summaryrefslogtreecommitdiff
path: root/ansible/scripts/setup-iis.ps1
blob: 1bbe48d8636ba18403afe68e180b539fe54b726a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

 param
(
    [string]$DomainName  = "contoso.com",
    [string]$SvcUsername = "svc_iis03",
    [string]$SvcPassword = "Svc1234!"
)
$scriptName = $MyInvocation.MyCommand.Name
$logFile = "C:\Logs\${scriptName}_log.txt"
Start-Transcript -Path $logFile -Append

$wwwroot1 = "C:\inetpub\wwwroot"
$wwwroot2 = "C:\inetpub\wwwroot2"

try {
    Install-WindowsFeature -Name Web-Server -IncludeManagementTools
    Install-WindowsFeature -Name Web-Asp-Net45
    New-WebSite -Name "MyASPXSite" -Port 80 -PhysicalPath "C:\inetpub\wwwroot" -ApplicationPool "DefaultAppPool"
    Set-ItemProperty "IIS:\AppPools\DefaultAppPool" -Name processModel -Value @{userName="$SvcUsername";password="$SvcPassword";identityType=3}
    New-NetFirewallRule -DisplayName "HTTP (80)" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
    Restart-WebAppPool -Name "DefaultAppPool"

    Write-Host "[INFO] Created first IIS WebSite, Firewall rule and AppPool"
} catch {
    Write-Host "[ERR] Failed to create first IIS WebSite, Firewall rule and AppPool"
}

try {
    $svcIIS03Rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$DomainName\$SvcUsername", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl = Get-Acl $wwwroot1
    $acl.SetAccessRule($svcIIS03Rule)
    Set-Acl -Path $wwwroot1 -AclObject $acl

    Write-Host "[INFO] Set ACL for $wwwroot1"
} catch {
    Write-Host "[ERR] Failed to set ACL for $wwwroot1"
}

@"
using System;
using System.IO;
using System.Web.UI;

public partial class UploadPage : Page
{
    protected void UploadFile(object sender, EventArgs e)
    {
        if (fileUpload.PostedFile != null && fileUpload.PostedFile.ContentLength > 0)
        {
            try
            {
                string filename = Path.GetFileName(fileUpload.PostedFile.FileName);
                fileUpload.PostedFile.SaveAs(Server.MapPath(filename));
                lblMessage.Text = "File uploaded successfully!";
            }
            catch (Exception ex)
            {
                lblMessage.Text = "Error: " + ex.Message;
            }
        }
        else
        {
            lblMessage.Text = "Please select a file to upload.";
        }
    }
}
"@ | Out-File C:\inetpub\wwwroot\upload.aspx.cs

@"
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="upload.aspx.cs" Inherits="UploadPage" %>

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>File Upload Page</title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <input type="file" id="fileUpload" runat="server" />
            <br />
            <asp:Button ID="btnUpload" runat="server" Text="Upload" OnClick="UploadFile" />
            <br />
            <asp:Label ID="lblMessage" runat="server" Text=""></asp:Label>
        </div>
    </form>
</body>
</html>
"@ | Out-File C:\inetpub\wwwroot\upload.aspx

@"
<?xml version="1.0"?>
<configuration>
    <system.web>
        <compilation debug="true" targetFramework="4.5"/>
        <httpRuntime targetFramework="4.5"/>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
"@ | Out-File C:\inetpub\wwwroot\Web.config

Restart-WebAppPool -Name "DefaultAppPool"

try {
    Copy-Item "C:\inetpub\wwwroot" -Destination "C:\inetpub\wwwroot2" -Recurse
    New-WebAppPool -Name "DefaultAppPool2"
    New-WebSite -Name "MyASPXSite2" -Port 8080 -PhysicalPath "C:\inetpub\wwwroot2" -ApplicationPool "DefaultAppPool2"
    Set-ItemProperty "IIS:\AppPools\DefaultAppPool2" -Name processModel -Value @{ identityType=2 }
    New-NetFirewallRule -DisplayName "HTTP (8080)" -Direction Inbound -Protocol TCP -LocalPort 8080 -Action Allow

    Write-Host "[INFO] Created second IIS WebSite, Firewall rule and AppPool"
} catch {
    Write-Host "[ERR] Failed to create second IIS WebSite, Firewall rule and AppPool"
}

try {
    $acl = Get-Acl $wwwroot2
    $iisIUSRSGroup = "IIS_IUSRS"
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS_IUSRS", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.SetAccessRule($rule)
    Set-Acl -Path $wwwroot2 -AclObject $acl 

    Write-Host "[INFO] Set ACL for $wwwroot2"
} catch {
    Write-Host "[ERR] Failed to set ACL for $wwwroot2"
}

Restart-WebAppPool -Name "DefaultAppPool2"
Stop-Transcript
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-12 22:43:15 +0000