From e3da65274b1275a51bb64c202335c4d84db8ae66 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Fri, 15 Sep 2023 17:08:53 -0400 Subject: [PATCH] added vagrant upload account configuration in builds.yml (#1522) * Added bento upload to use vagrant account configured in builds.yml * Updated windows vagrant template to default to 4GB of memory * Default hyper-v to generation 2 * Removed EOL OS builds Windows2012r2, Ubuntu 18.04, Ubuntu 22.10, Debian 10 * Remove use of deprecated chef-solo provisioner and cookbooks for windows builds * Add boot_wait variables for each provider * Adjusted default_boot_wait for linux to 5s * Added --vars and --var_files flags * Fixed upload description for libvirt to add qemu hv and version * Updated ubuntu 20.04 boot_command * Changed workflows to be based on cpu architecture * Updated Bento to continue builds even if one fails and report all failures at the end and exit with exit code 1 * Added qemu clone of libvirt box when metadata file is created for uploading to vagrant qemu provider * Made build shell scripts customizable through packer variable --- .github/workflows/ci-build.yml | 6 +- .github/workflows/pkr-bld-amazonlinux-x64.yml | 8 +- .github/workflows/pkr-bld-hyperv-x64.yml | 11 - .github/workflows/pkr-bld-parallels-arm64.yml | 7 +- .github/workflows/pkr-bld-parallels-x64.yml | 13 +- .github/workflows/pkr-bld-qemu-arm64.yml | 9 +- .github/workflows/pkr-bld-qemu-x64.yml | 15 +- .../workflows/pkr-bld-virtualbox-arm64.yml | 7 +- .github/workflows/pkr-bld-virtualbox-x64.yml | 13 +- .github/workflows/pkr-bld-vmware-arm64.yml | 7 +- .github/workflows/pkr-bld-vmware-x64.yml | 13 +- CHANGELOG.md | 88 +-- README.md | 53 +- builds.yml | 39 +- lib/bento/buildmetadata.rb | 24 +- lib/bento/cli.rb | 14 +- lib/bento/normalize.rb | 2 +- lib/bento/packerexec.rb | 4 +- lib/bento/providermetadata.rb | 19 +- lib/bento/runner.rb | 47 +- lib/bento/test.rb | 9 +- lib/bento/test_templates/kitchen.yml.erb | 1 + lib/bento/upload.rb | 34 +- lib/bento/version.rb | 2 +- .../debian/debian-10-aarch64.pkrvars.hcl | 9 - .../debian/debian-10-x86_64.pkrvars.hcl | 9 - .../ubuntu/ubuntu-18.04-aarch64.pkrvars.hcl | 10 - .../ubuntu/ubuntu-18.04-x86_64.pkrvars.hcl | 10 - .../ubuntu/ubuntu-20.04-aarch64.pkrvars.hcl | 3 +- .../ubuntu/ubuntu-20.04-x86_64.pkrvars.hcl | 4 +- .../ubuntu/ubuntu-22.04-aarch64.pkrvars.hcl | 5 +- .../ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl | 1 - .../ubuntu/ubuntu-22.10-aarch64.pkrvars.hcl | 10 - .../ubuntu/ubuntu-22.10-x86_64.pkrvars.hcl | 10 - .../ubuntu/ubuntu-23.04-aarch64.pkrvars.hcl | 5 +- .../ubuntu/ubuntu-23.04-x86_64.pkrvars.hcl | 5 +- .../windows/windows-10-x86_64.pkrvars.hcl | 1 + .../windows/windows-10gen2-x86_64.pkrvars.hcl | 12 - .../windows/windows-11-x86_64.pkrvars.hcl | 5 +- .../windows/windows-11gen2-x86_64.pkrvars.hcl | 13 - .../windows/windows-2012r2-x86_64.pkrvars.hcl | 9 - packer_templates/cookbooks/packer/Berksfile | 3 - packer_templates/cookbooks/packer/chefignore | 115 ---- packer_templates/cookbooks/packer/kitchen.yml | 41 -- packer_templates/cookbooks/packer/metadata.rb | 7 - .../cookbooks/packer/recipes/cleanup.rb | 79 --- .../packer/recipes/configure_power.rb | 16 - .../cookbooks/packer/recipes/defrag.rb | 20 - .../packer/recipes/disable_restore.rb | 5 - .../packer/recipes/disable_screensaver.rb | 5 - .../cookbooks/packer/recipes/disable_uac.rb | 5 - .../packer/recipes/disable_windows_update.rb | 4 - .../packer/recipes/enable_file_sharing.rb | 3 - .../packer/recipes/enable_remote_desktop.rb | 10 - .../cookbooks/packer/recipes/features.rb | 3 - .../packer/recipes/remove_defender.rb | 3 - .../set_local_account_token_filter_policy.rb | 7 - .../cookbooks/packer/recipes/ui_tweaks.rb | Bin 3851 -> 0 bytes .../cookbooks/packer/recipes/updates.rb | 13 - .../cookbooks/packer/recipes/vm_tools.rb | 37 -- .../http/ubuntu/preseed-hyperv.cfg | 37 -- packer_templates/http/ubuntu/preseed.cfg | 90 --- packer_templates/pkr-builder.pkr.hcl | 234 ++++---- packer_templates/pkr-sources.pkr.hcl | 62 +-- packer_templates/pkr-variables.pkr.hcl | 32 +- .../scripts/windows/base_setup.ps1 | 54 -- packer_templates/scripts/windows/cleanup.ps1 | 114 +++- .../scripts/windows/configure-power 2.ps1 | 32 ++ .../scripts/windows/configure-power.ps1 | 32 ++ .../scripts/windows/disable-screensaver 2.ps1 | 17 + .../scripts/windows/disable-screensaver.ps1 | 17 + .../windows/disable-system-restore 2.ps1 | 17 + .../windows/disable-system-restore.ps1 | 17 + .../windows/disable-windows-defender.ps1 | 1 + .../scripts/windows/disable-windows-uac 2.ps1 | 20 + .../scripts/windows/disable-windows-uac.ps1 | 20 + .../windows/disable-windows-updates.ps1 | 3 +- .../scripts/windows/enable-file-sharing 2.ps1 | 17 + .../scripts/windows/enable-file-sharing.ps1 | 17 + .../scripts/windows/enable-remote-desktop.ps1 | 8 +- packer_templates/scripts/windows/optimize.ps1 | 71 +-- .../scripts/windows/provision-winrm.ps1 | 100 ---- .../scripts/windows/provision.ps1 | 14 +- .../scripts/windows/remove-apps.ps1 | 15 +- .../windows/remove-one-drive-and-teams 2.ps1 | 259 +++++++++ .../windows/remove-one-drive-and-teams.ps1 | 259 +++++++++ .../scripts/windows/remove-one-drive.ps1 | 69 --- .../scripts/windows/ui-tweaks 2.ps1 | 65 +++ .../scripts/windows/ui-tweaks.ps1 | 65 +++ ...albox-prevent-vboxsrv-resolution-delay.ps1 | 34 -- .../vagrantfile-windows-gen2.template | 22 - packer_templates/vagrantfile-windows.template | 10 +- .../win_answer_files/10/Autounattend.xml | 498 ++++++++++------- .../Autounattend 2.xml} | 177 ++++-- .../hyperv-gen2/Autounattend.xml} | 203 ++++--- .../win_answer_files/11/Autounattend.xml | 522 +++++++++++------- .../11/hyperv-gen2/Autounattend 2.xml | 341 ++++++++++++ .../11/hyperv-gen2/Autounattend.xml | 341 ++++++++++++ .../win_answer_files/2012/Autounattend.xml | 289 ---------- .../win_answer_files/2012r2/Autounattend.xml | 289 ---------- .../win_answer_files/2016/Autounattend.xml | 327 ++++++----- .../2016/hyperv-gen2/Autounattend 2.xml | 332 +++++++++++ .../2016/hyperv-gen2/Autounattend.xml | 332 +++++++++++ .../win_answer_files/2019/Autounattend.xml | 327 ++++++----- .../2019/hyperv-gen2/Autounattend 2.xml | 332 +++++++++++ .../2019/hyperv-gen2/Autounattend.xml | 332 +++++++++++ .../win_answer_files/2022/Autounattend.xml | 327 ++++++----- .../2022/hyperv-gen2/Autounattend 2.xml | 332 +++++++++++ .../2022/hyperv-gen2/Autounattend.xml | 332 +++++++++++ 109 files changed, 5481 insertions(+), 2918 deletions(-) delete mode 100644 os_pkrvars/debian/debian-10-aarch64.pkrvars.hcl delete mode 100644 os_pkrvars/debian/debian-10-x86_64.pkrvars.hcl delete mode 100644 os_pkrvars/ubuntu/ubuntu-18.04-aarch64.pkrvars.hcl delete mode 100644 os_pkrvars/ubuntu/ubuntu-18.04-x86_64.pkrvars.hcl delete mode 100644 os_pkrvars/ubuntu/ubuntu-22.10-aarch64.pkrvars.hcl delete mode 100644 os_pkrvars/ubuntu/ubuntu-22.10-x86_64.pkrvars.hcl delete mode 100644 os_pkrvars/windows/windows-10gen2-x86_64.pkrvars.hcl delete mode 100644 os_pkrvars/windows/windows-11gen2-x86_64.pkrvars.hcl delete mode 100644 os_pkrvars/windows/windows-2012r2-x86_64.pkrvars.hcl delete mode 100644 packer_templates/cookbooks/packer/Berksfile delete mode 100644 packer_templates/cookbooks/packer/chefignore delete mode 100644 packer_templates/cookbooks/packer/kitchen.yml delete mode 100644 packer_templates/cookbooks/packer/metadata.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/cleanup.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/configure_power.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/defrag.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/disable_restore.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/disable_screensaver.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/disable_uac.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/disable_windows_update.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/enable_file_sharing.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/enable_remote_desktop.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/features.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/remove_defender.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/set_local_account_token_filter_policy.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/ui_tweaks.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/updates.rb delete mode 100644 packer_templates/cookbooks/packer/recipes/vm_tools.rb delete mode 100755 packer_templates/http/ubuntu/preseed-hyperv.cfg delete mode 100644 packer_templates/http/ubuntu/preseed.cfg delete mode 100644 packer_templates/scripts/windows/base_setup.ps1 create mode 100644 packer_templates/scripts/windows/configure-power 2.ps1 create mode 100644 packer_templates/scripts/windows/configure-power.ps1 create mode 100644 packer_templates/scripts/windows/disable-screensaver 2.ps1 create mode 100644 packer_templates/scripts/windows/disable-screensaver.ps1 create mode 100644 packer_templates/scripts/windows/disable-system-restore 2.ps1 create mode 100644 packer_templates/scripts/windows/disable-system-restore.ps1 create mode 100644 packer_templates/scripts/windows/disable-windows-uac 2.ps1 create mode 100644 packer_templates/scripts/windows/disable-windows-uac.ps1 create mode 100644 packer_templates/scripts/windows/enable-file-sharing 2.ps1 create mode 100644 packer_templates/scripts/windows/enable-file-sharing.ps1 delete mode 100644 packer_templates/scripts/windows/provision-winrm.ps1 create mode 100644 packer_templates/scripts/windows/remove-one-drive-and-teams 2.ps1 create mode 100644 packer_templates/scripts/windows/remove-one-drive-and-teams.ps1 delete mode 100644 packer_templates/scripts/windows/remove-one-drive.ps1 create mode 100644 packer_templates/scripts/windows/ui-tweaks 2.ps1 create mode 100644 packer_templates/scripts/windows/ui-tweaks.ps1 delete mode 100644 packer_templates/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1 delete mode 100644 packer_templates/vagrantfile-windows-gen2.template rename packer_templates/win_answer_files/10/{gen2_Autounattend.xml => hyperv-gen2/Autounattend 2.xml} (53%) rename packer_templates/win_answer_files/{11/gen2_Autounattend.xml => 10/hyperv-gen2/Autounattend.xml} (50%) create mode 100644 packer_templates/win_answer_files/11/hyperv-gen2/Autounattend 2.xml create mode 100644 packer_templates/win_answer_files/11/hyperv-gen2/Autounattend.xml delete mode 100644 packer_templates/win_answer_files/2012/Autounattend.xml delete mode 100644 packer_templates/win_answer_files/2012r2/Autounattend.xml create mode 100644 packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend 2.xml create mode 100644 packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend.xml create mode 100644 packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend 2.xml create mode 100644 packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend.xml create mode 100644 packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend 2.xml create mode 100644 packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend.xml diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 842a872d2..6864185e1 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -28,9 +28,9 @@ jobs: powershell-lint: uses: chef/github-workflows/.github/workflows/powershell-lint.yml@main - pkr-bld-amazonlinux-x64: - uses: ./.github/workflows/pkr-bld-amazonlinux-x64.yml - secrets: inherit +# pkr-bld-amazonlinux-x64: +# uses: ./.github/workflows/pkr-bld-amazonlinux-x64.yml +# secrets: inherit pkr-bld-hyperv-x64: uses: ./.github/workflows/pkr-bld-hyperv-x64.yml diff --git a/.github/workflows/pkr-bld-amazonlinux-x64.yml b/.github/workflows/pkr-bld-amazonlinux-x64.yml index facc751a2..033202112 100644 --- a/.github/workflows/pkr-bld-amazonlinux-x64.yml +++ b/.github/workflows/pkr-bld-amazonlinux-x64.yml @@ -26,12 +26,16 @@ jobs: run: if packer fmt -check -recursive .; then exit 0; else echo "Some packer files need to be formatted, run 'packer fmt -recursive .' to fix"; exit 1; fi - name: Packer Validate run: packer validate -var-file=os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" packer_templates - - name: Packer build + - name: Bento build run: | eval "$(chef shell-init bash)" ./AMZ_build_virtualbox-ovf.sh - bento build -n os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" >> builds/amazonlinux-2-x86_64.metadata.json + bento build --metadata_only os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-hyperv-x64.yml b/.github/workflows/pkr-bld-hyperv-x64.yml index ca77f1ee5..1365135c4 100644 --- a/.github/workflows/pkr-bld-hyperv-x64.yml +++ b/.github/workflows/pkr-bld-hyperv-x64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -34,19 +33,9 @@ jobs: - springdalelinux-7 - springdalelinux-8 - springdalelinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 -# - windows-10 -# - windows-10gen2 -# - windows-11 -# - windows-11gen2 -# - windows-2012r2 -# - windows-2016 -# - windows-2019 -# - windows-2022 provider: - hyperv-iso steps: diff --git a/.github/workflows/pkr-bld-parallels-arm64.yml b/.github/workflows/pkr-bld-parallels-arm64.yml index c678d1199..56abac053 100644 --- a/.github/workflows/pkr-bld-parallels-arm64.yml +++ b/.github/workflows/pkr-bld-parallels-arm64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -30,10 +29,8 @@ jobs: - oracle-9 - rockylinux-8 - rockylinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 provider: - parallels-iso @@ -60,6 +57,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-parallels-x64.yml b/.github/workflows/pkr-bld-parallels-x64.yml index 7f6f3cb45..2b2ae6d87 100644 --- a/.github/workflows/pkr-bld-parallels-x64.yml +++ b/.github/workflows/pkr-bld-parallels-x64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -34,17 +33,9 @@ jobs: - springdalelinux-7 - springdalelinux-8 - springdalelinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 -# - windows-10 -# - windows-11 -# - windows-2012r2 -# - windows-2016 -# - windows-2019 -# - windows-2022 provider: - parallels-iso steps: @@ -69,6 +60,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-qemu-arm64.yml b/.github/workflows/pkr-bld-qemu-arm64.yml index 1b0925d46..d67067856 100644 --- a/.github/workflows/pkr-bld-qemu-arm64.yml +++ b/.github/workflows/pkr-bld-qemu-arm64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -30,10 +29,8 @@ jobs: - oracle-9 - rockylinux-8 - rockylinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 provider: - qemu @@ -58,8 +55,12 @@ jobs: # run: packer build -timestamp-ui -only=${{ matrix.provider }}.vm -var "qemu_accelerator=hvf" -var-file=os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" packer_templates run: | eval "$(chef shell-init bash)" - bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" + bento build -o ${{ matrix.provider }}.vm --vars "qemu_accelerator=hvf" os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Upload build artifact uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/pkr-bld-qemu-x64.yml b/.github/workflows/pkr-bld-qemu-x64.yml index 4a692bf07..b530ccbe3 100644 --- a/.github/workflows/pkr-bld-qemu-x64.yml +++ b/.github/workflows/pkr-bld-qemu-x64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -34,17 +33,9 @@ jobs: - springdalelinux-7 - springdalelinux-8 - springdalelinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 -# - windows-10 -# - windows-11 -# - windows-2012r2 -# - windows-2016 -# - windows-2019 -# - windows-2022 provider: - qemu steps: @@ -69,8 +60,12 @@ jobs: # run: packer build -timestamp-ui -only=${{ matrix.provider }}.vm -var "qemu_accelerator=hvf" -var-file=os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" packer_templates run: | eval "$(chef shell-init bash)" - bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" + bento build -o ${{ matrix.provider }}.vm --vars "qemu_accelerator=hvf" os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Upload build artifact uses: actions/upload-artifact@main with: diff --git a/.github/workflows/pkr-bld-virtualbox-arm64.yml b/.github/workflows/pkr-bld-virtualbox-arm64.yml index 43e65601f..c3a09e81f 100644 --- a/.github/workflows/pkr-bld-virtualbox-arm64.yml +++ b/.github/workflows/pkr-bld-virtualbox-arm64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -30,10 +29,8 @@ jobs: - oracle-9 - rockylinux-8 - rockylinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 provider: - virtualbox-iso @@ -60,6 +57,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-virtualbox-x64.yml b/.github/workflows/pkr-bld-virtualbox-x64.yml index c359461ac..b8bc64e4c 100644 --- a/.github/workflows/pkr-bld-virtualbox-x64.yml +++ b/.github/workflows/pkr-bld-virtualbox-x64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -34,17 +33,9 @@ jobs: - springdalelinux-7 - springdalelinux-8 - springdalelinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 -# - windows-10 -# - windows-11 -# - windows-2012r2 -# - windows-2016 -# - windows-2019 -# - windows-2022 provider: - virtualbox-iso steps: @@ -69,6 +60,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-vmware-arm64.yml b/.github/workflows/pkr-bld-vmware-arm64.yml index 32ddfcc32..52512cd77 100644 --- a/.github/workflows/pkr-bld-vmware-arm64.yml +++ b/.github/workflows/pkr-bld-vmware-arm64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -30,10 +29,8 @@ jobs: - oracle-9 - rockylinux-8 - rockylinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 provider: - vmware-iso @@ -60,6 +57,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-aarch64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/.github/workflows/pkr-bld-vmware-x64.yml b/.github/workflows/pkr-bld-vmware-x64.yml index 68f3d3975..a44502ab2 100644 --- a/.github/workflows/pkr-bld-vmware-x64.yml +++ b/.github/workflows/pkr-bld-vmware-x64.yml @@ -17,7 +17,6 @@ jobs: - centos-7 - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-37 @@ -34,17 +33,9 @@ jobs: - springdalelinux-7 - springdalelinux-8 - springdalelinux-9 - - ubuntu-18.04 - ubuntu-20.04 - ubuntu-22.04 - - ubuntu-22.10 - ubuntu-23.04 -# - windows-10 -# - windows-11 -# - windows-2012r2 -# - windows-2016 -# - windows-2019 -# - windows-2022 provider: - vmware-iso steps: @@ -69,6 +60,10 @@ jobs: eval "$(chef shell-init bash)" bento build -o ${{ matrix.provider }}.vm os_pkrvars/$(echo ${{ matrix.os }} | cut -d "-" -f 1)/"${{ matrix.os }}-x86_64.pkrvars.hcl" ls -alh builds +# - name: Bento Test +# run: | +# eval "$(chef shell-init bash)" +# bento test - name: Remove VM in case of canceled job if: cancelled() run: | diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b64b8e04..395fa9c4d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,63 +7,75 @@ Markdown table generated at | | hyperv
x86_64 | parallels
x86_64 | parallels
aarch64 | qemu
x86_64 | qemu
aarch64 | virtualbox
x86_64 | virtualbox
aarch64 | vmware
x86_64 | vmware
aarch64 | |:---:|:---:|:---:|:---:|:---:|:---:|:---:|:---:|:---:|:---:| -| almalinux-8 | | | | x | | x | | x | | -| almalinux-9 | | x | | | | x | | x | | +| almalinux-8 | | x | | x | | x | | x | | +| almalinux-9 | | x | x | | | x | | x | x | | amazonlinux-2 | | na | na | | | | na | | na | | amazonlinux-2023 | na | na | na | na | na | na | na | na | na | -| centos-7 | | x | | | | | | x | | -| centos-stream-8 | x | | | x | | | | x | | -| centos-stream-9 | | x | | | | | | x | | -| debian-10 | | | x | | | | | x | | -| debian-11 | | x | x | | | | | x | | +| centos-7 | | x | | x | | x | | x | | +| centos-stream-8 | | x | | x | | x | | x | | +| centos-stream-9 | | | x | | | | | | | +| debian-11 | | x | x | | | x | | x | | | debian-12 | | x | x | | | x | | x | x | -| fedora-37 | | x | | x | | | | x | x | -| fedora-38 | | | | | | x | | x | x | -| freebsd-12 | | | | | | x | | | | -| freebsd-13 | | | | | | x | | | | -| opensuse-leap-15 | x | x | | | | | | x | | -| oraclelinux-7 | x | x | | | | x | | x | | -| oraclelinux-8 | x | | | x | | x | | x | | -| oraclelinux-9 | | x | | | | x | | x | | +| fedora-37 | | x | x | x | | x | | x | x | +| fedora-38 | | x | | x | | x | | x | x | +| freebsd-12 | | | | | | x | | x | | +| freebsd-13 | | | | | | x | | x | | +| opensuse-leap-15 | | x | | x | | x | | x | | +| oraclelinux-7 | | x | | x | | x | | x | | +| oraclelinux-8 | | | | x | | x | | x | | +| oraclelinux-9 | | x | x | | | x | | x | | | rhel-7 | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | | rhel-8 | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | | rhel-9 | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | license
needed | -| rockylinux-8 | | | | x | | x | | x | | -| rockylinux-9 | | x | x | | | | | x | | -| scientificlinux-7 | | x | na | | na | | na | x | na | +| rockylinux-8 | | x | | x | | x | | x | | +| rockylinux-9 | | x | | | | x | | x | x | +| scientificlinux-7 | | x | na | x | na | x | na | x | na | | sles-12 | license
needed | license
needed | na | license
needed | na | license
needed | na | license
needed | na | | sles-13 | license
needed | license
needed | na | license
needed | na | license
needed | na | license
needed | na | | solaris-11 | license
needed | license
needed | na | license
needed | na | license
needed | na | license
needed | na | -| springdalelinux-7 | | x | na | | na | | na | | na | -| springdalelinux-8 | x | | na | x | na | x | na | x | na | -| springdalelinux-9 | x | x | na | | na | | na | x | na | -| ubuntu-18.04 | | x | | | | x | | x | | -| ubuntu-20.04 | | x | | x | | | | x | x | -| ubuntu-22.04 | | x | | x | | x | | x | x | -| ubuntu-22.10 | | x | | | | | | | x | -| ubuntu-23.04 | | x | | x | | | | x | x | -| windows-10 | x | x | na | | na | x | na | | na | -| windows-10gen2 | | na | na | na | na | na | na | na | na | -| windows-11 | x | x | na | | na | x | na | | na | -| windows-11gen2 | | na | na | na | na | na | na | na | na | -| windows-2012r2 | | x | na | | na | x | na | | na | -| windows-2016 | x | x | na | | na | x | na | | na | -| windows-2019 | x | x | na | | na | x | na | | na | -| windows-2022 | x | x | na | | na | x | na | | na | +| springdalelinux-7 | | x | na | x | na | | na | | na | +| springdalelinux-8 | | x | na | x | na | x | na | x | na | +| springdalelinux-9 | | | na | | na | | na | | na | +| ubuntu-20.04 | | x | x | | | x | | x | x | +| ubuntu-22.04 | | x | | x | | x | | x | | +| ubuntu-23.04 | | x | | x | | x | | x | | +| windows-10 | | x | na | | na | x | na | | na | +| windows-11 | | x | na | | na | x | na | | na | +| windows-2016 | | x | na | | na | x | na | | na | +| windows-2019 | | x | na | | na | x | na | | na | +| windows-2022 | | x | na | | na | x | na | | na | ### Todo - Fix failing builds -- Finish removal of deprecated chef-solo provider to powershell provider for windows -- migrate from http directory for hosting files to cd_files in source templates +- migrate from http directory for hosting files to floppy_files or cd_files in source templates - This makes all builds compatible with hyper-v gen 2 which removes floppy disk capability - This also makes things universal for Virtualbox 6.1 to 7.x due to latter requiring extra config for guests on NAT to be able to connect to host + - Also eliminates any potential networking issues - Update pipelines to only run on updated pkrvars files - Look into making all build uefi default builds - Create CD pipeline to upload vagrant boxes after PR is merged - Create CD pipeline to build and upload new versions of vagrant boxes once every 3 months with the latest patches - -## [unreleased] (2023-07-07) +- Added ability to configure bento upload of private or public boxes in builds.yml, defaults to private + +## [unreleased] (2023-09-15) + +## [v.3.2.0] (2023-09-15) + +- Added bento upload to use vagrant account configured in builds.yml +- Updated windows vagrant template to default to 4GB of memory +- Default hyperv to generation 2 +- Removed EOL OS builds Windows2012r2, Ubuntu 18.04, Ubuntu 22.10, Debian 10 +- Remove use of deprecated chef-solo provisioner and cookbooks for widnows builds +- Add boot_wait variables for each provider +- Adjusted default_boot_wait for linux to 5s +- Added --vars and --var_files flags +- Fixed upload description for libvirt to add qemu hv and version +- Updated ubuntu 20.04 boot_command +- Changed workflows to be based on cpu architecture +- Updated Bento to continue builds even if one fails and report all failures at the end and exit with exit code 1 +- Added qemu clone of libvirt box when metadata file is created for uploading to vagrant qemu provider +- Made build shell scripts customizable through packer variable ## [v3.1.1] (2023-07-07) diff --git a/README.md b/README.md index be0a36625..303a5924f 100644 --- a/README.md +++ b/README.md @@ -33,15 +33,15 @@ end - [VirtualBox](https://www.virtualbox.org/) - [VMware Fusion](https://www.vmware.com/products/fusion.html) - [VMware Workstation](https://www.vmware.com/products/workstation-pro.html) - - [Parallels Desktop](https://www.parallels.com/products/desktop/) also requires [Parallels Virtualization SDK](https://www.parallels.com/products/desktop/download/) + - [Parallels Desktop](https://www.parallels.com/products/desktop/) also requires [Parallels Virtualization SDK](https://www.parallels.com/products/desktop/download/) for versons < 19.x - [qemu](https://www.qemu.org/) * - [Hyper-V](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/) * ***NOTE:** support for these providers is considered experimental and corresponding Vagrant Cloud images may or may not exist. -#### Using `bento` executable +### Using `bento` executable -### build +#### build To build a Debian vagrant box using the bento tool with the template available in the `os_pkrvars` dir, we can use the following command: @@ -51,17 +51,21 @@ bento build --cpus 2 os_pkrvars/debian/debian-12-x86_64.pkrvars.hcl Other available options: -- cpus - Specify the number of CPUs needed in the new build. +- cpus - Specify the number of CPUs needed in the new build - mem - Specify the memory -- mirror - The template will have a default mirror link, if you wish to use an alternative one, you can utilise this configuration. -- dry-run - This will not create any build, but will create a metadata file for reference. +- config - Use a configuration file other than default builds.yml +- vars - Comma seperated list of variable names equal values (ex: boot_wait="2s",ssh_timeout="5s") +- var_files - Comma seperated list of pkrvar.hcl files to include in the builds (ex: /path/to/var_file.pkrvars.hcl,/path/to/next/var_file2.pkrvars.hcl) +- metadata_only - Only generate the metadata json file +- mirror - The template will have a default mirror link, if you wish to use an alternative one, you can utilise this configuration +- dry-run - This will not create any build, but will create a metadata file for reference - only - Only build some Packer builds (Default: parallels-iso.vm,virtualbox-iso.vm,vmware-iso.vm - except - Build all Packer builds except these (ex: parallels-iso.vm,virtualbox-iso.vm,vmware-iso.vm) - debug - Print the debug logs -- headed - Packer will be building VirtualBox virtual machines by launching a GUI that shows the console of the machine being built. This option is false by default -- single - This can be used to disable the parallel builds. +- gui - Packer will be building VirtualBox virtual machines by launching a GUI that shows the console of the machine being built. This option is false by default +- single - This can be used to disable the parallel builds -### list +#### list Used to list all builds available for the workstations cpu architecture. This list is also filtered by the build.yml file do_not_build: section. All entries are matched via regex to filter out build templates from the list. @@ -71,7 +75,7 @@ This only shows what would be built with `bento build` and no template is specif bento list ``` -### test +#### test If you have successfully built a vagrant box using the bento tool, you should have the vagrant box and a metadata file in the `builds` folder. You can use these files to test the build with a test-kitchen configuration. Run the following command to test the build. @@ -79,7 +83,19 @@ If you have successfully built a vagrant box using the bento tool, you should ha bento test ``` -#### Using `packer` +#### upload + +To upload boxes in the builds directory to your vagrant cloud account update the build.yml file to specify your account name and which OSs are going to be public. + +Make sure you have configured the vagrant cli and logged into your account for the upload command to work. + +```bash +bento upload +``` + +When running `bento upload` it'll read each ._metadata.json file and use the data provided to generate the `vagrant cloud publish` command with the descriptions, version, provider, and checksums all coming from the ._metadata.json file. + +### Using `packer` To build a Ubuntu 22.04 box for only the VirtualBox provider @@ -113,17 +129,9 @@ packer init -upgrade ./packer_templates packer build -var 'iso_url=http://mirror.utexas.edu/fedora/linux' -var-file=os_pkrvars/fedora/fedor-37-x86_64.pkrvars.hcl ./packer_templates ```` -To build a Windows 10 Enterprise Gen 2 box for the Hyper-V provider - -```bash -cd /bento -packer init -upgrade ./packer_templates -packer build -var-file=os_pkrvars/windows/windows-10gen2-x86_64.pkrvars.hcl ./packer_templates -``` - If the build is successful, your box files will be in the `builds` directory at the root of the repository. -#### KVM/qemu support for Windows +### KVM/qemu support for Windows You must download [the iso image with the Windows drivers for paravirtualized KVM/qemu hardware](https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso). You can do this from the command line: `wget -nv -nc https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso -O virtio-win.iso` and place it in the packer_templates/win_answer_files/ directory. @@ -142,7 +150,7 @@ Templates for operating systems only available via license or subscription are a Most of the providers expect unrestricted access to networking in order to build as expected. We can't enumerate all possible firewall configurations but include some snippets below that might be useful to users. -#### Windows +### Windows ```powershell $VS = "Standardswitch" @@ -155,9 +163,8 @@ New-NetFirewallRule -Displayname "Allow incomming from $VS" -Direction Inbound - Hyper-V Gen 2 VMs do not support floppy drives. If you previously provided resources using a floppy drive, you must add those files to your Gen 2 iso images, in particular: - `autounattend.xml`: The Gen 2 `autounattend.xml` file supports EFI partitions. Update the `autounattend.xml` with the correct Windows version for your systems and ensure that the partitions are correct for your situation. You also need to manage the driver disk that holds the hyper-v guest services drivers and adjust the `autounattend.xml` file as appropriate. -- `base_setup.ps1` -## Bugs and Issues +### Bugs and Issues Please use GitHub issues to report bugs, features, or other problems. diff --git a/builds.yml b/builds.yml index cf01fe562..0604a03f8 100644 --- a/builds.yml +++ b/builds.yml @@ -1,12 +1,14 @@ --- +vagrant_cloud_account: 'bento' + public: - 'almalinux-8' - 'almalinux-9' - 'amazon-2' + - 'amazon-2023' - 'centos-7' - 'centos-stream-8' - 'centos-stream-9' - - 'debian-10' - 'debian-11' - 'debian-12' - 'fedora-37' @@ -23,23 +25,43 @@ public: - 'springdalelinux-7' - 'springdalelinux-8' - 'springdalelinux-9' - - 'ubuntu-18.04' - 'ubuntu-20.04' - 'ubuntu-22.04' - - 'ubuntu-22.10' - 'ubuntu-23.04' + - 'almalinux-8-arm64' + - 'almalinux-9-arm64' + - 'amazon-2-arm64' + - 'amazon-2023-arm64' + - 'centos-7-arm64' + - 'centos-stream-8-arm64' + - 'centos-stream-9-arm64' + - 'debian-11-arm64' + - 'debian-12-arm64' + - 'fedora-37-arm64' + - 'fedora-38-arm64' + - 'freebsd-12-arm64' + - 'freebsd-13-arm64' + - 'opensuse-leap-15-arm64' + - 'oracle-7-arm64' + - 'oracle-8-arm64' + - 'oracle-9-arm64' + - 'rockylinux-8-arm64' + - 'rockylinux-9-arm64' + - 'scientific-7-arm64' + - 'springdalelinux-7-arm64' + - 'springdalelinux-8-arm64' + - 'springdalelinux-9-arm64' + - 'ubuntu-20.04-arm64' + - 'ubuntu-22.04-arm64' + - 'ubuntu-23.04-arm64' # slug box name: text string from standard box name to match (generally the same) slugs: 'almalinux-8': 'almalinux-8' 'almalinux-9': 'almalinux-9' - 'amazon-2': 'amazon-2' 'centos-7': 'centos-7' - 'centos-stream-8': 'centos-stream-8' - 'centos-stream-9': 'centos-stream-9' 'debian-12': 'debian-12' 'debian-11': 'debian-11' - 'debian-10': 'debian-10' 'fedora-latest': 'fedora-38' 'freebsd-12': 'freebsd-12' 'freebsd-13': 'freebsd-13' @@ -56,11 +78,8 @@ slugs: 'almalinux-8-arm64': 'almalinux-8' 'almalinux-9-arm64': 'almalinux-9' 'centos-7-arm64': 'centos-7' - 'centos-stream-8-arm64': 'centos-stream-8' - 'centos-stream-9-arm64': 'centos-stream-9' 'debian-12-arm64': 'debian-12' 'debian-11-arm64': 'debian-11' - 'debian-10-arm64': 'debian-10' 'fedora-latest-arm64': 'fedora-38' 'oracle-7-arm64': 'oracle-7' 'oracle-8-arm64': 'oracle-8' diff --git a/lib/bento/buildmetadata.rb b/lib/bento/buildmetadata.rb index e35eb867f..ecbba79d5 100644 --- a/lib/bento/buildmetadata.rb +++ b/lib/bento/buildmetadata.rb @@ -4,10 +4,11 @@ class BuildMetadata include Common - def initialize(template, build_timestamp, override_version) + def initialize(template, build_timestamp, override_version, pkr_cmd) @template = template @build_timestamp = build_timestamp @override_version = override_version + @pkr_cmd = pkr_cmd end def read @@ -16,6 +17,7 @@ def read version: version, arch: arch, build_timestamp: build_timestamp, + packer_command: pkr_cmd, git_revision: git_revision, git_status: git_clean? ? 'clean' : 'dirty', box_basename: box_basename, @@ -28,10 +30,15 @@ def read UNKNOWN = '__unknown__'.freeze - attr_reader :template, :build_timestamp, :override_version + attr_reader :template, :build_timestamp, :override_version, :pkr_cmd def box_basename - "#{name.gsub('/', '__')}" + temp_name = name.gsub('/', '__').split('-') + if temp_name.last == 'arm64' + temp_name.join('-') + else + (temp_name.first temp_name.size - 1).join('-') + end end def git_revision @@ -43,13 +50,7 @@ def git_clean? end def merged_vars - @merged_vars ||= begin - if File.exist?("#{template}.variables.json") - template_vars.merge(JSON.load(IO.read("#{template}.variables.json"))) - else - template_vars - end - end + @merged_vars ||= template_vars end def name @@ -84,8 +85,7 @@ def template_vars end def version - override_version || merged_vars.fetch('version', "#{UNKNOWN}.TIMESTAMP") - .rpartition('.').first.concat(build_timestamp.to_s) + override_version || merged_vars.fetch('version', "#{UNKNOWN}.TIMESTAMP").rpartition('.').first.concat(build_timestamp.to_s) end def packer_ver diff --git a/lib/bento/cli.rb b/lib/bento/cli.rb index 136b4a855..bd3301287 100644 --- a/lib/bento/cli.rb +++ b/lib/bento/cli.rb @@ -63,6 +63,18 @@ def self.parse(args) options.dry_run = opt end + opts.on('--metadata_only', 'Only generate the metadata json file') do |opt| + options.metadata_only = opt + end + + opts.on('--vars VARS', 'Comma seperated list of variable names equal values (ex: boot_wait="2s",ssh_timeout="5s")') do |opt| + options.vars = opt + end + + opts.on('--var_files VAR_FILES', 'Comma seperated list of pkrvar.hcl files to include in the builds (ex: /path/to/var_file.pkrvars.hcl,/path/to/next/var_file2.pkrvars.hcl)') do |opt| + options.var_files = opt + end + opts.on('-c BUILD_YML', '--config BUILD_YML', 'Use a configuration file') do |opt| options.config = opt end @@ -91,7 +103,7 @@ def self.parse(args) options.mem = opt end - opts.on('-H', '--headed', 'Display provider UI windows') do |opt| + opts.on('-g', '--gui', 'Display provider GUI windows') do |opt| options.headed = opt end diff --git a/lib/bento/normalize.rb b/lib/bento/normalize.rb index 8bcdcf993..c476e63d5 100644 --- a/lib/bento/normalize.rb +++ b/lib/bento/normalize.rb @@ -4,7 +4,7 @@ class NormalizeRunner include Common include PackerExec - attr_reader :templates, :build_timestamp, :debug, :override_version + attr_reader :templates, :build_timestamp, :debug, :override_version, :pkr_cmd def initialize(opts) @templates = opts.template_files diff --git a/lib/bento/packerexec.rb b/lib/bento/packerexec.rb index 8fbd7bba6..c7394ce47 100644 --- a/lib/bento/packerexec.rb +++ b/lib/bento/packerexec.rb @@ -10,13 +10,13 @@ def for_packer_run_with(template) end def write_box_metadata(template, io) - md = BuildMetadata.new(template, build_timestamp, override_version).read + md = BuildMetadata.new(template, build_timestamp, override_version, pkr_cmd).read io.write(JSON.pretty_generate(md)) io.close end def write_var_file(template, md_file, io) - md = BuildMetadata.new(template, build_timestamp, override_version).read + md = BuildMetadata.new(template, build_timestamp, override_version, pkr_cmd).read io.write(JSON.pretty_generate({ box_basename: md[:box_basename], diff --git a/lib/bento/providermetadata.rb b/lib/bento/providermetadata.rb index 263d64005..051b41a9d 100644 --- a/lib/bento/providermetadata.rb +++ b/lib/bento/providermetadata.rb @@ -9,6 +9,9 @@ def initialize(path, box_basename) end def read + if File.exist?("#{base}.libvirt.box") + FileUtils.cp("#{base}.libvirt.box", "#{base}.qemu.box") + end Dir.glob("#{base}.*.box").map do |file| { name: provider_from_file(file), @@ -52,6 +55,8 @@ def version(provider) ver_vbox when /parallels/ ver_parallels + when /libvirt/ + ver_libvirt when /qemu/ ver_qemu when /hyperv/ @@ -84,16 +89,24 @@ def ver_parallels def ver_vbox cmd = Mixlib::ShellOut.new('VBoxManage --version') cmd.run_command - cmd.stdout.split('r')[0] + cmd.stdout.split('r').first + end + + def ver_libvirt + cmd = Mixlib::ShellOut.new('/usr/local/opt/libvirt/sbin/libvirtd -V') + cmd.run_command + cmd.stdout.split(' ').last end def ver_qemu - cmd = Mixlib::ShellOut.new("qemu-system-#{base.split('-')[2]} -version") + cmd = Mixlib::ShellOut.new("qemu-system-#{base.split('-').last} -version") cmd.run_command cmd.stdout.split(' ')[3] end def ver_hyperv - # TODO: write code + cmd = Mixlib::ShellOut.new('(Get-VMHostSupportedVersion -Default | Select-Object -Property Version | Format-Table -HideTableHeaders | Out-String).trim()') + cmd.run_command + cmd.stdout + 'Gen 2' end end diff --git a/lib/bento/runner.rb b/lib/bento/runner.rb index c507b434d..f1f170046 100644 --- a/lib/bento/runner.rb +++ b/lib/bento/runner.rb @@ -8,13 +8,14 @@ class BuildRunner include Common include PackerExec - attr_reader :template_files, :config, :dry_run, :debug, :only, :except, :mirror, :headed, :single, - :override_version, :build_timestamp, :cpus, :mem + attr_reader :template_files, :config, :dry_run, :debug, :only, :except, :mirror, :headed, :single, :errors, + :override_version, :build_timestamp, :cpus, :mem, :metadata_only, :vars, :var_files, :pkr_cmd def initialize(opts) @template_files = opts.template_files @config = opts.config ||= false @dry_run = opts.dry_run + @metadata_only = opts.metadata_only @debug = opts.debug @only = opts.only ||= 'parallels-iso.vm,virtualbox-iso.vm,vmware-iso.vm' @except = opts.except @@ -25,18 +26,25 @@ def initialize(opts) @build_timestamp = Time.now.gmtime.strftime('%Y%m%d%H%M%S') @cpus = opts.cpus @mem = opts.mem + @vars = opts.vars&.split(',') + @var_files = opts.var_files&.split(',') + @errors = [] + @pkr_cmd = nil end def start templates = config ? build_list : template_files banner('Starting build for templates:') - banner('Installing packer plugins') - shellout("packer init -upgrade #{File.dirname(templates.first)}/../../packer_templates") unless dry_run + banner('Installing packer plugins') unless dry_run || metadata_only + shellout("packer init -upgrade #{File.dirname(templates.first)}/../../packer_templates") unless dry_run || metadata_only templates.each { |t| puts "- #{t}" } time = Benchmark.measure do templates.each { |template| build(template) } end banner("Build finished in #{duration(time.real)}.") + unless errors.empty? + raise("Failed Builds:\n #{errors.join("\n")}\n exited #{$CHILD_STATUS}") + end end private @@ -51,6 +59,7 @@ def build(file) cmd = Mixlib::ShellOut.new(packer_build_cmd(template, md_file.path).join(' ')) cmd.live_stream = STDOUT cmd.timeout = 28800 + @pkr_cmd = cmd.command banner("[#{template}] Building: '#{cmd.command}'") time = Benchmark.measure do cmd.run_command @@ -63,31 +72,37 @@ def build(file) banner("[#{template}] Finished building in #{duration(time.real)}.") end Dir.chdir(bento_dir) - cmd.error! # fail hard if the cmd fails + if cmd.error? + cmd.stderr + errors << template + end end def packer_build_cmd(template, _var_file) pkrvars = "#{template}.pkrvars.hcl" - # vars = "#{template}.variables.json" cmd = %W(packer build -timestamp-ui -force -var-file=#{pkrvars} ../../packer_templates) - # cmd.insert(2, "-var-file=#{vars}") if File.exist?(vars) - # cmd.insert(2, "-var-file=#{var_file}") if File.exist?(var_file) - cmd.insert(2, "-only=#{only}") - cmd.insert(2, "-except=#{except}") if except + vars.each do |var| + cmd.insert(4, "-var #{var}") + end if vars + var_files.each do |var_file| + cmd.insert(5, "-var-file=#{var_file}") if File.exist?(var_file) + end if var_files + cmd.insert(4, "-only=#{only}") + cmd.insert(4, "-except=#{except}") if except # Build the command line in the correct order and without spaces as future input for the splat operator. - cmd.insert(2, "-var cpus=#{cpus}") if cpus - cmd.insert(2, "-var memory=#{mem}") if mem - # cmd.insert(2, '-var headless=true') unless headed + cmd.insert(4, "-var cpus=#{cpus}") if cpus + cmd.insert(4, "-var memory=#{mem}") if mem + cmd.insert(4, '-var headless=false') if headed cmd.insert(2, '-parallel=false') if single cmd.insert(2, '-debug') if debug - cmd.insert(0, 'echo') if dry_run + cmd.insert(0, 'echo') if dry_run || metadata_only cmd end def write_final_metadata(template, buildtime) - md = BuildMetadata.new(template, build_timestamp, override_version).read + md = BuildMetadata.new(template, build_timestamp, override_version, pkr_cmd).read path = File.join('../../builds') - filename = File.join(path, "#{md[:template]}.metadata.json") + filename = File.join(path, "#{md[:template]}._metadata.json") md[:providers] = ProviderMetadata.new(path, md[:template]).read md[:providers].each do |p| p[:build_time] = buildtime diff --git a/lib/bento/test.rb b/lib/bento/test.rb index d4d790b3b..b4a572f56 100644 --- a/lib/bento/test.rb +++ b/lib/bento/test.rb @@ -41,6 +41,9 @@ def destroy_all_bento end def test_box(md_json) + bento_dir = Dir.pwd + temp_dir = "#{bento_dir}/builds/test-kitchen" + Dir.mkdir(temp_dir) unless Dir.exist?(temp_dir) md = box_metadata(md_json) @boxname = md['name'] @providers = md['providers'] @@ -50,11 +53,15 @@ def test_box(md_json) %w(kitchen.yml bootstrap.sh).each do |file| t = file =~ /kitchen/ ? 'kitchen.yml.erb' : "#{file}.erb" erb = ERB.new(File.read(dir + "/#{t}"), trim_mode: '-').result(binding) - File.open(file, 'w') { |f| f.puts erb } + File.open("#{temp_dir}/#{file}", 'w') { |f| f.puts erb } end + Dir.chdir(temp_dir) + banner("Test kitchen file located in #{temp_dir}") test = Mixlib::ShellOut.new('kitchen test', timeout: 900, live_stream: STDOUT) test.run_command test.error! + Dir.chdir(bento_dir) + FileUtils.rm_rf(temp_dir) end end diff --git a/lib/bento/test_templates/kitchen.yml.erb b/lib/bento/test_templates/kitchen.yml.erb index fb539b2a8..f676bab8f 100644 --- a/lib/bento/test_templates/kitchen.yml.erb +++ b/lib/bento/test_templates/kitchen.yml.erb @@ -8,6 +8,7 @@ platforms: driver: name: vagrant provider: <%= k %> + vm_hostname: bento-test box: bento-<%= @boxname %> box_url: file://<%= Dir.pwd %>/builds/<%= v['file'] %> synced_folders: diff --git a/lib/bento/upload.rb b/lib/bento/upload.rb index 3437f1318..b78c228db 100644 --- a/lib/bento/upload.rb +++ b/lib/bento/upload.rb @@ -37,15 +37,17 @@ def upload_box(md_file) md_data['providers'].each_pair do |prov, prov_data| if File.exist?(File.join('builds', prov_data['file'])) - banner("Uploading bento/#{md_data['name']} version:#{md_data['version']} provider:#{prov}...") + puts '' + banner("Uploading #{builds_yml['vagrant_cloud_account']}/#{md_data['box_basename']} version:#{md_data['version']} provider:#{prov}...") - upload_cmd = "vagrant cloud publish bento/#{md_data['name']} #{md_data['version']} #{prov} builds/#{prov_data['file']} --description '#{box_desc(md_data['name'])}' --short-description '#{box_desc(md_data['name'])}' --version-description '#{ver_desc(md_data)}' --force --release --no-private" + upload_cmd = "vagrant cloud publish --no-direct-upload #{builds_yml['vagrant_cloud_account']}/#{md_data['box_basename']} #{md_data['version']} #{prov} builds/#{prov_data['file']} --description '#{box_desc(md_data['name'])}' --short-description '#{box_desc(md_data['name'])}' --version-description '#{ver_desc(md_data)}' --force --release #{public_private_box(md_data['box_basename'])}" shellout(upload_cmd) slug_name = lookup_slug(md_data['name']) if slug_name - banner("Uploading slug bento/#{slug_name} from #{md_data['name']} version:#{md_data['version']} provider:#{prov}...") - upload_cmd = "vagrant cloud publish bento/#{slug_name} #{md_data['version']} #{prov} builds/#{prov_data['file']} --description '#{slug_desc(slug_name)}' --short-description '#{slug_desc(slug_name)}' --version-description '#{ver_desc(md_data)}' --force --release --no-private" + puts '' + banner("Uploading slug #{builds_yml['vagrant_cloud_account']}/#{slug_name} from #{md_data['box_basename']} version:#{md_data['version']} provider:#{prov}...") + upload_cmd = "vagrant cloud publish --no-direct-upload #{builds_yml['vagrant_cloud_account']}/#{slug_name} #{md_data['version']} #{prov} builds/#{prov_data['file']} --description '#{slug_desc(slug_name)}' --short-description '#{slug_desc(slug_name)}' --version-description '#{ver_desc(md_data)}' --force --release #{public_private_box(md_data['box_basename'])}" shellout(upload_cmd) end @@ -77,6 +79,18 @@ def lookup_slug(name) nil end + def public_private_box(name) + builds_yml['public'].each do |public| + if name.include?('arm64') + return '--no-private' if name.start_with?(public) && public.include?('arm64') + else + return '--no-private' if name.start_with?(public) && !public.include?('arm64') + end + + return '--private' + end + end + def box_desc(name) "Vanilla #{name.tr('-', ' ').capitalize} Vagrant box created with Bento by Chef" end @@ -87,7 +101,17 @@ def slug_desc(name) def ver_desc(md_data) tool_versions = [] - md_data['providers'].each_key { |hv| tool_versions << "#{hv == 'vmware_desktop' ? (macos? ? 'vmware-fusion' : 'vmware-workstation') : hv}: #{md_data['providers'][hv]['version']}" } + md_data['providers'].each_key do |hv| + tool_versions << if hv == 'vmware_desktop' + if macos? + "vmware-fusion: #{md_data['providers'][hv]['version']}" + else + "vmware-workstation: #{md_data['providers'][hv]['version']}" + end + else + "#{hv}: #{md_data['providers'][hv]['version']}" + end + end tool_versions.sort! tool_versions << "packer: #{md_data['packer']}" diff --git a/lib/bento/version.rb b/lib/bento/version.rb index 03d12b2f2..643cd2b80 100644 --- a/lib/bento/version.rb +++ b/lib/bento/version.rb @@ -1,3 +1,3 @@ module Bento - VERSION = '3.1.1'.freeze + VERSION = '3.2.0'.freeze end diff --git a/os_pkrvars/debian/debian-10-aarch64.pkrvars.hcl b/os_pkrvars/debian/debian-10-aarch64.pkrvars.hcl deleted file mode 100644 index c1a92a298..000000000 --- a/os_pkrvars/debian/debian-10-aarch64.pkrvars.hcl +++ /dev/null @@ -1,9 +0,0 @@ -os_name = "debian" -os_version = "10.13" -os_arch = "aarch64" -iso_url = "https://cdimage.debian.org/cdimage/archive/10.13.0/arm64/iso-dvd/debian-10.13.0-arm64-DVD-1.iso" -iso_checksum = "file:https://cdimage.debian.org/cdimage/archive/10.13.0/arm64/iso-dvd/SHA256SUMS" -parallels_guest_os_type = "debian" -vbox_guest_os_type = "Debian_64" -vmware_guest_os_type = "arm-debian-64" -boot_command = ["einstall preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/debian/preseed.cfg debian-installer=en_US.UTF-8 auto locale=en_US.UTF-8 kbd-chooser/method=us keyboard-configuration/xkb-keymap=us netcfg/get_hostname={{ .Name }} netcfg/get_domain=vagrantup.com fb=false debconf/frontend=noninteractive console-setup/ask_detect=false console-keymaps-at/keymap=us grub-installer/bootdev=/dev/sda "] diff --git a/os_pkrvars/debian/debian-10-x86_64.pkrvars.hcl b/os_pkrvars/debian/debian-10-x86_64.pkrvars.hcl deleted file mode 100644 index d7b46b054..000000000 --- a/os_pkrvars/debian/debian-10-x86_64.pkrvars.hcl +++ /dev/null @@ -1,9 +0,0 @@ -os_name = "debian" -os_version = "10.13" -os_arch = "x86_64" -iso_url = "https://cdimage.debian.org/cdimage/archive/10.13.0/amd64/iso-dvd/debian-10.13.0-amd64-DVD-1.iso" -iso_checksum = "file:https://cdimage.debian.org/cdimage/archive/10.13.0/amd64/iso-dvd/SHA256SUMS" -parallels_guest_os_type = "debian" -vbox_guest_os_type = "Debian_64" -vmware_guest_os_type = "debian-64" -boot_command = ["auto preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/debian/preseed.cfg netcfg/get_hostname={{ .Name }}"] diff --git a/os_pkrvars/ubuntu/ubuntu-18.04-aarch64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-18.04-aarch64.pkrvars.hcl deleted file mode 100644 index 2dcf57325..000000000 --- a/os_pkrvars/ubuntu/ubuntu-18.04-aarch64.pkrvars.hcl +++ /dev/null @@ -1,10 +0,0 @@ -os_name = "ubuntu" -os_version = "18.04" -os_arch = "aarch64" -iso_url = "https://cdimage.ubuntu.com/releases/18.04.6/release/ubuntu-18.04.6-server-arm64.iso" -iso_checksum = "0a20ef21181a36588f8fb670cc63e8d326fa6e715b526543d300a68de389055f" -hyperv_generation = 2 -parallels_guest_os_type = "ubuntu" -vbox_guest_os_type = "Ubuntu_64" -vmware_guest_os_type = "arm-ubuntu-64" -boot_command = ["e", "", "", "", "", "auto console-setup/ask_detect=false", " console-setup/layoutcode=us", " console-setup/modelcode=pc105", " debconf/frontend=noninteractive", " debian-installer=en_US.UTF-8", " fb=false", " initrd=/install/initrd.gz", " kbd-chooser/method=us", " keyboard-configuration/layout=USA", " keyboard-configuration/variant=USA", " locale=en_US.UTF-8", " netcfg/get_hostname=vagrant", " grub-installer/bootdev=/dev/sda", " noapic", " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ubuntu/preseed.cfg", " ---", ""] diff --git a/os_pkrvars/ubuntu/ubuntu-18.04-x86_64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-18.04-x86_64.pkrvars.hcl deleted file mode 100644 index 192ee7b38..000000000 --- a/os_pkrvars/ubuntu/ubuntu-18.04-x86_64.pkrvars.hcl +++ /dev/null @@ -1,10 +0,0 @@ -os_name = "ubuntu" -os_version = "18.04" -os_arch = "x86_64" -iso_url = "http://cdimage.ubuntu.com/ubuntu/releases/18.04.6/release/ubuntu-18.04.6-server-amd64.iso" -iso_checksum = "f5cbb8104348f0097a8e513b10173a07dbc6684595e331cb06f93f385d0aecf6" -hyperv_generation = 2 -parallels_guest_os_type = "ubuntu" -vbox_guest_os_type = "Ubuntu_64" -vmware_guest_os_type = "ubuntu-64" -boot_command = ["", "", "", "/install/vmlinuz auto console-setup/ask_detect=false", " console-setup/layoutcode=us", " console-setup/modelcode=pc105", " debconf/frontend=noninteractive", " debian-installer=en_US.UTF-8", " fb=false", " initrd=/install/initrd.gz", " kbd-chooser/method=us", " keyboard-configuration/layout=USA", " keyboard-configuration/variant=USA", " locale=en_US.UTF-8", " netcfg/get_hostname=vagrant", " grub-installer/bootdev=/dev/sda", " noapic", " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ubuntu/preseed.cfg", " ---", ""] diff --git a/os_pkrvars/ubuntu/ubuntu-20.04-aarch64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-20.04-aarch64.pkrvars.hcl index 99acbe6c3..2ab4099ce 100644 --- a/os_pkrvars/ubuntu/ubuntu-20.04-aarch64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-20.04-aarch64.pkrvars.hcl @@ -1,9 +1,8 @@ os_name = "ubuntu" os_version = "20.04" os_arch = "aarch64" -iso_url = "http://cdimage.ubuntu.com/releases/20.04/release/ubuntu-20.04.5-live-server-arm64.iso" +iso_url = "http://cdimage.ubuntu.com/releases/focal/release/ubuntu-20.04.5-live-server-arm64.iso" iso_checksum = "sha256:e42d6373dd39173094af5c26cbf2497770426f42049f8b9ea3e60ce35bebdedf" -hyperv_generation = 2 parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "arm-ubuntu-64" diff --git a/os_pkrvars/ubuntu/ubuntu-20.04-x86_64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-20.04-x86_64.pkrvars.hcl index 10b2b581f..1b7b9a2e9 100644 --- a/os_pkrvars/ubuntu/ubuntu-20.04-x86_64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-20.04-x86_64.pkrvars.hcl @@ -3,9 +3,7 @@ os_version = "20.04" os_arch = "x86_64" iso_url = "https://releases.ubuntu.com/focal/ubuntu-20.04.6-live-server-amd64.iso" iso_checksum = "file:https://releases.ubuntu.com/focal/SHA256SUMS" -hyperv_generation = 2 parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "ubuntu-64" -boot_wait = "2s" -boot_command = ["/casper/vmlinuz initrd=/casper/initrd quiet autoinstall ds=nocloud-net;s=http://{{.HTTPIP}}:{{.HTTPPort}}/ubuntu/"] +boot_command = [" autoinstall ds=nocloud-net;seedfrom=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ubuntu/"] diff --git a/os_pkrvars/ubuntu/ubuntu-22.04-aarch64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-22.04-aarch64.pkrvars.hcl index 41a66a16c..35e379886 100644 --- a/os_pkrvars/ubuntu/ubuntu-22.04-aarch64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-22.04-aarch64.pkrvars.hcl @@ -1,9 +1,8 @@ os_name = "ubuntu" os_version = "22.04" os_arch = "aarch64" -iso_url = "https://cdimage.ubuntu.com/releases/22.04/release/ubuntu-22.04.3-live-server-arm64.iso" -iso_checksum = "file:https://cdimage.ubuntu.com/releases/22.04/release/SHA256SUMS" -hyperv_generation = 2 +iso_url = "https://cdimage.ubuntu.com/releases/jammy/release/ubuntu-22.04.3-live-server-arm64.iso" +iso_checksum = "file:https://cdimage.ubuntu.com/releases/jammy/release/SHA256SUMS" parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "arm-ubuntu-64" diff --git a/os_pkrvars/ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl index 2f43549c0..7475a60a4 100644 --- a/os_pkrvars/ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl @@ -3,7 +3,6 @@ os_version = "22.04" os_arch = "x86_64" iso_url = "https://releases.ubuntu.com/jammy/ubuntu-22.04.3-live-server-amd64.iso" iso_checksum = "file:https://releases.ubuntu.com/jammy/SHA256SUMS" -hyperv_generation = 2 parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "ubuntu-64" diff --git a/os_pkrvars/ubuntu/ubuntu-22.10-aarch64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-22.10-aarch64.pkrvars.hcl deleted file mode 100644 index eae23feff..000000000 --- a/os_pkrvars/ubuntu/ubuntu-22.10-aarch64.pkrvars.hcl +++ /dev/null @@ -1,10 +0,0 @@ -os_name = "ubuntu" -os_version = "22.10" -os_arch = "aarch64" -iso_url = "https://cdimage.ubuntu.com/releases/22.10/release/ubuntu-22.10-live-server-arm64.iso" -iso_checksum = "a19d956e993a16fc6496c371e36dcc0eb85d2bdf6a8e86028b92ce62e9f585cd" -hyperv_generation = 2 -parallels_guest_os_type = "ubuntu" -vbox_guest_os_type = "Ubuntu_64" -vmware_guest_os_type = "arm-ubuntu-64" -boot_command = ["e autoinstall ds=nocloud-net\\;s=http://{{.HTTPIP}}:{{.HTTPPort}}/ubuntu/"] diff --git a/os_pkrvars/ubuntu/ubuntu-22.10-x86_64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-22.10-x86_64.pkrvars.hcl deleted file mode 100644 index 22f4168dd..000000000 --- a/os_pkrvars/ubuntu/ubuntu-22.10-x86_64.pkrvars.hcl +++ /dev/null @@ -1,10 +0,0 @@ -os_name = "ubuntu" -os_version = "22.10" -os_arch = "x86_64" -iso_url = "http://releases.ubuntu.com/kinetic/ubuntu-22.10-live-server-amd64.iso" -iso_checksum = "874452797430a94ca240c95d8503035aa145bd03ef7d84f9b23b78f3c5099aed" -hyperv_generation = 2 -parallels_guest_os_type = "ubuntu" -vbox_guest_os_type = "Ubuntu_64" -vmware_guest_os_type = "ubuntu-64" -boot_command = ["e autoinstall ds=nocloud-net\\;s=http://{{.HTTPIP}}:{{.HTTPPort}}/ubuntu/"] diff --git a/os_pkrvars/ubuntu/ubuntu-23.04-aarch64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-23.04-aarch64.pkrvars.hcl index 2fe67e0db..a4d080aeb 100644 --- a/os_pkrvars/ubuntu/ubuntu-23.04-aarch64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-23.04-aarch64.pkrvars.hcl @@ -1,9 +1,8 @@ os_name = "ubuntu" os_version = "23.04" os_arch = "aarch64" -iso_url = "https://cdimage.ubuntu.com/releases/23.04/release/ubuntu-23.04-live-server-arm64.iso" -iso_checksum = "file:https://cdimage.ubuntu.com/releases/23.04/release/SHA256SUMS" -hyperv_generation = 2 +iso_url = "https://cdimage.ubuntu.com/releases/lunar/release/ubuntu-23.04-live-server-arm64.iso" +iso_checksum = "file:https://cdimage.ubuntu.com/releases/lunar/release/SHA256SUMS" parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "arm-ubuntu-64" diff --git a/os_pkrvars/ubuntu/ubuntu-23.04-x86_64.pkrvars.hcl b/os_pkrvars/ubuntu/ubuntu-23.04-x86_64.pkrvars.hcl index 8566f175c..b63e4dd21 100644 --- a/os_pkrvars/ubuntu/ubuntu-23.04-x86_64.pkrvars.hcl +++ b/os_pkrvars/ubuntu/ubuntu-23.04-x86_64.pkrvars.hcl @@ -1,9 +1,8 @@ os_name = "ubuntu" os_version = "23.04" os_arch = "x86_64" -iso_url = "https://releases.ubuntu.com/23.04/ubuntu-23.04-live-server-amd64.iso" -iso_checksum = "file:https://releases.ubuntu.com/23.04/SHA256SUMS" -hyperv_generation = 2 +iso_url = "https://releases.ubuntu.com/lunar/ubuntu-23.04-live-server-amd64.iso" +iso_checksum = "file:https://releases.ubuntu.com/lunar/SHA256SUMS" parallels_guest_os_type = "ubuntu" vbox_guest_os_type = "Ubuntu_64" vmware_guest_os_type = "ubuntu-64" diff --git a/os_pkrvars/windows/windows-10-x86_64.pkrvars.hcl b/os_pkrvars/windows/windows-10-x86_64.pkrvars.hcl index 0036e7c10..ad283fb4e 100644 --- a/os_pkrvars/windows/windows-10-x86_64.pkrvars.hcl +++ b/os_pkrvars/windows/windows-10-x86_64.pkrvars.hcl @@ -7,3 +7,4 @@ iso_checksum = "ef7312733a9f5d7d51cfa04ac497671995674ca5e1058d5164d60 parallels_guest_os_type = "win-10" vbox_guest_os_type = "Windows10_64" vmware_guest_os_type = "windows9srv-64" + diff --git a/os_pkrvars/windows/windows-10gen2-x86_64.pkrvars.hcl b/os_pkrvars/windows/windows-10gen2-x86_64.pkrvars.hcl deleted file mode 100644 index a7ea6ea53..000000000 --- a/os_pkrvars/windows/windows-10gen2-x86_64.pkrvars.hcl +++ /dev/null @@ -1,12 +0,0 @@ -os_name = "windows" -os_version = "10gen2" -os_arch = "x86_64" -is_windows = true -iso_url = "https://software-static.download.prss.microsoft.com/dbazure/988969d5-f34g-4e03-ac9d-1f9786c66750/19045.2006.220908-0225.22h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso" -iso_checksum = "ef7312733a9f5d7d51cfa04ac497671995674ca5e1058d5164d6028f0938d668" -parallels_guest_os_type = "win-10" -vbox_guest_os_type = "Windows10_64" -vmware_guest_os_type = "windows9srv-64" -boot_command = ["aaaaaaa"] -hyperv_generation = 2 -sources_enabled = ["source.hyperv-iso.vm", "source.qemu.vm"] diff --git a/os_pkrvars/windows/windows-11-x86_64.pkrvars.hcl b/os_pkrvars/windows/windows-11-x86_64.pkrvars.hcl index 42d7a349f..579e5840c 100644 --- a/os_pkrvars/windows/windows-11-x86_64.pkrvars.hcl +++ b/os_pkrvars/windows/windows-11-x86_64.pkrvars.hcl @@ -3,9 +3,8 @@ os_version = "11" os_arch = "x86_64" is_windows = true # Windows 11 source requires a prompt to select OS to install. This allows the system time to add reg keys to ignore TPM Check before the install begins. -iso_url = "https://software-download.microsoft.com/download/sg/22000.194.210913-1444.co_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso" -iso_checksum = "sha256:e8b1d2a1a85a09b4bf6154084a8be8e3c814894a15a7bcf3e8e63fcfa9a528cb" +iso_url = "https://software-static.download.prss.microsoft.com/dbazure/988969d5-f34g-4e03-ac9d-1f9786c66751/22621.525.220925-0207.ni_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso" +iso_checksum = "ebbc79106715f44f5020f77bd90721b17c5a877cbc15a3535b99155493a1bb3f" parallels_guest_os_type = "win-11" vbox_guest_os_type = "Windows11_64" vmware_guest_os_type = "windows9srv-64" -boot_command = ["reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassTPMCheck /d 1reg add HKLM\\SYSTEM\\Setup\\LabConfig /t REG_DWORD /v BypassSecureBootCheck /d 1exit"] diff --git a/os_pkrvars/windows/windows-11gen2-x86_64.pkrvars.hcl b/os_pkrvars/windows/windows-11gen2-x86_64.pkrvars.hcl deleted file mode 100644 index 37c72aaab..000000000 --- a/os_pkrvars/windows/windows-11gen2-x86_64.pkrvars.hcl +++ /dev/null @@ -1,13 +0,0 @@ -os_name = "windows" -os_version = "11gen2" -os_arch = "x86_64" -is_windows = true -# Windows 11 source requires a prompt to select OS to install. This allows the system time to add reg keys to ignore TPM Check before the install begins. -iso_url = "https://software-download.microsoft.com/download/sg/22000.194.210913-1444.co_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso" -iso_checksum = "sha256:e8b1d2a1a85a09b4bf6154084a8be8e3c814894a15a7bcf3e8e63fcfa9a528cb" -parallels_guest_os_type = "win-11" -vbox_guest_os_type = "Windows11_64" -vmware_guest_os_type = "windows9srv-64" -hyperv_generation = 2 -boot_command = ["aaaaaaa"] -sources_enabled = ["source.hyperv-iso.vm", "source.qemu.vm"] diff --git a/os_pkrvars/windows/windows-2012r2-x86_64.pkrvars.hcl b/os_pkrvars/windows/windows-2012r2-x86_64.pkrvars.hcl deleted file mode 100644 index 2fab2563a..000000000 --- a/os_pkrvars/windows/windows-2012r2-x86_64.pkrvars.hcl +++ /dev/null @@ -1,9 +0,0 @@ -os_name = "windows" -os_version = "2012r2" -os_arch = "x86_64" -is_windows = true -iso_url = "https://download.microsoft.com/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_SERVER_EVAL_EN-US-IR3_SSS_X64FREE_EN-US_DV9.ISO" -iso_checksum = "6612b5b1f53e845aacdf96e974bb119a3d9b4dcb5b82e65804ab7e534dc7b4d5" -parallels_guest_os_type = "win-2012" -vbox_guest_os_type = "Windows2012_64" -vmware_guest_os_type = "windows9srv-64" diff --git a/packer_templates/cookbooks/packer/Berksfile b/packer_templates/cookbooks/packer/Berksfile deleted file mode 100644 index 34fea2166..000000000 --- a/packer_templates/cookbooks/packer/Berksfile +++ /dev/null @@ -1,3 +0,0 @@ -source 'https://supermarket.chef.io' - -metadata diff --git a/packer_templates/cookbooks/packer/chefignore b/packer_templates/cookbooks/packer/chefignore deleted file mode 100644 index cc170ea79..000000000 --- a/packer_templates/cookbooks/packer/chefignore +++ /dev/null @@ -1,115 +0,0 @@ -# Put files/directories that should be ignored in this file when uploading -# to a Chef Infra Server or Supermarket. -# Lines that start with '# ' are comments. - -# OS generated files # -###################### -.DS_Store -ehthumbs.db -Icon? -nohup.out -Thumbs.db -.envrc - -# EDITORS # -########### -.#* -.project -.settings -*_flymake -*_flymake.* -*.bak -*.sw[a-z] -*.tmproj -*~ -\#* -REVISION -TAGS* -tmtags -.vscode -.editorconfig - -## COMPILED ## -############## -*.class -*.com -*.dll -*.exe -*.o -*.pyc -*.so -*/rdoc/ -a.out -mkmf.log - -# Testing # -########### -.circleci/* -.codeclimate.yml -.delivery/* -.foodcritic -.kitchen* -.mdlrc -.overcommit.yml -.rspec -.rubocop.yml -.travis.yml -.watchr -.yamllint -azure-pipelines.yml -Dangerfile -examples/* -features/* -Guardfile -kitchen.yml* -mlc_config.json -Procfile -Rakefile -spec/* -test/* - -# SCM # -####### -.git -.gitattributes -.gitconfig -.github/* -.gitignore -.gitkeep -.gitmodules -.svn -*/.bzr/* -*/.git -*/.hg/* -*/.svn/* - -# Berkshelf # -############# -Berksfile -Berksfile.lock -cookbooks/* -tmp - -# Bundler # -########### -vendor/* -Gemfile -Gemfile.lock - -# Policyfile # -############## -Policyfile.rb -Policyfile.lock.json - -# Documentation # -############# -CODE_OF_CONDUCT* -CONTRIBUTING* -documentation/* -TESTING* -UPGRADING* - -# Vagrant # -########### -.vagrant -Vagrantfile diff --git a/packer_templates/cookbooks/packer/kitchen.yml b/packer_templates/cookbooks/packer/kitchen.yml deleted file mode 100644 index 4e4a4a243..000000000 --- a/packer_templates/cookbooks/packer/kitchen.yml +++ /dev/null @@ -1,41 +0,0 @@ -driver: - name: vagrant - customize: - cpus: 2 - memory: 4096 - -transport: - name: winrm - elevated: true - -provisioner: - name: chef_zero - deprecations_as_errors: true - -platforms: - - name: windows-2019 - driver_config: - box: tas50/windows_2019 - - name: windows-2016 - driver_config: - box: tas50/windows_2016 - - name: windows-2012r2 - driver_config: - box: tas50/windows_2012r2 - -suites: - - name: default - run_list: - - recipe[packer::disable_uac] - - recipe[packer::disable_restore] - - recipe[packer::disable_windows_update] - - recipe[packer::remove_defender] - - recipe[packer::configure_power] - - recipe[packer::disable_screensaver] - - recipe[packer::vm_tools] - - recipe[packer::features] - - recipe[packer::enable_file_sharing] - - recipe[packer::enable_remote_desktop] - - recipe[packer::ui_tweaks] - - recipe[packer::cleanup] - - recipe[packer::defrag] diff --git a/packer_templates/cookbooks/packer/metadata.rb b/packer_templates/cookbooks/packer/metadata.rb deleted file mode 100644 index c15884e1a..000000000 --- a/packer_templates/cookbooks/packer/metadata.rb +++ /dev/null @@ -1,7 +0,0 @@ -name 'packer' -maintainer 'Tim Smith' -maintainer_email 'tsmith@chef.io' -license 'Apache-2.0' -description 'Resources run during packer builds' -version '1.0.0' -chef_version '>= 15.0' diff --git a/packer_templates/cookbooks/packer/recipes/cleanup.rb b/packer_templates/cookbooks/packer/recipes/cleanup.rb deleted file mode 100644 index b2e47e142..000000000 --- a/packer_templates/cookbooks/packer/recipes/cleanup.rb +++ /dev/null @@ -1,79 +0,0 @@ -# OneDrive takes up 150 megs and isn't needed for testing -windows_package 'Microsoft OneDrive' do - action :remove -end - -# Skype takes up 26 megs -windows_package 'Skype' do - action :remove -end - -if windows_workstation? && !node['platform_version'].to_i == 10 # cleanmgr isn't on servers - # registry key locations pulled from https://github.com/spjeff/spadmin/blob/master/Cleanmgr.ps1 - # thanks @spjeff! - registry_key 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Update Cleanup' do - values [{ - name: 'StateFlags0001', - type: :dword, - data: 2, - }] - end - - registry_key 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Files' do - values [{ - name: 'StateFlags0001', - type: :dword, - data: 2, - }] - end - - execute 'run cleanmgr' do - command 'C:\Windows\System32\cleanmgr.exe /sagerun:1' - ignore_failure true - live_stream true - end -end - -execute 'clean SxS' do - command 'Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase' - ignore_failure true - live_stream true -end - -powershell_script 'remove unnecesary directories' do - code <<-EOH - @( - "C:\\Recovery", - "$env:localappdata\\temp\\*", - "$env:windir\\logs", - "$env:windir\\temp", - "$env:windir\\winsxs\\manifestcache", - "C:\\Users\\vagrant\Favorites\\*" - ) | % { - if(Test-Path $_) { - Write-Host "Removing $_" - try { - Takeown /d Y /R /f $_ - Icacls $_ /GRANT:r administrators:F /T /c /q 2>&1 | Out-Null - Remove-Item $_ -Recurse -Force | Out-Null - } catch { $global:error.RemoveAt(0) } - } - } - EOH -end - -# clean all of the event logs -%w(Application Security Setup System).each do |log| - execute "Cleaning the #{log} event log" do - command "wevtutil clear-log #{log}" - end -end - -# remove pagefile. it will get created on boot next time -registry_key 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management' do - values [{ - name: 'PagingFiles', - type: :string, - data: '', - }] -end diff --git a/packer_templates/cookbooks/packer/recipes/configure_power.rb b/packer_templates/cookbooks/packer/recipes/configure_power.rb deleted file mode 100644 index 15279ba0c..000000000 --- a/packer_templates/cookbooks/packer/recipes/configure_power.rb +++ /dev/null @@ -1,16 +0,0 @@ -execute 'Set high performance power profile' do - command 'powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c' -end - -execute 'Turn off Hibernation' do - command 'powercfg.exe /hibernate off' - ignore_failure :quiet # if unsupported on the hardware it errors -end - -execute 'Turn off monitor timeout on AC power' do - command 'powercfg -Change -monitor-timeout-ac 0' -end - -execute 'Turn off monitor timeout on DC power' do - command 'powercfg -Change -monitor-timeout-dc 0' -end diff --git a/packer_templates/cookbooks/packer/recipes/defrag.rb b/packer_templates/cookbooks/packer/recipes/defrag.rb deleted file mode 100644 index fcd4c170d..000000000 --- a/packer_templates/cookbooks/packer/recipes/defrag.rb +++ /dev/null @@ -1,20 +0,0 @@ -remote_file ::File.join(Chef::Config[:file_cache_path], 'ultradefrag.zip') do - source 'http://downloads.sourceforge.net/ultradefrag/ultradefrag-portable-7.1.4.bin.amd64.zip' - action :create -end - -archive_file 'Decompress ultradefrag' do - path ::File.join(Chef::Config[:file_cache_path], 'ultradefrag.zip') - destination ::File.join(Chef::Config[:file_cache_path], 'temp_defrag') - action :extract -end - -execute 'Rename ultradefrag' do - command "move #{::File.join(Chef::Config[:file_cache_path])}\\temp_defrag\\ultradefrag-* #{::File.join(Chef::Config[:file_cache_path], 'ultradefrag')}" - not_if { ::File.exist?(::File.join(Chef::Config[:file_cache_path], 'ultradefrag')) } -end - -execute 'Run ultradefrag' do - command "#{::File.join(Chef::Config[:file_cache_path], 'ultradefrag', 'udefrag.exe')} --optimize --repeat %SystemDrive%" - action :run -end diff --git a/packer_templates/cookbooks/packer/recipes/disable_restore.rb b/packer_templates/cookbooks/packer/recipes/disable_restore.rb deleted file mode 100644 index 1e0ece679..000000000 --- a/packer_templates/cookbooks/packer/recipes/disable_restore.rb +++ /dev/null @@ -1,5 +0,0 @@ -# don't bother saving data for a system restore -registry_key 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore' do - values [{ name: 'DisableSR', type: :dword, data: 0 }] # disable - action :create -end diff --git a/packer_templates/cookbooks/packer/recipes/disable_screensaver.rb b/packer_templates/cookbooks/packer/recipes/disable_screensaver.rb deleted file mode 100644 index 8318ac72b..000000000 --- a/packer_templates/cookbooks/packer/recipes/disable_screensaver.rb +++ /dev/null @@ -1,5 +0,0 @@ -# Disable the screensaver -registry_key 'HKEY_CURRENT_USER\Control Panel\Desktop' do - values [{ name: 'ScreenSaveActive', type: :dword, data: 0 }] # disable - action :create -end diff --git a/packer_templates/cookbooks/packer/recipes/disable_uac.rb b/packer_templates/cookbooks/packer/recipes/disable_uac.rb deleted file mode 100644 index 7bdda073d..000000000 --- a/packer_templates/cookbooks/packer/recipes/disable_uac.rb +++ /dev/null @@ -1,5 +0,0 @@ -windows_uac 'Configure UAC' do - consent_behavior_admins :no_prompt - prompt_on_secure_desktop false - enable_uac false -end diff --git a/packer_templates/cookbooks/packer/recipes/disable_windows_update.rb b/packer_templates/cookbooks/packer/recipes/disable_windows_update.rb deleted file mode 100644 index dbd70fdef..000000000 --- a/packer_templates/cookbooks/packer/recipes/disable_windows_update.rb +++ /dev/null @@ -1,4 +0,0 @@ -# don't waste CPU / network bandwidth checking for updates -windows_update_settings 'disable windows update' do - disable_automatic_updates true -end diff --git a/packer_templates/cookbooks/packer/recipes/enable_file_sharing.rb b/packer_templates/cookbooks/packer/recipes/enable_file_sharing.rb deleted file mode 100644 index 072797aad..000000000 --- a/packer_templates/cookbooks/packer/recipes/enable_file_sharing.rb +++ /dev/null @@ -1,3 +0,0 @@ -execute 'enable filesharing' do - command 'netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes' -end diff --git a/packer_templates/cookbooks/packer/recipes/enable_remote_desktop.rb b/packer_templates/cookbooks/packer/recipes/enable_remote_desktop.rb deleted file mode 100644 index 293c729f3..000000000 --- a/packer_templates/cookbooks/packer/recipes/enable_remote_desktop.rb +++ /dev/null @@ -1,10 +0,0 @@ -registry_key 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server' do - values [{ - name: 'fDenyTSConnections', - type: :dword, - data: 0 }] -end - -execute 'Enable RDP firewall rule' do - command 'netsh advfirewall firewall set rule group="Remote Desktop" new enable=Yes' -end diff --git a/packer_templates/cookbooks/packer/recipes/features.rb b/packer_templates/cookbooks/packer/recipes/features.rb deleted file mode 100644 index 8fb9548e5..000000000 --- a/packer_templates/cookbooks/packer/recipes/features.rb +++ /dev/null @@ -1,3 +0,0 @@ -windows_feature 'MicrosoftWindowsPowerShellISE' do - action :remove -end diff --git a/packer_templates/cookbooks/packer/recipes/remove_defender.rb b/packer_templates/cookbooks/packer/recipes/remove_defender.rb deleted file mode 100644 index ec72c2eb8..000000000 --- a/packer_templates/cookbooks/packer/recipes/remove_defender.rb +++ /dev/null @@ -1,3 +0,0 @@ -windows_defender 'disable windows defender' do - action :disable -end diff --git a/packer_templates/cookbooks/packer/recipes/set_local_account_token_filter_policy.rb b/packer_templates/cookbooks/packer/recipes/set_local_account_token_filter_policy.rb deleted file mode 100644 index 63dbfa241..000000000 --- a/packer_templates/cookbooks/packer/recipes/set_local_account_token_filter_policy.rb +++ /dev/null @@ -1,7 +0,0 @@ -registry_key 'HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Policies\system' do - values [{ - name: 'LocalAccountTokenFilterPolicy', - type: :dword, - data: 1, - }] -end diff --git a/packer_templates/cookbooks/packer/recipes/ui_tweaks.rb b/packer_templates/cookbooks/packer/recipes/ui_tweaks.rb deleted file mode 100644 index bf17b3330a5bd025d554f1363b3211143843e78b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3851 zcmc&%O>-JK5ZyDsqN{x1;)9*ju5SbnwOeZviVr(mJ1JMss0UPNq$x?mN4E0c)6zf^ zumiT^uqPNssNZY#d)+z%H#18pq#~e|C+(!su4QQ|oww`zIjy1n=il8)Ix>Y{qNTJi zb88$wrFT*bvvg^yDq8SAB<{)k8N&wY0?947C^ z_mfdFJfzo+ZXt;~54Su2c1Wk!M*9(4#pJIeNAUv|l{IA*@fXYnS-!Pr^UzETozV~K z{-&Rf-uK3Lonev=jFPz|_t1La-8dbRl9)*){rV7r(I((9#(RHEy?Zo9Ldl7zP+V2MaQ1A__B7Q39bi3vzRBsuLd14NqMQKA%wp_L5Ty+z>L%=TmEH z)~_sCbdez;&mT?6K^U_B2VQsRiLKJkUqa0(o)x2bGPJMbOV1ir$1Gcp+|iuUQ1;L4 z=Z%Um{+qs9>~hBQYbp6x`6+bwV7Vo(Hjj@TQI|WhH3|l(Nu}3Kjc#V~K6xv1cgSM< zQa23t9G1s@j(=d_{>}xO{s62PzA(p)mnUK! zmBx4;xy3ZJwE|pjDclwq_M@KrXl4(A?1iBy26@nZp9s-45E+?K3KYv9GP5Gb7o1JL zW6_(6adY>`c;?u7T_8(>-K)_?NxBY=g-4U%BHuO%cf76Hu_=&+(gdfd3@_$e$2QvT zcHS7}d2W4V$7W&eA%q0!sdRt^Zv{EeYV%M9+dX67*b5$TzDk))_|7!2R1jZ4b8>x_ g=x(WGQlnjeU)JqEF3vCCoL^j?|9%nIZtj#{051;)R{#J2 diff --git a/packer_templates/cookbooks/packer/recipes/updates.rb b/packer_templates/cookbooks/packer/recipes/updates.rb deleted file mode 100644 index f602be4db..000000000 --- a/packer_templates/cookbooks/packer/recipes/updates.rb +++ /dev/null @@ -1,13 +0,0 @@ -if windows_nt_version == '10.0.17763' # 2019 - # This is basically a service pack and we should install it to fix a giant pile of bugs - msu_package '2020-04 monthly rollup' do - source 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/04/windows10.0-kb4550969-x64_7d0a6efbe9e4d44253babdc161873513f88fc1e4.msu' - action :install - end -elsif windows_nt_version == '10.0.14393' # 2016 - # This is basically a service pack and we should install it to fix a giant pile of bugs - msu_package '2020-04 monthly rollup' do - source 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/04/windows10.0-kb4550947-x64_f2ec932f8fb2be82d2f430b5dcd1ec4b92a7611c.msu' - action :install - end -end diff --git a/packer_templates/cookbooks/packer/recipes/vm_tools.rb b/packer_templates/cookbooks/packer/recipes/vm_tools.rb deleted file mode 100644 index d5b87c232..000000000 --- a/packer_templates/cookbooks/packer/recipes/vm_tools.rb +++ /dev/null @@ -1,37 +0,0 @@ -# install virtualbox guest additions on vbox guests -if vbox? - directory 'C:/Windows/Temp/virtualbox' do - recursive true - end - - powershell_script 'install vbox guest additions' do - code <<-EOH - Get-ChildItem E:/cert/ -Filter vbox*.cer | ForEach-Object { - E:/cert/VBoxCertUtil.exe add-trusted-publisher $_.FullName --root $_.FullName - } - - Start-Process -FilePath "e:/VBoxWindowsAdditions.exe" -ArgumentList "/S" -WorkingDirectory "C:/Windows/Temp/virtualbox" -Wait - EOH - ignore_failure true - end - - directory 'C:/Windows/Temp/virtualbox' do - action :delete - end -end - -# install vmware tools on vmware guests -# This is from https://github.com/luciusbono/Packer-Windows10/blob/master/install-guest-tools.ps1 -if vmware? - powershell_script 'install vmware tools' do - code <<-'EOH' - $isopath = 'C:\Windows\Temp\vmware.iso' - Mount-DiskImage -ImagePath $isopath - $exe = ((Get-DiskImage -ImagePath $isopath | Get-Volume).Driveletter + ':\setup.exe') - $parameters = '/S /v "/qn REBOOT=R"' - Start-Process -FilePath $exe -ArgumentList $parameters -Wait - Dismount-DiskImage -ImagePath $isopath - Remove-Item $isopath - EOH - end -end diff --git a/packer_templates/http/ubuntu/preseed-hyperv.cfg b/packer_templates/http/ubuntu/preseed-hyperv.cfg deleted file mode 100755 index 6b40fbd7d..000000000 --- a/packer_templates/http/ubuntu/preseed-hyperv.cfg +++ /dev/null @@ -1,37 +0,0 @@ -choose-mirror-bin mirror/http/proxy string -d-i base-installer/kernel/override-image string linux-server -d-i clock-setup/utc boolean true -d-i clock-setup/utc-auto boolean true -d-i finish-install/reboot_in_progress note -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean true -d-i mirror/country string manual -d-i mirror/http/directory string /ubuntu/ -d-i mirror/http/hostname string archive.ubuntu.com -d-i mirror/http/proxy string -d-i partman-auto-lvm/guided_size string max -d-i partman-auto/choose_recipe select atomic -d-i partman-auto/method string lvm -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true -d-i partman-lvm/device_remove_lvm boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true -d-i partman/confirm_write_new_label boolean true -d-i partman-partitioning/no_bootable_gpt_biosgrub boolean false -d-i partman-partitioning/no_bootable_gpt_efi boolean false -d-i partman-efi/non_efi_system boolean true -d-i passwd/user-fullname string vagrant -d-i passwd/user-uid string 1000 -d-i passwd/user-password password vagrant -d-i passwd/user-password-again password vagrant -d-i passwd/username string vagrant -d-i pkgsel/include string openssh-server ntp dkms linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) linux-cloud-tools-common cifs-utils software-properties-common ifupdown -d-i pkgsel/install-language-support boolean false -d-i pkgsel/update-policy select none -d-i pkgsel/upgrade select full-upgrade -d-i time/zone string UTC -d-i user-setup/allow-password-weak boolean true -d-i user-setup/encrypt-home boolean false -tasksel tasksel/first multiselect standard, server diff --git a/packer_templates/http/ubuntu/preseed.cfg b/packer_templates/http/ubuntu/preseed.cfg deleted file mode 100644 index 63dbda0f2..000000000 --- a/packer_templates/http/ubuntu/preseed.cfg +++ /dev/null @@ -1,90 +0,0 @@ -#_preseed_V1 -# Automatic installation -d-i auto-install/enable boolean true - -# Preseeding only locale sets language, country and locale. -d-i debian-installer/language string en -d-i debian-installer/country string US -d-i debian-installer/locale string en_US.UTF-8 - -d-i console-setup/ask_detect boolean false -d-i debconf/frontend select noninteractive - -# Keyboard selection. -d-i keyboard-configuration/xkb-keymap select us -d-i keymap select us - -choose-mirror-bin mirror/http/proxy string -d-i apt-setup/use_mirror boolean true -d-i base-installer/kernel/override-image string linux-server - -### Clock and time zone setup -d-i clock-setup/utc boolean true -d-i clock-setup/utc-auto boolean true -d-i time/zone string UTC - -# Avoid that last message about the install being complete. -d-i finish-install/reboot_in_progress note - -# This is fairly safe to set, it makes grub install automatically to the MBR -# if no other operating system is detected on the machine. -d-i grub-installer/only_debian boolean true - -# This one makes grub-installer install to the MBR if it also finds some other -# OS, which is less safe as it might not be able to boot that other OS. -d-i grub-installer/with_other_os boolean true - -# Set dev for grub boot -d-i grub-installer/bootdev string /dev/sda - -### Mirror settings -# If you select ftp, the mirror/country string does not need to be set. -d-i mirror/country string manual -d-i mirror/http/directory string /ubuntu/ -d-i mirror/http/hostname string archive.ubuntu.com -d-i mirror/http/proxy string - -# This makes partman automatically partition without confirmation. -d-i partman-efi/non_efi_system boolean true -d-i partman-auto-lvm/guided_size string max -d-i partman-auto/choose_recipe select atomic -d-i partman-auto/method string lvm -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true -d-i partman-lvm/device_remove_lvm boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true -d-i partman/confirm_write_new_label boolean true - -### Account setup -d-i passwd/root-login boolean false -d-i passwd/user-fullname string vagrant -d-i passwd/user-uid string 1000 -d-i passwd/user-password password vagrant -d-i passwd/user-password-again password vagrant -d-i passwd/username string vagrant - -# The installer will warn about weak passwords. If you are sure you know -# what you're doing and want to override it, uncomment this. -d-i user-setup/allow-password-weak boolean true -d-i user-setup/encrypt-home boolean false - -### Package selection -tasksel tasksel/first multiselect standard, server -d-i pkgsel/include string openssh-server sudo cryptsetup libssl-dev libreadline-dev zlib1g-dev linux-source dkms nfs-common linux-headers-$(uname -r) perl cifs-utils software-properties-common rsync ifupdown -d-i pkgsel/install-language-support boolean false - -# disable automatic package updates -d-i pkgsel/update-policy select none -d-i pkgsel/upgrade select full-upgrade - -# Disable polularity contest -popularity-contest popularity-contest/participate boolean false - -# Select base install -tasksel tasksel/first multiselect standard, ssh-server - -# Setup passwordless sudo for packer user -d-i preseed/late_command string \ -echo "vagrant ALL=(ALL:ALL) NOPASSWD:ALL" > /target/etc/sudoers.d/vagrant && chmod 0440 /target/etc/sudoers.d/vagrant diff --git a/packer_templates/pkr-builder.pkr.hcl b/packer_templates/pkr-builder.pkr.hcl index 67387065d..799b849a3 100644 --- a/packer_templates/pkr-builder.pkr.hcl +++ b/packer_templates/pkr-builder.pkr.hcl @@ -1,16 +1,12 @@ packer { required_version = ">= 1.7.0" required_plugins { - chef = { - version = ">= 1.0.0" - source = "github.com/hashicorp/chef" - } hyperv = { version = ">= 1.0.0" source = "github.com/hashicorp/hyperv" } parallels = { - version = ">= 1.0.1" + version = ">= 1.0.2" source = "github.com/parallels/parallels" } qemu = { @@ -27,13 +23,8 @@ packer { } vmware = { version = ">= 1.0.9" - source = "github.com/Stromweld/vmware" + source = "github.com/hashicorp/vmware" } - # Temp switch till bug fix for x86 tools location is fixed - # vmware = { - # version = ">= 1.0.8" - # source = "github.com/hashicorp/vmware" - # } windows-update = { version = ">= 0.14.1" source = "github.com/rgl/windows-update" @@ -42,130 +33,121 @@ packer { } locals { - scripts = var.is_windows ? ( - substr(var.os_version, 0, 2) == "10" || - substr(var.os_version, 0, 2) == "11" ? [ - # "${path.root}/scripts/windows/base_setup.ps1", + scripts = var.scripts == null ? ( + var.is_windows ? [ "${path.root}/scripts/windows/provision.ps1", + "${path.root}/scripts/windows/configure-power.ps1", + "${path.root}/scripts/windows/disable-windows-uac.ps1", + "${path.root}/scripts/windows/disable-system-restore.ps1", + "${path.root}/scripts/windows/disable-screensaver.ps1", + "${path.root}/scripts/windows/ui-tweaks.ps1", "${path.root}/scripts/windows/disable-windows-updates.ps1", "${path.root}/scripts/windows/disable-windows-defender.ps1", - "${path.root}/scripts/windows/remove-one-drive.ps1", + "${path.root}/scripts/windows/remove-one-drive-and-teams.ps1", "${path.root}/scripts/windows/remove-apps.ps1", - "${path.root}/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1", - "${path.root}/scripts/windows/provision-winrm.ps1", "${path.root}/scripts/windows/enable-remote-desktop.ps1", + "${path.root}/scripts/windows/enable-file-sharing.ps1", "${path.root}/scripts/windows/eject-media.ps1" - ] : [ - # "${path.root}/scripts/windows/base_setup.ps1", - "${path.root}/scripts/windows/provision.ps1", - "${path.root}/scripts/windows/disable-windows-updates.ps1", - "${path.root}/scripts/windows/disable-windows-defender.ps1", - "${path.root}/scripts/windows/remove-one-drive.ps1", - # "${path.root}/scripts/windows/remove-apps.ps1", - "${path.root}/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1", - "${path.root}/scripts/windows/provision-winrm.ps1", - "${path.root}/scripts/windows/enable-remote-desktop.ps1", - "${path.root}/scripts/windows/eject-media.ps1" - ] - ) : ( - var.os_name == "solaris" ? [ - "${path.root}/scripts/solaris/update_solaris.sh", - "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/solaris/vmtools_solaris.sh", - "${path.root}/scripts/solaris/minimize_solaris.sh" ] : ( - var.os_name == "freebsd" ? [ - "${path.root}/scripts/freebsd/update_freebsd.sh", - "${path.root}/scripts/freebsd/postinstall_freebsd.sh", - "${path.root}/scripts/freebsd/sudoers_freebsd.sh", + var.os_name == "solaris" ? [ + "${path.root}/scripts/solaris/update_solaris.sh", "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/freebsd/vmtools_freebsd.sh", - "${path.root}/scripts/freebsd/cleanup_freebsd.sh", - "${path.root}/scripts/freebsd/minimize_freebsd.sh" + "${path.root}/scripts/solaris/vmtools_solaris.sh", + "${path.root}/scripts/solaris/minimize_solaris.sh" ] : ( - var.os_name == "opensuse" || - var.os_name == "sles" ? [ - "${path.root}/scripts/suse/repositories_suse.sh", - "${path.root}/scripts/suse/update_suse.sh", - "${path.root}/scripts/_common/motd.sh", - "${path.root}/scripts/_common/sshd.sh", + var.os_name == "freebsd" ? [ + "${path.root}/scripts/freebsd/update_freebsd.sh", + "${path.root}/scripts/freebsd/postinstall_freebsd.sh", + "${path.root}/scripts/freebsd/sudoers_freebsd.sh", "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/suse/unsupported-modules_suse.sh", - "${path.root}/scripts/_common/virtualbox.sh", - "${path.root}/scripts/_common/vmware_suse.sh", - "${path.root}/scripts/_common/parallels.sh", - "${path.root}/scripts/suse/vagrant_group_suse.sh", - "${path.root}/scripts/suse/sudoers_suse.sh", - "${path.root}/scripts/suse/zypper-locks_suse.sh", - "${path.root}/scripts/suse/remove-dvd-source_suse.sh", - "${path.root}/scripts/suse/cleanup_suse.sh", - "${path.root}/scripts/_common/minimize.sh" + "${path.root}/scripts/freebsd/vmtools_freebsd.sh", + "${path.root}/scripts/freebsd/cleanup_freebsd.sh", + "${path.root}/scripts/freebsd/minimize_freebsd.sh" ] : ( - var.os_name == "ubuntu" || - var.os_name == "debian" ? [ - "${path.root}/scripts/${var.os_name}/update_${var.os_name}.sh", + var.os_name == "opensuse" || + var.os_name == "sles" ? [ + "${path.root}/scripts/suse/repositories_suse.sh", + "${path.root}/scripts/suse/update_suse.sh", "${path.root}/scripts/_common/motd.sh", "${path.root}/scripts/_common/sshd.sh", - "${path.root}/scripts/${var.os_name}/networking_${var.os_name}.sh", - "${path.root}/scripts/${var.os_name}/sudoers_${var.os_name}.sh", "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/${var.os_name}/systemd_${var.os_name}.sh", + "${path.root}/scripts/suse/unsupported-modules_suse.sh", "${path.root}/scripts/_common/virtualbox.sh", - "${path.root}/scripts/_common/vmware_debian_ubuntu.sh", + "${path.root}/scripts/_common/vmware_suse.sh", "${path.root}/scripts/_common/parallels.sh", - "${path.root}/scripts/${var.os_name}/hyperv_${var.os_name}.sh", - "${path.root}/scripts/${var.os_name}/cleanup_${var.os_name}.sh", - "${path.root}/scripts/_common/parallels_post_cleanup_debian_ubuntu.sh", + "${path.root}/scripts/suse/vagrant_group_suse.sh", + "${path.root}/scripts/suse/sudoers_suse.sh", + "${path.root}/scripts/suse/zypper-locks_suse.sh", + "${path.root}/scripts/suse/remove-dvd-source_suse.sh", + "${path.root}/scripts/suse/cleanup_suse.sh", "${path.root}/scripts/_common/minimize.sh" ] : ( - var.os_name == "fedora" ? [ - "${path.root}/scripts/fedora/networking_fedora.sh", - "${path.root}/scripts/fedora/update_dnf.sh", - "${path.root}/scripts/fedora/build-tools_fedora.sh", - "${path.root}/scripts/fedora/install-supporting-packages_fedora.sh", + var.os_name == "ubuntu" || + var.os_name == "debian" ? [ + "${path.root}/scripts/${var.os_name}/update_${var.os_name}.sh", "${path.root}/scripts/_common/motd.sh", "${path.root}/scripts/_common/sshd.sh", - "${path.root}/scripts/_common/virtualbox.sh", - "${path.root}/scripts/_common/vmware_fedora.sh", - "${path.root}/scripts/_common/parallels-rhel.sh", + "${path.root}/scripts/${var.os_name}/networking_${var.os_name}.sh", + "${path.root}/scripts/${var.os_name}/sudoers_${var.os_name}.sh", "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/fedora/real-tmp_fedora.sh", - "${path.root}/scripts/fedora/cleanup_dnf.sh", + "${path.root}/scripts/${var.os_name}/systemd_${var.os_name}.sh", + "${path.root}/scripts/_common/virtualbox.sh", + "${path.root}/scripts/_common/vmware_debian_ubuntu.sh", + "${path.root}/scripts/_common/parallels.sh", + "${path.root}/scripts/${var.os_name}/hyperv_${var.os_name}.sh", + "${path.root}/scripts/${var.os_name}/cleanup_${var.os_name}.sh", + "${path.root}/scripts/_common/parallels_post_cleanup_debian_ubuntu.sh", "${path.root}/scripts/_common/minimize.sh" ] : ( - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "amazonlinux-2" || - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "centos-7" || - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "oracle-7" || - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "rhel-7" || - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "scientificlinux-7" || - "${var.os_name}-${substr(var.os_version, 0, 1)}" == "springdalelinux-7" ? [ - "${path.root}/scripts/rhel/update_yum.sh", + var.os_name == "fedora" ? [ + "${path.root}/scripts/fedora/networking_fedora.sh", + "${path.root}/scripts/fedora/update_dnf.sh", + "${path.root}/scripts/fedora/build-tools_fedora.sh", + "${path.root}/scripts/fedora/install-supporting-packages_fedora.sh", "${path.root}/scripts/_common/motd.sh", "${path.root}/scripts/_common/sshd.sh", - "${path.root}/scripts/rhel/networking_rhel7.sh", - "${path.root}/scripts/_common/vagrant.sh", "${path.root}/scripts/_common/virtualbox.sh", - "${path.root}/scripts/_common/vmware_rhel.sh", + "${path.root}/scripts/_common/vmware_fedora.sh", "${path.root}/scripts/_common/parallels-rhel.sh", - "${path.root}/scripts/rhel/cleanup_yum.sh", - "${path.root}/scripts/_common/minimize.sh" - ] : [ - "${path.root}/scripts/rhel/update_dnf.sh", - "${path.root}/scripts/_common/motd.sh", - "${path.root}/scripts/_common/sshd.sh", "${path.root}/scripts/_common/vagrant.sh", - "${path.root}/scripts/_common/virtualbox.sh", - "${path.root}/scripts/_common/vmware_rhel.sh", - "${path.root}/scripts/_common/parallels-rhel.sh", - "${path.root}/scripts/rhel/cleanup_dnf.sh", + "${path.root}/scripts/fedora/real-tmp_fedora.sh", + "${path.root}/scripts/fedora/cleanup_dnf.sh", "${path.root}/scripts/_common/minimize.sh" - ] + ] : ( + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "amazonlinux-2" || + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "centos-7" || + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "oracle-7" || + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "rhel-7" || + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "scientificlinux-7" || + "${var.os_name}-${substr(var.os_version, 0, 1)}" == "springdalelinux-7" ? [ + "${path.root}/scripts/rhel/update_yum.sh", + "${path.root}/scripts/_common/motd.sh", + "${path.root}/scripts/_common/sshd.sh", + "${path.root}/scripts/rhel/networking_rhel7.sh", + "${path.root}/scripts/_common/vagrant.sh", + "${path.root}/scripts/_common/virtualbox.sh", + "${path.root}/scripts/_common/vmware_rhel.sh", + "${path.root}/scripts/_common/parallels-rhel.sh", + "${path.root}/scripts/rhel/cleanup_yum.sh", + "${path.root}/scripts/_common/minimize.sh" + ] : [ + "${path.root}/scripts/rhel/update_dnf.sh", + "${path.root}/scripts/_common/motd.sh", + "${path.root}/scripts/_common/sshd.sh", + "${path.root}/scripts/_common/vagrant.sh", + "${path.root}/scripts/_common/virtualbox.sh", + "${path.root}/scripts/_common/vmware_rhel.sh", + "${path.root}/scripts/_common/parallels-rhel.sh", + "${path.root}/scripts/rhel/cleanup_dnf.sh", + "${path.root}/scripts/_common/minimize.sh" + ] + ) ) ) ) ) ) - ) + ) : var.scripts source_names = [for source in var.sources_enabled : trimprefix(source, "source.")] } @@ -198,50 +180,20 @@ build { } # Windows Updates and scripts - provisioner "powershell" { - elevated_password = "vagrant" - elevated_user = "vagrant" - scripts = local.scripts - except = var.is_windows ? null : local.source_names - } - provisioner "windows-restart" { - except = var.is_windows ? null : local.source_names - } provisioner "windows-update" { search_criteria = "IsInstalled=0" except = var.is_windows ? null : local.source_names } - provisioner "chef-solo" { - chef_license = "accept-no-persist" - version = "17" - cookbook_paths = [ - "${path.root}/cookbooks" - ] - guest_os_type = "windows" - run_list = [ - "packer::disable_uac", - "packer::configure_power", - "packer::disable_screensaver", - "packer::features", - "packer::enable_file_sharing", - "packer::ui_tweaks" - ] - except = var.is_windows ? null : local.source_names - } provisioner "windows-restart" { except = var.is_windows ? null : local.source_names } - provisioner "chef-solo" { - chef_license = "accept-no-persist" - version = "17" - cookbook_paths = [ - "${path.root}/cookbooks" - ] - guest_os_type = "windows" - run_list = [ - "packer::cleanup", - "packer::defrag" - ] + provisioner "powershell" { + elevated_password = "vagrant" + elevated_user = "vagrant" + scripts = local.scripts + except = var.is_windows ? null : local.source_names + } + provisioner "windows-restart" { except = var.is_windows ? null : local.source_names } provisioner "powershell" { @@ -253,12 +205,14 @@ build { ] except = var.is_windows ? null : local.source_names } + provisioner "windows-restart" { + except = var.is_windows ? null : local.source_names + } # Convert machines to vagrant boxes post-processor "vagrant" { compression_level = 9 - keep_input_artifact = var.is_windows output = "${path.root}/../builds/${var.os_name}-${var.os_version}-${var.os_arch}.{{ .Provider }}.box" - vagrantfile_template = var.is_windows ? (var.hyperv_generation == 1 ? "${path.root}/vagrantfile-windows.template" : "${path.root}/vagrantfile-windows-gen2.template") : null + vagrantfile_template = var.is_windows ? "${path.root}/vagrantfile-windows.template" : null } } diff --git a/packer_templates/pkr-sources.pkr.hcl b/packer_templates/pkr-sources.pkr.hcl index c2035e1b4..9dafa9856 100644 --- a/packer_templates/pkr-sources.pkr.hcl +++ b/packer_templates/pkr-sources.pkr.hcl @@ -34,17 +34,13 @@ locals { var.os_arch == "aarch64" ? "virt" : "q35" ) : var.qemu_machine_type qemuargs = var.qemuargs == null ? ( - var.hyperv_generation == 2 && var.is_windows ? [ - ["-bios", "/usr/share/OVMF/OVMF_CODE.fd"], + var.is_windows ? [ + ["-drive", "file=${path.root}/win_answer_files/virtio-win.iso,media=cdrom,index=3"], + ["-drive", "file=${path.root}/../builds/packer-${var.os_name}-${var.os_version}-${var.os_arch}-qemu/{{ .Name }},if=virtio,cache=writeback,discard=ignore,format=qcow2,index=1"], ] : ( - var.is_windows ? [ - ["-drive", "file=${path.root}/win_answer_files/virtio-win.iso,media=cdrom,index=3"], - ["-drive", "file=${path.root}/../builds/packer-${var.os_name}-${var.os_version}-${var.os_arch}-qemu/{{ .Name }},if=virtio,cache=writeback,discard=ignore,format=qcow2,index=1"], - ] : ( - var.os_arch == "aarch64" ? [ - ["-boot", "strict=off"] - ] : null - ) + var.os_arch == "aarch64" ? [ + ["-boot", "strict=off"] + ] : null ) ) : var.qemuargs @@ -56,7 +52,7 @@ locals { var.is_windows ? 128 : 33 ) : var.vbox_gfx_vram_size vbox_guest_additions_mode = var.vbox_guest_additions_mode == null ? ( - var.is_windows && var.hyperv_generation == 1 ? "attach" : "upload" + var.is_windows ? "attach" : "upload" ) : var.vbox_guest_additions_mode # virtualbox-ovf @@ -73,27 +69,28 @@ locals { ) : var.vmware_tools_upload_path # Source block common - boot_wait = var.boot_wait == null ? ( - var.is_windows ? "60s" : "10s" - ) : var.boot_wait + default_boot_wait = var.default_boot_wait == null ? ( + var.is_windows ? "60s" : "5s" + ) : var.default_boot_wait cd_files = var.cd_files == null ? ( - var.hyperv_generation == 2 && var.is_windows ? [ - "${path.root}/win_answer_files/${substr(var.os_version, 0, 2)}/gen2_Autounattend.xml" - ] : null + var.is_windows ? ( + var.hyperv_generation == 2 ? [ + "${path.root}/win_answer_files/${var.os_version}/hyperv-gen2/Autounattend.xml", + ] : [ + "${path.root}/win_answer_files/${var.os_version}/Autounattend.xml", + ] + ) : null ) : var.cd_files communicator = var.communicator == null ? ( var.is_windows ? "winrm" : "ssh" ) : var.communicator floppy_files = var.floppy_files == null ? ( - var.hyperv_generation == 2 ? null : ( - var.is_windows ? [ - "${path.root}/win_answer_files/${var.os_version}/Autounattend.xml", - "${path.root}/scripts/windows/base_setup.ps1" - ] : ( - var.os_name == "springdalelinux" ? [ - "${path.root}/http/rhel/${substr(var.os_version, 0, 1)}ks.cfg" - ] : null - ) + var.is_windows ? [ + "${path.root}/win_answer_files/${var.os_version}/Autounattend.xml", + ] : ( + var.os_name == "springdalelinux" ? [ + "${path.root}/http/rhel/${substr(var.os_version, 0, 1)}ks.cfg" + ] : null ) ) : var.floppy_files http_directory = var.http_directory == null ? "${path.root}/http" : var.http_directory @@ -119,11 +116,12 @@ source "hyperv-iso" "vm" { switch_name = var.hyperv_switch_name # Source block common options boot_command = var.boot_command - boot_wait = local.boot_wait + boot_wait = var.hyperv_boot_wait == null ? local.default_boot_wait : var.hyperv_boot_wait + cd_files = var.hyperv_generation == 2 ? local.cd_files : null cpus = var.cpus communicator = local.communicator disk_size = var.disk_size - floppy_files = local.floppy_files + floppy_files = var.hyperv_generation == 2 ? null : local.floppy_files headless = var.headless http_directory = local.http_directory iso_checksum = var.iso_checksum @@ -150,7 +148,7 @@ source "parallels-iso" "vm" { prlctl_version_file = var.parallels_prlctl_version_file # Source block common options boot_command = var.boot_command - boot_wait = local.boot_wait + boot_wait = var.parallels_boot_wait == null ? local.default_boot_wait : var.parallels_boot_wait cpus = var.cpus communicator = local.communicator disk_size = var.disk_size @@ -180,7 +178,7 @@ source "qemu" "vm" { qemuargs = local.qemuargs # Source block common options boot_command = var.boot_command - boot_wait = local.boot_wait + boot_wait = var.qemu_boot_wait == null ? local.default_boot_wait : var.qemu_boot_wait cd_files = local.cd_files cpus = var.cpus communicator = local.communicator @@ -217,7 +215,7 @@ source "virtualbox-iso" "vm" { virtualbox_version_file = var.virtualbox_version_file # Source block common options boot_command = var.boot_command - boot_wait = local.boot_wait + boot_wait = var.vbox_boot_wait == null ? local.default_boot_wait : var.vbox_boot_wait cpus = var.cpus communicator = local.communicator disk_size = var.disk_size @@ -272,7 +270,7 @@ source "vmware-iso" "vm" { vmx_remove_ethernet_interfaces = var.vmware_vmx_remove_ethernet_interfaces # Source block common options boot_command = var.boot_command - boot_wait = local.boot_wait + boot_wait = var.vmware_boot_wait == null ? local.default_boot_wait : var.vmware_boot_wait cpus = var.cpus communicator = local.communicator disk_size = var.disk_size diff --git a/packer_templates/pkr-variables.pkr.hcl b/packer_templates/pkr-variables.pkr.hcl index 5f67e0e8f..1ba744623 100644 --- a/packer_templates/pkr-variables.pkr.hcl +++ b/packer_templates/pkr-variables.pkr.hcl @@ -49,6 +49,10 @@ variable "sources_enabled" { # Source block provider specific variables # hyperv-iso +variable "hyperv_boot_wait" { + type = string + default = null +} variable "hyperv_enable_dynamic_memory" { type = bool default = null @@ -59,7 +63,7 @@ variable "hyperv_enable_secure_boot" { } variable "hyperv_generation" { type = number - default = 1 + default = 2 description = "Hyper-v generation version" } variable "hyperv_guest_additions_mode" { @@ -72,6 +76,10 @@ variable "hyperv_switch_name" { } # parallels-iso +variable "parallels_boot_wait" { + type = string + default = null +} variable "parallels_guest_os_type" { type = string default = null @@ -103,6 +111,10 @@ variable "qemu_binary" { type = string default = null } +variable "qemu_boot_wait" { + type = string + default = null +} variable "qemu_display" { type = string default = "none" @@ -117,6 +129,10 @@ variable "qemuargs" { } # virtualbox-iso +variable "vbox_boot_wait" { + type = string + default = null +} variable "vbox_gfx_controller" { type = string default = null @@ -175,6 +191,10 @@ variable "vbox_source" { } # vmware-iso +variable "vmware_boot_wait" { + type = string + default = null +} variable "vmware_cdrom_adapter_type" { type = string default = "sata" @@ -234,7 +254,7 @@ variable "boot_command" { default = null description = "Commands to pass to gui session to initiate automated install" } -variable "boot_wait" { +variable "default_boot_wait" { type = string default = null } @@ -303,7 +323,7 @@ variable "ssh_port" { } variable "ssh_timeout" { type = string - default = "60m" + default = "30m" } variable "ssh_username" { type = string @@ -325,3 +345,9 @@ variable "vm_name" { type = string default = null } + +# builder common block +variable "scripts" { + type = list(string) + default = null +} diff --git a/packer_templates/scripts/windows/base_setup.ps1 b/packer_templates/scripts/windows/base_setup.ps1 deleted file mode 100644 index c448e0fec..000000000 --- a/packer_templates/scripts/windows/base_setup.ps1 +++ /dev/null @@ -1,54 +0,0 @@ -Write-Host "Performing the WinRM setup necessary to get the host ready for packer to run Chef..." - -# Make 100% sure we prevent Packer from connecting to WinRM while we -# attempt to configure everything -Disable-NetFirewallRule -DisplayGroup 'Windows Remote Management' - -# Disable UAC -Set-ItemProperty -Path "registry::HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name "EnableLUA" -Value 0 - -# parts of this are from https://github.com/luciusbono/Packer-Windows10/blob/master/configure-winrm.ps1 -# and https://github.com/rgl/windows-2016-vagrant/blob/master/winrm.ps1 - -# Supress network location Prompt -New-Item -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" -Force - -# The above suppresses the prompt but defaults to "Public" which prevents WinRM from being enabled even with the SkipNetworkProfileCheck arg -# This command sets any network connections detected to Private to allow WinRM to be configured and started -Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private" - -# Does a lot: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/enable-psremoting?view=powershell-6 -Enable-PSRemoting -SkipNetworkProfileCheck -Force -# May not be necessary since we set the profile to Private above -Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any # allow winrm over public profile interfaces - -Write-Host '* Deleting any pre-existing listeners' -winrm delete winrm/config/listener?Address=*+Transport=HTTP 2>$Null -winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null -Write-Host '* Creating an HTTP listener' -winrm create winrm/config/listener?Address=*+Transport=HTTP | Out-Null -winrm create winrm/config/listener?Address=*+Transport=HTTPS | Out-Null - -winrm set winrm/config '@{MaxTimeoutms="1800000"}' -winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="2048"}' -winrm set winrm/config/service '@{AllowUnencrypted="true"}' -winrm set winrm/config/service/auth '@{Basic="true"}' -winrm set winrm/config/client/auth '@{Basic="true"}' - -# Restart WinRM service -Stop-Service -Name "winrm" -Set-Service -Name "winrm" -StartupType "Automatic" -Start-Service -Name "winrm" - -# Enable WinRM in Firewall for any remote address -Get-NetFirewallRule -DisplayGroup "Windows Remote Management" | Get-NetFirewallAddressFilter | Set-NetFirewallAddressFilter -RemoteAddress Any -Enable-NetFirewallRule -DisplayGroup "Windows Remote Management" - -# Reset auto logon count -# https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-autologon-logoncount#logoncount-known-issue -Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoLogonCount -Value 0 - -# Allow time to view output before window is closed -Start-Sleep -Seconds 2 - -exit 0 diff --git a/packer_templates/scripts/windows/cleanup.ps1 b/packer_templates/scripts/windows/cleanup.ps1 index 0c64f432f..e746d0852 100644 --- a/packer_templates/scripts/windows/cleanup.ps1 +++ b/packer_templates/scripts/windows/cleanup.ps1 @@ -1,12 +1,46 @@ -Write-Host "Uninstalling Chef..." -$app = Get-WmiObject -Class Win32_Product | Where-Object { - $_.Name -match "Chef" +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 } -$app.Uninstall() -Write-Host "Removing leftover Chef files..." -Remove-Item "C:\Opscode\" -Recurse -Force -ErrorAction SilentlyContinue -Remove-Item "C:\Chef\" -Recurse -Force -ErrorAction SilentlyContinue +Write-Host 'Run Cleanmgr only if on workstation. Server edition doesnt have cleanmgr.' +$osInfo = Get-CimInstance -ClassName Win32_OperatingSystem +if ($osInfo.ProductType -eq 1) { # cleanmgr isn't on servers + # registry key locations pulled from https://github.com/spjeff/spadmin/blob/master/Cleanmgr.ps1 + Write-Host 'Clearing CleanMgr.exe automation settings.' + Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\*' -Name StateFlags0001 -ErrorAction SilentlyContinue | Remove-ItemProperty -Name StateFlags0001 -ErrorAction SilentlyContinue + + Write-Host 'Enabling Update Cleanup. This is done automatically in Windows 10 via a scheduled task.' + New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Update Cleanup' -Name StateFlags0001 -Value 2 -Type DWord + + Write-Host 'Enabling Temporary Files Cleanup.' + New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Files' -Name StateFlags0001 -Value 2 -Type DWord + + Write-Host 'Starting CleanMgr.exe...' + Start-Process -FilePath CleanMgr.exe -ArgumentList '/sagerun:1' -Wait # -WindowStyle Hidden + Write-Host 'Waiting for CleanMgr and DismHost processes. Second wait neccesary as CleanMgr.exe spins off separate processes.' + Get-Process -Name cleanmgr,dismhost -ErrorAction SilentlyContinue | Wait-Process +} + +Write-Host 'Clean all of the event logs' +@( + 'Application', + 'Security', + 'Setup', + 'System' +) | ForEach-Object { + wevtutil clear-log $_ +} Write-Host "Cleaning Temp Files..." try { @@ -14,3 +48,69 @@ try { Icacls "C:\Windows\Temp\*" /GRANT:r administrators:F /T /c /q 2>&1 Remove-Item "C:\Windows\Temp\*" -Recurse -Force -ErrorAction SilentlyContinue } catch { } + +# +# remove temporary files. +# NB we ignore the packer generated files so it won't complain in the output. + +Write-Host 'Stopping services that might interfere with temporary file removal...' +function Stop-ServiceForReal($name) { + while ($true) { + Stop-Service -ErrorAction SilentlyContinue $name + if ((Get-Service $name).Status -eq 'Stopped') { + break + } + } +} +Stop-ServiceForReal TrustedInstaller # Windows Modules Installer +Stop-ServiceForReal wuauserv # Windows Update +Stop-ServiceForReal BITS # Background Intelligent Transfer Service +@( +"$env:LOCALAPPDATA\Temp\*" +"$env:windir\Temp\*" +"$env:windir\Logs\*" +"$env:windir\Panther\*" +"$env:windir\WinSxS\ManifestCache\*" +"$env:windir\SoftwareDistribution\Download" +"C:\Users\vagrant\Favorites\*" +) | Where-Object {Test-Path $_} | ForEach-Object { + Write-Host "Removing temporary files $_..." + try { + takeown.exe /D Y /R /F $_ | Out-Null + icacls.exe $_ /grant:r Administrators:F /T /C /Q 2>&1 | Out-Null + } catch { + Write-Host "Ignoring taking ownership of temporary files error: $_" + } + try { + Remove-Item $_ -Exclude 'packer-*' -Recurse -Force -ErrorAction SilentlyContinue | Out-Null + } catch { + Write-Host "Ignoring failure to remove files error: $_" + } +} + +# +# cleanup the WinSxS folder. + +# NB even thou the automatic maintenance includes a component cleanup task, +# it will not clean everything, as such, dism will clean the rest. +# NB to analyse the used space use: dism.exe /Online /Cleanup-Image /AnalyzeComponentStore +# see https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/clean-up-the-winsxs-folder +Write-Host 'Cleaning up the WinSxS folder...' +dism.exe /Online /Quiet /Cleanup-Image /StartComponentCleanup /ResetBase +if ($LASTEXITCODE) { + throw "Failed with Exit Code $LASTEXITCODE" +} + +# NB even after cleaning up the WinSxS folder the "Backups and Disabled Features" +# field of the analysis report will display a non-zero number because the +# disabled features packages are still on disk. you can remove them with: +Get-WindowsOptionalFeature -Online | Where-Object {$_.State -eq 'Disabled'} | ForEach-Object { + Write-Host "Removing feature $($_.FeatureName)..." + dism.exe /Online /Quiet /Disable-Feature "/FeatureName:$($_.FeatureName)" /Remove +} +# NB a removed feature can still be installed from other sources (e.g. windows update). +Write-Host 'Analyzing the WinSxS folder...' +dism.exe /Online /Cleanup-Image /AnalyzeComponentStore + +Write-Host 'Remove pagefile, it will get created on boot next time.' +New-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management' -Name PagingFiles -Value '' -Force diff --git a/packer_templates/scripts/windows/configure-power 2.ps1 b/packer_templates/scripts/windows/configure-power 2.ps1 new file mode 100644 index 000000000..b64d5b782 --- /dev/null +++ b/packer_templates/scripts/windows/configure-power 2.ps1 @@ -0,0 +1,32 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Set high performance power profile' +powercfg -setactive '8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c' + +Write-Host 'Turn off Hibernation' +powercfg.exe /hibernate off + +Write-Host 'Turn off monitor timeout on AC power' +powercfg -Change -monitor-timeout-ac 0 + +Write-Host 'Turn off monitor timeout on DC power' +powercfg -Change -monitor-timeout-dc 0 + +Write-Host 'Zero Hibernation File' +Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Power' -Name HiberFileSizePercent -Type DWORD -Value 0 + +Write-Host 'Disable Hibernation Mode' +Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Power' -Name HibernateEnabled -Type DWORD -Value 0 diff --git a/packer_templates/scripts/windows/configure-power.ps1 b/packer_templates/scripts/windows/configure-power.ps1 new file mode 100644 index 000000000..b64d5b782 --- /dev/null +++ b/packer_templates/scripts/windows/configure-power.ps1 @@ -0,0 +1,32 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Set high performance power profile' +powercfg -setactive '8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c' + +Write-Host 'Turn off Hibernation' +powercfg.exe /hibernate off + +Write-Host 'Turn off monitor timeout on AC power' +powercfg -Change -monitor-timeout-ac 0 + +Write-Host 'Turn off monitor timeout on DC power' +powercfg -Change -monitor-timeout-dc 0 + +Write-Host 'Zero Hibernation File' +Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Power' -Name HiberFileSizePercent -Type DWORD -Value 0 + +Write-Host 'Disable Hibernation Mode' +Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Power' -Name HibernateEnabled -Type DWORD -Value 0 diff --git a/packer_templates/scripts/windows/disable-screensaver 2.ps1 b/packer_templates/scripts/windows/disable-screensaver 2.ps1 new file mode 100644 index 000000000..4fbbdad2e --- /dev/null +++ b/packer_templates/scripts/windows/disable-screensaver 2.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disable the screensaver' +Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name ScreenSaveActive -Type DWORD -Value 0 diff --git a/packer_templates/scripts/windows/disable-screensaver.ps1 b/packer_templates/scripts/windows/disable-screensaver.ps1 new file mode 100644 index 000000000..4fbbdad2e --- /dev/null +++ b/packer_templates/scripts/windows/disable-screensaver.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disable the screensaver' +Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name ScreenSaveActive -Type DWORD -Value 0 diff --git a/packer_templates/scripts/windows/disable-system-restore 2.ps1 b/packer_templates/scripts/windows/disable-system-restore 2.ps1 new file mode 100644 index 000000000..f3dee15d7 --- /dev/null +++ b/packer_templates/scripts/windows/disable-system-restore 2.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disabling System Restore' +Disable-ComputerRestore -Drive "C:\" diff --git a/packer_templates/scripts/windows/disable-system-restore.ps1 b/packer_templates/scripts/windows/disable-system-restore.ps1 new file mode 100644 index 000000000..f3dee15d7 --- /dev/null +++ b/packer_templates/scripts/windows/disable-system-restore.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disabling System Restore' +Disable-ComputerRestore -Drive "C:\" diff --git a/packer_templates/scripts/windows/disable-windows-defender.ps1 b/packer_templates/scripts/windows/disable-windows-defender.ps1 index 7a69552e9..2851ffa0e 100644 --- a/packer_templates/scripts/windows/disable-windows-defender.ps1 +++ b/packer_templates/scripts/windows/disable-windows-defender.ps1 @@ -34,6 +34,7 @@ trap { Exit 1 } +Write-Host 'Disabling Windows Defender' if (Get-Command -ErrorAction SilentlyContinue Uninstall-WindowsFeature) { # for Windows Server. Get-WindowsFeature 'Windows-Defender*' | Uninstall-WindowsFeature diff --git a/packer_templates/scripts/windows/disable-windows-uac 2.ps1 b/packer_templates/scripts/windows/disable-windows-uac 2.ps1 new file mode 100644 index 000000000..20af5398f --- /dev/null +++ b/packer_templates/scripts/windows/disable-windows-uac 2.ps1 @@ -0,0 +1,20 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disable Windows UAC' +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name ConsentPromptBehaviorAdmin -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name PromptOnSecureDesktop -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name EnableLUA -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name LocalAccountTokenFilterPolicy -Type DWORD -Value 1 diff --git a/packer_templates/scripts/windows/disable-windows-uac.ps1 b/packer_templates/scripts/windows/disable-windows-uac.ps1 new file mode 100644 index 000000000..20af5398f --- /dev/null +++ b/packer_templates/scripts/windows/disable-windows-uac.ps1 @@ -0,0 +1,20 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Disable Windows UAC' +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name ConsentPromptBehaviorAdmin -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name PromptOnSecureDesktop -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name EnableLUA -Type DWORD -Value 0 +Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name LocalAccountTokenFilterPolicy -Type DWORD -Value 1 diff --git a/packer_templates/scripts/windows/disable-windows-updates.ps1 b/packer_templates/scripts/windows/disable-windows-updates.ps1 index ec3aee739..987c7fbd5 100644 --- a/packer_templates/scripts/windows/disable-windows-updates.ps1 +++ b/packer_templates/scripts/windows/disable-windows-updates.ps1 @@ -34,6 +34,7 @@ trap { Exit 1 } +Write-Host 'Disabling windows automatic updates' # disable automatic updates. # XXX this does not seem to work anymore. # see How to configure automatic updates by using Group Policy or registry settings @@ -68,7 +69,7 @@ New-ItemProperty ` New-ItemProperty ` -Path $auPath ` -Name AUOptions ` - -Value 2 ` + -Value 1 ` -PropertyType DWORD ` -Force ` | Out-Null diff --git a/packer_templates/scripts/windows/enable-file-sharing 2.ps1 b/packer_templates/scripts/windows/enable-file-sharing 2.ps1 new file mode 100644 index 000000000..fefc29d9d --- /dev/null +++ b/packer_templates/scripts/windows/enable-file-sharing 2.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Enable filesharing' +Enable-NetFirewallRule -DisplayGroup "File and Printer Sharing" diff --git a/packer_templates/scripts/windows/enable-file-sharing.ps1 b/packer_templates/scripts/windows/enable-file-sharing.ps1 new file mode 100644 index 000000000..fefc29d9d --- /dev/null +++ b/packer_templates/scripts/windows/enable-file-sharing.ps1 @@ -0,0 +1,17 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Enable filesharing' +Enable-NetFirewallRule -DisplayGroup "File and Printer Sharing" diff --git a/packer_templates/scripts/windows/enable-remote-desktop.ps1 b/packer_templates/scripts/windows/enable-remote-desktop.ps1 index 1eed756f1..f753c46f4 100644 --- a/packer_templates/scripts/windows/enable-remote-desktop.ps1 +++ b/packer_templates/scripts/windows/enable-remote-desktop.ps1 @@ -35,9 +35,5 @@ trap { } Write-Host 'Enabling Remote Desktop...' -Set-ItemProperty ` - -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' ` - -Name fDenyTSConnections ` - -Value 0 -Enable-NetFirewallRule ` - -DisplayGroup 'Remote Desktop' +Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name fDenyTSConnections -Value 0 +Enable-NetFirewallRule -DisplayGroup 'Remote Desktop' diff --git a/packer_templates/scripts/windows/optimize.ps1 b/packer_templates/scripts/windows/optimize.ps1 index a6908c2aa..e9489fb3e 100644 --- a/packer_templates/scripts/windows/optimize.ps1 +++ b/packer_templates/scripts/windows/optimize.ps1 @@ -23,6 +23,7 @@ Set-StrictMode -Version Latest $ProgressPreference = 'SilentlyContinue' $ErrorActionPreference = 'Stop' + trap { Write-Host Write-Host "ERROR: $_" @@ -111,7 +112,6 @@ Write-Host 'Running Automatic Maintenance...' MSchedExe.exe Start Wait-Condition {@(Get-ScheduledTasks | Where-Object {($_.State -ge 4) -and (Test-IsMaintenanceTask $_.XML)}).Count -eq 0} -DebounceSeconds 60 - # # generate the .net frameworks native images. # NB this is normally done in the Automatic Maintenance step, but for @@ -123,72 +123,9 @@ Get-ChildItem "$env:windir\Microsoft.NET\*\*\ngen.exe" | ForEach-Object { &$_ executeQueuedItems /nologo /silent } - -# -# remove temporary files. -# NB we ignore the packer generated files so it won't complain in the output. - -Write-Host 'Stopping services that might interfere with temporary file removal...' -function Stop-ServiceForReal($name) { - while ($true) { - Stop-Service -ErrorAction SilentlyContinue $name - if ((Get-Service $name).Status -eq 'Stopped') { - break - } - } -} -Stop-ServiceForReal TrustedInstaller # Windows Modules Installer -Stop-ServiceForReal wuauserv # Windows Update -Stop-ServiceForReal BITS # Background Intelligent Transfer Service -@( - "$env:LOCALAPPDATA\Temp\*" - "$env:windir\Temp\*" - "$env:windir\Logs\*" - "$env:windir\Panther\*" - "$env:windir\WinSxS\ManifestCache\*" - "$env:windir\SoftwareDistribution\Download" -) | Where-Object {Test-Path $_} | ForEach-Object { - Write-Host "Removing temporary files $_..." - try { - takeown.exe /D Y /R /F $_ | Out-Null - icacls.exe $_ /grant:r Administrators:F /T /C /Q 2>&1 | Out-Null - } catch { - Write-Host "Ignoring taking ownership of temporary files error: $_" - } - try { - Remove-Item $_ -Exclude 'packer-*' -Recurse -Force -ErrorAction SilentlyContinue | Out-Null - } catch { - Write-Host "Ignoring failure to remove files error: $_" - } -} - - -# -# cleanup the WinSxS folder. - -# NB even thou the automatic maintenance includes a component cleanup task, -# it will not clean everything, as such, dism will clean the rest. -# NB to analyse the used space use: dism.exe /Online /Cleanup-Image /AnalyzeComponentStore -# see https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/clean-up-the-winsxs-folder -Write-Host 'Cleaning up the WinSxS folder...' -dism.exe /Online /Quiet /Cleanup-Image /StartComponentCleanup /ResetBase -if ($LASTEXITCODE) { - throw "Failed with Exit Code $LASTEXITCODE" -} - -# NB even after cleaning up the WinSxS folder the "Backups and Disabled Features" -# field of the analysis report will display a non-zero number because the -# disabled features packages are still on disk. you can remove them with: -# Get-WindowsOptionalFeature -Online ` -# | Where-Object {$_.State -eq 'Disabled'} ` -# | ForEach-Object { -# Write-Host "Removing feature $($_.FeatureName)..." -# dism.exe /Online /Quiet /Disable-Feature "/FeatureName:$($_.FeatureName)" /Remove -# } -# NB a removed feature can still be installed from other sources (e.g. windows update). -Write-Host 'Analyzing the WinSxS folder...' -dism.exe /Online /Cleanup-Image /AnalyzeComponentStore - +Write-Host "Optimizing Drive" +Optimize-Volume -DriveLetter C +compact.exe /compactOS:always # # reclaim the free disk space. diff --git a/packer_templates/scripts/windows/provision-winrm.ps1 b/packer_templates/scripts/windows/provision-winrm.ps1 deleted file mode 100644 index a6640536b..000000000 --- a/packer_templates/scripts/windows/provision-winrm.ps1 +++ /dev/null @@ -1,100 +0,0 @@ -#MIT License -# -#Copyright (c) 2017 Rui Lopes -# -#Permission is hereby granted, free of charge, to any person obtaining a copy -#of this software and associated documentation files (the "Software"), to deal -#in the Software without restriction, including without limitation the rights -#to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -#copies of the Software, and to permit persons to whom the Software is -#furnished to do so, subject to the following conditions: -# -#The above copyright notice and this permission notice shall be included in all -#copies or substantial portions of the Software. -# -#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -#IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -#FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -#AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -#LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -#OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -#SOFTWARE. - -Set-StrictMode -Version Latest -$ProgressPreference = 'SilentlyContinue' -$ErrorActionPreference = 'Stop' -trap { - Write-Host - Write-Host "ERROR: $_" - ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host - ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host - Write-Host - Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' - Start-Sleep -Seconds (60*60) - Exit 1 -} - -## for troubleshoot purposes, save this script output to a file. -#Start-Transcript C:\winrm-autounattend.txt - -## for troubleshoot purposes, save the current user details. this will be later displayed by provision.ps1. -#whoami /all >C:\whoami-autounattend.txt - -if (![Environment]::Is64BitProcess) { - throw 'this must run in a 64-bit PowerShell session' -} - -if (!(New-Object System.Security.Principal.WindowsPrincipal( - [Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole( - [Security.Principal.WindowsBuiltInRole]::Administrator)) { - throw 'this must run with Administrator privileges (e.g. in a elevated shell session)' -} - -# move all (non-domain) network interfaces into the private profile to make winrm happy (it needs at -# least one private interface; for vagrant its enough to configure the first network interface). -# NB in windows server it would be enough to call winrm -force argument, but -# in windows client 10, we must set the network interface profile. -Get-NetConnectionProfile ` - | Where-Object {$_.NetworkCategory -ne 'DomainAuthenticated'} ` - | Set-NetConnectionProfile -NetworkCategory Private - -# configure WinRM. -Write-Output 'Configuring WinRM...' -winrm quickconfig -quiet -winrm set winrm/config/service '@{AllowUnencrypted="true"}' -winrm set winrm/config/service/auth '@{Basic="true"}' -winrm set winrm/config/service/auth '@{CredSSP="true"}' -# make sure the WinRM service startup type is delayed-auto -# even when the default config is auto (e.g. Windows 2019 -# changed that default). -# WARN do not be tempted to change the default WinRM service startup type from -# delayed-auto to auto, as the later proved to be unreliable. -$result = sc.exe config WinRM start= delayed-auto -if ($result -ne '[SC] ChangeServiceConfig SUCCESS') { - throw "sc.exe config failed with $result" -} - -# dump the WinRM configuration. -Write-Output 'WinRM Configuration:' -winrm enumerate winrm/config/listener -winrm get winrm/config -winrm id - -# disable UAC remote restrictions. -# see https://support.microsoft.com/en-us/help/951016/description-of-user-account-control-and-remote-restrictions-in-windows -# see https://docs.microsoft.com/en-us/windows/desktop/wmisdk/user-account-control-and-wmi#handling-remote-connections-under-uac -New-ItemProperty ` - -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System' ` - -Name LocalAccountTokenFilterPolicy ` - -Value 1 ` - -Force ` - | Out-Null - -# make sure winrm can be accessed from any network location. -New-NetFirewallRule ` - -DisplayName WINRM-HTTP-In-TCP-VAGRANT ` - -Direction Inbound ` - -Action Allow ` - -Protocol TCP ` - -LocalPort 5985 ` - | Out-Null diff --git a/packer_templates/scripts/windows/provision.ps1 b/packer_templates/scripts/windows/provision.ps1 index 122f2a343..b3a4fc488 100644 --- a/packer_templates/scripts/windows/provision.ps1 +++ b/packer_templates/scripts/windows/provision.ps1 @@ -87,12 +87,14 @@ if ($systemVendor -eq 'QEMU') { # do nothing. Hyper-V enlightments are already bundled with Windows. } elseif ($systemVendor -eq 'VMware, Inc.') { Write-Host 'Mounting VMware Tools ISO...' - Mount-DiskImage -ImagePath C:\\vmware-tools.iso -PassThru | Get-Volume | Set-Volume -DriveLetter B + Mount-DiskImage -ImagePath C:\vmware-tools.iso -PassThru | Get-Volume Write-Host 'Installing VMware Tools...' - Start-Process -Wait -FilePath D:\\setup.exe -ArgumentList '/s' + Start-Process -Wait -FilePath E:\setup64.exe -ArgumentList '/S /v "/qn REBOOT=R"' Write-Output 'Installing VMware Tools...' # silent install without rebooting. - B:\setup64.exe /s /v '/qn reboot=r'| Out-String -Stream + E:\setup64.exe /S /v '/qn reboot=r'| Out-String -Stream + Dismount-DiskImage -ImagePath C:\vmware-tools.iso + Remove-Item C:\vmware-tools.iso } elseif ($systemVendor -eq 'Parallels Software International Inc.') { Write-Host 'Installing the Parallels Tools for Guest VM...' E:\PTAgent.exe /install_silent | Out-String -Stream @@ -130,12 +132,6 @@ Set-ItemProperty ` -Name DisabledComponents ` -Value 0xff -Write-Host 'Disabling hibernation...' -powercfg /hibernate off - -Write-Host 'Setting the power plan to high performance...' -powercfg /setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c - Write-Host 'Disabling the Windows Boot Manager menu...' # NB to have the menu show with a lower timeout, run this instead: bcdedit /timeout 2 # NB with a timeout of 2 you can still press F8 to show the boot manager menu. diff --git a/packer_templates/scripts/windows/remove-apps.ps1 b/packer_templates/scripts/windows/remove-apps.ps1 index 3209a66de..137eefa04 100644 --- a/packer_templates/scripts/windows/remove-apps.ps1 +++ b/packer_templates/scripts/windows/remove-apps.ps1 @@ -23,6 +23,7 @@ Set-StrictMode -Version Latest $ProgressPreference = 'SilentlyContinue' $ErrorActionPreference = 'Stop' + trap { Write-Host Write-Host "ERROR: $_" @@ -62,7 +63,11 @@ Get-AppXProvisionedPackage -Online | ForEach-Object { # NB some packages fail to be removed and thats OK. # see https://docs.microsoft.com/en-us/windows/application-management/apps-in-windows-10 @( + 'Clipchamp.Clipchamp' + 'Microsoft.549981C3F5F10' + 'Microsoft.BingNews' 'Microsoft.BingWeather' + 'Microsoft.GamingApp' 'Microsoft.GetHelp' 'Microsoft.Getstarted' 'Microsoft.Microsoft3DViewer' @@ -72,11 +77,15 @@ Get-AppXProvisionedPackage -Online | ForEach-Object { 'Microsoft.MixedReality.Portal' 'Microsoft.MSPaint' 'Microsoft.Office.OneNote' + 'Microsoft.OneDriveSync' + 'Microsoft.Paint' 'Microsoft.People' + 'Microsoft.PowerAutomateDesktop' 'Microsoft.ScreenSketch' 'Microsoft.Services.Store.Engagement' 'Microsoft.SkypeApp' 'Microsoft.StorePurchaseApp' + 'Microsoft.Todos' 'Microsoft.Wallet' 'Microsoft.Windows.Photos' 'Microsoft.WindowsAlarms' @@ -96,7 +105,9 @@ Get-AppXProvisionedPackage -Online | ForEach-Object { 'Microsoft.YourPhone' 'Microsoft.ZuneMusic' 'Microsoft.ZuneVideo' - #'Microsoft.BioEnrollment' # NB this fails to remove. + 'MicrosoftCorporationII.QuickAssist' + 'MicrosoftWindows.Client.WebExperience' + 'MicrosoftTeams' ) | ForEach-Object { $appx = Get-AppxPackage -AllUsers $_ if ($appx) { @@ -104,7 +115,7 @@ Get-AppXProvisionedPackage -Online | ForEach-Object { try { $appx | Remove-AppxPackage -AllUsers } catch { - Write-Output "WARN Failed to remove appx: $_" + Write-Host "WARN Failed to remove appx: $_" } } } diff --git a/packer_templates/scripts/windows/remove-one-drive-and-teams 2.ps1 b/packer_templates/scripts/windows/remove-one-drive-and-teams 2.ps1 new file mode 100644 index 000000000..f3724d959 --- /dev/null +++ b/packer_templates/scripts/windows/remove-one-drive-and-teams 2.ps1 @@ -0,0 +1,259 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Removing OneDrive' +function force-mkdir($path) { + if (!(Test-Path $path)) { + #Write-Host "-- Creating full path to: " $path -ForegroundColor White -BackgroundColor DarkGreen + New-Item -ItemType Directory -Force -Path $path + }} + +function Takeown-Registry($key) { + # TODO does not work for all root keys yet + switch ($key.split('\')[0]) { + "HKEY_CLASSES_ROOT" { + $reg = [Microsoft.Win32.Registry]::ClassesRoot + $key = $key.substring(18) + } + "HKEY_CURRENT_USER" { + $reg = [Microsoft.Win32.Registry]::CurrentUser + $key = $key.substring(18) + } + "HKEY_LOCAL_MACHINE" { + $reg = [Microsoft.Win32.Registry]::LocalMachine + $key = $key.substring(19) + } + } + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # set owner + $key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") + $acl = $key.GetAccessControl() + $acl.SetOwner($admins) + $key.SetAccessControl($acl) + + # set FullControl + $acl = $key.GetAccessControl() + $rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") + $acl.SetAccessRule($rule) + $key.SetAccessControl($acl) +} + +function Takeown-File($path) { + takeown.exe /A /F $path + $acl = Get-Acl $path + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # add NT Authority\SYSTEM + $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") + $acl.AddAccessRule($rule) + + Set-Acl -Path $path -AclObject $acl +} + +function Takeown-Folder($path) { + Takeown-File $path + foreach ($item in Get-ChildItem $path) { + if (Test-Path $item -PathType Container) { + Takeown-Folder $item.FullName + } else { + Takeown-File $item.FullName + } + } +} + +function Elevate-Privileges { + param($Privilege) + $Definition = @" + using System; + using System.Runtime.InteropServices; + public class AdjPriv { + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); + [DllImport("advapi32.dll", SetLastError = true)] + internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); + [StructLayout(LayoutKind.Sequential, Pack = 1)] + internal struct TokPriv1Luid { + public int Count; + public long Luid; + public int Attr; + } + internal const int SE_PRIVILEGE_ENABLED = 0x00000002; + internal const int TOKEN_QUERY = 0x00000008; + internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; + public static bool EnablePrivilege(long processHandle, string privilege) { + bool retVal; + TokPriv1Luid tp; + IntPtr hproc = new IntPtr(processHandle); + IntPtr htok = IntPtr.Zero; + retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); + tp.Count = 1; + tp.Luid = 0; + tp.Attr = SE_PRIVILEGE_ENABLED; + retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); + retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); + return retVal; + } + } +"@ + $ProcessHandle = (Get-Process -id $pid).Handle + $type = Add-Type $definition -PassThru + $type[0]::EnablePrivilege($processHandle, $Privilege) +} + +Write-Host "73 OneDrive process and explorer" +taskkill.exe /F /IM "OneDrive.exe" +taskkill.exe /F /IM "explorer.exe" + +Write-Host "Remove OneDrive" +if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") { + & "$env:systemroot\System32\OneDriveSetup.exe" /uninstall +} +if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") { + & "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall +} + +Write-Host "Disable OneDrive via Group Policies" +force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" +Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" -Name DisableFileSyncNGSC -Value 1 + +Write-Host "Removing OneDrive leftovers trash" +rm -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive" +rm -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive" +rm -Recurse -Force -ErrorAction SilentlyContinue "C:\OneDriveTemp" + +Write-Host "Remove Onedrive from explorer sidebar" +New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR" +mkdir -Force "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" +Set-ItemProperty "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" -Name System.IsPinnedToNameSpaceTree -Value 0 +mkdir -Force "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" +Set-ItemProperty "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" -Name System.IsPinnedToNameSpaceTree -Value 0 +Remove-PSDrive "HKCR" + +Write-Host "Removing run option for new users" +reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" +reg delete "HKEY_USERS\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f +reg unload "hku\Default" + +Write-Host "Removing startmenu junk entry" +rm -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk" + +Write-Host "Restarting explorer..." +start "explorer.exe" + +Write-Host "Wait for EX reload.." +sleep 15 + +Write-Host "Removing additional OneDrive leftovers" +foreach ($item in (ls "$env:WinDir\WinSxS\*onedrive*")) { + Takeown-Folder $item.FullName + rm -Recurse -Force $item.FullName -ErrorAction SilentlyContinue +} + +########################################################################################### +Write-Host "Removing Teams" +# Clearing Teams Cache by Mark Vale +# Uninstall Teams by Rudy Mens + +Write-Host "Stopping Teams Process" -ForegroundColor Yellow +try{ + Get-Process -ProcessName Teams | Stop-Process -Force + Start-Sleep -Seconds 3 + Write-Host "Teams Process Sucessfully Stopped" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Clearing Teams Disk Cache" -ForegroundColor Yellow +try{ + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\application cache\cache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\blob_storage" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\databases" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\cache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\gpucache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Indexeddb" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Local Storage" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\tmp" | Remove-Item -Confirm:$false + Write-Host "Teams Disk Cache Cleaned" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Stopping IE Process" -ForegroundColor Yellow +try{ + Get-Process -ProcessName MicrosoftEdge | Stop-Process -Force + Get-Process -ProcessName IExplore | Stop-Process -Force + Write-Host "Internet Explorer and Edge Processes Sucessfully Stopped" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Clearing IE Cache" -ForegroundColor Yellow +try{ + RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 8 + RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 2 + Write-Host "IE and Edge Cleaned" -ForegroundColor Green +}catch{ + Write-Host $_ +} +Write-Host "Cleanup Complete..." + + +Write-Host "Removing Teams Machine-wide Installer" +try +{ + $MachineWide = Get-WmiObject -Class Win32_Product | Where-Object{$_.Name -eq "Teams Machine-Wide Installer"} + $MachineWide.Uninstall() +} +catch +{ + Write-Warning $_ +} + +function unInstallTeams($path) { + $clientInstaller = "$($path)\Update.exe" + try { + $process = Start-Process -FilePath "$clientInstaller" -ArgumentList "--uninstall /s" -PassThru -Wait -ErrorAction STOP + if ($process.ExitCode -ne 0) + { + Write-Warning "UnInstallation failed with exit code $($process.ExitCode)." + } + } + catch { + Write-Warning $_.Exception.Message + } +} + +#Locate installation folder +$localAppData = "$($env:LOCALAPPDATA)\Microsoft\Teams" +$programData = "$($env:ProgramData)\$($env:USERNAME)\Microsoft\Teams" + +If (Test-Path "$($localAppData)\Current\Teams.exe") +{ + unInstallTeams($localAppData) +} +elseif (Test-Path "$($programData)\Current\Teams.exe") { + unInstallTeams($programData) +} +else { + Write-Warning "Teams installation not found" +} diff --git a/packer_templates/scripts/windows/remove-one-drive-and-teams.ps1 b/packer_templates/scripts/windows/remove-one-drive-and-teams.ps1 new file mode 100644 index 000000000..f3724d959 --- /dev/null +++ b/packer_templates/scripts/windows/remove-one-drive-and-teams.ps1 @@ -0,0 +1,259 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +Write-Host 'Removing OneDrive' +function force-mkdir($path) { + if (!(Test-Path $path)) { + #Write-Host "-- Creating full path to: " $path -ForegroundColor White -BackgroundColor DarkGreen + New-Item -ItemType Directory -Force -Path $path + }} + +function Takeown-Registry($key) { + # TODO does not work for all root keys yet + switch ($key.split('\')[0]) { + "HKEY_CLASSES_ROOT" { + $reg = [Microsoft.Win32.Registry]::ClassesRoot + $key = $key.substring(18) + } + "HKEY_CURRENT_USER" { + $reg = [Microsoft.Win32.Registry]::CurrentUser + $key = $key.substring(18) + } + "HKEY_LOCAL_MACHINE" { + $reg = [Microsoft.Win32.Registry]::LocalMachine + $key = $key.substring(19) + } + } + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # set owner + $key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") + $acl = $key.GetAccessControl() + $acl.SetOwner($admins) + $key.SetAccessControl($acl) + + # set FullControl + $acl = $key.GetAccessControl() + $rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") + $acl.SetAccessRule($rule) + $key.SetAccessControl($acl) +} + +function Takeown-File($path) { + takeown.exe /A /F $path + $acl = Get-Acl $path + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # add NT Authority\SYSTEM + $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") + $acl.AddAccessRule($rule) + + Set-Acl -Path $path -AclObject $acl +} + +function Takeown-Folder($path) { + Takeown-File $path + foreach ($item in Get-ChildItem $path) { + if (Test-Path $item -PathType Container) { + Takeown-Folder $item.FullName + } else { + Takeown-File $item.FullName + } + } +} + +function Elevate-Privileges { + param($Privilege) + $Definition = @" + using System; + using System.Runtime.InteropServices; + public class AdjPriv { + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); + [DllImport("advapi32.dll", SetLastError = true)] + internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); + [StructLayout(LayoutKind.Sequential, Pack = 1)] + internal struct TokPriv1Luid { + public int Count; + public long Luid; + public int Attr; + } + internal const int SE_PRIVILEGE_ENABLED = 0x00000002; + internal const int TOKEN_QUERY = 0x00000008; + internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; + public static bool EnablePrivilege(long processHandle, string privilege) { + bool retVal; + TokPriv1Luid tp; + IntPtr hproc = new IntPtr(processHandle); + IntPtr htok = IntPtr.Zero; + retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); + tp.Count = 1; + tp.Luid = 0; + tp.Attr = SE_PRIVILEGE_ENABLED; + retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); + retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); + return retVal; + } + } +"@ + $ProcessHandle = (Get-Process -id $pid).Handle + $type = Add-Type $definition -PassThru + $type[0]::EnablePrivilege($processHandle, $Privilege) +} + +Write-Host "73 OneDrive process and explorer" +taskkill.exe /F /IM "OneDrive.exe" +taskkill.exe /F /IM "explorer.exe" + +Write-Host "Remove OneDrive" +if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") { + & "$env:systemroot\System32\OneDriveSetup.exe" /uninstall +} +if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") { + & "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall +} + +Write-Host "Disable OneDrive via Group Policies" +force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" +Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" -Name DisableFileSyncNGSC -Value 1 + +Write-Host "Removing OneDrive leftovers trash" +rm -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive" +rm -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive" +rm -Recurse -Force -ErrorAction SilentlyContinue "C:\OneDriveTemp" + +Write-Host "Remove Onedrive from explorer sidebar" +New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR" +mkdir -Force "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" +Set-ItemProperty "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" -Name System.IsPinnedToNameSpaceTree -Value 0 +mkdir -Force "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" +Set-ItemProperty "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" -Name System.IsPinnedToNameSpaceTree -Value 0 +Remove-PSDrive "HKCR" + +Write-Host "Removing run option for new users" +reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" +reg delete "HKEY_USERS\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f +reg unload "hku\Default" + +Write-Host "Removing startmenu junk entry" +rm -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk" + +Write-Host "Restarting explorer..." +start "explorer.exe" + +Write-Host "Wait for EX reload.." +sleep 15 + +Write-Host "Removing additional OneDrive leftovers" +foreach ($item in (ls "$env:WinDir\WinSxS\*onedrive*")) { + Takeown-Folder $item.FullName + rm -Recurse -Force $item.FullName -ErrorAction SilentlyContinue +} + +########################################################################################### +Write-Host "Removing Teams" +# Clearing Teams Cache by Mark Vale +# Uninstall Teams by Rudy Mens + +Write-Host "Stopping Teams Process" -ForegroundColor Yellow +try{ + Get-Process -ProcessName Teams | Stop-Process -Force + Start-Sleep -Seconds 3 + Write-Host "Teams Process Sucessfully Stopped" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Clearing Teams Disk Cache" -ForegroundColor Yellow +try{ + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\application cache\cache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\blob_storage" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\databases" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\cache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\gpucache" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Indexeddb" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Local Storage" | Remove-Item -Confirm:$false + Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\tmp" | Remove-Item -Confirm:$false + Write-Host "Teams Disk Cache Cleaned" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Stopping IE Process" -ForegroundColor Yellow +try{ + Get-Process -ProcessName MicrosoftEdge | Stop-Process -Force + Get-Process -ProcessName IExplore | Stop-Process -Force + Write-Host "Internet Explorer and Edge Processes Sucessfully Stopped" -ForegroundColor Green +}catch{ + Write-Host $_ +} + +Write-Host "Clearing IE Cache" -ForegroundColor Yellow +try{ + RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 8 + RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 2 + Write-Host "IE and Edge Cleaned" -ForegroundColor Green +}catch{ + Write-Host $_ +} +Write-Host "Cleanup Complete..." + + +Write-Host "Removing Teams Machine-wide Installer" +try +{ + $MachineWide = Get-WmiObject -Class Win32_Product | Where-Object{$_.Name -eq "Teams Machine-Wide Installer"} + $MachineWide.Uninstall() +} +catch +{ + Write-Warning $_ +} + +function unInstallTeams($path) { + $clientInstaller = "$($path)\Update.exe" + try { + $process = Start-Process -FilePath "$clientInstaller" -ArgumentList "--uninstall /s" -PassThru -Wait -ErrorAction STOP + if ($process.ExitCode -ne 0) + { + Write-Warning "UnInstallation failed with exit code $($process.ExitCode)." + } + } + catch { + Write-Warning $_.Exception.Message + } +} + +#Locate installation folder +$localAppData = "$($env:LOCALAPPDATA)\Microsoft\Teams" +$programData = "$($env:ProgramData)\$($env:USERNAME)\Microsoft\Teams" + +If (Test-Path "$($localAppData)\Current\Teams.exe") +{ + unInstallTeams($localAppData) +} +elseif (Test-Path "$($programData)\Current\Teams.exe") { + unInstallTeams($programData) +} +else { + Write-Warning "Teams installation not found" +} diff --git a/packer_templates/scripts/windows/remove-one-drive.ps1 b/packer_templates/scripts/windows/remove-one-drive.ps1 deleted file mode 100644 index 30d869cbd..000000000 --- a/packer_templates/scripts/windows/remove-one-drive.ps1 +++ /dev/null @@ -1,69 +0,0 @@ -#MIT License -# -#Copyright (c) 2017 Rui Lopes -# -#Permission is hereby granted, free of charge, to any person obtaining a copy -#of this software and associated documentation files (the "Software"), to deal -#in the Software without restriction, including without limitation the rights -#to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -#copies of the Software, and to permit persons to whom the Software is -#furnished to do so, subject to the following conditions: -# -#The above copyright notice and this permission notice shall be included in all -#copies or substantial portions of the Software. -# -#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -#IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -#FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -#AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -#LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -#OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -#SOFTWARE. - -Set-StrictMode -Version Latest -$ProgressPreference = 'SilentlyContinue' -$ErrorActionPreference = 'Stop' -trap { - Write-Host - Write-Host "ERROR: $_" - ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host - ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host - Write-Host - Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' - Start-Sleep -Seconds (60*60) - Exit 1 -} - -$oneDriveSetup = 'C:\Windows\SysWOW64\OneDriveSetup.exe' - -# bail when OneDrive is not installed. -if (!(Test-Path $oneDriveSetup)) { - Exit 0 -} - -# disable OneDrive. -New-Item ` - -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows' ` - -Name OneDrive ` - -Force ` - | Out-Null -New-ItemProperty ` - -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\OneDrive' ` - -Name DisableFileSyncNGSC ` - -Value 1 ` - -Force ` - | Out-Null - -# uninstall OneDrive. -# NB one drive setup will still be WinSxS and it does not seem possible to -# remove with Remove-WindowsPackage. -Get-Process OneDrive -ErrorAction SilentlyContinue | Stop-Process -Force -&$oneDriveSetup /uninstall | Out-String -Stream - -# ignore uninstall error. -# NB because it fails in windows 20H2, and not having OneDrive is just a -# nice to have. -if ($LASTEXITCODE) { - Write-Output "WARN Failed to uninstall OneDrive with exit code $LASTEXITCODE." - Exit 0 -} diff --git a/packer_templates/scripts/windows/ui-tweaks 2.ps1 b/packer_templates/scripts/windows/ui-tweaks 2.ps1 new file mode 100644 index 000000000..3982f0a98 --- /dev/null +++ b/packer_templates/scripts/windows/ui-tweaks 2.ps1 @@ -0,0 +1,65 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +@( + # Show file extensions + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name HideFileExt -Type DWORD -Value 0} + # Show hidden files + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name Hidden -Type DWORD -Value 1} + # Launch explorer to the PC not the user + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name LaunchTo -Type DWORD -Value 1} + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name FullPathAddress -Type DWORD -Value 1} + # Disable notification popups + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name EnableBalloonTips -Type DWORD -Value 0} + # Disable error reporting popups + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Windows Error Reporting' -Name DontShowUI -Type DWORD -Value 0} + # Disable prompting for a shutdown reason + {Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability' -Name ShutdownReasonOn -Type DWORD -Value 0} + # Set visual effects to best performance + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects' -Name VisualFXSetting -Type DWORD -Value 2} + # Dont use visual styles on windows and buttons + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\ThemeManager' -Name ThemeActive -Type DWORD -Value 1} + # Dont use common tasks in folders + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name WebView -Type DWORD -Value 0} + # Dont use drop shadows for icon labels on the desktop + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name ListviewShadow -Type DWORD -Value 0} + # Dont use a background image for each folder type + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name ListviewWatermark -Type DWORD -Value 0} + # Dont slide taskbar buttons + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name TaskbarAnimations -Type DWORD -Value 0} + # Dont animate windows when minimizing and maximizing + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop\WindowMetrics' -Name MinAnimate -Type STRING -Value 0} + # Dont show window contents while dragging + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name DragFullWindows -Type STRING -Value 0} + # Dont Smooth edges of screen fonts + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name FontSmoothing -Type STRING -Value 0} + # Dont smooth scroll list boxes + # Dont slide open combo boxes + # Dont fade or slide menus into view + # Dont show shadows under mouse pointer + # Dont fade or slide tooltips into view + # Dont fade out menu items after clicking + # Dont show shadows under menus + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name UserPreferencesMask -Type BINARY -Value (90,12,01,80)} +) | ForEach-Object { + try + { + Invoke-Command -ScriptBlock $_ + } + catch + { + Write-Host "WARN Failed to run: $_" + } +} diff --git a/packer_templates/scripts/windows/ui-tweaks.ps1 b/packer_templates/scripts/windows/ui-tweaks.ps1 new file mode 100644 index 000000000..3982f0a98 --- /dev/null +++ b/packer_templates/scripts/windows/ui-tweaks.ps1 @@ -0,0 +1,65 @@ +Set-StrictMode -Version Latest +$ProgressPreference = 'SilentlyContinue' +$ErrorActionPreference = 'Stop' + +trap { + Write-Host + Write-Host "ERROR: $_" + ($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host + ($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host + Write-Host + Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...' + Start-Sleep -Seconds (60*60) + Exit 1 +} + +@( + # Show file extensions + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name HideFileExt -Type DWORD -Value 0} + # Show hidden files + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name Hidden -Type DWORD -Value 1} + # Launch explorer to the PC not the user + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name LaunchTo -Type DWORD -Value 1} + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name FullPathAddress -Type DWORD -Value 1} + # Disable notification popups + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name EnableBalloonTips -Type DWORD -Value 0} + # Disable error reporting popups + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Windows Error Reporting' -Name DontShowUI -Type DWORD -Value 0} + # Disable prompting for a shutdown reason + {Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Reliability' -Name ShutdownReasonOn -Type DWORD -Value 0} + # Set visual effects to best performance + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects' -Name VisualFXSetting -Type DWORD -Value 2} + # Dont use visual styles on windows and buttons + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\ThemeManager' -Name ThemeActive -Type DWORD -Value 1} + # Dont use common tasks in folders + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name WebView -Type DWORD -Value 0} + # Dont use drop shadows for icon labels on the desktop + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name ListviewShadow -Type DWORD -Value 0} + # Dont use a background image for each folder type + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name ListviewWatermark -Type DWORD -Value 0} + # Dont slide taskbar buttons + {Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name TaskbarAnimations -Type DWORD -Value 0} + # Dont animate windows when minimizing and maximizing + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop\WindowMetrics' -Name MinAnimate -Type STRING -Value 0} + # Dont show window contents while dragging + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name DragFullWindows -Type STRING -Value 0} + # Dont Smooth edges of screen fonts + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name FontSmoothing -Type STRING -Value 0} + # Dont smooth scroll list boxes + # Dont slide open combo boxes + # Dont fade or slide menus into view + # Dont show shadows under mouse pointer + # Dont fade or slide tooltips into view + # Dont fade out menu items after clicking + # Dont show shadows under menus + {Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name UserPreferencesMask -Type BINARY -Value (90,12,01,80)} +) | ForEach-Object { + try + { + Invoke-Command -ScriptBlock $_ + } + catch + { + Write-Host "WARN Failed to run: $_" + } +} diff --git a/packer_templates/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1 b/packer_templates/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1 deleted file mode 100644 index be5267040..000000000 --- a/packer_templates/scripts/windows/virtualbox-prevent-vboxsrv-resolution-delay.ps1 +++ /dev/null @@ -1,34 +0,0 @@ -#MIT License -# -#Copyright (c) 2017 Rui Lopes -# -#Permission is hereby granted, free of charge, to any person obtaining a copy -#of this software and associated documentation files (the "Software"), to deal -#in the Software without restriction, including without limitation the rights -#to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -#copies of the Software, and to permit persons to whom the Software is -#furnished to do so, subject to the following conditions: -# -#The above copyright notice and this permission notice shall be included in all -#copies or substantial portions of the Software. -# -#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -#IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -#FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -#AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -#LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -#OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -#SOFTWARE. - -if ('VirtualBox' -ne (Get-CimInstance -ClassName WIN32_BIOS -Property SMBIOSBIOSVersion).SMBIOSBIOSVersion) { - Exit 0 -} - -# to prevent long delays while resolving the vboxsrv (used by c:\vagrant) -# NetBIOS name, hard-code its address in the lmhosts file. -# see 12.3.9. Long delays when accessing shared folders -# at https://www.virtualbox.org/manual/ch12.html#idm10219 -Write-Output @' -255.255.255.255 VBOXSVR #PRE -255.255.255.255 VBOXSRV #PRE -'@ | Out-File -Encoding ASCII -Append 'c:\windows\system32\drivers\etc\lmhosts' diff --git a/packer_templates/vagrantfile-windows-gen2.template b/packer_templates/vagrantfile-windows-gen2.template deleted file mode 100644 index 8a0a1ebb0..000000000 --- a/packer_templates/vagrantfile-windows-gen2.template +++ /dev/null @@ -1,22 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant.require_version ">= 1.6.2" - -Vagrant.configure("2") do |config| - config.vm.box = "hyperv_win_10" - config.vm.communicator = "winrm" - config.vm.synced_folder ".", "/vagrant", SharedFoldersEnableSymlinksCreate: false - - config.vm.guest = :windows - - config.vm.network :forwarded_port, guest: 3389, host: 3399, id: "rdp", auto_correct: true - config.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true - - config.vm.provider "hyperv" do |hv| - hv.ip_address_timeout = 240 - hv.memory = 2048 - hv.cpus = 2 - hv.enable_virtualization_extensions = true - end -end diff --git a/packer_templates/vagrantfile-windows.template b/packer_templates/vagrantfile-windows.template index de22af3cc..4a19e63d7 100644 --- a/packer_templates/vagrantfile-windows.template +++ b/packer_templates/vagrantfile-windows.template @@ -6,19 +6,23 @@ Vagrant.configure(2) do |config| config.vm.communicator = "winrm" config.vm.boot_timeout = 300 config.vm.network :forwarded_port, guest: 3389, host: 3389, id: 'rdp', auto_correct: true + config.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true config.vm.provider "virtualbox" do |vb| vb.gui = true - vb.memory = 2048 + vb.cpus = 2 + vb.memory = 4096 end config.vm.provider 'hyperv' do |hv| hv.ip_address_timeout = 240 - hv.memory = 2048 + hv.memory = 4096 + hv.cpus = 2 + hv.enable_virtualization_extensions = true end config.vm.provider :libvirt do |domain| - domain.memory = 2028 + domain.memory = 4096 domain.cpus = 2 end end diff --git a/packer_templates/win_answer_files/10/Autounattend.xml b/packer_templates/win_answer_files/10/Autounattend.xml index 03669b711..e54d1ce35 100644 --- a/packer_templates/win_answer_files/10/Autounattend.xml +++ b/packer_templates/win_answer_files/10/Autounattend.xml @@ -1,171 +1,170 @@ - - - - - - - E:\viostor\w10\amd64 - - - - E:\NetKVM\w10\amd64 - - - - E:\Balloon\w10\amd64 - - - - E:\pvpanic\w10\amd64 - - - - E:\qemupciserial\w10\amd64 - - - - E:\qxldod\w10\amd64 - - - - E:\vioinput\w10\amd64 - - - - E:\viorng\w10\amd64 - - - - E:\vioscsi\w10\amd64 - - - - E:\vioserial\w10\amd64 - - - - - - en-US - - en-US - en-US - en-US - en-US - en-US - - - - - - - Primary - 1 - 100 - - - 2 - Primary - true - - - - - true - NTFS - - 1 - 1 - - - NTFS - - C - 2 - 2 - - - 0 - true - - - - - - - /IMAGE/NAME - Windows 10 Enterprise Evaluation - - - - 0 - 2 - - - - - - OnError - - true - Vagrant - Bento by Chef Software, Inc. - - - - - - 1 - - - false - false - - - - - en-US - en-US - en-US - en-US - - - - true - true - true - true - true - Work - 3 - true - true - - UTC - - - vagrant - true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>E:\viostor\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>E:\NetKVM\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>E:\Balloon\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>E:\pvpanic\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>E:\qemupciserial\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>E:\qxldod\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>E:\vioinput\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>E:\viorng\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>E:\vioscsi\w10\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>E:\vioserial\w10\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Type>Primary</Type> + <Order>1</Order> + <Size>100</Size> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Type>Primary</Type> + <Extend>true</Extend> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Active>true</Active> + <Format>NTFS</Format> + <Label>boot</Label> + <Order>1</Order> + <PartitionID>1</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Format>NTFS</Format> + <Label>Windows</Label> + <Letter>C</Letter> + <Order>2</Order> + <PartitionID>2</PartitionID> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows 10 Enterprise Evaluation</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>2</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> <AutoLogon> <Password> <Value>vagrant</Value> @@ -174,44 +173,129 @@ <Username>vagrant</Username> <Enabled>true</Enabled> </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>powershell -NoLogo -ExecutionPolicy RemoteSigned -File a:\base_setup.ps1</CommandLine> - <Description>Configure WinRM so packer can connect to run Chef</Description> - <Order>3</Order> - <RequiresUserInput>false</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>4</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> - <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> - </component> - </settings> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> </unattend> diff --git a/packer_templates/win_answer_files/10/gen2_Autounattend.xml b/packer_templates/win_answer_files/10/hyperv-gen2/Autounattend 2.xml similarity index 53% rename from packer_templates/win_answer_files/10/gen2_Autounattend.xml rename to packer_templates/win_answer_files/10/hyperv-gen2/Autounattend 2.xml index d64883c09..4465d46ea 100644 --- a/packer_templates/win_answer_files/10/gen2_Autounattend.xml +++ b/packer_templates/win_answer_files/10/hyperv-gen2/Autounattend 2.xml @@ -1,59 +1,46 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> - <!-- - This makes the VirtIO drivers available to Windows, assuming that - the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso - (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) - is available as drive E: - --> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> <DriverPaths> <PathAndCredentials wcm:action="add" wcm:keyValue="2"> <Path>F:\viostor\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> <Path>F:\NetKVM\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> <Path>F:\Balloon\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> <Path>F:\pvpanic\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> <Path>F:\qemupciserial\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> <Path>F:\qxldod\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> <Path>F:\vioinput\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> <Path>F:\viorng\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> <Path>F:\vioscsi\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> <Path>F:\vioserial\w10\amd64</Path> </PathAndCredentials> </DriverPaths> </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> @@ -63,9 +50,7 @@ <UILanguageFallback>en-US</UILanguageFallback> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> @@ -142,33 +127,28 @@ <FullName>Vagrant</FullName> <Organization>Bento by Chef Software, Inc.</Organization> </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> </component> </settings> <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SkipRearm>1</SkipRearm> </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> </component> </settings> <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <InputLocale>en-US</InputLocale> <SystemLocale>en-US</SystemLocale> <UILanguage>en-US</UILanguage> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> @@ -179,6 +159,11 @@ <ProtectYourPC>3</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> </OOBE> <TimeZone>UTC</TimeZone> <UserAccounts> @@ -209,45 +194,127 @@ </AutoLogon> <FirstLogonCommands> <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> <Description>Set Execution Policy 64 Bit</Description> <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> <Description>Set Execution Policy 32 Bit</Description> <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>powershell -NoLogo -ExecutionPolicy RemoteSigned -File e:\base_setup.ps1</CommandLine> - <Description>Configure WinRM so packer can connect to run Chef</Description> <Order>3</Order> - <RequiresUserInput>false</RequiresUserInput> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> <Description>Disable password expiration for vagrant user</Description> </SynchronousCommand> </FirstLogonCommands> </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> </settings> <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> </component> </settings> </unattend> diff --git a/packer_templates/win_answer_files/11/gen2_Autounattend.xml b/packer_templates/win_answer_files/10/hyperv-gen2/Autounattend.xml similarity index 50% rename from packer_templates/win_answer_files/11/gen2_Autounattend.xml rename to packer_templates/win_answer_files/10/hyperv-gen2/Autounattend.xml index 89e9c2602..4465d46ea 100644 --- a/packer_templates/win_answer_files/11/gen2_Autounattend.xml +++ b/packer_templates/win_answer_files/10/hyperv-gen2/Autounattend.xml @@ -1,63 +1,46 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> - <!-- - This makes the VirtIO drivers available to Windows, assuming that - the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso - (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) - is available as drive E: - --> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> <DriverPaths> <PathAndCredentials wcm:action="add" wcm:keyValue="2"> - <Path>F:\viostor\w11\amd64</Path> + <Path>F:\viostor\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> - <Path>F:\NetKVM\w11\amd64</Path> + <Path>F:\NetKVM\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> - <Path>F:\Balloon\w11\amd64</Path> + <Path>F:\Balloon\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> - <Path>F:\pvpanic\w11\amd64</Path> + <Path>F:\pvpanic\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> - <Path>F:\qemupciserial\w11\amd64</Path> + <Path>F:\qemupciserial\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> - <Path>F:\qxldod\w11\amd64</Path> + <Path>F:\qxldod\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> - <Path>F:\vioinput\w11\amd64</Path> + <Path>F:\vioinput\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> - <Path>F:\viorng\w11\amd64</Path> + <Path>F:\viorng\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> - <Path>F:\vioscsi\w11\amd64</Path> + <Path>F:\vioscsi\w10\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> - <Path>F:\vioserial\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="12"> - <Path>F:\vioserial\w11\amd64</Path> + <Path>F:\vioserial\w10\amd64</Path> </PathAndCredentials> </DriverPaths> </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> @@ -67,9 +50,7 @@ <UILanguageFallback>en-US</UILanguageFallback> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> @@ -129,7 +110,7 @@ <InstallFrom> <MetaData wcm:action="add"> <Key>/IMAGE/NAME</Key> - <Value>Windows 11 Enterprise Evaluation</Value> + <Value>Windows 10 Enterprise Evaluation</Value> </MetaData> </InstallFrom> <InstallTo> @@ -146,33 +127,28 @@ <FullName>Vagrant</FullName> <Organization>Bento by Chef Software, Inc.</Organization> </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> </component> </settings> <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SkipRearm>1</SkipRearm> </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> </component> </settings> <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <InputLocale>en-US</InputLocale> <SystemLocale>en-US</SystemLocale> <UILanguage>en-US</UILanguage> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" - xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> @@ -183,6 +159,11 @@ <ProtectYourPC>3</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> </OOBE> <TimeZone>UTC</TimeZone> <UserAccounts> @@ -213,45 +194,127 @@ </AutoLogon> <FirstLogonCommands> <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> <Description>Set Execution Policy 64 Bit</Description> <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> <Description>Set Execution Policy 32 Bit</Description> <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>powershell -NoLogo -ExecutionPolicy RemoteSigned -File e:\base_setup.ps1</CommandLine> - <Description>Configure WinRM so packer can connect to run Chef</Description> <Order>3</Order> - <RequiresUserInput>false</RequiresUserInput> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> </SynchronousCommand> <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> <Description>Disable password expiration for vagrant user</Description> </SynchronousCommand> </FirstLogonCommands> </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> </settings> <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> </component> </settings> </unattend> diff --git a/packer_templates/win_answer_files/11/Autounattend.xml b/packer_templates/win_answer_files/11/Autounattend.xml index 1c09214e2..dad87a233 100644 --- a/packer_templates/win_answer_files/11/Autounattend.xml +++ b/packer_templates/win_answer_files/11/Autounattend.xml @@ -1,175 +1,180 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> - <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> - <!-- - This makes the VirtIO drivers available to Windows, assuming that - the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso - (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) - is available as drive E: - --> - <DriverPaths> - <PathAndCredentials wcm:action="add" wcm:keyValue="2"> - <Path>E:\viostor\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> - <Path>E:\NetKVM\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> - <Path>E:\Balloon\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> - <Path>E:\pvpanic\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> - <Path>E:\qemupciserial\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> - <Path>E:\qxldod\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> - <Path>E:\vioinput\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> - <Path>E:\viorng\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> - <Path>E:\vioscsi\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> - <Path>E:\vioserial\w11\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="12"> - <Path>E:\vioserial\w11\amd64</Path> - </PathAndCredentials> - </DriverPaths> - </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SetupUILanguage> - <UILanguage>en-US</UILanguage> - </SetupUILanguage> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UILanguageFallback>en-US</UILanguageFallback> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <DiskConfiguration> - <Disk wcm:action="add"> - <CreatePartitions> - <CreatePartition wcm:action="add"> - <Type>Primary</Type> - <Order>1</Order> - <Size>100</Size> - </CreatePartition> - <CreatePartition wcm:action="add"> - <Order>2</Order> - <Type>Primary</Type> - <Extend>true</Extend> - </CreatePartition> - </CreatePartitions> - <ModifyPartitions> - <ModifyPartition wcm:action="add"> - <Active>true</Active> - <Format>NTFS</Format> - <Label>boot</Label> - <Order>1</Order> - <PartitionID>1</PartitionID> - </ModifyPartition> - <ModifyPartition wcm:action="add"> - <Format>NTFS</Format> - <Label>Windows 11</Label> - <Letter>C</Letter> - <Order>2</Order> - <PartitionID>2</PartitionID> - </ModifyPartition> - </ModifyPartitions> - <DiskID>0</DiskID> - <WillWipeDisk>true</WillWipeDisk> - </Disk> - </DiskConfiguration> - <ImageInstall> - <OSImage> - <InstallFrom> - <MetaData wcm:action="add"> - <Key>/IMAGE/NAME</Key> - <Value>Windows 11 Enterprise Evaluation</Value> - </MetaData> - </InstallFrom> - <InstallTo> - <DiskID>0</DiskID> - <PartitionID>2</PartitionID> - </InstallTo> - </OSImage> - </ImageInstall> - <UserData> - <ProductKey> - <WillShowUI>OnError</WillShowUI> - </ProductKey> - <AcceptEula>true</AcceptEula> - <FullName>Vagrant</FullName> - <Organization>Bento by Chef Software, Inc.</Organization> - </UserData> - </component> - </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <OOBE> - <HideEULAPage>true</HideEULAPage> - <HideLocalAccountScreen>true</HideLocalAccountScreen> - <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> - <HideOnlineAccountScreens>true</HideOnlineAccountScreens> - <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Work</NetworkLocation> - <ProtectYourPC>3</ProtectYourPC> - <SkipMachineOOBE>true</SkipMachineOOBE> - <SkipUserOOBE>true</SkipUserOOBE> - </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>E:\viostor\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>E:\NetKVM\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>E:\Balloon\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>E:\pvpanic\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>E:\qemupciserial\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>E:\qxldod\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>E:\vioinput\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>E:\viorng\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>E:\vioscsi\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>E:\vioserial\w11\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <RunSynchronous> + <RunSynchronousCommand wcm:action="add"> + <Order>1</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>2</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + </RunSynchronous> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Type>Primary</Type> + <Order>1</Order> + <Size>100</Size> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Type>Primary</Type> + <Extend>true</Extend> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Active>true</Active> + <Format>NTFS</Format> + <Label>boot</Label> + <Order>1</Order> + <PartitionID>1</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Format>NTFS</Format> + <Label>Windows</Label> + <Letter>C</Letter> + <Order>2</Order> + <PartitionID>2</PartitionID> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows 11 Enterprise Evaluation</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>2</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> <AutoLogon> <Password> <Value>vagrant</Value> @@ -178,44 +183,139 @@ <Username>vagrant</Username> <Enabled>true</Enabled> </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>powershell -NoLogo -ExecutionPolicy RemoteSigned -File a:\base_setup.ps1</CommandLine> - <Description>Configure WinRM so packer can connect to run Chef</Description> - <Order>3</Order> - <RequiresUserInput>false</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>4</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> - <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> - </component> - </settings> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine> + <Order>18</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine> + <Order>19</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> </unattend> diff --git a/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend 2.xml b/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend 2.xml new file mode 100644 index 000000000..65a4caaa3 --- /dev/null +++ b/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend 2.xml @@ -0,0 +1,341 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\w11\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <RunSynchronous> + <RunSynchronousCommand wcm:action="add"> + <Order>1</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>2</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + </RunSynchronous> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows 11 Enterprise Evaluation</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine> + <Order>18</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine> + <Order>19</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend.xml b/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend.xml new file mode 100644 index 000000000..65a4caaa3 --- /dev/null +++ b/packer_templates/win_answer_files/11/hyperv-gen2/Autounattend.xml @@ -0,0 +1,341 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\w11\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\w11\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <RunSynchronous> + <RunSynchronousCommand wcm:action="add"> + <Order>1</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>2</Order> + <Path>%windir%\System32\reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + </RunSynchronous> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows 11 Enterprise Evaluation</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine> + <Order>18</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine> + <Order>19</Order> + <Description>Enable AutoLogon</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2012/Autounattend.xml b/packer_templates/win_answer_files/2012/Autounattend.xml deleted file mode 100644 index 52937873b..000000000 --- a/packer_templates/win_answer_files/2012/Autounattend.xml +++ /dev/null @@ -1,289 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> - <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <!-- - This makes the VirtIO drivers available to Windows, assuming that - the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso - (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) - is available as drive E: - --> - <DriverPaths> - <PathAndCredentials wcm:action="add" wcm:keyValue="2"> - <Path>E:\viostor\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> - <Path>E:\NetKVM\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> - <Path>E:\Balloon\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> - <Path>E:\pvpanic\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> - <Path>E:\qemupciserial\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> - <Path>E:\qxldod\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> - <Path>E:\vioinput\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> - <Path>E:\viorng\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> - <Path>E:\vioscsi\2k12\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> - <Path>E:\vioserial\2k12\amd64</Path> - </PathAndCredentials> - </DriverPaths> - </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SetupUILanguage> - <UILanguage>en-US</UILanguage> - </SetupUILanguage> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UILanguageFallback>en-US</UILanguageFallback> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <DiskConfiguration> - <Disk wcm:action="add"> - <CreatePartitions> - <CreatePartition wcm:action="add"> - <Type>Primary</Type> - <Order>1</Order> - <Size>350</Size> - </CreatePartition> - <CreatePartition wcm:action="add"> - <Order>2</Order> - <Type>Primary</Type> - <Extend>true</Extend> - </CreatePartition> - </CreatePartitions> - <ModifyPartitions> - <ModifyPartition wcm:action="add"> - <Active>true</Active> - <Format>NTFS</Format> - <Label>boot</Label> - <Order>1</Order> - <PartitionID>1</PartitionID> - </ModifyPartition> - <ModifyPartition wcm:action="add"> - <Format>NTFS</Format> - <Label>Windows 2012</Label> - <Letter>C</Letter> - <Order>2</Order> - <PartitionID>2</PartitionID> - </ModifyPartition> - </ModifyPartitions> - <DiskID>0</DiskID> - <WillWipeDisk>true</WillWipeDisk> - </Disk> - </DiskConfiguration> - <ImageInstall> - <OSImage> - <InstallFrom> - <MetaData wcm:action="add"> - <Key>/IMAGE/NAME</Key> - <Value>Windows Server 2012 SERVERSTANDARD</Value> - </MetaData> - </InstallFrom> - <InstallTo> - <DiskID>0</DiskID> - <PartitionID>2</PartitionID> - </InstallTo> - </OSImage> - </ImageInstall> - <UserData> - <ProductKey> - <WillShowUI>OnError</WillShowUI> - </ProductKey> - <AcceptEula>true</AcceptEula> - <FullName>Vagrant</FullName> - <Organization>Bento by Chef Software, Inc.</Organization> - </UserData> - </component> - </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <OOBE> - <HideEULAPage>true</HideEULAPage> - <HideLocalAccountScreen>true</HideLocalAccountScreen> - <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> - <HideOnlineAccountScreens>true</HideOnlineAccountScreens> - <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> - <ProtectYourPC>3</ProtectYourPC> - <SkipMachineOOBE>true</SkipMachineOOBE> - <SkipUserOOBE>true</SkipUserOOBE> - </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> - <AutoLogon> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Username>vagrant</Username> - <Enabled>true</Enabled> - </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine> - <Description>winrm quickconfig -q</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine> - <Description>winrm quickconfig -transport:http</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> - <Description>Win RM MaxTimoutms</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine> - <Description>Win RM MaxMemoryPerShellMB</Description> - <Order>6</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> - <Description>Win RM AllowUnencrypted</Description> - <Order>7</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> - <Description>Win RM auth Basic</Description> - <Order>8</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> - <Description>Win RM client auth Basic</Description> - <Order>9</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine> - <Description>Win RM listener Address/Port</Description> - <Order>10</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine> - <Description>Win RM adv firewall enable</Description> - <Order>11</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine> - <Description>Win RM port open</Description> - <Order>12</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net stop winrm </CommandLine> - <Description>Stop Win RM Service </Description> - <Order>13</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine> - <Description>Win RM Autostart</Description> - <Order>14</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net start winrm</CommandLine> - <Description>Start Win RM Service</Description> - <Order>15</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>16</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> - <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> - </component> - </settings> -</unattend> diff --git a/packer_templates/win_answer_files/2012r2/Autounattend.xml b/packer_templates/win_answer_files/2012r2/Autounattend.xml deleted file mode 100644 index 4c020b308..000000000 --- a/packer_templates/win_answer_files/2012r2/Autounattend.xml +++ /dev/null @@ -1,289 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> - <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <!-- - This makes the VirtIO drivers available to Windows, assuming that - the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso - (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) - is available as drive E: - --> - <DriverPaths> - <PathAndCredentials wcm:action="add" wcm:keyValue="2"> - <Path>E:\viostor\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> - <Path>E:\NetKVM\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> - <Path>E:\Balloon\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> - <Path>E:\pvpanic\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> - <Path>E:\qemupciserial\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> - <Path>E:\qxldod\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> - <Path>E:\vioinput\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> - <Path>E:\viorng\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> - <Path>E:\vioscsi\2k12R2\amd64</Path> - </PathAndCredentials> - - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> - <Path>E:\vioserial\2k12R2\amd64</Path> - </PathAndCredentials> - </DriverPaths> - </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SetupUILanguage> - <UILanguage>en-US</UILanguage> - </SetupUILanguage> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UILanguageFallback>en-US</UILanguageFallback> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <DiskConfiguration> - <Disk wcm:action="add"> - <CreatePartitions> - <CreatePartition wcm:action="add"> - <Type>Primary</Type> - <Order>1</Order> - <Size>350</Size> - </CreatePartition> - <CreatePartition wcm:action="add"> - <Order>2</Order> - <Type>Primary</Type> - <Extend>true</Extend> - </CreatePartition> - </CreatePartitions> - <ModifyPartitions> - <ModifyPartition wcm:action="add"> - <Active>true</Active> - <Format>NTFS</Format> - <Label>boot</Label> - <Order>1</Order> - <PartitionID>1</PartitionID> - </ModifyPartition> - <ModifyPartition wcm:action="add"> - <Format>NTFS</Format> - <Label>Windows 2012 R2</Label> - <Letter>C</Letter> - <Order>2</Order> - <PartitionID>2</PartitionID> - </ModifyPartition> - </ModifyPartitions> - <DiskID>0</DiskID> - <WillWipeDisk>true</WillWipeDisk> - </Disk> - </DiskConfiguration> - <ImageInstall> - <OSImage> - <InstallFrom> - <MetaData wcm:action="add"> - <Key>/IMAGE/NAME</Key> - <Value>Windows Server 2012 R2 SERVERSTANDARD</Value> - </MetaData> - </InstallFrom> - <InstallTo> - <DiskID>0</DiskID> - <PartitionID>2</PartitionID> - </InstallTo> - </OSImage> - </ImageInstall> - <UserData> - <ProductKey> - <WillShowUI>OnError</WillShowUI> - </ProductKey> - <AcceptEula>true</AcceptEula> - <FullName>Vagrant</FullName> - <Organization>Bento by Chef Software, Inc.</Organization> - </UserData> - </component> - </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <OOBE> - <HideEULAPage>true</HideEULAPage> - <HideLocalAccountScreen>true</HideLocalAccountScreen> - <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> - <HideOnlineAccountScreens>true</HideOnlineAccountScreens> - <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> - <ProtectYourPC>3</ProtectYourPC> - <SkipMachineOOBE>true</SkipMachineOOBE> - <SkipUserOOBE>true</SkipUserOOBE> - </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> - <AutoLogon> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Username>vagrant</Username> - <Enabled>true</Enabled> - </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine> - <Description>winrm quickconfig -q</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine> - <Description>winrm quickconfig -transport:http</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> - <Description>Win RM MaxTimoutms</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine> - <Description>Win RM MaxMemoryPerShellMB</Description> - <Order>6</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> - <Description>Win RM AllowUnencrypted</Description> - <Order>7</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> - <Description>Win RM auth Basic</Description> - <Order>8</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> - <Description>Win RM client auth Basic</Description> - <Order>9</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine> - <Description>Win RM listener Address/Port</Description> - <Order>10</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine> - <Description>Win RM adv firewall enable</Description> - <Order>11</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine> - <Description>Win RM port open</Description> - <Order>12</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net stop winrm </CommandLine> - <Description>Stop Win RM Service </Description> - <Order>13</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine> - <Description>Win RM Autostart</Description> - <Order>14</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net start winrm</CommandLine> - <Description>Start Win RM Service</Description> - <Order>15</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>16</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> - <settings pass="specialize"> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <!-- Disable IE ESC. --> - <IEHardenAdmin>false</IEHardenAdmin> - <IEHardenUser>false</IEHardenUser> - </component> - <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> - <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> - </component> - </settings> -</unattend> diff --git a/packer_templates/win_answer_files/2016/Autounattend.xml b/packer_templates/win_answer_files/2016/Autounattend.xml index 7b2f80ba8..f58062063 100644 --- a/packer_templates/win_answer_files/2016/Autounattend.xml +++ b/packer_templates/win_answer_files/2016/Autounattend.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> <!-- This makes the VirtIO drivers available to Windows, assuming that the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso @@ -12,45 +12,36 @@ <PathAndCredentials wcm:action="add" wcm:keyValue="2"> <Path>E:\viostor\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> <Path>E:\NetKVM\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> <Path>E:\Balloon\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> <Path>E:\pvpanic\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> <Path>E:\qemupciserial\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> <Path>E:\qxldod\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> <Path>E:\vioinput\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> <Path>E:\viorng\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> <Path>E:\vioscsi\2k16\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> <Path>E:\vioserial\2k16\amd64</Path> </PathAndCredentials> </DriverPaths> </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> @@ -60,14 +51,14 @@ <UILanguageFallback>en-US</UILanguageFallback> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> <CreatePartition wcm:action="add"> <Type>Primary</Type> <Order>1</Order> - <Size>350</Size> + <Size>100</Size> </CreatePartition> <CreatePartition wcm:action="add"> <Order>2</Order> @@ -85,7 +76,7 @@ </ModifyPartition> <ModifyPartition wcm:action="add"> <Format>NTFS</Format> - <Label>Windows 2016</Label> + <Label>Windows</Label> <Letter>C</Letter> <Order>2</Order> <PartitionID>2</PartitionID> @@ -100,7 +91,7 @@ <InstallFrom> <MetaData wcm:action="add"> <Key>/IMAGE/NAME</Key> - <Value>Windows Server 2016 SERVERDATACENTER</Value> + <Value>Windows Server 2016 SERVERSTANDARD</Value> </MetaData> </InstallFrom> <InstallTo> @@ -117,55 +108,63 @@ <FullName>Vagrant</FullName> <Organization>Bento by Chef Software, Inc.</Organization> </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> </component> </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> + <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>3</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> <AutoLogon> <Password> <Value>vagrant</Value> @@ -174,105 +173,98 @@ <Username>vagrant</Username> <Enabled>true</Enabled> </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine> - <Description>winrm quickconfig -q</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine> - <Description>winrm quickconfig -transport:http</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> - <Description>Win RM MaxTimoutms</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine> - <Description>Win RM MaxMemoryPerShellMB</Description> - <Order>6</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> - <Description>Win RM AllowUnencrypted</Description> - <Order>7</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> - <Description>Win RM auth Basic</Description> - <Order>8</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> - <Description>Win RM client auth Basic</Description> - <Order>9</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine> - <Description>Win RM listener Address/Port</Description> - <Order>10</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine> - <Description>Win RM adv firewall enable</Description> - <Order>11</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine> - <Description>Win RM port open</Description> - <Order>12</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net stop winrm </CommandLine> - <Description>Stop Win RM Service </Description> - <Order>13</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine> - <Description>Win RM Autostart</Description> - <Order>14</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net start winrm</CommandLine> - <Description>Start Win RM Service</Description> - <Order>15</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>16</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> <settings pass="specialize"> <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> @@ -285,5 +277,36 @@ <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> </settings> </unattend> diff --git a/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend 2.xml b/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend 2.xml new file mode 100644 index 000000000..64579c515 --- /dev/null +++ b/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend 2.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k16\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2016 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend.xml b/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend.xml new file mode 100644 index 000000000..64579c515 --- /dev/null +++ b/packer_templates/win_answer_files/2016/hyperv-gen2/Autounattend.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k16\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k16\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2016 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2019/Autounattend.xml b/packer_templates/win_answer_files/2019/Autounattend.xml index 4dd84f9de..041dccbef 100644 --- a/packer_templates/win_answer_files/2019/Autounattend.xml +++ b/packer_templates/win_answer_files/2019/Autounattend.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> <!-- This makes the VirtIO drivers available to Windows, assuming that the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso @@ -12,45 +12,36 @@ <PathAndCredentials wcm:action="add" wcm:keyValue="2"> <Path>E:\viostor\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> <Path>E:\NetKVM\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> <Path>E:\Balloon\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> <Path>E:\pvpanic\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> <Path>E:\qemupciserial\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> <Path>E:\qxldod\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> <Path>E:\vioinput\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> <Path>E:\viorng\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> <Path>E:\vioscsi\2k19\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> <Path>E:\vioserial\2k19\amd64</Path> </PathAndCredentials> </DriverPaths> </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> @@ -60,14 +51,14 @@ <UILanguageFallback>en-US</UILanguageFallback> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> <CreatePartition wcm:action="add"> <Type>Primary</Type> <Order>1</Order> - <Size>350</Size> + <Size>100</Size> </CreatePartition> <CreatePartition wcm:action="add"> <Order>2</Order> @@ -85,7 +76,7 @@ </ModifyPartition> <ModifyPartition wcm:action="add"> <Format>NTFS</Format> - <Label>Windows 2019</Label> + <Label>Windows</Label> <Letter>C</Letter> <Order>2</Order> <PartitionID>2</PartitionID> @@ -100,7 +91,7 @@ <InstallFrom> <MetaData wcm:action="add"> <Key>/IMAGE/NAME</Key> - <Value>Windows Server 2019 SERVERDATACENTER</Value> + <Value>Windows Server 2019 SERVERSTANDARD</Value> </MetaData> </InstallFrom> <InstallTo> @@ -117,55 +108,63 @@ <FullName>Vagrant</FullName> <Organization>Bento by Chef Software, Inc.</Organization> </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> </component> </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> + <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>3</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> <AutoLogon> <Password> <Value>vagrant</Value> @@ -174,105 +173,98 @@ <Username>vagrant</Username> <Enabled>true</Enabled> </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine> - <Description>winrm quickconfig -q</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine> - <Description>winrm quickconfig -transport:http</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> - <Description>Win RM MaxTimoutms</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine> - <Description>Win RM MaxMemoryPerShellMB</Description> - <Order>6</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> - <Description>Win RM AllowUnencrypted</Description> - <Order>7</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> - <Description>Win RM auth Basic</Description> - <Order>8</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> - <Description>Win RM client auth Basic</Description> - <Order>9</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine> - <Description>Win RM listener Address/Port</Description> - <Order>10</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine> - <Description>Win RM adv firewall enable</Description> - <Order>11</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine> - <Description>Win RM port open</Description> - <Order>12</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net stop winrm </CommandLine> - <Description>Stop Win RM Service </Description> - <Order>13</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine> - <Description>Win RM Autostart</Description> - <Order>14</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net start winrm</CommandLine> - <Description>Start Win RM Service</Description> - <Order>15</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>16</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> <settings pass="specialize"> <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> @@ -285,5 +277,36 @@ <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> </settings> </unattend> diff --git a/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend 2.xml b/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend 2.xml new file mode 100644 index 000000000..58f6821a7 --- /dev/null +++ b/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend 2.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k19\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2019 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend.xml b/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend.xml new file mode 100644 index 000000000..58f6821a7 --- /dev/null +++ b/packer_templates/win_answer_files/2019/hyperv-gen2/Autounattend.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k19\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k19\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2019 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2022/Autounattend.xml b/packer_templates/win_answer_files/2022/Autounattend.xml index 82ceb0b89..929915b8c 100644 --- a/packer_templates/win_answer_files/2022/Autounattend.xml +++ b/packer_templates/win_answer_files/2022/Autounattend.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> -<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <settings pass="windowsPE"> - <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> <!-- This makes the VirtIO drivers available to Windows, assuming that the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso @@ -12,45 +12,36 @@ <PathAndCredentials wcm:action="add" wcm:keyValue="2"> <Path>E:\viostor\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="3"> <Path>E:\NetKVM\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="4"> <Path>E:\Balloon\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="5"> <Path>E:\pvpanic\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="6"> <Path>E:\qemupciserial\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="7"> <Path>E:\qxldod\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="8"> <Path>E:\vioinput\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="9"> <Path>E:\viorng\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="10"> <Path>E:\vioscsi\2k22\amd64</Path> </PathAndCredentials> - <PathAndCredentials wcm:action="add" wcm:keyValue="11"> <Path>E:\vioserial\2k22\amd64</Path> </PathAndCredentials> </DriverPaths> </component> - <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> @@ -60,14 +51,14 @@ <UILanguageFallback>en-US</UILanguageFallback> <UserLocale>en-US</UserLocale> </component> - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> <CreatePartition wcm:action="add"> <Type>Primary</Type> <Order>1</Order> - <Size>350</Size> + <Size>100</Size> </CreatePartition> <CreatePartition wcm:action="add"> <Order>2</Order> @@ -85,7 +76,7 @@ </ModifyPartition> <ModifyPartition wcm:action="add"> <Format>NTFS</Format> - <Label>Windows 2022</Label> + <Label>Windows</Label> <Letter>C</Letter> <Order>2</Order> <PartitionID>2</PartitionID> @@ -100,7 +91,7 @@ <InstallFrom> <MetaData wcm:action="add"> <Key>/IMAGE/NAME</Key> - <Value>Windows Server 2022 SERVERDATACENTER</Value> + <Value>Windows Server 2022 SERVERSTANDARD</Value> </MetaData> </InstallFrom> <InstallTo> @@ -117,55 +108,63 @@ <FullName>Vagrant</FullName> <Organization>Bento by Chef Software, Inc.</Organization> </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> </component> </settings> - <settings pass="generalize"> - <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <SkipRearm>1</SkipRearm> - </component> - <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> - <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> - </component> - </settings> - <settings pass="oobeSystem"> - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <InputLocale>en-US</InputLocale> - <SystemLocale>en-US</SystemLocale> - <UILanguage>en-US</UILanguage> - <UserLocale>en-US</UserLocale> - </component> - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> - <NetworkLocation>Home</NetworkLocation> + <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>3</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> </OOBE> - <TimeZone>UTC</TimeZone> - <UserAccounts> - <AdministratorPassword> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </AdministratorPassword> - <LocalAccounts> - <LocalAccount wcm:action="add"> - <Password> - <Value>vagrant</Value> - <PlainText>true</PlainText> - </Password> - <Description>Vagrant User</Description> - <DisplayName>vagrant</DisplayName> - <Group>administrators</Group> - <Name>vagrant</Name> - </LocalAccount> - </LocalAccounts> - </UserAccounts> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> <AutoLogon> <Password> <Value>vagrant</Value> @@ -174,105 +173,98 @@ <Username>vagrant</Username> <Enabled>true</Enabled> </AutoLogon> - <FirstLogonCommands> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 64 Bit</Description> - <Order>1</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> - <Description>Set Execution Policy 32 Bit</Description> - <Order>2</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine> - <Description>winrm quickconfig -q</Description> - <Order>3</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine> - <Description>winrm quickconfig -transport:http</Description> - <Order>4</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> - <Description>Win RM MaxTimoutms</Description> - <Order>5</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="800"}</CommandLine> - <Description>Win RM MaxMemoryPerShellMB</Description> - <Order>6</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> - <Description>Win RM AllowUnencrypted</Description> - <Order>7</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> - <Description>Win RM auth Basic</Description> - <Order>8</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> - <Description>Win RM client auth Basic</Description> - <Order>9</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine> - <Description>Win RM listener Address/Port</Description> - <Order>10</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine> - <Description>Win RM adv firewall enable</Description> - <Order>11</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985" </CommandLine> - <Description>Win RM port open</Description> - <Order>12</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net stop winrm </CommandLine> - <Description>Stop Win RM Service </Description> - <Order>13</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c sc config winrm start= auto</CommandLine> - <Description>Win RM Autostart</Description> - <Order>14</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c net start winrm</CommandLine> - <Description>Start Win RM Service</Description> - <Order>15</Order> - <RequiresUserInput>true</RequiresUserInput> - </SynchronousCommand> - <SynchronousCommand wcm:action="add"> - <CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> - <Order>16</Order> - <Description>Disable password expiration for vagrant user</Description> - </SynchronousCommand> - </FirstLogonCommands> - </component> - </settings> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> <settings pass="specialize"> <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> @@ -285,5 +277,36 @@ <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> </settings> </unattend> diff --git a/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend 2.xml b/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend 2.xml new file mode 100644 index 000000000..ecfca3ebe --- /dev/null +++ b/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend 2.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k22\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2022 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend.xml b/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend.xml new file mode 100644 index 000000000..ecfca3ebe --- /dev/null +++ b/packer_templates/win_answer_files/2022/hyperv-gen2/Autounattend.xml @@ -0,0 +1,332 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-PnpCustomizationsWinPE" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="amd64"> + <!-- + This makes the VirtIO drivers available to Windows, assuming that + the VirtIO driver disk at https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso + (see https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html#virtio-win-direct-downloads) + is available as drive E: + --> + <DriverPaths> + <PathAndCredentials wcm:action="add" wcm:keyValue="2"> + <Path>F:\viostor\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="3"> + <Path>F:\NetKVM\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="4"> + <Path>F:\Balloon\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="5"> + <Path>F:\pvpanic\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="6"> + <Path>F:\qemupciserial\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="7"> + <Path>F:\qxldod\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="8"> + <Path>F:\vioinput\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="9"> + <Path>F:\viorng\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="10"> + <Path>F:\vioscsi\2k22\amd64</Path> + </PathAndCredentials> + <PathAndCredentials wcm:action="add" wcm:keyValue="11"> + <Path>F:\vioserial\2k22\amd64</Path> + </PathAndCredentials> + </DriverPaths> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UILanguageFallback>en-US</UILanguageFallback> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DiskConfiguration> + <Disk wcm:action="add"> + <CreatePartitions> + <CreatePartition wcm:action="add"> + <Order>1</Order> + <Size>350</Size> + <Type>Primary</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>2</Order> + <Size>100</Size> + <Type>EFI</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>3</Order> + <Size>128</Size> + <Type>MSR</Type> + </CreatePartition> + <CreatePartition wcm:action="add"> + <Order>4</Order> + <Extend>true</Extend> + <Type>Primary</Type> + </CreatePartition> + </CreatePartitions> + <ModifyPartitions> + <ModifyPartition wcm:action="add"> + <Order>1</Order> + <PartitionID>1</PartitionID> + <Label>WINRE</Label> + <Format>NTFS</Format> + <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>2</Order> + <PartitionID>2</PartitionID> + <Label>System</Label> + <Format>FAT32</Format> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>3</Order> + <PartitionID>3</PartitionID> + </ModifyPartition> + <ModifyPartition wcm:action="add"> + <Order>4</Order> + <PartitionID>4</PartitionID> + <Label>Windows</Label> + <Format>NTFS</Format> + </ModifyPartition> + </ModifyPartitions> + <DiskID>0</DiskID> + <WillWipeDisk>true</WillWipeDisk> + </Disk> + <WillShowUI>OnError</WillShowUI> + </DiskConfiguration> + <ImageInstall> + <OSImage> + <InstallFrom> + <MetaData wcm:action="add"> + <Key>/IMAGE/NAME</Key> + <Value>Windows Server 2022 SERVERSTANDARD</Value> + </MetaData> + </InstallFrom> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>4</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <WillShowUI>OnError</WillShowUI> + </ProductKey> + <AcceptEula>true</AcceptEula> + <FullName>Vagrant</FullName> + <Organization>Bento by Chef Software, Inc.</Organization> + </UserData> + <DynamicUpdate> + <Enable>false</Enable> + </DynamicUpdate> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + <VMModeOptimizations> + <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval> + <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange> + <SkipWinREInitialization>true</SkipWinREInitialization> + </VMModeOptimizations> + </OOBE> + <TimeZone>UTC</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Description>Vagrant User</Description> + <DisplayName>vagrant</DisplayName> + <Group>administrators</Group> + <Name>vagrant</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Password> + <Value>vagrant</Value> + <PlainText>true</PlainText> + </Password> + <Username>vagrant</Username> + <Enabled>true</Enabled> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>%windir%\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory "Private"</CommandLine> + <Description>Sets detected network connections to private to allow start of winrm</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <CommandLine>%windir%\System32\WindowsPowerShell\v1.0\powershell.exe -Command Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any</CommandLine> + <Description>Allows winrm over public profile interfaces</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -q</CommandLine> + <Description>winrm quickconfig -q</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm quickconfig -transport:http</CommandLine> + <Description>winrm quickconfig -transport:http</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine> + <Description>Win RM MaxTimoutms</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="2048"}</CommandLine> + <Description>Win RM MaxMemoryPerShellMB</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine> + <Description>Win RM AllowUnencrypted</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>10</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine> + <Description>Win RM auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>11</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine> + <Description>Win RM client auth Basic</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>12</Order> + <CommandLine>%windir%\System32\cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"}</CommandLine> + <Description>Win RM listener Address/Port</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>13</Order> + <CommandLine>%windir%\System32\cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"</CommandLine> + <Description>Win RM port open</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>14</Order> + <CommandLine>%windir%\System32\cmd.exe /c net stop winrm</CommandLine> + <Description>Stop Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>15</Order> + <CommandLine>%windir%\System32\cmd.exe /c sc config winrm start= auto</CommandLine> + <Description>Win RM Autostart</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>16</Order> + <CommandLine>%windir%\System32\cmd.exe /c net start winrm</CommandLine> + <Description>Start Win RM Service</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>17</Order> + <CommandLine>%windir%\System32\cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine> + <Description>Disable password expiration for vagrant user</Description> + </SynchronousCommand> + </FirstLogonCommands> + </component> + <component name="Microsoft-Windows-WinRE-RecoveryAgent" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UninstallWindowsRE>true</UninstallWindowsRE> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon> + </component> + <component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <!-- Disable IE ESC. --> + <IEHardenAdmin>false</IEHardenAdmin> + <IEHardenUser>false</IEHardenUser> + </component> + <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon> + </component> + <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisableSR>1</DisableSR> + </component> + <component name="Microsoft-Windows-SystemSettingsThreshold" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <DisplayNetworkSelection>false</DisplayNetworkSelection> + </component> + <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <FirewallGroups> + <FirewallGroup wcm:action="add" wcm:keyValue="WindowsRemoteManagement"> + <Active>true</Active> + <Group>Windows Remote Management</Group> + <Profile>all</Profile> + </FirewallGroup> + <FirewallGroup wcm:action="add" wcm:keyValue="RemoteAdministration"> + <Active>true</Active> + <Group>Remote Administration</Group> + <Profile>all</Profile> + </FirewallGroup> + </FirewallGroups> + </component> + <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <CEIPEnabled>0</CEIPEnabled> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SkipAutoActivation>true</SkipAutoActivation> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend>