Reframed Install Process - dir org change

.gitignore

@@ -1,5 +1,8 @@
-bt-autoscaler/.terraform/
+*.terraform*
 esoteric-parsec*json
 *.tfstate*
 *terraform-provider*
 *.deb
+*license.json
+*history*
+*functions.ps1

bt-autoscaler/terraform/gcp/root/central/terraform.tfvars.json

@@ -4,11 +4,14 @@
   "zone": "europe-west1-d",
   "private_network": "projects/esoteric-parsec-243510/global/networks/default",
   "database_version": "POSTGRES_9_6",
+  "db_tier": "db-g1-small",
+  "file_tier": "BASIC_HDD",
   "vm_type": "e2-highmem-4",
   "min_cpu": "Intel Skylake",
   "image": "gce-uefi-images/windows-2019",
   "disk_type": "pd-ssd",
   "availability_type": "REGIONAL",
+  "db_user": "postgres",
   "user_name": "qlikadmin",
   "user_password": "Qlik1234!"
 }

bt-autoscaler/terraform/gcp/root/central/variables.tf

@@ -20,6 +20,18 @@ variable "tier" {
   default     = "db-f1-micro"
 }
 
+variable "db_tier" {
+  description = "The tier for the primary SQL instance."
+  type        = string
+  default     = "db-f1-micro"
+}
+
+variable "file_tier" {
+  description = "The tier for the Filestore instance."
+  type        = string
+  default     = "BASIC_HDD"
+}
+
 variable "zone" {
   type        = string
   description = "Zone target"
@@ -93,6 +105,12 @@ variable "private_network" {
   default     = "projects/esoteric-parsec-243510/global/networks/private-network"
 }
 
+variable "db_user" {
+  description = "The name of the DB user"
+  type        = string
+  default     = "postgres"
+}
+
 variable "user_name" {
   description = "The name of the default user"
   type        = string

bt-autoscaler/terraform/gcp/root/file/terraform.tfvars.json

@@ -4,11 +4,14 @@
   "zone": "europe-west1-d",
   "private_network": "projects/esoteric-parsec-243510/global/networks/default",
   "database_version": "POSTGRES_9_6",
+  "db_tier": "db-g1-small",
+  "file_tier": "BASIC_HDD",
   "vm_type": "e2-highmem-4",
   "min_cpu": "Intel Skylake",
   "image": "gce-uefi-images/windows-2019",
   "disk_type": "pd-ssd",
   "availability_type": "REGIONAL",
+  "db_user": "postgres",
   "user_name": "qlikadmin",
   "user_password": "Qlik1234!"
 }

bt-autoscaler/terraform/gcp/root/file/variables.tf

@@ -31,6 +31,30 @@ variable "zone" {
   description = "Zone target"
 }
 
+variable "disk_type" {
+  description = "GCE Boot/Attached Disk Type"
+  type        = string
+  default     = "pd-ssd"
+}
+
+variable "min_cpu" {
+  description = "GCE Minimum CPU Family"
+  type        = string
+  default     = "AMD Rome "
+}
+
+variable "image" {
+  description = "Path to GCE Image Type"
+  type        = string
+  default     = "windows-2019/windows-server-2019-dc-v20200908"
+}
+
+variable "vm_type" {
+  description = "The GCE machine type"
+  type        = string
+  default     = "n2d-highmem-8"
+}
+
 variable "availability_type" {
   description = "The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`."
   type        = string
@@ -75,18 +99,18 @@ variable "private_network" {
   default = "projects/esoteric-parsec-243510/global/networks/private-network"
 }
 
-variable "db_user" {
-  description = "The name of the DB user"
-  type        = string
-  default     = "postgres"
-}
-
 variable "user_name" {
   description = "The name of the default user"
   type        = string
   default     = "default"
 }
 
+variable "db_user" {
+  description = "The name of the DB user"
+  type        = string
+  default     = "postgres"
+}
+
 variable "user_password" {
   description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable."
   type        = string

bt-autoscaler/terraform/gcp/root/psql/main.tf

@@ -1,7 +1,7 @@
 ### Main TF - split pSQL to a module
 ##
 
-provider "google" {
+provider "google-beta" {
   credentials = file("esoteric-parsec-243510-a8f93bb5a906.json")
   project     = var.project_id
   region      = var.region
@@ -15,6 +15,7 @@ resource "random_id" "db_suffix" {
 
 # Create res for Cloud SQL DB create
 resource "google_sql_database_instance" "qseow-psql" {
+  provider = google-beta
   name             = "qseow-psql-${random_id.db_suffix.hex}"
   project          = var.project_id
   region           = var.region
@@ -41,6 +42,7 @@ resource "google_sql_database_instance" "qseow-psql" {
 ## Use "./destroy.sh" instead of "terraform destroy"
 
 resource "google_sql_user" "users" {
+  provider = google-beta
   instance = google_sql_database_instance.qseow-psql.name
   name     = var.db_user
   password = var.user_password
@@ -57,4 +59,4 @@ resource "null_resource" "db_setup" {
     command = "PGPASSWORD=${google_sql_user.users.password} /usr/bin/psql -h ${google_sql_database_instance.qseow-psql.private_ip_address} -Upostgres --dbname=postgres < qseow_db_setup.sql"
   }
   depends_on = [google_sql_database_instance.qseow-psql, google_sql_user.users]
-}
+}

bt-autoscaler/terraform/gcp/root/psql/qseow_db_setup.sql

@@ -34,4 +34,6 @@ ALTER ROLE qlogs_writer WITH ENCRYPTED PASSWORD 'Qlik1234!';
 GRANT qlogs_users TO qlogs_reader;
 GRANT qlogs_users TO qlogs_writer;
 
-ALTER DATABASE "QLogs" OWNER TO qlogs_writer; --sets qlogs_writer as an owner of QLogs database
+ALTER DATABASE "QLogs" OWNER TO qlogs_writer; --sets qlogs_writer as an owner of QLogs database
+
+SELECT * FROM pg_settings WHERE name = 'max_connections';

bt-autoscaler/terraform/gcp/root/psql/terraform.tfvars.json

@@ -6,6 +6,10 @@
   "database_version": "POSTGRES_9_6",
   "db_tier": "db-g1-small",
   "file_tier": "BASIC_HDD",
+  "vm_type": "e2-highmem-4",
+  "min_cpu": "Intel Skylake",
+  "image": "gce-uefi-images/windows-2019",
+  "disk_type": "pd-ssd",
   "availability_type": "REGIONAL",
   "db_user": "postgres",
   "user_name": "qlikadmin",

bt-autoscaler/terraform/gcp/root/psql/variables.tf

@@ -31,6 +31,30 @@ variable "zone" {
   description = "Zone target"
 }
 
+variable "disk_type" {
+  description = "GCE Boot/Attached Disk Type"
+  type        = string
+  default     = "pd-ssd"
+}
+
+variable "min_cpu" {
+  description = "GCE Minimum CPU Family"
+  type        = string
+  default     = "AMD Rome "
+}
+
+variable "image" {
+  description = "Path to GCE Image Type"
+  type        = string
+  default     = "windows-2019/windows-server-2019-dc-v20200908"
+}
+
+variable "vm_type" {
+  description = "The GCE machine type"
+  type        = string
+  default     = "n2d-highmem-8"
+}
+
 variable "availability_type" {
   description = "The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`."
   type        = string
@@ -75,6 +99,12 @@ variable "private_network" {
   default = "projects/esoteric-parsec-243510/global/networks/private-network"
 }
 
+variable "db_user" {
+  description = "The name of the DB user"
+  type        = string
+  default     = "postgres"
+}
+
 variable "user_name" {
   description = "The name of the default user"
   type        = string

bt-autoscaler/terraform/gcp/root/rim/main.tf

@@ -64,43 +64,11 @@ resource "google_compute_instance" "rim" {
   }
 
   metadata = {
-    windows-startup-script-url = "gs://qliksense/scripts/bootstrap-rim.ps1"
+    windows-startup-script-url = "gs://qliksense/scripts/bootstrap.ps1"
   }
 
   service_account {
     email  = "terraform@esoteric-parsec-243510.iam.gserviceaccount.com"
-    scopes = ["userinfo-email", "compute-ro", "storage-rw"]
+    scopes = ["cloud-platform"]
   }
 }
-# data "google_compute_instance_serial_port" "serial" {
-#   provider = google-beta
-#   instance = google_compute_instance.central.name
-#   zone     = var.zone
-#   port     = 4
-# }
-
-# resource "local_file" "log" {
-#   filename = "${path.module}/tf-deploy.log"
-#   content  = join("\n", "${data.google_compute_instance_serial_port.serial.contents}")
-# }
-
-# resource "null_resource" "bootstrap" {
-
-#   connection {
-#     type     = "winrm"
-#     https    = true
-#     insecure = true
-#     use_ntlm = true
-#     user     = var.user_name
-#     password = var.user_password
-#     host     = google_compute_instance.central.name
-#     timeout  = "20m"
-#   }
-
-#   provisioner "remote-exec" {
-#     inline = [
-#       "powershell.exe -ExecutionPolicy Bypass -File E:\\deploy\\scripts\\win-nfs_client-install.ps1"
-#     ]
-#   }
-
-# }

bt-autoscaler/terraform/gcp/root/rim/terraform.tfvars.json

@@ -6,7 +6,12 @@
   "database_version": "POSTGRES_9_6",
   "db_tier": "db-g1-small",
   "file_tier": "BASIC_HDD",
+  "vm_type": "e2-highmem-4",
+  "min_cpu": "Intel Skylake",
+  "image": "gce-uefi-images/windows-2019",
+  "disk_type": "pd-ssd",
   "availability_type": "REGIONAL",
+  "db_user": "postgres",
   "user_name": "qlikadmin",
   "user_password": "Qlik1234!"
 }

bt-autoscaler/terraform/gcp/root/rim/variables.tf

@@ -20,6 +20,18 @@ variable "tier" {
   default     = "db-f1-micro"
 }
 
+variable "db_tier" {
+  description = "The tier for the primary SQL instance."
+  type        = string
+  default     = "db-f1-micro"
+}
+
+variable "file_tier" {
+  description = "The tier for the Filestore instance."
+  type        = string
+  default     = "BASIC_HDD"
+}
+
 variable "zone" {
   type        = string
   description = "Zone target"
@@ -93,6 +105,12 @@ variable "private_network" {
   default     = "projects/esoteric-parsec-243510/global/networks/private-network"
 }
 
+variable "db_user" {
+  description = "The name of the DB user"
+  type        = string
+  default     = "postgres"
+}
+
 variable "user_name" {
   description = "The name of the default user"
   type        = string

bt-autoscaler/terraform/gcp/scripts/addRim.ps1

@@ -0,0 +1,54 @@
+#!/usr/bin/env pwsh
+#
+
+    # Installing Qlik-CLI
+    # Write-Host "Downloading Qlik-Cli from Github and importing the Module"
+    # Invoke-WebRequest "https://raw.githubusercontent.com/ahaydon/Qlik-Cli/master/Qlik-Cli.psm1" -OutFile $temp\Qlik-Cli.psm1
+    # New-Item -ItemType directory -Path C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Qlik-Cli -force
+    # Move-Item $temp\Qlik-Cli.psm1 C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Qlik-Cli\ -force
+    # Import-Module Qlik-Cli.psm1
+# Export-QlikCertificate -machineNames rim -includeSecretsKey -exportFormat Windows
+
+if ($env:computername -notlike "central-*") {
+  exit 0
+}
+
+$deploy_path = "E:\deploy"
+
+$centralNode = ($env:COMPUTERNAME).ToLower()
+# $centralNode = "central-c01c"
+$newNode = ($env:COMPUTERNAME).ToLower()
+# $newNode = "rim-a8a3"
+
+$qlikID = ".\qlikadmin"
+
+Read-GcsObject -Bucket "qliksense" -ObjectName "certs/rim/client.pfx" -OutFile $deploy_path\certs\rim\client.pfx -Force
+
+Import-PfxCertificate -FilePath $deploy_path\certs\rim\client.pfx -CertStoreLocation Cert:\CurrentUser\My -Exportable
+
+# Connect to Qlik Sense
+Get-ChildItem -Path cert:\CurrentUser\My | Where-Object {$_.Issuer -like "*$centralNode*"} | Connect-Qlik -computername https://"$centralNode":4242 -Username $qlikID | Out-Null
+
+Update-QlikUser -id ($(Get-QlikUser -full -filter "name eq 'qlikadmin'") | Where-Object {$_.userDirectory -eq "$centralNode"}).id -roles "RootAdmin"
+
+$proxyId = (Get-QlikVirtualProxy -full | Where-Object description -like "Central*").id
+Update-QlikVirtualProxy -id $proxyId -websocketCrossOriginWhiteList "$newNode", "$env:computername"
+
+# Register-QlikNode -hostname $newNode -name $newNode -nodePurpose Both -engineEnabled -proxyEnabled
+$password = New-QlikNode -hostname $newNode -name $newNode -nodePurpose Both -engineEnabled -proxyEnabled
+$foo = @{__pwd="$password"}
+<#
+  Using this will allow a silent execution without password prompt
+  $Username = 'DOMAIN\Administrator'
+  $Password = 'Password123!'
+  $pass = ConvertTo-SecureString -AsPlainText $Password -Force
+  $Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
+  Invoke-Command -ComputerName qlikserver2.domain.local -ScriptBlock { Invoke-WebRequest -Uri "http://localhost:4570/certificateSetup" -Method Post -Body $Using:foo } -credential $Cred
+#>
+Invoke-Command -ComputerName $newNode -ScriptBlock { Invoke-WebRequest -Uri "http://localhost:4570/certificateSetup" -Method Post -Body $Using:foo } -credential $qlikID
+# Filter by the name param from line 7
+$nodeid = Get-QlikNode -filter "(name eq $newNode)"
+Invoke-QlikGet -path /qrs/servernoderegistration/start/$($nodeid.id)
+
+# Invoke-Command -Session $qseCon -ScriptBlock { Invoke-Command -ComputerName $using:newNode -ScriptBlock { Invoke-WebRequest -Uri "http://localhost:4570/certificateSetup" -Method Post -Body $foo } -credential $using:newNode\qlikadmin }
+

bt-autoscaler/terraform/gcp/scripts/bootstrap.ps1

@@ -4,10 +4,6 @@
 ## or as a startup script via Metadata key windows-startup-script-url
 ##
 
-if ($env:computername -notlike "central-*") {
-  exit 0
-}
-
 # Format and mount data disk
 Write-Host "## ========================>> Create Data drive & dirs"
 
@@ -68,6 +64,7 @@ gsutil -m cp gs://qliksense/binaries/ps7.zip $deploy_path\binaries\
 
 Unblock-File -Path $deploy_path\binaries\*
 Unblock-File -Path $deploy_path\scripts\*
+REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
 
 # WinRM Connects
 New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation -Name AllowFreshCredentialsWhenNTLMOnly -Force
@@ -76,17 +73,18 @@ New-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDele
 Write-Host "## ========================>> Import PS Modules"
 Get-PackageProvider -Name NuGet -ForceBootstrap
 
-Install-Module PSDscResources -Force
+# Install-Module PSDscResources -Force
-Install-Module QlikResources -Force
+Install-Module Qlik-CLI -Force
 
 Write-Host "## ========================>> Deploy PS7 | Firefox | VS Code"
-Expand-Archive -Path $deploy_path\binaries\ps7.zip -DestinationPath $deploy_path\binaries\ps7
+Expand-Archive -Path $deploy_path\binaries\ps7.zip -DestinationPath $deploy_path\binaries\ps7 -Force
-Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\vscode_stable.exe" -ArgumentList "/VERYSILENT /MERGETASKS=!runcode" -Wait -PassThru} | Out-Null
+Start-Sleep -Seconds 120
-Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\firefox_latest.exe" -ArgumentList "/s" -Wait -PassThru} | Out-Null
+Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\vscode_stable.exe" -verb runAs -ArgumentList "/VERYSILENT /NORESTART /MERGETASKS=!runcode" -Wait -PassThru} | Out-Null
+Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\firefox_latest.exe" -verb runAs -ArgumentList "/s" -Wait -PassThru} | Out-Null
 
 # QSEoW FW Rule
 Write-Host "## ========================>> Create QSEoW FW Rule"
-New-NetFirewallRule -DisplayName "Qlik Sense" -Direction Inbound -LocalPort 443, 4244,4242, 4432, 4444, 5355, 5353, 80, 4248, 3090, 4000, 5555, 5556, 4993, 4994 -Protocol TCP -Action Allow -ea Stop | Out-Null
+New-NetFirewallRule -DisplayName "Qlik Sense" -Direction Inbound -LocalPort 80, 443, 3090, 4000, 4432, 4242, 4244, 4444, 4248, 4993, 4994, 5353, 5355, 5555, 5556 -Protocol TCP -Action Allow -ea Stop | Out-Null
 # Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
 
 #### Enable NFS Client, set Anon user to UID:GID 0 == root. Restart service.
@@ -99,14 +97,14 @@ New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Def
 nfsadmin client stop
 nfsadmin client start
 
-#### Launch silent install
+# REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 5 /f
-Write-Host "========================>> Installing QSEoW"
-Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\cen.xml" -Wait -PassThru} #| Out-Null
 
 # HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
-# New-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name 'Run' -Value '<insert_script_command_here>'
+New-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name 'Run' -Value 'C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -sta -WindowStyle Hidden -executionpolicy unrestricted -file E:\deploy\scripts\qsInstall.ps1'
 
 Set-GceInstance -Name ($env:computername).ToLower() -Zone europe-west1-d -AddTag "bootstrapped"
 Set-GceInstance -Name ($env:computername).ToLower() -Zone europe-west1-d -RemoveMetadata "windows-startup-script-url"
 
+Restart-Computer
+
 Exit 0

bt-autoscaler/terraform/gcp/scripts/cen.xml

@@ -2,12 +2,12 @@
 <SharedPersistenceConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
   <DbUserName>qliksenserepository</DbUserName>
   <DbUserPassword>Qlik1234!</DbUserPassword>
-  <DbHost>10.54.242.14</DbHost>
+  <DbHost>10.54.242.41</DbHost>
   <DbPort>5432</DbPort>
-  <RootDir>\\10.159.210.26\qlikshare</RootDir>
+  <RootDir>\\10.255.55.2\qlikshare</RootDir>
-  <StaticContentRootDir>\\10.159.210.26\qlikshare\StaticContent</StaticContentRootDir>
+  <StaticContentRootDir>\\10.255.55.2\qlikshare\StaticContent</StaticContentRootDir>
-  <ArchivedLogsDir>\\10.159.210.26\qlikshare\ArchivedLogs</ArchivedLogsDir>
+  <ArchivedLogsDir>\\10.255.55.2\qlikshare\ArchivedLogs</ArchivedLogsDir>
-  <AppsDir>\\10.159.210.26\qlikshare\Apps</AppsDir>
+  <AppsDir>\\10.255.55.2\qlikshare\Apps</AppsDir>
   <CreateCluster>true</CreateCluster>
   <InstallLocalDb>false</InstallLocalDb>
   <ConfigureDbListener>false</ConfigureDbListener>
@@ -19,6 +19,6 @@
   <SetupLocalLoggingDb>false</SetupLocalLoggingDb>
   <QLogsWriterPassword>Qlik1234!</QLogsWriterPassword>
   <QLogsReaderPassword>Qlik1234!</QLogsReaderPassword>
-  <QLogsHostname>10.54.242.14</QLogsHostname>
+  <QLogsHostname>10.54.242.41</QLogsHostname>
   <QLogsPort>5432</QLogsPort>
   </SharedPersistenceConfiguration>

bt-autoscaler/terraform/gcp/scripts/qsInstall.ps1

@@ -0,0 +1,49 @@
+#!/usr/bin/env pwsh
+#
+## Intended to be executed in a GitOps pipeline on the new GCE resource by remote-exec in TF
+## or as a startup script via Metadata key windows-startup-script-url
+##
+
+$deploy_path = "E:\deploy"
+$centralNode = ($env:COMPUTERNAME).ToLower()
+# $centralNode = "central-6ccd"
+$newNode = ($env:COMPUTERNAME).ToLower()
+# $newNode = "rim-a8a3"
+
+$qlikID = ".\qlikadmin"
+
+#### Launch silent install
+Write-Host "========================>> Installing QSEoW"
+
+
+if ($env:computername -like "central-*") {
+  Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 skipvalidation=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\cen.xml" -Wait -PassThru} | Out-Null
+
+  # Do other Stuff
+
+  # Config Engine for better NFS Support
+  Add-Content -Path C:\ProgramData\Qlik\Sense\Engine\Settings.ini -Value "MapNetworkDrives=1"
+
+  Set-Item WSMan:localhost\client\trustedhosts -value *
+
+  # Connect to Qlik Sense
+  Get-ChildItem -Path cert:\CurrentUser\My | Where-Object {$_.Issuer -like "*$centralNode*"} | Connect-Qlik -computername https://"$centralNode":4242 -Username $qlikID | Out-Null
+
+  $license = (Get-Content $deploy_path\scripts\license.json -raw) | ConvertFrom-Json
+
+  Set-QlikLicense -key "$($license.signed.key)" -name "$($license.signed.name)" -organization "$($license.signed.organization)"| Out-Null
+
+} else {
+  Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 skipvalidation=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\rim.xml" -Wait -PassThru} | Out-Null
+
+  # Do other Stuff
+
+  # Execute AddRim
+
+  Set-Item WSMan:localhost\client\trustedhosts -value * -Force
+
+  # Config Engine for better NFS Support
+  Add-Content -Path C:\ProgramData\Qlik\Sense\Engine\Settings.ini -Value "MapNetworkDrives=1"
+}
+
+

bt-autoscaler/terraform/gcp/scripts/rim.xml

@@ -2,23 +2,23 @@
 <SharedPersistenceConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
   <DbUserName>qliksenserepository</DbUserName>
   <DbUserPassword>Qlik1234!</DbUserPassword>
-  <DbHost>10.54.242.14</DbHost>
+  <DbHost>10.54.242.41</DbHost>
   <DbPort>5432</DbPort>
-  <RootDir>\\10.159.210.26\qlikshare</RootDir>
+  <RootDir>\\10.255.55.2\qlikshare</RootDir>
-  <StaticContentRootDir>\\10.159.210.26\qlikshare\StaticContent</StaticContentRootDir>
+  <StaticContentRootDir>\\10.255.55.2\qlikshare\StaticContent</StaticContentRootDir>
-  <ArchivedLogsDir>\\10.159.210.26\qlikshare\ArchivedLogs</ArchivedLogsDir>
+  <ArchivedLogsDir>\\10.255.55.2\qlikshare\ArchivedLogs</ArchivedLogsDir>
-  <AppsDir>\\10.159.210.26\qlikshare\Apps</AppsDir>
+  <AppsDir>\\10.255.55.2\qlikshare\Apps</AppsDir>
-  <CreateCluster>false</CreateCluster>
+  <!-- <CreateCluster>true</CreateCluster> -->
   <InstallLocalDb>false</InstallLocalDb>
   <ConfigureDbListener>false</ConfigureDbListener>
   <ListenAddresses>*</ListenAddresses>
   <IpRange>0.0.0.0/0,::/0</IpRange>
   <MaxConnections>100</MaxConnections>
-  <!-- <JoinCluster>true</JoinCluster> -->
+  <JoinCluster>true</JoinCluster>
   <ConfigureLogging>true</ConfigureLogging>
   <SetupLocalLoggingDb>false</SetupLocalLoggingDb>
   <QLogsWriterPassword>Qlik1234!</QLogsWriterPassword>
   <QLogsReaderPassword>Qlik1234!</QLogsReaderPassword>
-  <QLogsHostname>10.54.242.14</QLogsHostname>
+  <QLogsHostname>10.54.242.41</QLogsHostname>
   <QLogsPort>5432</QLogsPort>
   </SharedPersistenceConfiguration>

bt-autoscaler/terraform/gcp/scripts/scratch.ps1

@@ -0,0 +1,28 @@
+REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
+
+Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -verb runAs -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\cen.xml" -Wait -PassThru} | Out-Null
+
+$license = (Get-Content E:\scripts\license.json -raw) | ConvertFrom-Json
+Set-QlikLicense -key "$($license.signed.key)" -name "$($license.signed.name)" -organization "$($license.signed.organization)"| Out-Null
+# qlikSenseProfessionalAccess
+
+
+New-GcsObject -Bucket "qliksense" -Folder "C:\ProgramData\Qlik\Sense\Repository\Exported Certificates" -Force
+Write-GcsObject -Bucket "qliksense" -File "C:\ProgramData\Qlik\Sense\Repository\Exported Certificates\rim\client.pfx" -ObjectName "certs/rim/client.pfx"
+
+REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 5 /f
+########################################
+
+# 6 $license = (Get-Content $deploy_path\scripts\license.json -raw) | ConvertFrom-Json
+# 7 $centralNode = ($env:COMPUTERNAME).ToLower()
+# 9 $qlikID = ".\qlikadmin"
+# 10 $deploy_path = "E:\deploy"
+
+# 14 Set-QlikLicense -key "$($license.signed.key)" -name "$($license.signed.name)" -organization "$($license.signed....
+
+# 18 Export-QlikCertificate -machineNames rim -includeSecretsKey -exportFormat Windows
+
+# 1 $deploy_path = "E:\deploy"
+# 2 $centralNode = ($env:COMPUTERNAME).ToLower()
+# 3 $qlikID = ".\qlikadmin"
+# Write-GcsObject -Bucket "qliksense" -File "C:\ProgramData\Qlik\Sense\Repository\Exported Certificates\rim\client.pfx" -ObjectName "certs/rim/client.pfx"

bt-autoscaler/terraform/roots/central/.terraform/plugins/selections.json

@@ -1,10 +0,0 @@
-{
-  "registry.terraform.io/hashicorp/google-beta": {
-    "hash": "h1:zsIZIszrwu9B9TGiUMGUF3QrpOT6OxGrTIJIo+b8Re0=",
-    "version": "3.41.0"
-  },
-  "registry.terraform.io/hashicorp/random": {
-    "hash": "h1:nFL6uiwsQFLiP8QCr35sPfWe9LpXI3/c7gP9tYnih+k=",
-    "version": "2.3.0"
-  }
-}

bt-autoscaler/terraform/roots/file/.terraform/plugins/selections.json

@@ -1,6 +0,0 @@
-{
-  "registry.terraform.io/hashicorp/google-beta": {
-    "hash": "h1:zsIZIszrwu9B9TGiUMGUF3QrpOT6OxGrTIJIo+b8Re0=",
-    "version": "3.41.0"
-  }
-}

bt-autoscaler/terraform/roots/psql/.terraform/modules/modules.json

@@ -1 +0,0 @@
-{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"postgres","Source":"github.com/gruntwork-io/terraform-google-sql.git//modules/cloud-sql?ref=v0.2.0","Dir":".terraform/modules/postgres/modules/cloud-sql"}]}

bt-autoscaler/terraform/roots/psql/.terraform/plugins/selections.json

@@ -1,22 +0,0 @@
-{
-  "registry.terraform.io/hashicorp/google": {
-    "hash": "h1:57PSAprG+Z4LymWA4ZY6kcTzxu+VTgwjpBGUy70g+9g=",
-    "version": "3.10.0"
-  },
-  "registry.terraform.io/hashicorp/null": {
-    "hash": "h1:CFnENdqQu4g3LJNevA32aDxcUz2qGkRGQpFfkI8TCdE=",
-    "version": "2.1.2"
-  },
-  "registry.terraform.io/hashicorp/random": {
-    "hash": "h1:nFL6uiwsQFLiP8QCr35sPfWe9LpXI3/c7gP9tYnih+k=",
-    "version": "2.3.0"
-  },
-  "registry.terraform.io/hashicorp/template": {
-    "hash": "h1:8NcPRk3yxQtUlAT/YGfjBEJ76rQI2ljARYeIEjhtWho=",
-    "version": "2.1.2"
-  },
-  "registry.terraform.io/terraform-providers/postgresql": {
-    "hash": "h1:XoFYBv4TT44nddycaurd4lYzIuWBx9JJzmrvcTDYX9A=",
-    "version": "1.7.1"
-  }
-}

bt-autoscaler/terraform/roots/psql/terraform.tfvars

@@ -1,5 +0,0 @@
-  project = "esoteric-parsec-243510"
-  region = "us-central1"
-  zone = "us-central1-a"
-  aclCIDR = "71.164.77.198/32"
-  postgresPwd = "Qlik1234!"

bt-autoscaler/terraform/roots/psql/versions.tf

@@ -1,20 +0,0 @@
-terraform {
-  required_providers {
-    google = {
-      source = "hashicorp/google"
-    }
-    postgresql = {
-      source = "terraform-providers/postgresql"
-    }
-    random = {
-      source = "hashicorp/random"
-    }
-    template = {
-      source = "hashicorp/template"
-    }
-    null = {
-      source = "hashicorp/null"
-    }
-  }
-  required_version = ">= 0.13"
-}

bt-autoscaler/terraform/roots/rim/.terraform/plugins/selections.json

@@ -1,10 +0,0 @@
-{
-  "registry.terraform.io/hashicorp/google-beta": {
-    "hash": "h1:zsIZIszrwu9B9TGiUMGUF3QrpOT6OxGrTIJIo+b8Re0=",
-    "version": "3.41.0"
-  },
-  "registry.terraform.io/hashicorp/random": {
-    "hash": "h1:nFL6uiwsQFLiP8QCr35sPfWe9LpXI3/c7gP9tYnih+k=",
-    "version": "2.3.0"
-  }
-}

bt-autoscaler/terraform/roots/scripts/bootstrap-rim.ps1

@@ -1,112 +0,0 @@
-#!/usr/bin/env pwsh
-#
-## Intended to be executed in a GitOps pipeline on the new GCE resource by remote-exec in TF
-## or as a startup script via Metadata key windows-startup-script-url
-##
-
-if ($env:computername -notlike "rim-*") {
-  exit 0
-}
-
-# Format and mount data disk
-Write-Host "## ========================>> Create Data drive & dirs"
-
-Get-Disk |
-  Where-Object partitionstyle -eq 'raw' |
-  Initialize-Disk -PartitionStyle GPT -PassThru |
-  New-Partition -DriveLetter E -UseMaximumSize |
-  Format-Volume -FileSystem NTFS -NewFileSystemLabel 'Data' -Confirm:$false
-
-if (! (Test-Path E:\)) {
-  Write-Error "Drive not found"
-  exit 1
-}
-
-$deploy_path = "E:\deploy"
-
-if (! (Test-Path $deploy_path)) {
-  New-Item -ItemType Directory -Path $deploy_path
-  New-Item -ItemType Directory -Path $deploy_path\binaries
-  New-Item -ItemType Directory -Path $deploy_path\modules
-  New-Item -ItemType Directory -Path $deploy_path\modules\tf
-  New-Item -ItemType Directory -Path $deploy_path\modules\ps
-}
-
-Write-Host "## ========================>> Create Local Accounts and add to Administrators Group"
-
-if(!(Get-LocalUser -Name qservice -ErrorAction Ignore)) {
-  $password =  ConvertTo-SecureString -String 'Qlik1234!' -AsPlainText -Force
-  New-LocalUser `
-    -Name 'qservice' `
-    -Password $password `
-    -PasswordNeverExpires `
-    -UserMayNotChangePassword
-}
-
-if(!(Get-LocalUser -Name qlikadmin -ErrorAction Ignore)) {
-  $password =  ConvertTo-SecureString -String 'Qlik1234!' -AsPlainText -Force
-  New-LocalUser `
-    -Name 'qlikadmin' `
-    -Password $password `
-    -PasswordNeverExpires `
-    -UserMayNotChangePassword
-}
-
-Add-LocalGroupMember -Group "Administrators" -Member "qservice", "qlikadmin"
-
-Write-Host "## ========================>> Copy scripts and binaries from Cloud Storage Bucket"
-gsutil -m cp -r gs://qliksense/scripts $deploy_path\
-gsutil -m cp gs://qliksense/binaries/Qlik_Sense* $deploy_path\binaries\
-gsutil -m cp gs://qliksense/binaries/vscode_stable.exe $deploy_path\binaries\
-gsutil -m cp gs://qliksense/binaries/firefox_latest.exe $deploy_path\binaries\
-gsutil -m cp gs://qliksense/binaries/ps7.zip $deploy_path\binaries\
-# gsutil -m cp -r gs://qliksense/modules 'C:\Program Files\WindowsPowerShell\Modules'
-
-# Invoke-WebRequest -Uri https://github.com/PowerShell/PowerShell/releases/download/v7.0.3/PowerShell-7.0.3-win-x64.zip -OutFile $deploy_path\binaries\ps7.zip
-# Invoke-WebRequest -Uri https://aka.ms/win32-x64-user-stable -Outfile $deploy_path\binaries\vscode_stable.exe
-# Invoke-WebRequest -Uri "https://download.mozilla.org/?product=firefox-latest-ssl&os=win64&lang=en-US" -Outfile $deploy_path\binaries\firefox_latest.exe
-
-Unblock-File -Path $deploy_path\binaries\*
-Unblock-File -Path $deploy_path\scripts\*
-
-# WinRM Connects
-New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation -Name AllowFreshCredentialsWhenNTLMOnly -Force
-New-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\AllowFreshCredentialsWhenNTLMOnly -Name 1 -Value * -PropertyType String
-
-Write-Host "## ========================>> Import PS Modules"
-Get-PackageProvider -Name NuGet -ForceBootstrap
-
-Install-Module PSDscResources -Force
-Install-Module QlikResources -Force
-
-Write-Host "## ========================>> Deploy PS7 | Firefox | VS Code"
-Expand-Archive -Path $deploy_path\binaries\ps7.zip -DestinationPath $deploy_path\binaries\ps7
-Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\vscode_stable.exe" -ArgumentList "/VERYSILENT /MERGETASKS=!runcode" -Wait -PassThru} | Out-Null
-Invoke-Command -ScriptBlock {Start-Process -FilePath "$deploy_path\binaries\firefox_latest.exe" -ArgumentList "/s" -Wait -PassThru} | Out-Null
-
-# QSEoW FW Rule
-Write-Host "## ========================>> Create QSEoW FW Rule"
-New-NetFirewallRule -DisplayName "Qlik Sense" -Direction Inbound -LocalPort 443, 4244,4242, 4432, 4444, 5355, 5353, 80, 4248, 3090, 4000, 5555, 5556, 4993, 4994 -Protocol TCP -Action Allow -ea Stop | Out-Null
-# Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
-
-#### Enable NFS Client, set Anon user to UID:GID 0 == root. Restart service.
-Write-Host "## ========================>> Installing NFS Client"
-Install-WindowsFeature -Name NFS-Client
-New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default" `
-    -Name "AnonymousUid" -Value "0" -PropertyType DWORD
-New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default" `
-    -Name "AnonymousGid" -Value "0" -PropertyType DWORD
-nfsadmin client stop
-nfsadmin client start
-
-#### Launch silent install
-Write-Host "========================>> Installing QSEoW"
-Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\rim.xml" -Wait -PassThru} #| Out-Null
-
-# HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
-# New-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name 'Run' -Value '<insert_script_command_here>'
-
-Set-GceInstance -Name $shortname -Zone europe-west1-d -AddTag "bootstrapped"
-Set-GceInstance -Name $shortname -Zone europe-west1-d -RemoveMetadata "windows-startup-script-url"
-
-Exit 0

bt-autoscaler/terraform/roots/scripts/win-nfs_client-install.ps1

@@ -1,22 +0,0 @@
-#!/usr/bin/env pwsh
-# Install NFS Client on Windows via PS
-#
-
-# Wait for bootstrap.ps1 to finish before proceeding.
-# $bootScript = "bootstrap.ps1"
-# Wait-Process -Name $bootScript -ErrorAction SilentlyContinue -Timeout 1200
-
-# Enable NFS Client, set Anon user to UID:GID 0 == root. Restart service.
-Write-Host -Message "<---- Installing NFS Client"
-Install-WindowsFeature -Name NFS-Client
-New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default" `
-    -Name "AnonymousUid" -Value "0" -PropertyType DWORD
-New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default" `
-    -Name "AnonymousGid" -Value "0" -PropertyType DWORD
-nfsadmin client stop
-nfsadmin client start
-
-# & E:\deploy\binaries\Qlik_Sense_setup.exe -s -l E:\deploy\deploy.log spc="E:\deploy\scripts\spc.xml" installdir="E:\deploy\Qlik" userwithdomain="central-b445\qservice" userpassword="Qlik1234!" dbpassword="Qlik1234!" accepteula=1 skipvalidation=1 bundleinstall=1 skipdbconfig=1
-
-Write-Host "<---- Installing QSEoW"
-Invoke-Command -ScriptBlock {Start-Process -FilePath "E:\deploy\binaries\Qlik_Sense_setup.exe" -ArgumentList "-s -log E:\deploy\deploy.log accepteula=1 installdir=E:\deploy\Qlik dbpassword=Qlik1234! hostname=$($env:computername) userwithdomain=$($env:computername)\qservice password=Qlik1234! bundleinstall=dashboard,visualization spc=E:\deploy\scripts\spc.xml" -Wait -PassThru} | Out-Null