forked from M-Labs/nix-scripts
windows: Dont use deprecated method of openssh server installation
Add OpenSSH cab file extracted from Windows FOD iso
This commit is contained in:
parent
51f93e5852
commit
b410bd6b35
@ -14,6 +14,7 @@
|
|||||||
, timeZone ? "UTC"
|
, timeZone ? "UTC"
|
||||||
, services ? {}
|
, services ? {}
|
||||||
, impureShellCommands ? []
|
, impureShellCommands ? []
|
||||||
|
, driveLetter ? "F:"
|
||||||
, ...
|
, ...
|
||||||
}:
|
}:
|
||||||
|
|
||||||
@ -43,18 +44,12 @@ let
|
|||||||
in lib.concatStringsSep "\n" commands) (v.sshKeys or [])) users);
|
in lib.concatStringsSep "\n" commands) (v.sshKeys or [])) users);
|
||||||
mkDirsDesc = builtins.map (c: {Path = c; Description = "Make SSH key dir";}) makeDirs;
|
mkDirsDesc = builtins.map (c: {Path = c; Description = "Make SSH key dir";}) makeDirs;
|
||||||
writeKeysDesc = builtins.map (c: {Path = c; Description = "Add SSH key";}) writeKeys;
|
writeKeysDesc = builtins.map (c: {Path = c; Description = "Add SSH key";}) writeKeys;
|
||||||
in mkDirsDesc ++ writeKeysDesc ++ [
|
in
|
||||||
|
# mkDirsDesc ++ writeKeysDesc ++
|
||||||
|
[
|
||||||
{
|
{
|
||||||
Path = ''powershell.exe Register-PSRepository -Name bootstraprepo -SourceLocation F:\files'';
|
Path = ''powershell.exe Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 -Source ${driveLetter}\fod -LimitAccess'';
|
||||||
Description = "Local powershell repo import";
|
Description = "Add OpenSSH service.";
|
||||||
}
|
|
||||||
{
|
|
||||||
Path = ''powershell.exe Install-Module -Repository bootstraprepo -Force OpenSSHUtils -Scope AllUsers'';
|
|
||||||
Description = "Install Openssh.";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
Path = "powershell.exe Start-Service sshd";
|
|
||||||
Description = "Now start the sshd service.";
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic'';
|
Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic'';
|
||||||
@ -73,14 +68,14 @@ let
|
|||||||
]
|
]
|
||||||
++ [
|
++ [
|
||||||
{
|
{
|
||||||
Path = ''powershell.exe F:\win-bundle-installer.exe'';
|
Path = ''powershell.exe ${driveLetter}\win-bundle-installer.exe'';
|
||||||
Description = "Install any declared packages.";
|
Description = "Install any declared packages.";
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
++ setupCommands
|
++ setupCommands
|
||||||
++ [
|
++ [
|
||||||
{
|
{
|
||||||
Path = ''powershell.exe F:\ssh-setup.ps1'';
|
Path = ''powershell.exe ${driveLetter}\ssh-setup.ps1'';
|
||||||
Description = "Setup SSH and keys";
|
Description = "Setup SSH and keys";
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
@ -15,9 +15,9 @@ win.makeWindowsImage {
|
|||||||
# User accounts
|
# User accounts
|
||||||
users = {
|
users = {
|
||||||
artiq = {
|
artiq = {
|
||||||
sshKeys = [
|
# sshKeys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir"
|
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir"
|
||||||
];
|
# ];
|
||||||
password = "1234";
|
password = "1234";
|
||||||
# description = "Default user";
|
# description = "Default user";
|
||||||
# displayName = "Display name";
|
# displayName = "Display name";
|
||||||
|
1
artiq-fast/windows/openssh/README.md
Normal file
1
artiq-fast/windows/openssh/README.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
This file is not publicaly acessible anywhere so had to be extracted from a connected instance
|
BIN
artiq-fast/windows/openssh/server-package.cab
Normal file
BIN
artiq-fast/windows/openssh/server-package.cab
Normal file
Binary file not shown.
@ -33,6 +33,26 @@ let
|
|||||||
sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
|
sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
openSshServerPackage = ./openssh/server-package.cab;
|
||||||
|
|
||||||
|
# pkgs.fetchurl {
|
||||||
|
# name = "OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab";
|
||||||
|
# url = "http://download.windowsupdate.com/c/msdownload/update/software/updt/2018/04/openssh-server-package~31bf3856ad364e35~amd64~~_b264949145379b61d55448ed2625916457f701ba.cab";
|
||||||
|
# sha256 = "1pzaz2i7x05ki6gq7yxh0j4c1l6r57hawl3ggkji0r83wzrmh7ps";
|
||||||
|
# };
|
||||||
|
# openSshClientPackage = pkgs.fetchurl {
|
||||||
|
# name = "OpenSSH-Client-Package-31bf3856ad364e35-AMD64.cab";
|
||||||
|
# url = "http://download.windowsupdate.com/d/msdownload/update/software/updt/2018/04/openssh-client-package~31bf3856ad364e35~amd64~~_715b60a3869c393e0c03fd5683fe88c6f155ce28.cab";
|
||||||
|
# sha256 = "1rfdh2b47y27smy91g19s82cfwp8x5wg2iri95b8ndi9mplyfqdd";
|
||||||
|
# };
|
||||||
|
|
||||||
|
# Note: We're not using this one but keep around as a reference since microsoft makes it near impossible to find
|
||||||
|
# URLs for these kind of things
|
||||||
|
# fodIso = pkgs.fetchurl {
|
||||||
|
# url = "https://software-download.microsoft.com/download/pr/17763.1.180914-1434.rs5_release_amd64fre_SERVER-FOD-PACKAGES_OEM_amd64fre_MULTI.iso";
|
||||||
|
# sha256 = "009pygycwvfkbm02zycp9zv136qc2lcljjjp0021fjd2kn3mf6k9";
|
||||||
|
# };
|
||||||
|
|
||||||
autounattend = import ./autounattend.nix (
|
autounattend = import ./autounattend.nix (
|
||||||
attrs // {
|
attrs // {
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
@ -45,12 +65,6 @@ let
|
|||||||
bootstrapPkgs = let
|
bootstrapPkgs = let
|
||||||
winPkgs = import ./pkgs.nix { inherit pkgs; };
|
winPkgs = import ./pkgs.nix { inherit pkgs; };
|
||||||
|
|
||||||
opensshutils = pkgs.fetchurl {
|
|
||||||
name = "opensshutils.nupkg";
|
|
||||||
url = "https://www.powershellgallery.com/api/v2/package/OpenSSHUtils/1.0.0.1";
|
|
||||||
sha256 = "11iw0wyi11v684if0nsjgaglxsqnhdn94siq27pd8h34z64l6fq3";
|
|
||||||
};
|
|
||||||
|
|
||||||
nuget = winPkgs.makePkg {
|
nuget = winPkgs.makePkg {
|
||||||
name = "nuget-dll";
|
name = "nuget-dll";
|
||||||
src = ./nuget/Microsoft.PackageManagement.NuGetProvider.dll;
|
src = ./nuget/Microsoft.PackageManagement.NuGetProvider.dll;
|
||||||
@ -77,17 +91,18 @@ let
|
|||||||
runQemuCommand "bootstrap-win-pkgs.img" ''
|
runQemuCommand "bootstrap-win-pkgs.img" ''
|
||||||
mkdir pkgs
|
mkdir pkgs
|
||||||
mkdir pkgs/bootstrap
|
mkdir pkgs/bootstrap
|
||||||
mkdir pkgs/user
|
mkdir pkgs/fod
|
||||||
mkdir pkgs/files
|
|
||||||
|
|
||||||
cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
|
cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
|
||||||
|
|
||||||
|
# Install optional windows features
|
||||||
|
cp ${openSshServerPackage} pkgs/fod/OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab
|
||||||
|
|
||||||
# SSH setup script goes here because windows XML parser sucks
|
# SSH setup script goes here because windows XML parser sucks
|
||||||
cp ${autounattend.setupScript} pkgs/ssh-setup.ps1
|
cp ${autounattend.setupScript} pkgs/ssh-setup.ps1
|
||||||
|
|
||||||
cp ${nuget} pkgs/bootstrap/00_"$(stripHash "${nuget}")"
|
# cp ${nuget} pkgs/bootstrap/00_"$(stripHash "${nuget}")"
|
||||||
cp ${opensshutils} pkgs/bootstrap/01_"$(stripHash "${opensshutils}")"
|
# cp ${anaconda} pkgs/bootstrap/00_"$(stripHash "${anaconda}")"
|
||||||
cp ${anaconda} pkgs/bootstrap/02_"$(stripHash "${anaconda}")"
|
|
||||||
|
|
||||||
${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)}
|
${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)}
|
||||||
|
|
||||||
@ -123,6 +138,8 @@ let
|
|||||||
"id=virtio-win,file=${bootstrapPkgs},if=none,format=raw,readonly=on"
|
"id=virtio-win,file=${bootstrapPkgs},if=none,format=raw,readonly=on"
|
||||||
"-device"
|
"-device"
|
||||||
"usb-storage,drive=virtio-win"
|
"usb-storage,drive=virtio-win"
|
||||||
|
# "CD" drive with windows features-on-demand
|
||||||
|
# "-cdrom" "${fodIso}"
|
||||||
] ++ lib.optional (!impureMode) "-nographic";
|
] ++ lib.optional (!impureMode) "-nographic";
|
||||||
in
|
in
|
||||||
''
|
''
|
||||||
|
Loading…
Reference in New Issue
Block a user