我目前正在设置自动扩展IIS网络服务器,需要通过powershell脚本自动安装和配置以下内容:
此致
利安
答案 0 :(得分:12)
我只是想我分享一个PowerShell脚本,当我遇到AWS ELB的情况,我需要安装IIS,URL重写,git并克隆存储库时,我将这些脚本全部放在一起。
echo "Installing web-webserver"
powershell.exe add-windowsfeature web-webserver -includeallsubfeature -logpath $env:temp\webserver_addrole.log
echo "Installing web-mgmt-tools"
powershell.exe add-windowsfeature web-mgmt-tools -includeallsubfeature -logpath $env:temp\mgmttools_addrole.log
echo "Creating C:\inetpub\wwwroot\example.com\"
$TestApplicationroot = Test-Path C:\inetpub\wwwroot\example.com
if (! $TestApplicationroot) {
mkdir C:\inetpub\wwwroot\example.com
}
echo "GIT: Installing Chocolatey"
(new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1') | iex
echo "GIT: Installing Git"
cinst git
echo "GIT: Setting enviroment path"
$env:path += ";" + (Get-Item "Env:ProgramFiles(x86)").Value + "\Git\bin"
echo "GIT: Installing poshgit"
cinst poshgit
echo "GIT: Installing UrlRewrite"
cinst UrlRewrite
echo "GIT: Installing git-credential-winstore"
cinst git-credential-winstore
.\CredMan.ps1 -AddCred -Target 'git:https://gitrespos.org' -User 'TestApplication' -Pass 'TestApplicationPassword'
echo "GIT: Cloning TestApplication1 code"
cd C:\inetpub\wwwroot\example.com\
git clone "https://gitrespos.org/Username/TestApplication1.git"
import-module webadministration
echo "Creating new website"
new-website -name "example.com" -port 80 -physicalpath c:\inetpub\wwwroot\example.com -ApplicationPool ".NET v4.5" -force
Echo "Importing SSL certificate"
$mypwd = ConvertTo-SecureString -String "SSLCertificate password" -Force –AsPlainText
Import-PfxCertificate –FilePath .\certificate.pfx cert:\localMachine\my -Password $mypwd
New-WebBinding -Name "example.com" -IP "*" -Port 443 -Protocol https
echo "Assigning SSL certificate"
cd IIS:\SslBindings
$cert = Get-Item cert:\LocalMachine\My\THUMB-OF-SSL-CERTIFICATE
$cert |New-Item 0.0.0.0!443
echo "Adding application pools TestApplication1"
New-Item 'IIS:\Sites\example.com\TestApplication1' -physicalPath "C:\inetpub\wwwroot\example.com\TestApplication1" -type Application
echo "Removing Default Web Site"
remove-website -name "Default Web Site"
Start-Sleep -s 10
echo "Starting example.com website"
start-website -name "example.com"
您可以从以下链接下载CredMan.ps1 http://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde
您需要先在服务器上运行以下内容,然后在服务器上找到证书的Thumb,并记下指纹,因为它在您将证书导入到的每台服务器上都是相同的:
get-ChildItem cert:\LocalMachine\My
我希望这对你们中的一些人有所帮助,因为我花了几天时间才想出不同的问题。
此致
利安
答案 1 :(得分:12)
这是完整的代码,导入pfx,添加iis网站,添加ssl绑定:
$certPath = 'c:\cert.pfx'
$CertificatePassword = '1234'
$SiteName = "MySite"
$HostName = "localhost"
$SiteFolder = Join-Path -Path 'C:\inetpub\wwwroot' -ChildPath $SiteName
Write-Host 'Import pfx certificate' $certPath
$certRootStore = “LocalMachine”
$certStore = "My"
$pfx = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$pfx.Import($certPath,$CertificatePassword,"Exportable,PersistKeySet")
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store($certStore,$certRootStore)
$store.Open('ReadWrite')
$store.Add($pfx)
$store.Close()
$certThumbprint = $pfx.Thumbprint
Write-Host 'Add website' $SiteName
New-WebSite -Name $SiteName -PhysicalPath $SiteFolder -Force
$IISSite = "IIS:\Sites\$SiteName"
Set-ItemProperty $IISSite -name Bindings -value @{protocol="https";bindingInformation="*:443:$HostName"}
if($applicationPool) { Set-ItemProperty $IISSite -name ApplicationPool -value $applicationPool}
Write-Host 'Bind certificate with Thumbprint' $certThumbprint
$obj = get-webconfiguration "//sites/site[@name='$SiteName']"
$binding = $obj.bindings.Collection[0]
$method = $binding.Methods["AddSslCertificate"]
$methodInstance = $method.CreateInstance()
$methodInstance.Input.SetAttributeValue("certificateHash", $certThumbprint)
$methodInstance.Input.SetAttributeValue("certificateStoreName", $certStore)
$methodInstance.Execute()
答案 2 :(得分:0)
查看Carbon模块(免责声明:我是Carbon的所有者/维护者)。它具有执行IIS和SSL配置以及安装MSI的功能。可悲的是,你必须自己弄明白Git。 (我建议切换到Mercurial。:-))