NetPerfTest-Linux/SetupTearDown.ps1 at main · esgama107/NetPerfTest-Linux · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<#
.SYNOPSIS
    Set up (or clean up) PSRemoting on this computer. Setup up option will enable OpenSSH Server, Firewall and setup the machine to be able to run ps commands programmatically
    Cleanup up option will disbable OpenSSH Server and perform other tasks that were done during setup like disable ufw firewall, delete remoting specific firewall rules, etc.

.PARAMETER Setup
    This Switch will trigger the setup calls which ends up starting the OpenSSH Server service and enable powershell remoting via SSH and opens up remoting via the firewall

.PARAMETER Cleanup
    This switch triggers the cleanup path which disables OpenSSH Server, removes the firewall rules that were created earlier for remoting

.PARAMETER Port
    The port that the SSH Server will listen on. Default is 5985.

.PARAMETER PassAuth
    Required Parameter. Get the password of this computer to modify firewall permissions.

    .DESCRIPTION
    Run this script to setup your machine for PS Remoting so that you can leverage the functionality of runPerfTool.psm1
    Run this script at the end of the tool runs to restore state on the machines.
    Ex: SetupTearDown.ps1 -Setup or SetupTearDown.ps1 -Cleanup
#>
Param(
    [switch] $Setup,
    [switch] $Cleanup,
    [Parameter(Mandatory=$False)]  $Port=5985,
    [Parameter(Mandatory=$False)] [bool] $PassAuth
)

Function SetupRemoting{
    param(
        [Parameter(Mandatory=$False)]  $Port=5985,
        [Parameter(Mandatory=$False)] [bool] $PassAuth
    )

    Write-Host "Installing PSRemoting via SSH on this computer..."
    Write-Host "Editing sshd_config file to allow for public key and password authentication for port $Port"
    # edit sshd_config to listen to port and allow public key and password authentication
    sed -i "s/#\?\(PubkeyAuthentication\s*\).*$/\1yes/" /etc/ssh/sshd_config
    if ($PassAuth)
    {
        sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1yes/' /etc/ssh/sshd_config
    }
    sed -i "s/#\?\(Port\s*\).*$/\1$Port/" /etc/ssh/sshd_config
    # allow for powershell remoting via ssh
    $pwshCommand = Get-Content -Path /etc/ssh/sshd_config | Where-Object {$_.Contains("Subsystem powershell /usr/bin/pwsh -sshs -NoLogo")}
    if ([string]::IsNullOrEmpty($pwshCommand)) {
        if (Test-Path -Path /usr/bin/pwsh) {
            Write-Output "Subsystem powershell /usr/bin/pwsh -sshs -NoLogo" | sudo tee -a /etc/ssh/sshd_config | Out-Null
        } else {
            $pwshPath = which pwsh
            Write-Output "Subsystem powershell $pwshPath -sshs -NoLogo" | sudo tee -a /etc/ssh/sshd_config | Out-Null
        }
    }
    Write-Host "Starting OpenSSH Server"
    # restart ssh server
    service sshd restart | Out-Null
    Write-Host "Enabling firewall and allowing ssh service from port $Port"
    # enable ssh server and listening port
    ufw enable | Out-Null
    ufw allow ssh | Out-Null
    ufw allow $Port/tcp | Out-Null
    Copy-Item -Path "./ncps/rc.local" -Destination "/etc/rc.local"
    echo "`n*   soft    nofile  1048575 `n*   hard    nofile  1048575 " >> /etc/security/limits.conf
    chmod +x /etc/rc.local
} # SetupRemoting()


Function CleanupRemoting{
    param(
        [Parameter(Mandatory=$False)]  $Port=5985
    )
    Write-Host "Disabling PSRemoting via SSH on this computer..."
    Write-Host "Editing sshd_config file to allow for public key and password authentication to default port"
    # edit ssh server to listen to default port of 22
    sed -i 's/#\?\(Port\s*\).*$/\122/' /etc/ssh/sshd_config
    # restart and stop sshd server
    service sshd restart | Out-Null
    Write-Host "Stopping Open-SSH Server service"
    service sshd stop | Out-Null
    # delete ssh and port firewall rules
    Write-Host "Deleting firewall rule that allows ssh service from port $Port"
    ufw delete allow $Port/tcp | Out-Null
    ufw delete allow ssh | Out-Null
} # CleanupRemoting()

#Main-function
function main {
    try {
        if($Setup.IsPresent) {
            SetupRemoting -Port $Port -PassAuth $PassAuth
        } elseif($Cleanup.IsPresent) {
            CleanupRemoting -Port $Port
        } else {
            Write-Host "Exiting.. as neither the setup nor cleanup flag was passed"
        }
    } # end try
    catch {
       Write-Host "Exception $($_.Exception.Message) in $($MyInvocation.MyCommand.Name)"
    }
}

#Entry point
main @PSBoundParameters