trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #254 from Selora/libvirt_provider

Browse Source 
Libvirt provider
This commit is contained in:
Chris Long
2020-02-17 14:51:36 -08:00
committed by GitHub
parent 5675ae42cc 2bd2f20776
commit f3c40e84b5
10 changed files with 867 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
LIBVIRT_README.md Normal file
View File

@@ -0,0 +1,55 @@
# Detection Lab Libvirt build
## Intro
This page contains the instruction to build DetectionLab for Qemu/LibVirt. This is the provider for you *if*:
* You are familiar with LibVirt, virt-manager and Qemu and prefer this software stack instead of VirtualBox
* You are willing to spend a bit more time thinkering with the build process as it is less hands-off than the official DetectionLab
A [step-by-step guide is available here](https://selorasec.wordpress.com/2019/12/03/ad-in-a-box-for-pocs-and-iocs-on-the-cheap-detectionlab-on-libvirt/#Setting_Up_Vagrant).
## Prequisite
### LibVirt
The `libvirt` and `virt-manager` installation walkthrough and documentation is out of scope of this project. To follow along, you need an already working installation of `libvirt`, `virt-manager`, and `QEMU+kvm`.
### Packer
1. The [Virtio drivers](https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/) ISO needs to be location in the `DetectionLab/Packer/` directory.
* This is a direct [link to the latest version of the virtio drivers ISO](https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/latest-virtio/virtio-win.iso).
* There's also a "stable" version available [here](https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso).
2. Edit the windows_X.json files
* Make sure the following user-defined variables are pointing to the right thing:
* `virtio_win_iso` : The ISO containing thethe lastest VirtIO drivers
* `packer_build_dir` : Where to output the QCOW2 images. It's a temporary directory, the .box files will still be in DetectionLab/Packer
3. Build the images
```
env TMPDIR=/path/to/large/storage/ PACKER_LOG=1 PACKER_LOG_PATH="packer_build.log" packer build --only=qemu windows_2016.json
env TMPDIR=/path/to/large/storage/ PACKER_LOG=1 PACKER_LOG_PATH="packer_build.log" packer build --only=qemu windows_10.json
```
### Vagrant
1. Install the necessary plugins:
* `vagrant plugin install vagrant-reload vagrant-libvirt vagrant-winrm-syncedfolders`
* See the guide for ubuntu as the vagrant packages comes with a ton on unofficial & outdated plugins that will cause problems
2. Add the previously built windows .box files
* `vagrant box add windows_10_libvirt.box --name windows_10_libvirt`
* `vagrant box add windows_2016_libvirt.box --name windows_2016_libvirt`
3. Build: `vagrant up --provider libvirt --no-parallel --provision`
#### Notes:
The libvirt builder is highly experimental. This sections describes the tradeoffs and the differences between the vanilla DetectionLab.
- No pre-built images and integration with the build.sh script for now. This means building the Windows base boxes with Packer (> 1h) and provisioning with Vagrant manually (> 1h). Fortunately, the process is relatively straightforward.
- The boxes will have two network adapters
The vagrant-libvirt provider works by binding to a "management" network adapter IP addresses. The way vagrant finds the VM's IP address is by probing the dnsmasq lease file of libvirt's host. There's probably a better way, but this is the best I could do that just works (tm) so far. Here's what the configuration looks like:
* Management Network: Isolated network, no NAT, no internet access, with DHCP.
* Detectionlab Network: 192.168.38.0/24, with NAT, with internet access, with DHCP.
- The synced folder is using an old, slow and buggy plugin. While this barely works, it's enough to push the provisioning scripts to the Windows instances. Any modifications to the `vm.synced_folder` in the VagrantFile libvirt provider will likely break the provisionning process
- The graphical and input settings assume the use of virt-manager with the SPICE viewer on Windows and the VNC viewer on Linux (logger). The spice agent for copy/pasting and other quality of life improvement, like auto-resolution changes is *NOT* installed on the Windows hosts. *Guacamole* is a better way to access your VMs.

275
Packer/answer_files/10_virtio/Autounattend.xml Executable file
View File

@@ -0,0 +1,275 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<servicing/>
<settings pass="windowsPE">
<component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DriverPaths>
<PathAndCredentials wcm:keyValue="1" wcm:action="add">
<Path>E:\viostor\w10\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="2" wcm:action="add">
<Path>E:\vioscsi\w10\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="3" wcm:action="add">
<Path>E:\NetKVM\w10\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="4" wcm:action="add">
<Path>E:\Baloon\w10\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="5" wcm:action="add">
<Path>E:\pvpanic\w10\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="6" wcm:action="add">
<Path>E:\qxldod\w10\amd64</Path>
</PathAndCredentials>
</DriverPaths>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Extend>false</Extend>
<Format>NTFS</Format>
<Letter>C</Letter>
<Order>1</Order>
<PartitionID>1</PartitionID>
<Label>Windows 10</Label>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
<WillShowUI>OnError</WillShowUI>
</DiskConfiguration>
<UserData>
<AcceptEula>true</AcceptEula>
<FullName>Vagrant</FullName>
<Organization>Vagrant</Organization>
<!--
NOTE: If you are re-configuring this for use of a retail key
and using a retail ISO, you need to adjust the <ProductKey> block
below to look like this:
<ProductKey>
<Key>W269N-WFGWX-YVC9B-4J6C9-T83GX</Key>
<WillShowUI>Never</WillShowUI>
</ProductKey>
Notice the addition of the `<Key>` element.
-->
<!-- Product Key from http://technet.microsoft.com/en-us/library/jj612867.aspx -->
<ProductKey>NPPR9-FWDCX-D2C8J-H872K-2YT43
<WillShowUI>Never</WillShowUI>
</ProductKey>
</UserData>
<ImageInstall>
<OSImage>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>1</PartitionID>
</InstallTo>
<WillShowUI>OnError</WillShowUI>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Windows 10 Enterprise Evaluation</Value>
</MetaData>
</InstallFrom>
</OSImage>
</ImageInstall>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAccounts>
<AdministratorPassword>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Description>Vagrant User</Description>
<DisplayName>vagrant</DisplayName>
<Group>administrators</Group>
<Name>vagrant</Name>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<AutoLogon>
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Username>vagrant</Username>
<Enabled>true</Enabled>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 64 Bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 32 Bit</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine>
<Description>Network prompt</Description>
<Order>3</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\fixnetwork.ps1</CommandLine>
<Description>Fix public network</Description>
<Order>4</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-winrm.ps1</CommandLine>
<Description>Disable WinRM</Description>
<Order>5</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine>
<Order>6</Order>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine>
<Order>7</Order>
<Description>Enable QuickEdit mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine>
<Order>8</Order>
<Description>Show Run command in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine>
<Order>9</Order>
<Description>Show Administrative Tools in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine>
<Order>10</Order>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine>
<Order>11</Order>
<Description>Disable Hibernation Mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
<Order>12</Order>
<Description>Disable password expiration for vagrant user</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "vagrant" /f</CommandLine>
<Order>13</Order>
<Description>Enable AutoLogon</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f</CommandLine>
<Order>14</Order>
<Description>Enable AutoLogon</Description>
</SynchronousCommand>
<!-- WITHOUT WINDOWS UPDATES -->
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\enable-winrm.ps1</CommandLine>
<Description>Enable WinRM</Description>
<Order>99</Order>
</SynchronousCommand>
<!-- END WITHOUT WINDOWS UPDATES -->
<!-- WITH WINDOWS UPDATES -->
<!--
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c a:\microsoft-updates.bat</CommandLine>
<Order>98</Order>
<Description>Enable Microsoft Updates</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-screensaver.ps1</CommandLine>
<Description>Disable Screensaver</Description>
<Order>99</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1</CommandLine>
<Description>Install Windows Updates</Description>
<Order>100</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
-->
<!-- END WITH WINDOWS UPDATES -->
</FirstLogonCommands>
<ShowWindowsLive>false</ShowWindowsLive>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<OEMInformation>
<HelpCustomized>false</HelpCustomized>
</OEMInformation>
<!-- Rename computer here. -->
<ComputerName>vagrant-10</ComputerName>
<TimeZone>Pacific Standard Time</TimeZone>
<RegisteredOwner/>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name="Security-Malware-Windows-Defender" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DisableAntiSpyware>true</DisableAntiSpyware>
</component>
</settings>
<cpi:offlineImage xmlns:cpi="urn:schemas-microsoft-com:cpi" cpi:source="catalog:d:/sources/install_windows 7 ENTERPRISE.clg"/>
</unattend>

271
Packer/answer_files/2016_virtio/Autounattend.xml Executable file
View File

@@ -0,0 +1,271 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DriverPaths>
<PathAndCredentials wcm:keyValue="1" wcm:action="add">
<Path>E:\viostor\2k16\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="2" wcm:action="add">
<Path>E:\vioscsi\2k16\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="3" wcm:action="add">
<Path>E:\NetKVM\2k16\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="4" wcm:action="add">
<Path>E:\Baloon\2k16\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="5" wcm:action="add">
<Path>E:\pvpanic\2k16\amd64</Path>
</PathAndCredentials>
<PathAndCredentials wcm:keyValue="6" wcm:action="add">
<Path>E:\qxldod\2k16\amd64</Path>
</PathAndCredentials>
</DriverPaths>
</component>
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Type>Primary</Type>
<Order>1</Order>
<Size>350</Size>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>2</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Active>true</Active>
<Format>NTFS</Format>
<Label>boot</Label>
<Order>1</Order>
<PartitionID>1</PartitionID>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Format>NTFS</Format>
<Label>Windows 2016</Label>
<Letter>C</Letter>
<Order>2</Order>
<PartitionID>2</PartitionID>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Windows Server 2016 SERVERSTANDARD</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>2</PartitionID>
</InstallTo>
</OSImage>
</ImageInstall>
<UserData>
<!-- Product Key from https://www.microsoft.com/de-de/evalcenter/evaluate-windows-server-technical-preview?i=1 -->
<ProductKey>
<!-- Do not uncomment the Key element if you are using trial ISOs -->
<!-- You must uncomment the Key element (and optionally insert your own key) if you are using retail or volume license ISOs -->
<!-- <Key>6XBNX-4JQGW-QX6QG-74P76-72V67</Key> -->
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
<FullName>Vagrant</FullName>
<Organization>Vagrant</Organization>
</UserData>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OEMInformation>
<HelpCustomized>false</HelpCustomized>
</OEMInformation>
<ComputerName>vagrant-2016</ComputerName>
<TimeZone>Pacific Standard Time</TimeZone>
<RegisteredOwner/>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
<component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<IEHardenAdmin>false</IEHardenAdmin>
<IEHardenUser>false</IEHardenUser>
</component>
<component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
</component>
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Description>Set Execution Policy 64 Bit</Description>
<Path>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Description>Set Execution Policy 32 Bit</Description>
<Path>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>3</Order>
<Description>Disable WinRM</Description>
<Path>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-winrm.ps1</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Enabled>true</Enabled>
<Username>vagrant</Username>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 64 Bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 32 Bit</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-winrm.ps1</CommandLine>
<Description>Disable WinRM</Description>
<Order>3</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine>
<Order>4</Order>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine>
<Order>5</Order>
<Description>Enable QuickEdit mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine>
<Order>6</Order>
<Description>Show Run command in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine>
<Order>7</Order>
<Description>Show Administrative Tools in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine>
<Order>8</Order>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine>
<Order>9</Order>
<Description>Disable Hibernation Mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
<Order>10</Order>
<Description>Disable password expiration for vagrant user</Description>
</SynchronousCommand>
<!-- WITHOUT WINDOWS UPDATES -->
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\enable-winrm.ps1</CommandLine>
<Description>Enable WinRM</Description>
<Order>99</Order>
</SynchronousCommand>
<!-- END WITHOUT WINDOWS UPDATES -->
<!-- WITH WINDOWS UPDATES -->
<!--
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c a:\microsoft-updates.bat</CommandLine>
<Order>98</Order>
<Description>Enable Microsoft Updates</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\disable-screensaver.ps1</CommandLine>
<Description>Disable Screensaver</Description>
<Order>99</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1</CommandLine>
<Description>Install Windows Updates</Description>
<Order>100</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
-->
<!-- END WITH WINDOWS UPDATES -->
</FirstLogonCommands>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Group>administrators</Group>
<DisplayName>Vagrant</DisplayName>
<Name>vagrant</Name>
<Description>Vagrant User</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<RegisteredOwner />
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:c:/wim/install.wim#Windows Server 2012 R2 SERVERSTANDARD" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

49
Packer/answer_files/2016_virtio/Autounattend_sysprep.xml Executable file
View File

@@ -0,0 +1,49 @@
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="generalize">
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>0</SkipRearm>
</component>
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>false</PersistAllDeviceInstalls>
<DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OOBE>
<HideEULAPage>true</HideEULAPage>
<ProtectYourPC>1</ProtectYourPC>
<NetworkLocation>Home</NetworkLocation>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
</OOBE>
<TimeZone>UTC</TimeZone>
<UserAccounts>
<AdministratorPassword>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Group>administrators</Group>
<DisplayName>Vagrant</DisplayName>
<Name>vagrant</Name>
<Description>Vagrant User</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
</component>
</settings>
<settings pass="specialize">
</settings>
</unattend>

49
Packer/windows_10.json
View File

@@ -1,6 +1,50 @@
{
"builders": [
{
"type": "qemu",
"vm_name":"windows_10",
"communicator": "winrm",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": true,
"boot_wait": "6m",
"boot_command": "",
"winrm_username": "vagrant",
"winrm_password": "vagrant",
"winrm_timeout": "4h",
"shutdown_timeout": "2h",
"shutdown_command": "a:/sysprep.bat",
"accelerator": "kvm",
"disk_size": "{{user `disk_size`}}",
"output_directory": "{{ user `packer_build_dir`}}",
"qemuargs": [
[ "-m", "2048"],
[ "-smp", "2"],
[ "-drive", "file={{ user `virtio_win_iso` }},media=cdrom,index=3" ],
[ "-drive", "file={{ user `packer_build_dir`}}/{{ .Name }},if=virtio,cache=writeback,discard=ignore,format=qcow2,index=1" ]
],
"floppy_files": [
"{{user `autounattend_virtio`}}",
"./floppy/WindowsPowershell.lnk",
"./floppy/PinTo10.exe",
"./scripts/fixnetwork.ps1",
"./scripts/rearm-windows.ps1",
"./scripts/disable-screensaver.ps1",
"./scripts/disable-winrm.ps1",
"./scripts/enable-winrm.ps1",
"./scripts/microsoft-updates.bat",
"./scripts/win-updates.ps1",
"./scripts/unattend.xml",
"./scripts/sysprep.bat"
]
},
{
"type": "vmware-iso",
"vm_name":"windows_10",
"communicator": "winrm",
@@ -141,6 +185,9 @@
"iso_checksum_type": "sha256",
"iso_url": "https://software-download.microsoft.com/download/pr/18362.30.190401-1528.19h1_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso",
"autounattend": "./answer_files/10/Autounattend.xml",
"disk_size": "61440"
"disk_size": "61440",
"virtio_win_iso": "./virtio-win.iso",
"autounattend_virtio": "./answer_files/10_virtio/Autounattend.xml",
"packer_build_dir": "/media/packer_build_dir/win10"
}
}

48
Packer/windows_2016.json
View File

@@ -1,5 +1,47 @@
{
"builders": [
{
"type": "qemu",
"vm_name":"windows_10",
"communicator": "winrm",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": true,
"boot_wait": "6m",
"boot_command": "",
"winrm_username": "vagrant",
"winrm_password": "vagrant",
"winrm_timeout": "4h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"accelerator": "kvm",
"disk_size": "{{user `disk_size`}}",
"output_directory": "{{ user `packer_build_dir`}}",
"qemuargs": [
[ "-m", "2048"],
[ "-smp", "2"],
[ "-drive", "file={{ user `virtio_win_iso` }},media=cdrom,index=3" ],
[ "-drive", "file={{ user `packer_build_dir`}}/{{ .Name }},if=virtio,cache=writeback,discard=ignore,format=qcow2,index=1" ]
],
"floppy_files": [
"{{user `autounattend_virtio`}}",
"./floppy/WindowsPowershell.lnk",
"./floppy/WindowsPowershell.lnk",
"./floppy/PinTo10.exe",
"./scripts/unattend.xml",
"./scripts/sysprep.bat",
"./scripts/disable-screensaver.ps1",
"./scripts/disable-winrm.ps1",
"./scripts/enable-winrm.ps1",
"./scripts/microsoft-updates.bat",
"./scripts/win-updates.ps1"
]
},
{
"vm_name":"WindowsServer2016",
"type": "vmware-iso",
@@ -126,6 +168,10 @@
"iso_url": "https://software-download.microsoft.com/download/pr/Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO",
"iso_checksum_type": "md5",
"iso_checksum": "70721288BBCDFE3239D8F8C0FAE55F1F",
"autounattend": "./answer_files/2016/Autounattend.xml"
"disk_size": "61440",
"autounattend": "./answer_files/2016/Autounattend.xml",
"virtio_win_iso": "./virtio-win.iso",
"autounattend_virtio": "./answer_files/2016_virtio/Autounattend.xml",
"packer_build_dir": "/media/packer_build_dir/win2016"
}
}

1
Terraform/locals.tf
View File

@@ -4,4 +4,3 @@ locals {
ata_url = "https://${aws_instance.wef.public_ip}"
guacamole_url = "http://${aws_instance.logger.public_ip}:8080/guacamole"
}

98
Vagrant/Vagrantfile vendored
View File

@@ -1,7 +1,26 @@
libvirt_win10_box = "../Boxes/windows_10_libvirt.box"
libvirt_win2016_box = "../Boxes/windows_2016_libvirt.box"
Vagrant.configure("2") do |config|
config.vm.provider "libvirt" do |libvirt|
# This is required for Vagrant to properly configure the network interfaces.
# See libvirt's README section for more information
libvirt.management_network_name = "VagrantMgmt"
libvirt.management_network_address = "192.168.123.0/24"
libvirt.management_network_mode = "none"
libvirt.cpu_mode = "host-passthrough"
# Which storage pool path to use. Default to /var/lib/libvirt/images or ~/.local/share/libvirt/images depending on if you are running a system or user QEMU/KVM session.
#libvirt.storage_pool_path = '/media/storage_nvme/system_session_vm_pool'
libvirt.storage_pool_name = 'default'
end
config.vm.define "logger" do |cfg|
cfg.vm.box = "bento/ubuntu-18.04"
cfg.vm.box = "generic/ubuntu1604"
cfg.vm.hostname = "logger"
cfg.vm.provision :shell, path: "bootstrap.sh"
cfg.vm.network :private_network, ip: "192.168.38.105", gateway: "192.168.38.1", dns: "8.8.8.8"
@@ -24,6 +43,17 @@ Vagrant.configure("2") do |config|
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "vnc"
lv.video_type = "vga"
lv.input :type => "tablet", :bus => "usb"
lv.video_vram = 32768
lv.memory = 4096
lv.cpus = 2
override.vm.synced_folder './', '/vagrant', type: 'rsync'
end
end
config.vm.define "dc" do |cfg|
@@ -35,9 +65,10 @@ Vagrant.configure("2") do |config|
cfg.winrm.basic_auth_only = true
cfg.winrm.timeout = 300
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.102", gateway: "192.168.38.1"
cfg.vm.network :private_network, ip: "192.168.38.102", gateway: "192.168.38.1", dns: "8.8.8.8"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "192.168.38.102"
# Added DNS here because libvirt fails to properly configure the windows client otherwise... :(
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.102 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
@@ -77,6 +108,26 @@ Vagrant.configure("2") do |config|
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = libvirt_win2016_box
lv.video_vram = 32768
lv.memory = 3072
lv.cpus = 2
# This is NOT the right semantic for Vagrant synced folder. It's a dirty hack around :
# https://github.com/Cimpress-MCP/vagrant-winrm-syncedfolders/issues/11
# If dest is /vagrant, it'll upload in C:\vagrant\Vagrant....
# It's like 'cp /my/dir /my/dir2' vs 'cp /my/dir /my/dir2/'
#
# The Winrm synced folder plugin is also excruciatingly slow. Would gladly replace with something else
# that works with linux host and windows guest...
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
config.vm.define "wef" do |cfg|
@@ -89,7 +140,7 @@ Vagrant.configure("2") do |config|
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.103", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.103 -dns 192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.103 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", inline: "cscript c:\\windows\\system32\\slmgr.vbs -rearm", privileged: false
cfg.vm.provision "reload"
@@ -129,6 +180,25 @@ Vagrant.configure("2") do |config|
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = libvirt_win2016_box
lv.video_vram = 32768
lv.memory = 2048
lv.cpus = 2
# This is NOT the right semantic for Vagrant synced folder. It's a dirty hack around :
# https://github.com/Cimpress-MCP/vagrant-winrm-syncedfolders/issues/11
# If dest is /vagrant, it'll upload in C:\vagrant\Vagrant....
# It's like 'cp /my/dir /my/dir2' vs 'cp /my/dir /my/dir2/'
#
# The Winrm synced folder plugin is also excruciatingly slow. Would gladly replace with something else
# that works with linux host and windows guest...
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
config.vm.define "win10" do |cfg|
@@ -141,7 +211,7 @@ Vagrant.configure("2") do |config|
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.104", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.104 -dns 192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.104 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", inline: "cscript c:\\windows\\system32\\slmgr.vbs -rearm", privileged: false
@@ -178,5 +248,23 @@ Vagrant.configure("2") do |config|
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = libvirt_win10_box
lv.video_vram = 32768
lv.memory = 2048
lv.cpus = 2
# This is NOT the right semantic for Vagrant synced folder. It's a dirty hack around :
# https://github.com/Cimpress-MCP/vagrant-winrm-syncedfolders/issues/11
# If dest is /vagrant, it'll upload in C:\vagrant\Vagrant....
# It's like 'cp /my/dir /my/dir2' vs 'cp /my/dir /my/dir2/'
#
# The Winrm synced folder plugin is also excruciatingly slow. Would gladly replace with something else
# that works with linux host and windows guest...
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
end

5
Vagrant/bootstrap.sh
View File

@@ -57,6 +57,11 @@ test_prerequisites() {
}
fix_eth1_static_ip() {
USING_KVM=$(sudo lsmod | grep kvm)
if [ ! -z "$USING_KVM" ]; then
echo "[*] Using KVM, no need to fix DHCP for eth1 iface"
return 0
fi
# There's a fun issue where dhclient keeps messing with eth1 despite the fact
# that eth1 has a static IP set. We workaround this by setting a static DHCP lease.
echo -e 'interface "eth1" {

24
Vagrant/scripts/fix-second-network.ps1
View File

@@ -1,10 +1,32 @@
# Source: https://github.com/StefanScherer/adfs2
param ([String] $ip, [String] $dns)
param ([String] $ip, [String] $dns, [String] $gateway)
if ( (Get-NetAdapter | Select-Object -First 1 | Select-Object -ExpandProperty InterfaceDescription).Contains('Red Hat VirtIO')) {
Write-Host "Setting Network Configuration for LibVirt interface"
$subnet = $ip -replace "\.\d+$", ""
$name = (Get-NetIPAddress -AddressFamily IPv4 `
| Where-Object -FilterScript { ($_.IPAddress).StartsWith("$subnet") } `
).InterfaceAlias
if ($name) {
Write-Host "Set IP address to $ip of interface $name"
& netsh.exe int ip set address "$name" static $ip 255.255.255.0 "$gateway"
if ($dns) {
Write-Host "Set DNS server address to $dns of interface $name"
& netsh.exe interface ipv4 add dnsserver "$name" address=$dns index=1
}
} else {
Write-Error "Could not find a interface with subnet $subnet.xx"
}
exit 0
}
if (! (Test-Path 'C:\Program Files\VMware\VMware Tools') ) {
Write-Host "Nothing to do for other providers than VMware."
exit 0
}
Write-Host "$('[{0:HH:mm}]' -f (Get-Date))"
Write-Host "Setting IP address and DNS information for the Ethernet1 interface"
Write-Host "If this step times out, it's because vagrant is connecting to the VM on the wrong interface"