite 'Installing updates...'
|
||||
|
||||
$Installer = $script:UpdateSession.CreateUpdateInstaller()
|
||||
$Installer.Updates = $UpdatesToInstall
|
||||
$InstallationResult = $Installer.Install()
|
||||
|
||||
LogWrite "Installation Result: $($InstallationResult.ResultCode)"
|
||||
LogWrite "Reboot Required: $($InstallationResult.RebootRequired)"
|
||||
LogWrite 'Listing of updates installed and individual installation results:'
|
||||
if ($InstallationResult.RebootRequired) {
|
||||
$global:RestartRequired=1
|
||||
} else {
|
||||
$global:RestartRequired=0
|
||||
}
|
||||
|
||||
for($i=0; $i -lt $UpdatesToInstall.Count; $i++) {
|
||||
New-Object -TypeName PSObject -Property @{
|
||||
Title = $UpdatesToInstall.Item($i).Title
|
||||
Result = $InstallationResult.GetUpdateResult($i).ResultCode
|
||||
}
|
||||
LogWrite "Item: " $UpdatesToInstall.Item($i).Title
|
||||
LogWrite "Result: " $InstallationResult.GetUpdateResult($i).ResultCode;
|
||||
}
|
||||
|
||||
Check-ContinueRestartOrEnd
|
||||
}
|
||||
|
||||
function Check-WindowsUpdates() {
|
||||
LogWrite "Checking For Windows Updates"
|
||||
$Username = $env:USERDOMAIN + "\" + $env:USERNAME
|
||||
|
||||
New-EventLog -Source $ScriptName -LogName 'Windows Powershell' -ErrorAction SilentlyContinue
|
||||
|
||||
$Message = "Script: " + $ScriptPath + "`nScript User: " + $Username + "`nStarted: " + (Get-Date).toString()
|
||||
|
||||
Write-EventLog -LogName 'Windows Powershell' -Source $ScriptName -EventID "104" -EntryType "Information" -Message $Message
|
||||
LogWrite $Message
|
||||
|
||||
$script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher()
|
||||
$script:successful = $FALSE
|
||||
$script:attempts = 0
|
||||
$script:maxAttempts = 12
|
||||
while(-not $script:successful -and $script:attempts -lt $script:maxAttempts) {
|
||||
try {
|
||||
$script:SearchResult = $script:UpdateSearcher.Search("IsInstalled=0 and Type='Software' and IsHidden=0")
|
||||
$script:successful = $TRUE
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Search call to UpdateSearcher was unsuccessful. Retrying in 10s."
|
||||
$script:attempts = $script:attempts + 1
|
||||
Start-Sleep -s 10
|
||||
}
|
||||
}
|
||||
|
||||
if ($SearchResult.Updates.Count -ne 0) {
|
||||
$Message = "There are " + $SearchResult.Updates.Count + " more updates."
|
||||
LogWrite $Message
|
||||
try {
|
||||
for($i=0; $i -lt $script:SearchResult.Updates.Count; $i++) {
|
||||
LogWrite $script:SearchResult.Updates.Item($i).Title
|
||||
LogWrite $script:SearchResult.Updates.Item($i).Description
|
||||
LogWrite $script:SearchResult.Updates.Item($i).RebootRequired
|
||||
LogWrite $script:SearchResult.Updates.Item($i).EulaAccepted
|
||||
}
|
||||
$global:MoreUpdates=1
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Showing SearchResult was unsuccessful. Rebooting."
|
||||
$global:RestartRequired=1
|
||||
$global:MoreUpdates=0
|
||||
Check-ContinueRestartOrEnd
|
||||
LogWrite "Show never happen to see this text!"
|
||||
Restart-Computer
|
||||
}
|
||||
} else {
|
||||
LogWrite 'There are no applicable updates'
|
||||
$global:RestartRequired=0
|
||||
$global:MoreUpdates=0
|
||||
}
|
||||
}
|
||||
|
||||
$script:ScriptName = $MyInvocation.MyCommand.ToString()
|
||||
$script:ScriptPath = $MyInvocation.MyCommand.Path
|
||||
$script:UpdateSession = New-Object -ComObject 'Microsoft.Update.Session'
|
||||
$script:UpdateSession.ClientApplicationID = 'Packer Windows Update Installer'
|
||||
$script:UpdateSearcher = $script:UpdateSession.CreateUpdateSearcher()
|
||||
$script:SearchResult = New-Object -ComObject 'Microsoft.Update.UpdateColl'
|
||||
$script:Cycles = 0
|
||||
$script:CycleUpdateCount = 0
|
||||
|
||||
Check-WindowsUpdates
|
||||
if ($global:MoreUpdates -eq 1) {
|
||||
Install-WindowsUpdates
|
||||
} else {
|
||||
Check-ContinueRestartOrEnd
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
@powershell -NoProfile -ExecutionPolicy Bypass -File "%systemdrive%\vagrant\scripts\installs\install_chocolatey.ps1"
|
|
@ -0,0 +1,3 @@
|
|||
chocolatey feature enable -n=allowGlobalConfirmation
|
||||
choco install BoxStarter
|
||||
chocolatey feature disable -n=allowGlobalConfirmation
|
|
@ -0,0 +1,5 @@
|
|||
$ChocoInstallPath = "$env:SystemDrive\ProgramData\Chocolatey\bin"
|
||||
|
||||
if (!(Test-Path $ChocoInstallPath)) {
|
||||
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
|
||||
}
|
|
@ -0,0 +1,87 @@
|
|||
param (
|
||||
[switch]$AutoStart = $false
|
||||
)
|
||||
|
||||
Write-Output "AutoStart: $AutoStart"
|
||||
$is_64bit = [IntPtr]::size -eq 8
|
||||
|
||||
# setup openssh
|
||||
$ssh_download_url = "http://www.mls-software.com/files/setupssh-7.1p1-1.exe"
|
||||
|
||||
if (!(Test-Path "C:\Program Files\OpenSSH\bin\ssh.exe")) {
|
||||
Write-Output "Downloading $ssh_download_url"
|
||||
(New-Object System.Net.WebClient).DownloadFile($ssh_download_url, "C:\Windows\Temp\openssh.exe")
|
||||
|
||||
# initially set the port to 2222 so that there is not a race
|
||||
# condition in which packer connects to SSH before we can disable the service
|
||||
Start-Process "C:\Windows\Temp\openssh.exe" "/S /port=2222 /privsep=1 /password=D@rj33l1ng" -NoNewWindow -Wait
|
||||
}
|
||||
|
||||
Stop-Service "OpenSSHd" -Force
|
||||
|
||||
# ensure vagrant can log in
|
||||
Write-Output "Setting vagrant user file permissions"
|
||||
New-Item -ItemType Directory -Force -Path "C:\Users\vagrant\.ssh"
|
||||
C:\Windows\System32\icacls.exe "C:\Users\vagrant" /grant "vagrant:(OI)(CI)F"
|
||||
C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\bin" /grant "vagrant:(OI)RX"
|
||||
C:\Windows\System32\icacls.exe "C:\Program Files\OpenSSH\usr\sbin" /grant "vagrant:(OI)RX"
|
||||
|
||||
Write-Output "Setting SSH home directories"
|
||||
(Get-Content "C:\Program Files\OpenSSH\etc\passwd") |
|
||||
Foreach-Object { $_ -replace '/home/(\w+)', '/cygdrive/c/Users/$1' } |
|
||||
Set-Content 'C:\Program Files\OpenSSH\etc\passwd'
|
||||
|
||||
# Set shell to /bin/sh to return exit status
|
||||
$passwd_file = Get-Content 'C:\Program Files\OpenSSH\etc\passwd'
|
||||
$passwd_file = $passwd_file -replace '/bin/bash', '/bin/sh'
|
||||
Set-Content 'C:\Program Files\OpenSSH\etc\passwd' $passwd_file
|
||||
|
||||
# fix opensshd to not be strict
|
||||
Write-Output "Setting OpenSSH to be non-strict"
|
||||
$sshd_config = Get-Content "C:\Program Files\OpenSSH\etc\sshd_config"
|
||||
$sshd_config = $sshd_config -replace 'StrictModes yes', 'StrictModes no'
|
||||
$sshd_config = $sshd_config -replace '#PubkeyAuthentication yes', 'PubkeyAuthentication yes'
|
||||
$sshd_config = $sshd_config -replace '#PermitUserEnvironment no', 'PermitUserEnvironment yes'
|
||||
# disable the use of DNS to speed up the time it takes to establish a connection
|
||||
$sshd_config = $sshd_config -replace '#UseDNS yes', 'UseDNS no'
|
||||
# disable the login banner
|
||||
$sshd_config = $sshd_config -replace 'Banner /etc/banner.txt', '#Banner /etc/banner.txt'
|
||||
# next time OpenSSH starts have it listen on th eproper port
|
||||
$sshd_config = $sshd_config -replace 'Port 2222', "Port 22"
|
||||
Set-Content "C:\Program Files\OpenSSH\etc\sshd_config" $sshd_config
|
||||
|
||||
Write-Output "Removing ed25519 key as Vagrant net-ssh 2.9.1 does not support it"
|
||||
Remove-Item -Force -ErrorAction SilentlyContinue "C:\Program Files\OpenSSH\etc\ssh_host_ed25519_key"
|
||||
Remove-Item -Force -ErrorAction SilentlyContinue "C:\Program Files\OpenSSH\etc\ssh_host_ed25519_key.pub"
|
||||
|
||||
# use c:\Windows\Temp as /tmp location
|
||||
Write-Output "Setting temp directory location"
|
||||
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "C:\Program Files\OpenSSH\tmp"
|
||||
C:\Program` Files\OpenSSH\bin\junction.exe /accepteula "C:\Program Files\OpenSSH\tmp" "C:\Windows\Temp"
|
||||
C:\Windows\System32\icacls.exe "C:\Windows\Temp" /grant "vagrant:(OI)(CI)F"
|
||||
|
||||
# add 64 bit environment variables missing from SSH
|
||||
Write-Output "Setting SSH environment"
|
||||
$sshenv = "TEMP=C:\Windows\Temp"
|
||||
if ($is_64bit) {
|
||||
$env_vars = "ProgramFiles(x86)=C:\Program Files (x86)", `
|
||||
"ProgramW6432=C:\Program Files", `
|
||||
"CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files", `
|
||||
"CommonProgramW6432=C:\Program Files\Common Files"
|
||||
$sshenv = $sshenv + "`r`n" + ($env_vars -join "`r`n")
|
||||
}
|
||||
Set-Content C:\Users\vagrant\.ssh\environment $sshenv
|
||||
|
||||
# record the path for provisioners (without the newline)
|
||||
Write-Output "Recording PATH for provisioners"
|
||||
Set-Content C:\Windows\Temp\PATH ([byte[]][char[]] $env:PATH) -Encoding Byte
|
||||
|
||||
# configure firewall
|
||||
Write-Output "Configuring firewall"
|
||||
netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=OpenSSHd enable=yes
|
||||
netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="C:\Program Files\OpenSSH\usr\sbin\sshd.exe" enable=yes
|
||||
netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22
|
||||
|
||||
if ($AutoStart -eq $true) {
|
||||
Start-Service "OpenSSHd"
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
rm "%CATALINA_HOME%\conf\tomcat-users.xml"
|
||||
copy C:\vagrant\resources\apache_struts\tomcat-users.xml "%CATALINA_HOME%\conf\tomcat-users.xml"
|
||||
copy C:\vagrant\resources\apache_struts\server.xml "%CATALINA_HOME%\conf"
|
||||
|
||||
net start "Apache Tomcat 8.0 Tomcat8"
|
||||
|
||||
copy C:\vagrant\resources\apache_struts\struts2-rest-showcase.war "%CATALINA_HOME%\webapps"
|
|
@ -0,0 +1 @@
|
|||
copy C:\vagrant\resources\caidao\caidao.asp "C:\inetpub\wwwroot"
|
|
@ -0,0 +1,8 @@
|
|||
mkdir C:\glassfish
|
||||
powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://download.java.net/glassfish/4.0/release/glassfish-4.0.zip', 'C:\Windows\Temp\glassfish4.zip')" <NUL
|
||||
cmd /c ""C:\Program Files\7-Zip\7z.exe" x "C:\Windows\Temp\glassfish4.zip" -oC:\glassfish"
|
||||
copy /Y "C:\vagrant\resources\glassfish\admin-keyfile" "C:\glassfish\glassfish4\glassfish\domains\domain1\config\admin-keyfile"
|
||||
copy /Y "C:\vagrant\resources\glassfish\domain.xml" "C:\glassfish\glassfish4\glassfish\domains\domain1\config\domain.xml"
|
||||
|
||||
schtasks /create /tn "GlassFish" /tr "C:\glassfish\glassfish4\bin\asadmin.bat start-domain domain1" /sc onstart /np
|
||||
schtasks /run /tn "GlassFish"
|
|
@ -0,0 +1 @@
|
|||
start /w PKGMGR.EXE /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;
|
|
@ -0,0 +1,5 @@
|
|||
mkdir "%ProgramFiles%\jenkins"
|
||||
copy C:\vagrant\resources\jenkins\jenkins.war "%ProgramFiles%\jenkins"
|
||||
copy C:\vagrant\resources\jenkins\start_jenkins.bat "%ProgramFiles%\jenkins"
|
||||
schtasks /create /tn "Jenkins" /tr "\"%ProgramFiles%\jenkins\start_jenkins.bat\"" /sc onstart /np
|
||||
schtasks /run /tn "Jenkins"
|
|
@ -0,0 +1,49 @@
|
|||
if not exist "C:\Windows\Temp\7z920-x64.msi" (
|
||||
powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://www.7-zip.org/a/7z920-x64.msi', 'C:\Windows\Temp\7z920-x64.msi')" <NUL
|
||||
)
|
||||
msiexec /qb /i C:\Windows\Temp\7z920-x64.msi
|
||||
|
||||
if "%PACKER_BUILDER_TYPE%" equ "vmware-iso" goto :vmware
|
||||
if "%PACKER_BUILDER_TYPE%" equ "virtualbox-iso" goto :virtualbox
|
||||
if "%PACKER_BUILDER_TYPE%" equ "parallels-iso" goto :parallels
|
||||
goto :done
|
||||
|
||||
:vmware
|
||||
|
||||
if exist "C:\Users\vagrant\windows.iso" (
|
||||
move /Y C:\Users\vagrant\windows.iso C:\Windows\Temp
|
||||
)
|
||||
|
||||
if not exist "C:\Windows\Temp\windows.iso" (
|
||||
powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://softwareupdate.vmware.com/cds/vmw-desktop/ws/12.0.0/2985596/windows/packages/tools-windows.tar', 'C:\Windows\Temp\vmware-tools.tar')" <NUL
|
||||
cmd /c ""C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\vmware-tools.tar -oC:\Windows\Temp"
|
||||
FOR /r "C:\Windows\Temp" %%a in (VMware-tools-windows-*.iso) DO REN "%%~a" "windows.iso"
|
||||
rd /S /Q "C:\Program Files (x86)\VMWare"
|
||||
)
|
||||
|
||||
cmd /c ""C:\Program Files\7-Zip\7z.exe" x "C:\Windows\Temp\windows.iso" -oC:\Windows\Temp\VMWare"
|
||||
cmd /c C:\Windows\Temp\VMWare\setup.exe /S /v"/qn REBOOT=R\"
|
||||
|
||||
goto :done
|
||||
|
||||
:virtualbox
|
||||
|
||||
:: There needs to be Oracle CA (Certificate Authority) certificates installed in order
|
||||
:: to prevent user intervention popups which will undermine a silent installation.
|
||||
cmd /c certutil -addstore -f "TrustedPublisher" A:\oracle-cert.cer
|
||||
|
||||
move /Y C:\Users\vagrant\VBoxGuestAdditions.iso C:\Windows\Temp
|
||||
cmd /c ""C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\VBoxGuestAdditions.iso -oC:\Windows\Temp\virtualbox"
|
||||
cmd /c C:\Windows\Temp\virtualbox\VBoxWindowsAdditions.exe /S
|
||||
goto :done
|
||||
|
||||
:parallels
|
||||
if exist "C:\Users\vagrant\prl-tools-win.iso" (
|
||||
move /Y C:\Users\vagrant\prl-tools-win.iso C:\Windows\Temp
|
||||
cmd /C "C:\Program Files\7-Zip\7z.exe" x C:\Windows\Temp\prl-tools-win.iso -oC:\Windows\Temp\parallels
|
||||
cmd /C C:\Windows\Temp\parallels\PTAgent.exe /install_silent
|
||||
rd /S /Q "c:\Windows\Temp\parallels"
|
||||
)
|
||||
|
||||
:done
|
||||
msiexec /qb /x C:\Windows\Temp\7z920-x64.msi
|
|
@ -0,0 +1,47 @@
|
|||
# -*- mode: ruby -*-
|
||||
# vi: set ft=ruby :
|
||||
|
||||
Vagrant.require_version ">= 1.6.2"
|
||||
|
||||
Vagrant.configure("2") do |config|
|
||||
config.vm.define "vagrant-windows-2008-r2"
|
||||
config.vm.box = "windows_2008_r2"
|
||||
config.vm.communicator = "winrm"
|
||||
|
||||
# Admin user name and password
|
||||
config.winrm.username = "vagrant"
|
||||
config.winrm.password = "vagrant"
|
||||
|
||||
config.vm.guest = :windows
|
||||
config.windows.halt_timeout = 15
|
||||
|
||||
config.vm.network :forwarded_port, guest: 3389, host: 3389, id: "rdp", auto_correct: true
|
||||
config.vm.network :forwarded_port, guest: 22, host: 2222, id: "ssh", auto_correct: true
|
||||
|
||||
config.vm.provider :virtualbox do |v, override|
|
||||
#v.gui = true
|
||||
v.customize ["modifyvm", :id, "--memory", 2048]
|
||||
v.customize ["modifyvm", :id, "--cpus", 2]
|
||||
v.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
|
||||
end
|
||||
|
||||
config.vm.provider :vmware_fusion do |v, override|
|
||||
#v.gui = true
|
||||
v.vmx["memsize"] = "2048"
|
||||
v.vmx["numvcpus"] = "2"
|
||||
v.vmx["ethernet0.virtualDev"] = "vmxnet3"
|
||||
v.vmx["RemoteDisplay.vnc.enabled"] = "false"
|
||||
v.vmx["RemoteDisplay.vnc.port"] = "5900"
|
||||
v.vmx["scsi0.virtualDev"] = "lsisas1068"
|
||||
end
|
||||
|
||||
config.vm.provider :vmware_workstation do |v, override|
|
||||
#v.gui = true
|
||||
v.vmx["memsize"] = "2048"
|
||||
v.vmx["numvcpus"] = "2"
|
||||
v.vmx["ethernet0.virtualDev"] = "vmxnet3"
|
||||
v.vmx["RemoteDisplay.vnc.enabled"] = "false"
|
||||
v.vmx["RemoteDisplay.vnc.port"] = "5900"
|
||||
v.vmx["scsi0.virtualDev"] = "lsisas1068"
|
||||
end
|
||||
end
|
|
@ -0,0 +1,79 @@
|
|||
{
|
||||
"builders": [
|
||||
{
|
||||
"type": "virtualbox-iso",
|
||||
"iso_url": "{{user `iso_url`}}",
|
||||
"iso_checksum_type": "{{user `iso_checksum_type`}}",
|
||||
"iso_checksum": "{{user `iso_checksum`}}",
|
||||
"headless": true,
|
||||
"boot_wait": "2m",
|
||||
"ssh_username": "vagrant",
|
||||
"ssh_password": "vagrant",
|
||||
"ssh_wait_timeout": "2h",
|
||||
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
|
||||
"guest_os_type": "Windows2008_64",
|
||||
"disk_size": 61440,
|
||||
"floppy_files": [
|
||||
"{{user `autounattend`}}",
|
||||
"./scripts/configs/microsoft-updates.bat",
|
||||
"./scripts/configs/win-updates.ps1",
|
||||
"./scripts/installs/openssh.ps1",
|
||||
"./resources/certs/oracle-cert.cer",
|
||||
"./resources/certs/gdig2.crt",
|
||||
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
|
||||
"./resources/certs/comodorsacertificationauthority.crt",
|
||||
"./resources/certs/addtrust_external_ca.cer",
|
||||
"./resources/certs/baltimore_ca.cer",
|
||||
"./resources/certs/digicert.cer",
|
||||
"./resources/certs/equifax.cer",
|
||||
"./resources/certs/globalsign.cer",
|
||||
"./resources/certs/gte_cybertrust.cer",
|
||||
"./resources/certs/microsoft_root_2011.cer",
|
||||
"./resources/certs/thawte_primary_root.cer",
|
||||
"./resources/certs/utn-userfirst.cer"
|
||||
],
|
||||
"vboxmanage": [
|
||||
[
|
||||
"modifyvm",
|
||||
"{{.Name}}",
|
||||
"--memory",
|
||||
"2048"
|
||||
],
|
||||
[
|
||||
"modifyvm",
|
||||
"{{.Name}}",
|
||||
"--cpus",
|
||||
"2"
|
||||
]
|
||||
]
|
||||
}
|
||||
],
|
||||
"provisioners": [
|
||||
{
|
||||
"type": "shell",
|
||||
"remote_path": "/tmp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"./scripts/installs/vm-guest-tools.bat",
|
||||
"./scripts/configs/vagrant-ssh.bat",
|
||||
"./scripts/configs/disable-auto-logon.bat",
|
||||
"./scripts/configs/enable-rdp.bat",
|
||||
"./scripts/configs/update_root_certs.bat"
|
||||
]
|
||||
}
|
||||
],
|
||||
"post-processors": [
|
||||
{
|
||||
"type": "vagrant",
|
||||
"keep_input_artifact": false,
|
||||
"output": "windows_2008_r2_{{.Provider}}.box",
|
||||
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
|
||||
}
|
||||
],
|
||||
"variables": {
|
||||
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
|
||||
"iso_checksum_type": "md5",
|
||||
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
|
||||
"autounattend": "./answer_files/2008_r2/Autounattend.xml"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue