Prefix and proxy

[daxgames]

Ability to disable BITS so scripts can fail instead of hanging. Replaces: #85

Powershell download function with proxy support and less code duplication. Replaces: #85

• Add ps1_download [url] [filename] function to floppy/_packer_config.cmd
• Call ps1_download [url] [filename] function from floppy/_packer_config.cmd in all scripts that use Powershell for downloads.
• http_proxy and no_proxy support for use in corporate environments.
  • Add HideWirelessSetupInOOBE to Windows 10 Autounattend.xml files. Necessary to make installs behind proxy unattended.
  • Add proxy config to a floppy\_packer_config[variable].cmd and it will be processed.

    set proxy=[proxy_ip]:[proxy_port]
    if defined proxy (
    echo ==^> Setting HTTP Proxy....
    echo ==^> HTTP Proxy Set to %proxy%
    set http_proxy=http://%proxy%
    set https_proxy=http://%proxy%
    set no_proxy=[host1,host2,host3]
    )

User customization without forking

Note: Does not affect existing make commands if PREFIX is not set.

Users can clone boxcutter/windows and make user specific copies of Packer templates, scripts and configs they can edit that are ignored by git.

• Packer *.json template files can be symlinks to files in another repo.
• Files in floppy and script cannot be symlinks but can be links to files in other repos.

This adds flexibility to customixe and to easily sync with the upstream repo at any time!

cp eval-win10x64-enterprise.json [company].eval-win10x64-enterprise.json
make PREFIX=[company]. [company].[target]
rm -rf output-virtualbox-iso
mkdir -p box/virtualbox
packer build -on-error=cleanup -only=virtualbox-iso -var 'version=1.0.4' -var 'update=false' -var 'headless=false' -var "shutdown_command=shutdown /s /t 10 /f /d p:4:1 /c Packer_Shutdown" -var "iso_url=file://./iso/win10x64.iso" -var "iso_checksum=a4ea45ec1282e85fc84af49acf7a8d649c31ac5c" [company].eval-win10x64-enterprise.json

• Add $(PREFIX) to the Makefile
  • Run make PREFIX=[company]. [company].[target] to build from [company].target.json
• Add user customization ignores to the .gitignore floppy and script folders:
  • *.*.json
  • floppy/*.*.*
  • script/*.*.*

Fix build errors in Virtualbox for Windows 10 and 2012

• Remove "VBoxInternal/CPUM/CMPXCHG16B", from Packer json files.

[daxgames]

@annawake @misheska Any thoughts on this? This does not change building Windows images with Boxcutter/Windows syntax all will work as before with some enhancements. Other changes are in the description of the PR.

I use it as follows:

I have a repo in Github with my customizations that are business specific:

• floppy/*
  • Scripts - Proxy Settings
  • SSL Certs - Required to get to the internet so I can build. (IT Security Requiremnt)
• scripts/*
  • Any business specific custom script that should not be in this repo.
• Makefile.local
• Packer Templates
• link_repos.sh
  • Clones boxcutter/windows to ../boxcutter_windows
  • Symlinks required files/folders from my repo into boxcutter_windows/*
  • These links are added to the boxcutter\windows\.gitignore by this PR.
  • Links required files from [my repo]/floppy into boxcutter_windows/floppy/*
  • Symlinks don't work here
  • Links required files from [my repo]/scripts into boxcutter_windows/scripts/*
  • Symlinks don't work here

I can now use boxcutter/windows unmodified with my user customizations that have no business being in your repo and everything is still in source control.

I think this is a great add to this project for users that need user customizations and don't want to fork and keep their personal repo synched with this repo.

[arizvisa]

@daxgames, I'll look more into this PR once I get some status on some of the other PRs that add minor enhancements as this one changes some things and adds some capabilities that could have some potential side effects. Thanks for your patience.

[arizvisa]

So it seems that there are a number of things in this PR. Here's what I've got, let me know what I missed.

1. Bits can be disabled...well because its busted
2. packer_config.cmd has proxy support added.
3. packer_config.cmd now lets people choose which method to use for downloading
4. Some of the scripts which are calling powershell directly (cygwin.bat, openssh.bat, etc.) have been fixed to use packer_config.cmd for downloading (which is the right way anyways)
5. The Windows-10 templates have the wireless setup disabled so you don't get notified at startup (?)
6. packer_config.cmd is being copied to the target so it can be also be used during provisionining
7. The cmpxchg16b patch from commit 14e341ce9e9e716bc02785f41c802b7668823752 is being removed from some of the templates for virtualbox (is this not a problem anymore for virtualbox6?)
8. Users can now specify a prefix for their templates if a template is specific to some context/company

If you're not too interested in getting the whole thing merged, lmk and I'll see what we can take.

[daxgames]

Wow, I wrote all this a really long time ago.

So it seems that there are a number of things in this PR. Here's what I've got, let me know what I missed.

1. Bits can be disabled...well because its busted

Yes - It might be more elegant to allow this as a make argument to disable bits. Like I did with the other PR for CM_LICENSED because its not REALLY Packer config.

2. packer_config.cmd has proxy support added.

I would say Powershell download has proxy support added.

3. packer_config.cmd now lets people choose which method to use for downloading

Not really, it will still try _download.cmd unless you mean we can now disable bitsadmin

4. Some of the scripts which are calling powershell directly (cygwin.bat, openssh.bat, etc.) have been fixed to use packer_config.cmd for downloading (which is the right way anyways)

This was just an effort to reduce code duplication without adding another _ps1_download.cmd

5. The Windows-10 templates have the wireless setup disabled so you don't get notified at startup (?)

Yes

6. packer_config.cmd is being copied to the target so it can be also be used during provisionining

Yes - and it is cleaned up at the end.

7. The cmpxchg16b patch from commit 14e341c is being removed from some of the templates for virtualbox (is this not a problem anymore for virtualbox6?)

This is probably outdated and needs to use whatever is in master today

8. Users can now specify a prefix for their templates if a template is specific to some context/company

Yes

If you're not too interested in getting the whole thing merged, lmk and I'll see what we can take.

I would like to see it all merged as it is backward compatible and could be useful for others. I can't be the only person that tried to use this in a corporate env behind a proxy, with man in the middle ssl certs , that made this repo impossible to use. As you have probably noticed I am obsessed with backward compatibility and not breaking/removing existing functionality.

I could break it up into smaller PRs if that would help

[daxgames]

Did I mention I am excited to see this repo getting some love. It has been ignored for too long.

[daxgames]

Might also want to figure out a way to implement this

[arizvisa]

Yeah, if you have the time to break it up into smaller pieces that'd be more welcomed. I can't guarantee I'll merge all of them, though. Things like configuring a proxy when provisioning are legit features that I'd really like to incorporate. But yeah, I was actually going to break it down myself if you don't since the community here has slowly been dying and the original maintainers have moved towards developing more on https://github.com/boxcutter/windows-ps which is more powershell-oriented.

Some parts of this PR are distinctly separate features that I think warrant their own PR. It'd not only be easier to merge but also easier to determine whether some PRs are fine being simple fixes, or actually deserve extending in their respective direction.

Like wrt some of the bitsadmin stuff, for example, I'd like to phase bitsadmin out entirely if possible since it's so unreliable. However, if it ends not possible, then maybe only use it for the older templates that require it. So I might be hesitant to immediately merge bitsadmin patches as one can expect that to change in the future.. So PRs in similar areas that people have asked for features on, might not make it through as a short PR since they'dlikely be more project-oriented

Totally agreed wrt corporate environments. I work in infosec so I have to maintain my own fork of this that self-hosts things due to not being able to route. But that's why I offered to help maintain this project as I've had to do a lot of little tricks to get things working and to incorporate it into my own tools. I still think it's a good base, however. Just needs to be refined.

[arizvisa]

Ah. With regards to that PR comment you linked, I'll track that in issue #124 where 2xyo first requested it. Thanks for the heads up.

[daxgames]

Closing in preference to split PRs #228, #229, and #230