https://github.com/ukhomeoffice/dq-packer-ops-win-bastion

https://github.com/ukhomeoffice/dq-packer-ops-win-bastion

hodq packer

Last synced: 20 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/ukhomeoffice/dq-packer-ops-win-bastion
• Owner: UKHomeOffice
• License: mit
• Created: 2018-02-05T08:44:42.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2023-12-14T15:15:54.000Z (over 1 year ago)
• Last Synced: 2025-02-16T21:26:22.690Z (4 months ago)
• Topics: hodq, packer
• Language: PowerShell
• Size: 146 KB
• Stars: 0
• Watchers: 17
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING
  • License: LICENSE

Awesome Lists containing this project

README

        
# dq-packer-ops-win-bastion

This AMI is used as a bastion/jump box and has got various tools installed required to manage various services within the DQ environment.

## Features

### `packer.json`

Packer creates an AMI based on a vanilla AWS Windows Server 2019 image (with EC2Launch v2 - the latest version at present).

Packer uses Ansible to configure (provision) the target machine.

Ansible connects without proxy (the approach currently recommended by Hashicorp).

Ansible connects to Windows Remote Manager (WinRM) on the target machine.

Packer uses Powershell to further configure and Sysprep the target machine (to allow it to be reused to spin up other machines).

### `playbook.yml`

Ansible playbook installing the following:

- PSTools

- Chocolatey package manager

- Python2.7

- Python3.9

- VSCode

- DBeaver

- Google Chrome

- Putty

- AWS CLI

- AWS Toolkit for Powershell

- PGAdmin4

- Notepad++

- Microsoft SQL Management Studio

### `connection_plugins` (Removed)

Hashicorp now recommends _directly_ connecting Packer (with the WinRM Communicator) from the Control Node (Drone) to the Target Node being configured (Packer Builder EC2 Instance) rather than via the Communicator proxy provided by the connection plugin. 


If the proxy is to be used the latest version of `packer.py` must be downloaded from https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/connection/ssh.py

#### `scripts`

- `disable-esc-and-iac.ps1` turn off annoying Windows pop-ups (Internet Explorer Enhanced Security Configuration)

- `born-in-the-UK.ps1` helper script for end users to run - to configure their account settings to UK/British (not default US/USA)

- `monitor_stopped_win_services.ps1` checks if there are any service in the *stopped* state where they are set to *automatic* startup

- `setupwrm.ps1` enable WRM service so packer can interact with the instance

- `sysprep-bundleconfig.ps1` turn on sysprep using a custom xml config file

- `sysprep-ec2config.ps1` add EC2 specific sysprep values

## Deploying / Publishing

Drone is needed to deploy with `.drone.yml` file

## Contributing

If you'd like to contribute, please fork the repository and use a feature

branch. Pull requests are warmly welcome.

More information in [`CONTRIBUTING`](./CONTRIBUTING)

## Licensing

The code in this project is licensed under this [`LICENSE`](./LICENSE)