summaryrefslogtreecommitdiff
path: root/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'ansible')
-rw-r--r--ansible/main.yaml147
-rw-r--r--ansible/roles/adcs01/tasks/cleanup.yaml3
-rw-r--r--ansible/roles/adcs01/tasks/init.yaml18
-rw-r--r--ansible/roles/adcs01/tasks/install_software.yaml3
-rw-r--r--ansible/roles/adcs01/tasks/join_domain.yaml13
-rw-r--r--ansible/roles/adcs01/tasks/main.yaml40
-rw-r--r--ansible/roles/adcs01/tasks/reboot.yaml3
-rw-r--r--ansible/roles/adcs01/tasks/set_hostname.yaml2
-rw-r--r--ansible/roles/adcs01/tasks/setup_adcs.yaml7
-rw-r--r--ansible/roles/adcs01/tasks/setup_adcs_esc.yaml8
-rw-r--r--ansible/roles/dc01/tasks/set_hostname.yaml2
-rw-r--r--ansible/roles/mssql01/tasks/cleanup.yaml3
-rw-r--r--ansible/roles/mssql01/tasks/init.yaml9
-rw-r--r--ansible/roles/mssql01/tasks/install_software.yaml3
-rw-r--r--ansible/roles/mssql01/tasks/join_domain.yaml13
-rw-r--r--ansible/roles/mssql01/tasks/main.yaml34
-rw-r--r--ansible/roles/mssql01/tasks/reboot.yaml3
-rw-r--r--ansible/roles/mssql01/tasks/set_hostname.yaml2
-rw-r--r--ansible/roles/mssql01/tasks/setup_mssql.yaml7
-rw-r--r--ansible/scripts/setup-websql.ps1236
20 files changed, 515 insertions, 41 deletions
diff --git a/ansible/main.yaml b/ansible/main.yaml
index f3e6013..4e84f2e 100644
--- a/ansible/main.yaml
+++ b/ansible/main.yaml
@@ -6,57 +6,115 @@
include_role:
name: proxmox_vm
vars:
- os_type: "windows"
- template: "{{ windows_server_template_name }}"
- id: "{{ windows_server_template_id }}"
- vm: "{{ main_dc01_hostname }}.{{ main_domain_name }}"
- newid: "{{ main_dc01_vmid }}"
- vmid: "{{ main_dc01_vmid }}"
- ip: "{{ main_dc01_ip_address }}"
- gateway: "{{ network_gateway }}"
- dns: "8.8.8.8"
- hostname: "{{ main_dc01_hostname }}"
- domain: "{{ main_domain_name }}"
- fqdn: "{{ main_dc01_hostname }}.{{ main_domain_name }}"
+ os_type : "windows"
+ template : "{{ windows_server_template_name }}"
+ id : "{{ windows_server_template_id }}"
+ vm : "{{ main_dc01_hostname }}.{{ main_domain_name }}"
+ newid : "{{ main_dc01_vmid }}"
+ vmid : "{{ main_dc01_vmid }}"
+ ip : "{{ main_dc01_ip_address }}"
+ gateway : "{{ network_gateway }}"
+ dns : "8.8.8.8"
+ hostname : "{{ main_dc01_hostname }}"
+ domain : "{{ main_domain_name }}"
+ fqdn : "{{ main_dc01_hostname }}.{{ main_domain_name }}"
- name: "add {{ main_dc01_hostname }}.{{ main_domain_name }} to in-memory inventory"
add_host:
- name: "{{ main_dc01_hostname }}.{{ main_domain_name }}"
- ansible_host: "{{ main_dc01_ip_address }}"
- ansible_connection: "{{ win_connector }}"
- ansible_user: "{{ default_win_username }}"
- ansible_password: "{{ default_win_password }}"
- ansible_port: "{{ win_port }}"
- ansible_winrm_transport: basic
+ name : "{{ main_dc01_hostname }}.{{ main_domain_name }}"
+ ansible_host : "{{ main_dc01_ip_address }}"
+ ansible_connection : "{{ win_connector }}"
+ ansible_user : "{{ default_win_username }}"
+ ansible_password : "{{ default_win_password }}"
+ ansible_port : "{{ win_port }}"
+ ansible_winrm_transport : basic
ansible_winrm_server_cert_validation: ignore
changed_when: false
-
+
- name: "deploy {{ main_linux_srv01_hostname }}.{{ main_domain_name }} vm on {{ proxmox_hostname }}"
include_role:
name: proxmox_vm
vars:
- os_type: "linux"
- template: "{{ linux_server_template_name }}"
- id: "{{ linux_server_template_id }}"
- vm: "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
- newid: "{{ main_linux_srv01_vmid }}"
- vmid: "{{ main_linux_srv01_vmid }}"
- ip: "{{ main_linux_srv01_ip_address }}"
- gateway: "{{ network_gateway }}"
- dns: "{{ main_dc01_ip_address }}"
- hostname: "{{ main_linux_srv01_hostname }}"
- domain: "{{ main_domain_name }}"
- fqdn: "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
-
+ os_type : "linux"
+ template : "{{ linux_server_template_name }}"
+ id : "{{ linux_server_template_id }}"
+ vm : "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
+ newid : "{{ main_linux_srv01_vmid }}"
+ vmid : "{{ main_linux_srv01_vmid }}"
+ ip : "{{ main_linux_srv01_ip_address }}"
+ gateway : "{{ network_gateway }}"
+ dns : "{{ main_dc01_ip_address }}"
+ hostname : "{{ main_linux_srv01_hostname }}"
+ domain : "{{ main_domain_name }}"
+ fqdn : "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
+
- name: "add {{ main_linux_srv01_hostname }}.{{ main_domain_name }} to in-memory inventory"
add_host:
- name: "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
- ansible_host: "{{ main_linux_srv01_ip_address }}"
- ansible_connection: "{{ linux_connector }}"
- ansible_user: "{{ default_linux_username }}"
- ansible_password: "{{ default_linux_password }}"
- ansible_port: "{{ linux_port }}"
- ansible_host_key_checking: false
+ name : "{{ main_linux_srv01_hostname }}.{{ main_domain_name }}"
+ ansible_host : "{{ main_linux_srv01_ip_address }}"
+ ansible_connection : "{{ linux_connector }}"
+ ansible_user : "{{ default_linux_username }}"
+ ansible_password : "{{ default_linux_password }}"
+ ansible_port : "{{ linux_port }}"
+ ansible_host_key_checking : false
+ changed_when: false
+
+ - name: "deploy {{ main_adcs01_hostname }}.{{ main_domain_name }} vm on {{ proxmox_hostname }}"
+ include_role:
+ name: proxmox_vm
+ vars:
+ os_type : "windows"
+ template : "{{ windows_server_template_name }}"
+ id : "{{ windows_server_template_id }}"
+ vm : "{{ main_adcs01_hostname }}.{{ main_domain_name }}"
+ newid : "{{ main_adcs01_vmid }}"
+ vmid : "{{ main_adcs01_vmid }}"
+ ip : "{{ main_adcs01_ip_address }}"
+ gateway : "{{ network_gateway }}"
+ dns : "{{ main_dc01_ip_address }}"
+ hostname : "{{ main_adcs01_hostname }}"
+ domain : "{{ main_domain_name }}"
+ fqdn : "{{ main_adcs01_hostname }}.{{ main_domain_name }}"
+
+ - name: "add {{ main_adcs01_hostname }}.{{ main_domain_name }} to in-memory inventory"
+ add_host:
+ name : "{{ main_adcs01_hostname }}.{{ main_domain_name }}"
+ ansible_host : "{{ main_adcs01_ip_address }}"
+ ansible_connection : "{{ win_connector }}"
+ ansible_user : "{{ default_win_username }}"
+ ansible_password : "{{ default_win_password }}"
+ ansible_port : "{{ win_port }}"
+ ansible_winrm_transport : basic
+ ansible_winrm_server_cert_validation: ignore
+ changed_when: false
+
+ - name: "deploy {{ main_mssql01_hostname }}.{{ main_domain_name }} vm on {{ proxmox_hostname }}"
+ include_role:
+ name: proxmox_vm
+ vars:
+ os_type : "windows"
+ template : "{{ windows_server_template_name }}"
+ id : "{{ windows_server_template_id }}"
+ vm : "{{ main_mssql01_hostname }}.{{ main_domain_name }}"
+ newid : "{{ main_mssql01_vmid }}"
+ vmid : "{{ main_mssql01_vmid }}"
+ ip : "{{ main_mssql01_ip_address }}"
+ gateway : "{{ network_gateway }}"
+ dns : "{{ main_dc01_ip_address }}"
+ hostname : "{{ main_mssql01_hostname }}"
+ domain : "{{ main_domain_name }}"
+ fqdn : "{{ main_mssql01_hostname }}.{{ main_domain_name }}"
+
+ - name: "add {{ main_mssql01_hostname }}.{{ main_domain_name }} to in-memory inventory"
+ add_host:
+ name : "{{ main_mssql01_hostname }}.{{ main_domain_name }}"
+ ansible_host : "{{ main_mssql01_ip_address }}"
+ ansible_connection : "{{ win_connector }}"
+ ansible_user : "{{ default_win_username }}"
+ ansible_password : "{{ default_win_password }}"
+ ansible_port : "{{ win_port }}"
+ ansible_winrm_transport : basic
+ ansible_winrm_server_cert_validation: ignore
changed_when: false
- name: configure hosts
@@ -73,3 +131,12 @@
name: srv01
when: inventory_hostname == main_linux_srv01_hostname + '.' + main_domain_name
+ - name: "configure {{ main_adcs01_hostname }}.{{ main_domain_name }}"
+ include_role:
+ name: adcs01
+ when: inventory_hostname == main_adcs01_hostname + '.' + main_domain_name
+
+ - name: "configure {{ main_mssql01_hostname }}.{{ main_domain_name }}"
+ include_role:
+ name: mssql01
+ when: inventory_hostname == main_mssql01_hostname + '.' + main_domain_name
diff --git a/ansible/roles/adcs01/tasks/cleanup.yaml b/ansible/roles/adcs01/tasks/cleanup.yaml
new file mode 100644
index 0000000..0e59407
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/cleanup.yaml
@@ -0,0 +1,3 @@
+- name: execute cleanup.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\cleanup.ps1
diff --git a/ansible/roles/adcs01/tasks/init.yaml b/ansible/roles/adcs01/tasks/init.yaml
new file mode 100644
index 0000000..418bb5d
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/init.yaml
@@ -0,0 +1,18 @@
+- name: execute init.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\init.ps1
+
+- name: create C:\Program Files\WindowsPowerShell\Modules\ADCSTemplate
+ win_file:
+ path: C:\Program Files\WindowsPowerShell\Modules\ADCSTemplate
+ state: directory
+
+- name: upload ADCSTemplate module
+ ansible.builtin.copy:
+ src: ../../../files/adcs/ADCSTemplate
+ dest: C:\Program Files\WindowsPowerShell\Modules\ADCSTemplate
+
+- name: upload adcs templates
+ ansible.builtin.copy:
+ src: ../../../files/adcs/templates
+ dest: C:\setup
diff --git a/ansible/roles/adcs01/tasks/install_software.yaml b/ansible/roles/adcs01/tasks/install_software.yaml
new file mode 100644
index 0000000..a5018a8
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/install_software.yaml
@@ -0,0 +1,3 @@
+- name: execute install-software.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\install-software.ps1
diff --git a/ansible/roles/adcs01/tasks/join_domain.yaml b/ansible/roles/adcs01/tasks/join_domain.yaml
new file mode 100644
index 0000000..6736ba2
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/join_domain.yaml
@@ -0,0 +1,13 @@
+- name: join domain
+ ansible.windows.win_domain_membership:
+ dns_domain_name: "{{ main_domain_name }}"
+ domain_admin_user: "{{ main_domain_name }}\\Administrator"
+ domain_admin_password: "{{ default_win_password }}"
+ state: domain
+ register: domain_state
+
+- name: reboot
+ win_reboot:
+ reboot_timeout: 3600
+ when: domain_state.reboot_required
+
diff --git a/ansible/roles/adcs01/tasks/main.yaml b/ansible/roles/adcs01/tasks/main.yaml
new file mode 100644
index 0000000..e3f8923
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/main.yaml
@@ -0,0 +1,40 @@
+- name: wait for winrm to be available
+ ansible.builtin.wait_for:
+ host: "{{ ansible_host }}"
+ port: "{{ ansible_port }}"
+ timeout: 300
+ delegate_to: localhost
+
+- name: execute init.ps1
+ import_tasks: init.yaml
+
+- name: set hostname
+ import_tasks: set_hostname.yaml
+
+- name: reboot after hostname change
+ import_tasks: reboot.yaml
+
+- name: join domain and reboot
+ import_tasks: join_domain.yaml
+
+- name: execute setup-adcs.ps1
+ import_tasks: setup_adcs.yaml
+
+- name: reboot after adcs setup
+ import_tasks: reboot.yaml
+
+- name: pause 5 minutes for adcs setup to complete
+ pause:
+ minutes: 5
+
+- name: execute setup-adcs-esc.ps1
+ import_tasks: setup_adcs_esc.yaml
+
+- name: reboot after adcs esc setup
+ import_tasks: reboot.yaml
+
+- name: execute install-software.ps1
+ import_tasks: install_software.yaml
+
+- name: execute cleanup.ps1
+ import_tasks: cleanup.yaml
diff --git a/ansible/roles/adcs01/tasks/reboot.yaml b/ansible/roles/adcs01/tasks/reboot.yaml
new file mode 100644
index 0000000..a7266d0
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/reboot.yaml
@@ -0,0 +1,3 @@
+- name: reboot
+ win_reboot:
+ reboot_timeout: 3600
diff --git a/ansible/roles/adcs01/tasks/set_hostname.yaml b/ansible/roles/adcs01/tasks/set_hostname.yaml
new file mode 100644
index 0000000..141268d
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/set_hostname.yaml
@@ -0,0 +1,2 @@
+- name: set hostname
+ win_shell: Rename-Computer -NewName "{{ main_adcs01_hostname }}" -Force
diff --git a/ansible/roles/adcs01/tasks/setup_adcs.yaml b/ansible/roles/adcs01/tasks/setup_adcs.yaml
new file mode 100644
index 0000000..9c6140e
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/setup_adcs.yaml
@@ -0,0 +1,7 @@
+- name: setup adcs
+ ansible.windows.win_powershell:
+ script: C:\scripts\setup-adcs.ps1
+ parameters:
+ DomainName: "{{ main_domain_name }}"
+ Username: "Administrator"
+ Password: "{{ default_win_password }}"
diff --git a/ansible/roles/adcs01/tasks/setup_adcs_esc.yaml b/ansible/roles/adcs01/tasks/setup_adcs_esc.yaml
new file mode 100644
index 0000000..352d698
--- /dev/null
+++ b/ansible/roles/adcs01/tasks/setup_adcs_esc.yaml
@@ -0,0 +1,8 @@
+- name: setup adcs templates
+ win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-adcs-esc.ps1 -DomainName "{{ main_domain_name }}"
+ become: yes
+ become_method: runas
+ become_user: "{{ main_domain_name }}\\Administrator"
+ vars:
+ ansible_become_password: "{{ default_win_password }}"
+
diff --git a/ansible/roles/dc01/tasks/set_hostname.yaml b/ansible/roles/dc01/tasks/set_hostname.yaml
index 5ad01b2..282d0cd 100644
--- a/ansible/roles/dc01/tasks/set_hostname.yaml
+++ b/ansible/roles/dc01/tasks/set_hostname.yaml
@@ -1,2 +1,2 @@
- name: set hostname
- ansible.windows.win_shell: Rename-Computer -NewName "{{ main_dc01_hostname }}" -Force
+ win_shell: Rename-Computer -NewName "{{ main_dc01_hostname }}" -Force
diff --git a/ansible/roles/mssql01/tasks/cleanup.yaml b/ansible/roles/mssql01/tasks/cleanup.yaml
new file mode 100644
index 0000000..0e59407
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/cleanup.yaml
@@ -0,0 +1,3 @@
+- name: execute cleanup.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\cleanup.ps1
diff --git a/ansible/roles/mssql01/tasks/init.yaml b/ansible/roles/mssql01/tasks/init.yaml
new file mode 100644
index 0000000..a75d6cc
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/init.yaml
@@ -0,0 +1,9 @@
+- name: execute init.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\init.ps1
+
+- name: copy mssql installer
+ ansible.builtin.copy:
+ src: files/SQL2019-SSEI-Expr.exe
+ dest: C:\setup\SQL2019-SSEI-Expr.exe
+
diff --git a/ansible/roles/mssql01/tasks/install_software.yaml b/ansible/roles/mssql01/tasks/install_software.yaml
new file mode 100644
index 0000000..a5018a8
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/install_software.yaml
@@ -0,0 +1,3 @@
+- name: execute install-software.ps1
+ ansible.windows.win_powershell:
+ script: C:\scripts\install-software.ps1
diff --git a/ansible/roles/mssql01/tasks/join_domain.yaml b/ansible/roles/mssql01/tasks/join_domain.yaml
new file mode 100644
index 0000000..6736ba2
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/join_domain.yaml
@@ -0,0 +1,13 @@
+- name: join domain
+ ansible.windows.win_domain_membership:
+ dns_domain_name: "{{ main_domain_name }}"
+ domain_admin_user: "{{ main_domain_name }}\\Administrator"
+ domain_admin_password: "{{ default_win_password }}"
+ state: domain
+ register: domain_state
+
+- name: reboot
+ win_reboot:
+ reboot_timeout: 3600
+ when: domain_state.reboot_required
+
diff --git a/ansible/roles/mssql01/tasks/main.yaml b/ansible/roles/mssql01/tasks/main.yaml
new file mode 100644
index 0000000..3822369
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/main.yaml
@@ -0,0 +1,34 @@
+- name: wait for winrm to be available
+ ansible.builtin.wait_for:
+ host: "{{ ansible_host }}"
+ port: "{{ ansible_port }}"
+ timeout: 300
+ delegate_to: localhost
+
+- name: execute init.ps1
+ import_tasks: init.yaml
+
+- name: set hostname
+ import_tasks: set_hostname.yaml
+
+- name: reboot after hostname change
+ import_tasks: reboot.yaml
+
+- name: join domain and reboot
+ import_tasks: join_domain.yaml
+
+- name: execute setup-mssql.ps1
+ import_tasks: setup_mssql.yaml
+
+- name: reboot after mssql setup
+ import_tasks: reboot.yaml
+
+- name: pause 5 minutes for mssql setup to complete
+ pause:
+ minutes: 5
+
+- name: execute install-software.ps1
+ import_tasks: install_software.yaml
+
+- name: execute cleanup.ps1
+ import_tasks: cleanup.yaml
diff --git a/ansible/roles/mssql01/tasks/reboot.yaml b/ansible/roles/mssql01/tasks/reboot.yaml
new file mode 100644
index 0000000..a7266d0
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/reboot.yaml
@@ -0,0 +1,3 @@
+- name: reboot
+ win_reboot:
+ reboot_timeout: 3600
diff --git a/ansible/roles/mssql01/tasks/set_hostname.yaml b/ansible/roles/mssql01/tasks/set_hostname.yaml
new file mode 100644
index 0000000..de974a4
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/set_hostname.yaml
@@ -0,0 +1,2 @@
+- name: set hostname
+ win_shell: Rename-Computer -NewName "{{ main_mssql01_hostname }}" -Force
diff --git a/ansible/roles/mssql01/tasks/setup_mssql.yaml b/ansible/roles/mssql01/tasks/setup_mssql.yaml
new file mode 100644
index 0000000..4602242
--- /dev/null
+++ b/ansible/roles/mssql01/tasks/setup_mssql.yaml
@@ -0,0 +1,7 @@
+- name: setup mssql
+ ansible.windows.win_powershell:
+ script: C:\scripts\setup-mssql.ps1
+ parameters:
+ DomainName: "{{ main_domain_name }}"
+ SvcUsername: svc_mssql01
+ SvcPassword: "{{ default_win_svc_password }}"
diff --git a/ansible/scripts/setup-websql.ps1 b/ansible/scripts/setup-websql.ps1
new file mode 100644
index 0000000..9f5db5c
--- /dev/null
+++ b/ansible/scripts/setup-websql.ps1
@@ -0,0 +1,236 @@
+param (
+ [string]$DomainName = "contoso.com",
+ [string]$SvcUsername = "svc_websql01",
+ [string]$SvcPassword = "Svc1234!"
+)
+
+$scriptName = $MyInvocation.MyCommand.Name
+$logFile = "C:\Logs\${scriptName}_log.txt"
+$NetBiosName = $DomainName.Split(".")[0].ToUpper()
+$wwwroot1 = "C:\inetpub\wwwroot"
+$wwwroot2 = "C:\inetpub\wwwroot2"
+$wwwroot3 = "C:\inetpub\wwwroot3"
+
+Start-Transcript -Path $logFile -Append
+
+# --- IIS Setup ---
+try {
+ Install-WindowsFeature -Name Web-Server -IncludeManagementTools
+ Install-WindowsFeature -Name Web-Asp-Net45
+ Write-Host "[INFO] Installed IIS and ASP.NET"
+} catch {
+ Write-Host "[ERR] Failed to install IIS and ASP.NET"
+}
+
+# Upload form content
+@"
+using System;
+using System.IO;
+using System.Web.UI;
+
+public partial class UploadPage : Page
+{
+ protected void UploadFile(object sender, EventArgs e)
+ {
+ if (fileUpload.PostedFile != null && fileUpload.PostedFile.ContentLength > 0)
+ {
+ try
+ {
+ string filename = Path.GetFileName(fileUpload.PostedFile.FileName);
+ fileUpload.PostedFile.SaveAs(Server.MapPath(filename));
+ lblMessage.Text = "File uploaded successfully!";
+ }
+ catch (Exception ex)
+ {
+ lblMessage.Text = "Error: " + ex.Message;
+ }
+ }
+ else
+ {
+ lblMessage.Text = "Please select a file to upload.";
+ }
+ }
+}
+"@ | Out-File "$wwwroot1\upload.aspx.cs" -Force
+
+@"
+<%@ Page Language="C#" AutoEventWireup="true" CodeFile="upload.aspx.cs" Inherits="UploadPage" %>
+<!DOCTYPE html>
+<html>
+<head><title>File Upload Page</title></head>
+<body>
+ <form id="form1" runat="server">
+ <div>
+ <input type="file" id="fileUpload" runat="server" />
+ <br />
+ <asp:Button ID="btnUpload" runat="server" Text="Upload" OnClick="UploadFile" />
+ <br />
+ <asp:Label ID="lblMessage" runat="server" Text=""></asp:Label>
+ </div>
+ </form>
+</body>
+</html>
+"@ | Out-File "$wwwroot1\upload.aspx" -Force
+
+@"
+<?xml version="1.0"?>
+<configuration>
+ <system.web>
+ <compilation debug="true" targetFramework="4.5"/>
+ <httpRuntime targetFramework="4.5"/>
+ <customErrors mode="Off"/>
+ </system.web>
+</configuration>
+"@ | Out-File "$wwwroot1\Web.config" -Force
+
+# Default site - port 80
+try {
+ New-WebSite -Name "MyASPXSite" -Port 80 -PhysicalPath $wwwroot1 -ApplicationPool "DefaultAppPool"
+ Set-ItemProperty "IIS:\AppPools\DefaultAppPool" -Name processModel -Value @{userName="$SvcUsername";password="$SvcPassword";identityType=3}
+ New-NetFirewallRule -DisplayName "HTTP (80)" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
+ Restart-WebAppPool -Name "DefaultAppPool"
+ Write-Host "[INFO] Site 1 created on port 80"
+} catch {
+ Write-Host "[ERR] Failed to create site 1"
+}
+
+# ACLs for wwwroot1
+try {
+ $svcRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$DomainName\$SvcUsername", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow")
+ $acl = Get-Acl $wwwroot1
+ $acl.SetAccessRule($svcRule)
+ Set-Acl -Path $wwwroot1 -AclObject $acl
+ Write-Host "[INFO] ACL set for $wwwroot1"
+} catch {
+ Write-Host "[ERR] Failed to set ACL for $wwwroot1"
+}
+
+# Second site - port 8080
+try {
+ Copy-Item $wwwroot1 -Destination $wwwroot2 -Recurse -Force
+ New-WebAppPool -Name "DefaultAppPool2"
+ New-WebSite -Name "MyASPXSite2" -Port 8080 -PhysicalPath $wwwroot2 -ApplicationPool "DefaultAppPool2"
+ Set-ItemProperty "IIS:\AppPools\DefaultAppPool2" -Name processModel -Value @{identityType=2}
+ New-NetFirewallRule -DisplayName "HTTP (8080)" -Direction Inbound -Protocol TCP -LocalPort 8080 -Action Allow
+ $acl = Get-Acl $wwwroot2
+ $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS_IUSRS", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow")
+ $acl.SetAccessRule($rule)
+ Set-Acl -Path $wwwroot2 -AclObject $acl
+ Restart-WebAppPool -Name "DefaultAppPool2"
+ Write-Host "[INFO] Site 2 created on port 8080"
+} catch {
+ Write-Host "[ERR] Failed to create site 2"
+}
+
+# SQL Server Express setup
+try {
+ New-Item -Path "C:\setup\media" -ItemType "Directory" -Force
+ @"
+;SQL Server Configuration File
+[OPTIONS]
+IACCEPTSQLSERVERLICENSETERMS="True"
+ACTION="Install"
+ENU="True"
+QUIET="True"
+FEATURES=SQLENGINE,FULLTEXT
+INSTANCENAME="SQLEXPRESS"
+SQLSVCACCOUNT="NT AUTHORITY\NETWORK SERVICE"
+SQLSYSADMINACCOUNTS="BUILTIN\Administrators"
+ADDCURRENTUSERASSQLADMIN="True"
+TCPENABLED="1"
+NPENABLED="0"
+SAPWD="$SvcPassword"
+"@ | Out-File "C:\setup\sql_conf.ini"
+
+ Start-Process -FilePath "C:\setup\SQL2019-SSEI-Expr.exe" -ArgumentList "/configurationfile=C:\setup\sql_conf.ini /IACCEPTSQLSERVERLICENSETERMS /MEDIAPATH=C:\setup\media /QUIET" -Wait
+ Set-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQLServer\SuperSocketNetLib\Tcp\IPAll" -Name "TcpPort" -Value "1433"
+ Restart-Service -Name "MSSQL`$SQLEXPRESS"
+ New-NetFirewallRule -DisplayName "SQLServer 1433" -Direction Inbound -LocalPort 1433 -Protocol TCP -Action Allow
+
+ $env:Path += ";C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn"
+ SqlCmd -E -Q "CREATE LOGIN [$NetBiosName\$SvcUsername] FROM WINDOWS"
+ SqlCmd -E -Q "SP_ADDSRVROLEMEMBER '$NetBiosName\$SvcUsername', 'SYSADMIN'"
+ SqlCmd -E -Q "ALTER LOGIN sa ENABLE"
+ SqlCmd -E -Q "ALTER LOGIN sa WITH PASSWORD = '$SvcPassword', CHECK_POLICY=OFF"
+ Write-Host "[INFO] SQL Server installed/configured"
+} catch {
+ Write-Host "[ERR] SQL Server setup failed"
+}
+
+# Third site - port 9090 with upload + SQL query page
+try {
+ Copy-Item $wwwroot1 -Destination $wwwroot3 -Recurse -Force
+ New-WebAppPool -Name "SqlQueryAppPool"
+ New-WebSite -Name "SqlQuerySite" -Port 9090 -PhysicalPath $wwwroot3 -ApplicationPool "SqlQueryAppPool"
+ Set-ItemProperty "IIS:\AppPools\SqlQueryAppPool" -Name processModel -Value @{userName="$SvcUsername";password="$SvcPassword";identityType=3}
+ New-NetFirewallRule -DisplayName "HTTP (9090)" -Direction Inbound -Protocol TCP -LocalPort 9090 -Action Allow
+
+ # SQL Query Page
+ @"
+<%@ Page Language="C#" Debug="true" %>
+<%@ Import Namespace="System.Data" %>
+<%@ Import Namespace="System.Data.SqlClient" %>
+<script runat="server">
+ protected void Page_Load(object sender, EventArgs e)
+ {
+ if (IsPostBack)
+ {
+ string query = txtQuery.Value;
+
+ string connStr = "Server=localhost\\SQLEXPRESS;Database=master;Integrated Security=true;";
+ using (SqlConnection conn = new SqlConnection(connStr))
+ {
+ try
+ {
+ conn.Open();
+ SqlCommand cmd = new SqlCommand(query, conn);
+ SqlDataAdapter da = new SqlDataAdapter(cmd);
+ DataTable dt = new DataTable();
+ da.Fill(dt);
+
+ litResults.Text = "<table border='1'><tr>";
+ foreach (DataColumn col in dt.Columns)
+ {
+ litResults.Text += $"<th>{col.ColumnName}</th>";
+ }
+ litResults.Text += "</tr>";
+
+ foreach (DataRow row in dt.Rows)
+ {
+ litResults.Text += "<tr>";
+ foreach (var item in row.ItemArray)
+ {
+ litResults.Text += $"<td>{item}</td>";
+ }
+ litResults.Text += "</tr>";
+ }
+ litResults.Text += "</table>";
+ }
+ catch (Exception ex)
+ {
+ litResults.Text = "<span style='color:red;'>Error: " + ex.Message + "</span>";
+ }
+ }
+ }
+ }
+</script>
+<html>
+<head><title>SQL Query Tester</title></head>
+<body>
+ <h2>Enter a SQL Query</h2>
+ <form id="form1" runat="server">
+ <textarea id="txtQuery" runat="server" rows="5" cols="80">SELECT GETDATE()</textarea><br /><br />
+ <asp:Button ID="btnRun" runat="server" Text="Run Query" OnClick="Page_Load" /><br /><br />
+ <asp:Literal ID="litResults" runat="server" />
+ </form>
+</body>
+</html>
+"@ | Out-File "$wwwroot3\sqlquery.aspx" -Force
+
+ Restart-WebAppPool -Name "SqlQueryAppPool"
+ Write-Host "[INFO] Site 3 created on port 9090 with SQL query page"
+} catch {
+ Write-Host "[ERR] Failed to create SQL query site"
+}
+
+Stop-Transcript
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-13 20:43:48 +0000