You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
86 lines
3.2 KiB
Plaintext
86 lines
3.2 KiB
Plaintext
function Set-AdminPassword {
|
|
param (
|
|
[string]$adminPassword
|
|
)
|
|
# Set admin password
|
|
Get-LocalUser -Name "${admin_username}" | Set-LocalUser -Password (ConvertTo-SecureString -AsPlainText $adminPassword -Force)
|
|
# Enable admin user
|
|
Get-LocalUser -Name "${admin_username}" | Enable-LocalUser
|
|
}
|
|
|
|
function Configure-RDP {
|
|
# Enable RDP
|
|
New-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0 -PropertyType DWORD -Force
|
|
# Disable NLA
|
|
New-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name "UserAuthentication" -Value 0 -PropertyType DWORD -Force
|
|
New-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name "SecurityLayer" -Value 1 -PropertyType DWORD -Force
|
|
# Enable RDP through Windows Firewall
|
|
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
|
|
}
|
|
|
|
function Install-DevolutionsGateway {
|
|
# Define the module name and version
|
|
$moduleName = "DevolutionsGateway"
|
|
$moduleVersion = "2024.1.5"
|
|
|
|
# Install the module with the specified version for all users
|
|
# This requires administrator privileges
|
|
try {
|
|
# Install-PackageProvider is required for AWS. Need to set command to
|
|
# terminate on failure so that try/catch actually triggers
|
|
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -ErrorAction Stop
|
|
Install-Module -Name $moduleName -RequiredVersion $moduleVersion -Force
|
|
}
|
|
catch {
|
|
# If the first command failed, assume that we're on GCP and run
|
|
# Install-Module only
|
|
Install-Module -Name $moduleName -RequiredVersion $moduleVersion -Force
|
|
}
|
|
|
|
# Construct the module path for system-wide installation
|
|
$moduleBasePath = "C:\Windows\system32\config\systemprofile\Documents\PowerShell\Modules\$moduleName\$moduleVersion"
|
|
$modulePath = Join-Path -Path $moduleBasePath -ChildPath "$moduleName.psd1"
|
|
|
|
# Import the module using the full path
|
|
Import-Module $modulePath
|
|
Install-DGatewayPackage
|
|
|
|
# Configure Devolutions Gateway
|
|
$Hostname = "localhost"
|
|
$HttpListener = New-DGatewayListener 'http://*:7171' 'http://*:7171'
|
|
$WebApp = New-DGatewayWebAppConfig -Enabled $true -Authentication None
|
|
$ConfigParams = @{
|
|
Hostname = $Hostname
|
|
Listeners = @($HttpListener)
|
|
WebApp = $WebApp
|
|
}
|
|
Set-DGatewayConfig @ConfigParams
|
|
New-DGatewayProvisionerKeyPair -Force
|
|
|
|
# Configure and start the Windows service
|
|
Set-Service 'DevolutionsGateway' -StartupType 'Automatic'
|
|
Start-Service 'DevolutionsGateway'
|
|
}
|
|
|
|
function Patch-Devolutions-HTML {
|
|
$root = "C:\Program Files\Devolutions\Gateway\webapp\client"
|
|
$devolutionsHtml = "$root\index.html"
|
|
$patch = '<script defer id="coder-patch" src="coder.js"></script>'
|
|
|
|
# Always copy the file in case we change it.
|
|
@'
|
|
${patch_file_contents}
|
|
'@ | Set-Content "$root\coder.js"
|
|
|
|
# Only inject the src if we have not before.
|
|
$isPatched = Select-String -Path "$devolutionsHtml" -Pattern "$patch" -SimpleMatch
|
|
if ($isPatched -eq $null) {
|
|
(Get-Content $devolutionsHtml).Replace('</app-root>', "</app-root>$patch") | Set-Content $devolutionsHtml
|
|
}
|
|
}
|
|
|
|
Set-AdminPassword -adminPassword "${admin_password}"
|
|
Configure-RDP
|
|
Install-DevolutionsGateway
|
|
Patch-Devolutions-HTML
|