albert/kreta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kreta/Tools/Install/IISCommon.psm1
skidoodle e124a47765 init
2024-03-13 00:33:46 +01:00

297 lines
No EOL
8 KiB
PowerShell
Raw Permalink Blame History

#region Private variables
$loggingDirectory = "C:\Temp"
$loggingFile = "Install.log"
$logFile = Join-Path $loggingDirectory $loggingFile
#endregion
#region Public methods
function CheckCredentials
{
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
[Security.Principal.WindowsBuiltInRole] "Administrator"))
{
Write-Warning "You do not have Administrator rights to run this script!`nPlease re-run this script as an Administrator!"
return $false
}
Write-Host "Done."
return $true
}
function EnableEmbeddedIISFeatures
{
cd $PSScriptRoot
$featureList = @("IIS-WebServerRole",
"IIS-WebServer",
"IIS-CommonHttpFeatures",
"IIS-HttpErrors",
"IIS-HttpRedirect",
"IIS-ApplicationDevelopment",
"IIS-NetFxExtensibility",
"IIS-NetFxExtensibility45",
"IIS-HealthAndDiagnostics",
"IIS-HttpLogging",
"IIS-LoggingLibraries",
"IIS-RequestMonitor",
"IIS-HttpTracing",
"IIS-Security",
"IIS-URLAuthorization",
"IIS-RequestFiltering",
"IIS-IPSecurity",
"IIS-Performance",
"IIS-HttpCompressionDynamic",
"IIS-WebServerManagementTools",
"IIS-ManagementScriptingTools",
"IIS-IIS6ManagementCompatibility",
"IIS-Metabase",
"IIS-CertProvider",
"IIS-WindowsAuthentication",
"IIS-DigestAuthentication",
"IIS-ClientCertificateMappingAuthentication",
"IIS-IISCertificateMappingAuthentication",
"IIS-StaticContent",
"IIS-DefaultDocument",
"IIS-DirectoryBrowsing",
"IIS-WebSockets",
"IIS-ApplicationInit",
"IIS-ASPNET",
"IIS-ASPNET45",
"IIS-ASP",
"IIS-CGI",
"IIS-ISAPIExtensions",
"IIS-ISAPIFilter",
"IIS-ServerSideIncludes",
"IIS-CustomLogging",
"IIS-BasicAuthentication",
"IIS-HttpCompressionStatic",
"IIS-ManagementConsole",
"IIS-ManagementService")
Enable-WindowsOptionalFeature -FeatureName $featureList -Online > $null
Write-Host "Done."
}
function ScaffoldIIS($hostName, $hostIp, $iisApplication, $iisVirtualApplications)
{
SetHostsFile $hostName $hostIp
CreateApplicationPool $iisApplication
if($iisVirtualApplications -ne $null)
{
CreateApplicationPool $iisVirtualApplications
}
CreateSite $iisApplication $iisVirtualApplications
GrantPermissionToApplicationPool $iisApplication
AddSslBindingToIdpAndAddAsTrustedCert $iisApplication $hostName
if($iisVirtualApplications -ne $null)
{
GrantPermissionToApplicationPool $iisVirtualApplications
}
Write-Host "IIS scaffolding has been successfully completed!"
}
function ResetIIS
{
& {iisreset} > $null
Write-Host "Done."
}
function ResetEnvironment
{
cd $PSScriptRoot
Write-Host "Done."
}
function StartLogging
{
ScaffoldLoggingContainer
try { Stop-Transcript } catch {}
Start-Transcript -path $logFile -append
}
function StopLogging
{
try { Stop-Transcript } catch {}
}
#endregion Public methods
#region Private methods
function SetHostsFile($hostName, $ip)
{
$hostsPath = "$env:windir\System32\drivers\etc\hosts"
$measure = Get-Content $hostsPath | Select-String $hostName | measure | select -Property Count
if($measure.Count -eq 0)
{
"`r`n" + $ip + "`t" + $hostName | Out-File -encoding ASCII -append $hostsPath
Write-Host $hostsPath "Host file has been successfully updated!"
}
}
function CreateApplicationPool($iisApplication)
{
#navigate to the app pools root
cd IIS:\AppPools\
foreach($iisApplicationPool in $iisApplication)
{
$iisApplicationPoolName = $iisApplicationPool.poolName
#check if the app pool exists
if (!(Test-Path $iisApplicationPoolName -pathType container))
{
#create the app pool
$appPool = New-Item $iisApplicationPoolName
foreach($iisApplicationPoolProperty in $iisApplicationPool.property)
{
$appPool | Set-ItemProperty -Name $iisApplicationPoolProperty.name -Value $iisApplicationPoolProperty.value
}
Write-Host "$iisApplicationPoolName (application pool) has been successfully created!"
}
}
}
function GrantPermissionToApplicationPool($iisApplicationPoolName, $containerDirectoryPath)
{
foreach($iisApp in $iisApplication)
{
Write-Host "Grant RW directory level permission for" $iisApp.poolName "(" $iisApp.applicationPath ")"
$fullApplicationPoolName = "IIS AppPool\" + $iisApp.poolName
GrantModifyPermissionToFolder $fullApplicationPoolName $iisApp.applicationPath "Modify"
Write-Host "Grant R directory level permission for IUSR" "(" $iisApp.applicationPath ")"
GrantModifyPermissionToFolder "IUSR" $iisApp.applicationPath "Read"
}
}
function GrantModifyPermissionToFolder($userName, $path, $accessLevel)
{
$acl = Get-Acl $path
$ar = New-Object System.Security.AccessControl.FileSystemAccessRule($userName, $accessLevel, "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.SetAccessRule($ar)
Set-Acl $path $acl
}
function CreateSite($iisApplication, $iisVirtualApplication)
{
#navigate to the sites root
cd IIS:\Sites\
$iisApplicationName
foreach($iisApp in $iisApplication)
{
$iisApplicationName = $iisAppName = $iisApp.name
#check if the site exists
if (Test-Path $iisAppName -pathType container)
{
$targetApplication = "IIS:\Sites\$iisAppName"
$previousSite = Get-Item $targetApplication
$previousSiteLocation = $previousSite.physicalPath
Remove-Item $targetApplication -Recurse -Force > $null
Write-Host "Previous $iisAppName (site) has been successfully deleted! Physical location: $previousSiteLocation"
}
#create the site
$application = New-Item $iisAppName -bindings $iisApp.bindings -physicalPath $iisApp.applicationPath
$application | Set-ItemProperty -Name "applicationPool" -Value $iisApp.poolName
$newSite = Get-Item "IIS:\Sites\$iisAppName"
$newSiteLocation = $newSite.physicalPath
Write-Host "$iisAppName (site) has been successfully created! Physical location: $newSiteLocation"
}
if($iisVirtualApplication -ne $null)
{
foreach($iisVirtualApp in $iisVirtualApplication)
{
$iisVirtualAppName = $iisVirtualApp.name
#create the virtual application
New-Item "IIS:\Sites\$iisApplicationName\$iisVirtualAppName" -physicalPath $iisVirtualApp.applicationPath -type Application
Set-ItemProperty "IIS:\Sites\$iisApplicationName\$iisVirtualAppName" -Name "applicationPool" -Value $iisVirtualApp.poolName
$newSite = Get-Item "IIS:\Sites\$iisApplicationName\$iisVirtualAppName"
$newSiteLocation = $newSite.physicalPath
Write-Host "$iisVirtualAppName (virtual application) has been successfully created! Physical location: $newSiteLocation"
}
}
}
function ScaffoldLoggingContainer
{
if(!(Test-Path $loggingDirectory))
{
New-Item $loggingDirectory -ItemType Directory > $null
}
if((Test-Path $logFile))
{
Remove-Item $logFile -Force > $null
}
New-Item $logFile -ItemType File > $null
}
function AddSslBindingToIdpAndAddAsTrustedCert($iisApplication, $dnsName)
{
#TODO: meglehet csinálni paraméterezve a binding-ot, nem kell a foreach
foreach($iisApp in $iisApplication)
{
$newCert = New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation cert:\LocalMachine\My
##New-WebBinding -Name $iisApp.name -HostHeader $dnsName -Port 443 -Protocol https
$binding = Get-WebBinding -Name $iisApp.name -Protocol "https"
$binding.AddSslCertificate($newCert.GetCertHashString(), "my")
$tempCert = Join-Path "c:\Temp" $dnsName
Export-Certificate -Cert $newCert -FilePath $tempCert -Type SST
Import-Certificate -CertStoreLocation cert:\CurrentUser\Root -FilePath $tempCert
Remove-Item $tempCert
Write-Host "Done."
}
}
#endregion Private methods
#region Exports
export-modulemember -function CheckCredentials
export-modulemember -function EnableEmbeddedIISFeatures
export-modulemember -function ScaffoldIIS
export-modulemember -function ResetIIS
export-modulemember -function ResetEnvironment
export-modulemember -function StartLogging
export-modulemember -function StopLogging
#endregion Exports
Reference in a new issue View git blame Copy permalink