ethan-s
9/28/2016 - 2:49 PM
Setup Chocolatey.Server simply and easily by getting and configuring the IIS requirements (for IIS7.5 and higher) and replacing the default
Setup Chocolatey.Server simply and easily by getting and configuring the IIS requirements (for IIS7.5 and higher) and replacing the default site.
# Boxstarter options
$Boxstarter.RebootOk=$true # Allow reboots?
$Boxstarter.NoPassword=$false # Is this a machine with no login password?
$Boxstarter.AutoLogin=$true # Save my password securely and auto-login after a reboot
# Unrestricted is only good for testing, don't use that in production
Update-ExecutionPolicy RemoteSigned
Disable-InternetExplorerESC
Disable-UAC
#Enable-RemoteDesktop
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles
#Install IIS and needed features
cinst IIS-WebServerRole -Source WindowsFeatures
cinst IIS-WebServer -Source WindowsFeatures # This will pull in a bunch of other things
cinst IIS-Metabase -Source WindowsFeatures
cinst IIS-BasicAuthentication -Source WindowsFeatures
cinst IIS-ISAPIExtensions -Source WindowsFeatures
cinst IIS-ISAPIFilter -Source WindowsFeatures
cinst IIS-NetFxExtensibility -Source WindowsFeatures
cinst IIS-NetFxExtensibility45 -Source WindowsFeatures #2012 only
cinst IIS-ASPNET -Source WindowsFeatures
cinst IIS-ASPNET45 -Source WindowsFeatures #2012 only
cinst chocolatey.server #the server package we'll copy to IIS
$webToolsDir = "C:\ProgramData\chocolatey\lib\chocolatey.server\tools\chocolatey.server\*"
$webInstallDir = "C:\inetpub\wwwroot"
Copy-Item $webToolsDir $webInstallDir -recurse -force
$projectName = "ChocolateyServer"
Import-Module WebAdministration
Remove-WebSite -Name "Default Web Site" -ErrorAction SilentlyContinue
Remove-WebSite -Name "$projectName" -ErrorAction SilentlyContinue
New-WebSite -ID 1 -Name "$projectName" -Port 80 -PhysicalPath "$webInstallDir" -Force
Import-Module WebAdministration
$appPoolPath = "IIS:\AppPools\$projectName"
#$pool = new-object
Write-Warning "You can safely ignore the next error if it occurs related to getting an app pool that doesn't exist"
$pool = Get-Item $appPoolPath
if ($pool -eq $null) {
Write-Host "Creating the app pool `'$appPoolPath`'"
$pool = New-Item $appPoolPath
}
# Set appropriate permissions for automatic pool user
$pool | Set-Item
Set-itemproperty $appPoolPath -Name "managedRuntimeVersion" -Value "v4.0"
#Set-itemproperty $appPoolPath -Name "managedPipelineMode" -Value "Integrated"
# For IIS7 or IIS6 use this instead of the IIS AppPool below
#$networkSvc = 'NT AUTHORITY\NETWORK SERVICE'
# After IIS7 they moved towards AppPool permissions
# http://www.iis.net/learn/manage/configuring-security/application-pool-identities
$networkSvc = "IIS AppPool\$projectName"
Write-Host "Setting folder permissions on `'$webInstallDir`' to 'Read' for user $networkSvc"
$acl = Get-Acl $webInstallDir
$acl.SetAccessRuleProtection($False, $True)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$networkSvc","Read", "ContainerInherit, ObjectInherit", "None", "Allow");
$acl.AddAccessRule($rule);
Set-Acl $webInstallDir $acl
$webInstallAppDataDir = Join-Path $webInstallDir 'App_Data'
Write-Host "Setting folder permissions on `'$webInstallAppDataDir`' to 'Modify' for user $networkSvc"
$acl = Get-Acl $webInstallAppDataDir
$acl.SetAccessRuleProtection($False, $True)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$networkSvc","Modify", "ContainerInherit, ObjectInherit", "None", "Allow");
$acl.AddAccessRule($rule);
Set-Acl $webInstallAppDataDir $acl
# Start pool after permissions set
Start-WebAppPool "$projectName"
Write-Host "Creating the site `'$projectName`' with appPool `'$projectName`'"
New-WebApplication "$projectName" -Site "$projectName" -PhysicalPath $srcDir -ApplicationPool "$projectName" -Force
& START http://localhost