windows: Dont use deprecated method of openssh server installation

Add OpenSSH cab file extracted from Windows FOD iso
This commit is contained in:
adisbladis 2020-01-30 22:53:17 +00:00 committed by Stephan Maka
parent 51f93e5852
commit b410bd6b35
5 changed files with 40 additions and 27 deletions

View File

@ -14,6 +14,7 @@
, timeZone ? "UTC" , timeZone ? "UTC"
, services ? {} , services ? {}
, impureShellCommands ? [] , impureShellCommands ? []
, driveLetter ? "F:"
, ... , ...
}: }:
@ -43,18 +44,12 @@ let
in lib.concatStringsSep "\n" commands) (v.sshKeys or [])) users); in lib.concatStringsSep "\n" commands) (v.sshKeys or [])) users);
mkDirsDesc = builtins.map (c: {Path = c; Description = "Make SSH key dir";}) makeDirs; mkDirsDesc = builtins.map (c: {Path = c; Description = "Make SSH key dir";}) makeDirs;
writeKeysDesc = builtins.map (c: {Path = c; Description = "Add SSH key";}) writeKeys; writeKeysDesc = builtins.map (c: {Path = c; Description = "Add SSH key";}) writeKeys;
in mkDirsDesc ++ writeKeysDesc ++ [ in
# mkDirsDesc ++ writeKeysDesc ++
[
{ {
Path = ''powershell.exe Register-PSRepository -Name bootstraprepo -SourceLocation F:\files''; Path = ''powershell.exe Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 -Source ${driveLetter}\fod -LimitAccess'';
Description = "Local powershell repo import"; Description = "Add OpenSSH service.";
}
{
Path = ''powershell.exe Install-Module -Repository bootstraprepo -Force OpenSSHUtils -Scope AllUsers'';
Description = "Install Openssh.";
}
{
Path = "powershell.exe Start-Service sshd";
Description = "Now start the sshd service.";
} }
{ {
Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic''; Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic'';
@ -73,14 +68,14 @@ let
] ]
++ [ ++ [
{ {
Path = ''powershell.exe F:\win-bundle-installer.exe''; Path = ''powershell.exe ${driveLetter}\win-bundle-installer.exe'';
Description = "Install any declared packages."; Description = "Install any declared packages.";
} }
] ]
++ setupCommands ++ setupCommands
++ [ ++ [
{ {
Path = ''powershell.exe F:\ssh-setup.ps1''; Path = ''powershell.exe ${driveLetter}\ssh-setup.ps1'';
Description = "Setup SSH and keys"; Description = "Setup SSH and keys";
} }
] ]

View File

@ -15,9 +15,9 @@ win.makeWindowsImage {
# User accounts # User accounts
users = { users = {
artiq = { artiq = {
sshKeys = [ # sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir" # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir"
]; # ];
password = "1234"; password = "1234";
# description = "Default user"; # description = "Default user";
# displayName = "Display name"; # displayName = "Display name";

View File

@ -0,0 +1 @@
This file is not publicaly acessible anywhere so had to be extracted from a connected instance

Binary file not shown.

View File

@ -33,6 +33,26 @@ let
sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a"; sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
}; };
openSshServerPackage = ./openssh/server-package.cab;
# pkgs.fetchurl {
# name = "OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab";
# url = "http://download.windowsupdate.com/c/msdownload/update/software/updt/2018/04/openssh-server-package~31bf3856ad364e35~amd64~~_b264949145379b61d55448ed2625916457f701ba.cab";
# sha256 = "1pzaz2i7x05ki6gq7yxh0j4c1l6r57hawl3ggkji0r83wzrmh7ps";
# };
# openSshClientPackage = pkgs.fetchurl {
# name = "OpenSSH-Client-Package-31bf3856ad364e35-AMD64.cab";
# url = "http://download.windowsupdate.com/d/msdownload/update/software/updt/2018/04/openssh-client-package~31bf3856ad364e35~amd64~~_715b60a3869c393e0c03fd5683fe88c6f155ce28.cab";
# sha256 = "1rfdh2b47y27smy91g19s82cfwp8x5wg2iri95b8ndi9mplyfqdd";
# };
# Note: We're not using this one but keep around as a reference since microsoft makes it near impossible to find
# URLs for these kind of things
# fodIso = pkgs.fetchurl {
# url = "https://software-download.microsoft.com/download/pr/17763.1.180914-1434.rs5_release_amd64fre_SERVER-FOD-PACKAGES_OEM_amd64fre_MULTI.iso";
# sha256 = "009pygycwvfkbm02zycp9zv136qc2lcljjjp0021fjd2kn3mf6k9";
# };
autounattend = import ./autounattend.nix ( autounattend = import ./autounattend.nix (
attrs // { attrs // {
inherit pkgs; inherit pkgs;
@ -45,12 +65,6 @@ let
bootstrapPkgs = let bootstrapPkgs = let
winPkgs = import ./pkgs.nix { inherit pkgs; }; winPkgs = import ./pkgs.nix { inherit pkgs; };
opensshutils = pkgs.fetchurl {
name = "opensshutils.nupkg";
url = "https://www.powershellgallery.com/api/v2/package/OpenSSHUtils/1.0.0.1";
sha256 = "11iw0wyi11v684if0nsjgaglxsqnhdn94siq27pd8h34z64l6fq3";
};
nuget = winPkgs.makePkg { nuget = winPkgs.makePkg {
name = "nuget-dll"; name = "nuget-dll";
src = ./nuget/Microsoft.PackageManagement.NuGetProvider.dll; src = ./nuget/Microsoft.PackageManagement.NuGetProvider.dll;
@ -77,17 +91,18 @@ let
runQemuCommand "bootstrap-win-pkgs.img" '' runQemuCommand "bootstrap-win-pkgs.img" ''
mkdir pkgs mkdir pkgs
mkdir pkgs/bootstrap mkdir pkgs/bootstrap
mkdir pkgs/user mkdir pkgs/fod
mkdir pkgs/files
cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")" cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
# Install optional windows features
cp ${openSshServerPackage} pkgs/fod/OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab
# SSH setup script goes here because windows XML parser sucks # SSH setup script goes here because windows XML parser sucks
cp ${autounattend.setupScript} pkgs/ssh-setup.ps1 cp ${autounattend.setupScript} pkgs/ssh-setup.ps1
cp ${nuget} pkgs/bootstrap/00_"$(stripHash "${nuget}")" # cp ${nuget} pkgs/bootstrap/00_"$(stripHash "${nuget}")"
cp ${opensshutils} pkgs/bootstrap/01_"$(stripHash "${opensshutils}")" # cp ${anaconda} pkgs/bootstrap/00_"$(stripHash "${anaconda}")"
cp ${anaconda} pkgs/bootstrap/02_"$(stripHash "${anaconda}")"
${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)} ${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)}
@ -123,6 +138,8 @@ let
"id=virtio-win,file=${bootstrapPkgs},if=none,format=raw,readonly=on" "id=virtio-win,file=${bootstrapPkgs},if=none,format=raw,readonly=on"
"-device" "-device"
"usb-storage,drive=virtio-win" "usb-storage,drive=virtio-win"
# "CD" drive with windows features-on-demand
# "-cdrom" "${fodIso}"
] ++ lib.optional (!impureMode) "-nographic"; ] ++ lib.optional (!impureMode) "-nographic";
in in
'' ''