forked from M-Labs/wfvm
install openssh from github
this removes the need for the windows version's OpenSSH.Server feature-on-demand package which is not publicly available. fixes gitea issue #6 <M-Labs/wfvm#6>
This commit is contained in:
parent
07813c3c4f
commit
110fe11f00
@ -50,12 +50,8 @@ let
|
||||
# mkDirsDesc ++ writeKeysDesc ++
|
||||
[
|
||||
{
|
||||
Path = ''powershell.exe Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 -Source ${driveLetter}\fod -LimitAccess'';
|
||||
Description = "Add OpenSSH service.";
|
||||
}
|
||||
{
|
||||
Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic'';
|
||||
Description = "Enable SSH by default.";
|
||||
Path = ''powershell.exe ${driveLetter}\install-ssh.ps1'';
|
||||
Description = "Install OpenSSH service.";
|
||||
}
|
||||
];
|
||||
|
||||
@ -77,7 +73,7 @@ let
|
||||
++ setupCommands
|
||||
++ [
|
||||
{
|
||||
Path = ''powershell.exe ${driveLetter}\ssh-setup.ps1'';
|
||||
Path = ''powershell.exe ${driveLetter}\setup.ps1'';
|
||||
Description = "Setup SSH and keys";
|
||||
}
|
||||
]
|
||||
@ -314,7 +310,7 @@ in {
|
||||
'';
|
||||
|
||||
# autounattend.xml is _super_ picky about quotes and other things
|
||||
setupScript = pkgs.writeText "ssh-setup.ps1" (
|
||||
setupScript = pkgs.writeText "setup.ps1" (
|
||||
''
|
||||
# Setup SSH and keys
|
||||
'' +
|
||||
|
42
wfvm/install-ssh.ps1
Normal file
42
wfvm/install-ssh.ps1
Normal file
@ -0,0 +1,42 @@
|
||||
Write-Host "Expanding OpenSSH"
|
||||
Expand-Archive D:\OpenSSH-Win64.zip C:\
|
||||
|
||||
Push-Location C:\OpenSSH-Win64
|
||||
|
||||
Write-Host "Installing OpenSSH"
|
||||
& .\install-sshd.ps1
|
||||
|
||||
Write-Host "Generating host keys"
|
||||
.\ssh-keygen.exe -A
|
||||
|
||||
Write-Host "Fixing host file permissions"
|
||||
& .\FixHostFilePermissions.ps1 -Confirm:$false
|
||||
|
||||
Write-Host "Fixing user file permissions"
|
||||
& .\FixUserFilePermissions.ps1 -Confirm:$false
|
||||
|
||||
Pop-Location
|
||||
|
||||
$newPath = 'C:\OpenSSH-Win64;' + [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Machine)
|
||||
[Environment]::SetEnvironmentVariable("PATH", $newPath, [EnvironmentVariableTarget]::Machine)
|
||||
|
||||
#Write-Host "Adding public key to authorized_keys"
|
||||
#$keyPath = "~\.ssh\authorized_keys"
|
||||
#New-Item -Type Directory ~\.ssh > $null
|
||||
#$sshKey | Out-File $keyPath -Encoding Ascii
|
||||
|
||||
Write-Host "Opening firewall port 22"
|
||||
New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH
|
||||
|
||||
Write-Host "Setting sshd service startup type to 'Automatic'"
|
||||
Set-Service sshd -StartupType Automatic
|
||||
Set-Service ssh-agent -StartupType Automatic
|
||||
Write-Host "Setting sshd service restart behavior"
|
||||
sc.exe failure sshd reset= 86400 actions= restart/500
|
||||
|
||||
#Write-Host "Configuring sshd"
|
||||
#(Get-Content C:\ProgramData\ssh\sshd_config).replace('#TCPKeepAlive yes', 'TCPKeepAlive yes').replace('#ClientAliveInterval 0', 'ClientAliveInterval 300').replace('#ClientAliveCountMax 3', 'ClientAliveCountMax 3') | Set-Content C:\ProgramData\ssh\sshd_config
|
||||
|
||||
Write-Host "Starting sshd service"
|
||||
Start-Service sshd
|
||||
Start-Service ssh-agent
|
@ -1 +0,0 @@
|
||||
This file is not publicaly acessible anywhere so had to be extracted from a connected instance
|
Binary file not shown.
12
wfvm/win.nix
12
wfvm/win.nix
@ -47,7 +47,10 @@ let
|
||||
sha256 = "11n3kjyawiwacmi3jmfmn311g9xvfn6m0ccdwnjxw1brzb4kqaxg";
|
||||
};
|
||||
|
||||
openSshServerPackage = ./openssh/server-package.cab;
|
||||
openSshServerPackage = pkgs.fetchurl {
|
||||
url = "https://github.com/PowerShell/Win32-OpenSSH/releases/download/V8.6.0.0p1-Beta/OpenSSH-Win64.zip";
|
||||
sha256 = "1dw6n054r0939501dpxfm7ghv21ihmypdx034van8cl21gf1b4lz";
|
||||
};
|
||||
|
||||
autounattend = import ./autounattend.nix (
|
||||
attrs // {
|
||||
@ -69,17 +72,16 @@ let
|
||||
# Packages required to drive installation of other packages
|
||||
bootstrapPkgs =
|
||||
runQemuCommand "bootstrap-win-pkgs.img" ''
|
||||
mkdir -p pkgs/fod
|
||||
|
||||
7z x -y ${virtioWinIso} -opkgs/virtio
|
||||
|
||||
cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
|
||||
|
||||
# Install optional windows features
|
||||
cp ${openSshServerPackage} pkgs/fod/OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab
|
||||
cp ${openSshServerPackage} pkgs/OpenSSH-Win64.zip
|
||||
|
||||
# SSH setup script goes here because windows XML parser sucks
|
||||
cp ${autounattend.setupScript} pkgs/ssh-setup.ps1
|
||||
cp ${./install-ssh.ps1} pkgs/install-ssh.ps1
|
||||
cp ${autounattend.setupScript} pkgs/setup.ps1
|
||||
|
||||
virt-make-fs --partition --type=fat pkgs/ $out
|
||||
'';
|
||||
|
Loading…
Reference in New Issue
Block a user