<# new-item "c:\scripts" -type "directory" (New-Object System.Net.WebClient).DownloadFile("http://autoinstall-wingpx.webhostbox.net/installer/plesk-install.ps1","c:\scripts\plesk-install.ps1") c:\scripts\plesk-install.ps1 -key A00900-MDHK03-3C1F70-QVMR97-SB0B30 -password "Qwedsa@123" -ipaddress 103.53.41.163 -dc gpx #> <# Active perl http://docs.activestate.com/activeperl/5.10/install.html #> [CmdletBinding(SupportsShouldProcess=$True,ConfirmImpact="High")] param( [Parameter(Mandatory=$true,HelpMessage="license key used for activating the plesk")] [ValidateNotNullOrEmpty()] [string]$key, [Parameter(Mandatory=$true,HelpMessage="password to set for plesk admin , mysql root , mssql sa")] [ValidateNotNullOrEmpty()] [string]$password, [Parameter(Mandatory=$true,HelpMessage="IP address of the system")] [ValidateNotNullOrEmpty()] [string]$ipaddress, [Parameter(Mandatory=$true,HelpMessage="name of the dc")] [ValidateNotNullOrEmpty()] [string]$dc ) if(!(test-path "c:\scripts\")){new-item "c:\scripts\" -type "directory"} $repo = "autoinstall-win" + $dc + ".webhostbox.net" $log = "c:\scripts\plesk-install.log" if ((get-culture | select name).name -ne 'en-US'){ $([datetime]::Now).tostring() + ",setting culture to en-US" | out-file -Append $log [System.Threading.Thread]::CurrentThread.CurrentCulture = "en-US" [System.Threading.Thread]::CurrentThread.CurrentUICulture = "en-US" } <##Dowload additional component Pendin 1. install telnet client 5. Active perl 6. mailenable settings #> $powershell_version = $PSVersionTable.Clrversion.major If ($powershell_version -eq '2'){ $([datetime]::Now).tostring() + ",installing powershell tool msi" | out-file -Append $log (New-Object System.Net.WebClient).DownloadFile("http://$($repo)/installer/PowerShellTools.msi","c:\scripts\PowerShellTools.msi") $([datetime]::Now).tostring() + ",installing cmdline tool msi" | out-file -Append $log (New-Object System.Net.WebClient).DownloadFile("http://$($repo)/installer/cmdline.msi","c:\scripts\cmdline.msi") $([datetime]::Now).tostring() + ",installing perl tool msi" | out-file -Append $log (New-Object System.Net.WebClient).DownloadFile("http://$($repo)/installer/perl.msi","c:\scripts\perl.msi") $([datetime]::Now).tostring() + ",installing plesk-install exe" | out-file -Append $log (New-Object System.Net.WebClient).DownloadFile("http://$($repo)/installer/plesk-installer.exe","c:\scripts\plesk-installer.exe") $([datetime]::Now).tostring() + ",installing windows features" | out-file -Append $log import-module servermanager Add-windowsfeature Web-Server,Web-Http-Redirect,Web-IP-Security,Web-ASP,Web-Asp-Net -IncludeAllSubFeature }else{ $([datetime]::Now).tostring() + ",installing powershell tool msi" | out-file -Append $log Invoke-webrequest -uri "http://$repo/installer/PowerShellTools.msi" -outfile "c:\scripts\PowerShellTools.msi" $([datetime]::Now).tostring() + ",installing cmdline tool msi" | out-file -Append $log Invoke-webrequest -uri "http://$repo/installer/cmdline.msi" -outfile "c:\scripts\cmdline.msi" $([datetime]::Now).tostring() + ",installing perl tool msi" | out-file -Append $log Invoke-webrequest -uri "http://$repo/installer/perl.msi" -outfile "c:\scripts\perl.msi" $([datetime]::Now).tostring() + ",installing plesk-install exe" | out-file -Append $log Invoke-webrequest -uri "http://$repo/installer/plesk-installer.exe" -outfile "c:\scripts\plesk-installer.exe" $([datetime]::Now).tostring() + ",installing windows features" | out-file -Append $log Add-windowsfeature Web-Server,Web-Http-Redirect,Web-IP-Security,Web-AppInit,Web-ASP,Web-Asp-Net -IncludeAllSubFeature } #pending #set env variable for plesk bin #license module will be powerpack $pleskinstaller = "http://" + $repo + "/mirror_pleskwin" #Enable ASPNet 2.0 and 3.5 Feature $([datetime]::Now).tostring() + ",Starting plesk installation" | out-file -Append $log #Install plesk with typical installation & c:\scripts\plesk-installer.exe --console --source $pleskinstaller --select-release-id PANEL_12_5_30_WIN --install-component mssql2014 --install-component management --install-component perl --install-component php53 --install-component php54 --install-component php55 --install-component php56 --install-component php70 --install-component phpmyadmin --install-component mylittleadmin --install-component awstats --install-component webmail --install-component mailenable --install-component dns --install-component webdeploy --install-component health-monitoring --install-component ssi --install-component cloudflare #install powershelltools $([datetime]::Now).tostring() + ",installing powershell tools sqlcmd and invoke-sqlcmd" | out-file -Append $log Start-Process "c:\scripts\PowerShellTools.msi" /qn -Wait Start-Process "c:\scripts\cmdline.msi" /qn -Wait #install perl 5.10 for awstats since plesk has removed its support starting from 12.5 msiexec /i "C:\scripts\perl.msi" TARGETDIR="c:\" PERL_PATH="Yes" PERL_EXT="Yes" PL_IISMAP="Yes" PLEX_IISMAP="Yes" PLX_IISMAP="Yes" /q #install plesk license key $([datetime]::Now).tostring() + ",installing plesk license key" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\bin\license.exe" -i $key if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #Reset plesk admin password $([datetime]::Now).tostring() + ",Updating plesk administrator password to server creds" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\init_conf.exe" -u -passwd $password if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #Reset plesk mysql 'admin' password $([datetime]::Now).tostring() + ",Updating plesk mysql root password" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\database-server.exe" --update-server localhost:3306 -type mysql -admin admin -reset-passwd $password if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #reset plesk mssql 'sa' password $([datetime]::Now).tostring() + ",Updating plesk MSSQLServer 2014 sa password" | out-file -Append $log & "C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\SQLCMD.EXE" -E -S "localhost\MSSQLSERVER2014" -Q "EXEC sp_password NULL, '$password', 'sa'" $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\bin\database-server.exe" --create-server "localhost\MSSQLSERVER2014" -type mssql -admin sa -passwd $password if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #FTP settings #Set passive FTP port range $([datetime]::Now).tostring() + ",Setting ftp passive port range" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\ftpmng.exe" --set-ftp-passive-port-range --range="5500-5550" if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #Set computername as the default logon domain for FTP service #pending $query_error = $null ; $query_error = & C:\Windows\System32\inetsrv\appcmd.exe set config -section:system.applicationHost/sites /siteDefaults.ftpServer.security.authentication.basicAuthentication.defaultLogonDomain:$env:computername /commit:apphost if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #Plesk language pack $([datetime]::Now).tostring() + ",Updating plesk language pack" | out-file -Append $log & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\dbclient.exe" --direct-sql --sql="update locales set active = 'false' where id not in ('en-US','es-ES','zh-CN')" & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\dbclient.exe" --direct-sql --sql="update locales set active = 'true' where id in ('en-US','es-ES','zh-CN')" #Set mysqlserver ACL to localhost by default $([datetime]::Now).tostring() + ",Updating mysqlserver ACL to localhost" | out-file -Append $log & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\dbclient.exe" --direct-sql --sql="update misc set val = 'localhost' where param = 'default_database_acl_hosts'" #Assigning each website to seperate application pool $([datetime]::Now).tostring() + ",Updating app pool dedi setting" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\bin\server_pref.exe" -u -iis_app_pool_mode dedicated if ($query_error) { if($query_error -notlike '*SUCCESS*'){$mode = 'ERROR'}else{$mode= 'Info'} ; $([datetime]::Now).tostring() + ',' + $mode +",$query_error" | out-file $log -append } #password policy to strong $([datetime]::Now).tostring() + ",Setting password policy to strong" | out-file -Append $log $query_error = $null ; $query_error = & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\server_pref.exe" -u -min_password_strength strong #Mailenable settings & "C:\Program Files (x86)\Parallels\Plesk\admin\bin\mailmng.exe" --set-max-letter-size --size=52428800 c:\windows\system32\reg.exe add "HKLM\Software\Wow6432Node\Mail Enable\Mail Enable\connectors\SMTP" /v "No NDR Generation" /t REG_DWORD /d 3 /f c:\windows\system32\reg.exe add "HKLM\Software\Wow6432Node\Mail Enable\Mail Enable\connectors\SMTP" /v "Maximum Outbound Message Size" /t REG_DWORD /d 52428800 /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Sender must be valid" /t REG_DWORD /d 1 /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Maximum Inbound Recipients" /t REG_DWORD /d "300" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Enforce Inbound Recipient Limits" /t REG_DWORD /d "1" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Maximum Recv Threads" /t REG_DWORD /d "8000" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Sender must be valid" /t REG_DWORD /d 1 /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Forward All Outbound Enabled" /t REG_DWORD /d 1 /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Forward All Outbound Host" /t REG_SZ /d "cloudmark.webhostbox.net:40025" /f c:\windows\system32\reg.exe add "HKLM\Software\Wow6432Node\Mail Enable\Mail Enable\connectors\SMTP" /v "No Delay Notification Generation" /t REG_DWORD /d 1 /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Maximum Send Threads" /t REG_DWORD /d "16" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Services\POP" /v "Maximum Threads" /t REG_DWORD /d 200 /f c:\windows\system32\reg.exe add "HKLM\Software\Wow6432Node\Mail Enable\Mail Enable\Agents\MTA" /v "Pickup Event Enabled" /t REG_DWORD /d "0" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Maximum Recv Threads" /t REG_DWORD /d "8000" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Services\IMAP" /v "Maximum Recv Threads" /t REG_DWORD /d "400" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Services\POP" /v "Maximum Recv Threads" /t REG_DWORD /d "200" /f c:\windows\system32\reg.exe add "HKLM\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Services\IMAP" /v "Idle Timeout" /t REG_DWORD /d "60" /f c:\windows\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Outbound TLS Mode" /t REG_DWORD /d "1" /f c:\windows\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Resolve Sender Domain" /t REG_DWORD /d "1" /f c:\windows\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Limit Outbound Message Size" /t REG_DWORD /d "1" /f c:\windows\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Restrict Concurrent Outbound" /t REG_DWORD /d "1" /f c:\windows\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP" /v "Concurrent Outbound Limit" /t REG_DWORD /d "100" /f ########################################################################################################## ################################# Firewall settings ########################################## ########################################################################################################## $([datetime]::Now).tostring() + ",Setting Firewall settings" | out-file -Append $log #delete all rules netsh advfirewall firewall delete rule name=all #inbound firewall rules #1 Allow inbound port 80 and 443 rule HTTP and HTTPS netsh advfirewall firewall add rule name="HTTP" dir=in action=allow protocol=TCP localport="80,443" #2 Allow ICMP netsh advfirewall firewall add rule name="ICMP" protocol="icmpv4:any,any" dir=in action=allow #3 Allow WINRM HTTP and HTTPS to bll ips netsh advfirewall firewall add rule name="DO_NOT_DELETE_WINRMHTTP" dir=in action=allow protocol=TCP localport="5985" netsh advfirewall firewall add rule name="DO_NOT_DELETE_WINRMHTTPS" dir=in action=allow protocol=TCP localport="5986" #4 Allow inbound mail port 25 , 110, 143 , 990 , 993 , 995 netsh advfirewall firewall add rule name="Mail" dir=in action=allow protocol=TCP localport="25,110,143,990,993,995,465" #5 Allow DatabaseServers 3306(Mysql) and 1433(MSSQL) netsh advfirewall firewall add rule name="MSSQLServer" dir=in action=allow protocol=TCP localport=1433 #6 Allow MysqlServer netsh advfirewall firewall add rule name="MySQLServer" dir=in action=allow protocol=TCP localport=3306 #6 Allow RDP netsh advfirewall firewall add rule name="RemoteDesktop" dir=in action=allow protocol=TCP localport=3389 #7 Allow FTP netsh advfirewall firewall add rule name="FTP" dir=in action=allow protocol=TCP localport="20,21,5500-5550" #8 Allow Plesk netsh advfirewall firewall add rule name="PleskControlPanel" dir=in action=allow protocol=TCP localport="8880,8443" #9 Webdeploy netsh advfirewall firewall add rule name="Webdeploy" dir=in action=allow protocol=TCP localport=8172 #10 DNS netsh advfirewall firewall add rule name="DNS" dir=in action=allow protocol=UDP localport=53 #Outbound rules #DNS rules netsh advfirewall firewall add rule name="DNS-UDP" dir=out action=allow protocol=UDP remoteport=53 netsh advfirewall firewall add rule name="DNS-TCP" dir=out action=allow protocol=UDP remoteport=53 #Http netsh advfirewall firewall add rule name="HTTP" dir=out action=allow protocol=TCP remoteport="80,443" #Mail netsh advfirewall firewall add rule name="Mail" dir=out action=allow protocol=TCP remoteport="25,143,993,995,465" #ICMP netsh advfirewall firewall add rule name="ICMP" protocol="icmpv4:any,any" dir=out action=allow #FTP netsh advfirewall firewall add rule name="FTP" dir=out action=allow protocol=TCP remoteport="20,21,5500-5550" #Plesk license update netsh advfirewall firewall add rule name="Plesk License Checker" dir=out action=allow protocol=TCP remoteport="5224" #InternetExplorer netsh advfirewall firewall add rule name="InternetExplorer" dir=out action=allow program="%ProgramFiles% (x86)\Internet Explorer\iexplore.exe" #Whois netsh advfirewall firewall add rule name="Whois" dir=out action=allow protocol=TCP remoteport="43" $([datetime]::Now).tostring() + ",Finished" | out-file -Append c:\install.log #remove script file $([datetime]::Now).tostring() + ",Plesk installation and configuration has been completed" | out-file -Append $log #Deleting logs and script file #delete autoinstaller file #if(test-path "C:\ParallelsInstaller\autoinstaller3.log"){Remove-item "C:\ParallelsInstaller\autoinstaller3.log" -force} #delete plesk-install script #if(test-path "c:\scripts"){remove-item "c:\scripts" -recurse}