Geneset Tag dbosoft/starter-food/1.3

linux-starter
Architecture: any
linux-starter
Architecture: any
win-starter
Architecture: any
win-starter
Architecture: any
name: win-starter

variables:
  - name: AdminUsername
    value: Admin
    required: true
  - name: AdminPassword
    required: true
    secret: true
    value: InitialPassw0rd

fodder:
- name: admin-windows
  type: cloud-config
  secret: true
  content: |
    users:
      - name: {{ AdminUsername }}
        groups: [ "Administrators" ]
        passwd: {{ AdminPassword }}

- name: remote-desktop
  type: shellscript
  fileName: enable_rd.ps1  #this is only required due to a bug in cloudbase-init
  content: |
    Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\" -Name "fDenyTSConnections" -Value 0
    Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\" -Name "UserAuthentication" -Value 1
    Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

- name: ssh-server
  type: shellscript
  fileName: enable_sshd.ps1  #this is only required due to a bug in cloudbase-init
  content: |
    $cap = Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH.Server*'
    if(-not $cap){
      Write-Output "OpenSSH Server capability not found. No SSH Server will be installed."
      exit 0
    }
    
    $cap | Add-WindowsCapability -Online
    
    # make sure the sshd service is exists.
    if (!(Get-Service sshd -ErrorAction SilentlyContinue)) {
      Write-Output "sshd service does not exist, you may have to install OpenSSH manually."
      exit -1
    }

    # Start the sshd service
    Start-Service sshd

    # OPTIONAL but recommended:
    Set-Service -Name sshd -StartupType 'Automatic'

    # Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
    if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
      Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
      New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
    } else {
      Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
    }