xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prompt secrets and improve WinRM guidance in deploy script

Browse Source
This commit is contained in:
Frank Tovar
2026-02-02 16:50:55 +01:00
parent 7bc6bb2a3d
commit 2d2d4f0c84
1 changed files with 59 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
scripts/deploy-ftp.ps1
View File

@@ -1,21 +1,20 @@
# Hard-coded deploy settings. Fill these in before running. # Hard-coded deploy settings. Fill these in before running.
$FtpHost = "ftp.example.com" $FtpHost = "xTr1m.com"
$FtpUser = "deploy-user" $FtpUser = "xTr1m"
$FtpPassword = "deploy-password" $FtpPassword = $null # prompted at runtime
$RemoteDir = "/httpdocs" $RemoteDir = "/httpdocs/picknplay"
$ProjectPath = "..\\GameList.csproj" $ProjectPath = "..\\GameList.csproj"
$Configuration = "Release" $Configuration = "Release"
$Runtime = "win-x64" $Runtime = "win-x64"
$PublishDir = "..\\artifacts\\publish" $PublishDir = "..\\artifacts\\publish"
$SelfContained = $false $SelfContained = $false
$WinScpPath = "WinSCP.com" $WinScpPath = "C:\\Users\\frank\\AppData\\Local\\Programs\\WinSCP\\WinSCP.com"
# Optional: recycle IIS app pool via WinRM instead of RDP. Set $RecycleAppPool = $false to skip.
$RecycleAppPool = $true $RecycleAppPool = $true
$AppPoolName = "DefaultAppPool" $AppPoolName = "xTr1m.com(domain)(4.0)(pool)"
$WinRmComputer = "your-server-hostname" $WinRmComputer = "xTr1m.com"
$WinRmCredentialUser = "DOMAIN\\deploy-user" $WinRmCredentialUser = "win-eisvr3h3qra\\Administrator"
$WinRmCredentialPass = "P@ssw0rd!" $WinRmCredentialPass = $null # prompted at runtime
$UseWinRmHttps = $true # set false if using HTTP + TrustedHosts
<#! <#!
.SYNOPSIS .SYNOPSIS
@@ -48,12 +47,46 @@ function Assert-Tool {
Assert-Tool "dotnet" Assert-Tool "dotnet"
Assert-Tool $WinScpPath Assert-Tool $WinScpPath
function Read-PlainOrPrompt([string]$Value, [string]$Prompt, [switch]$Secure) {
if ($Value) { return $Value }
if ($Secure) {
$secure = Read-Host -AsSecureString $Prompt
return [Runtime.InteropServices.Marshal]::PtrToStringUni(
[Runtime.InteropServices.Marshal]::SecureStringToBSTR($secure)
)
}
return Read-Host $Prompt
}
$FtpPassword = Read-PlainOrPrompt $FtpPassword "FTP password"
$WinRmCredentialPass = Read-PlainOrPrompt $WinRmCredentialPass "WinRM password" -Secure
Write-Host "1) Publishing..." -ForegroundColor Cyan Write-Host "1) Publishing..." -ForegroundColor Cyan
New-Item -ItemType Directory -Force -Path $PublishDir | Out-Null New-Item -ItemType Directory -Force -Path $PublishDir | Out-Null
$publishArgs = @("publish", $ProjectPath, "-c", $Configuration, "-r", $Runtime, "-o", $PublishDir) $publishArgs = @("publish", $ProjectPath, "-c", $Configuration, "-r", $Runtime, "-o", $PublishDir)
if (-not $SelfContained) { $publishArgs += "--self-contained=false" } if (-not $SelfContained) { $publishArgs += "--self-contained=false" }
dotnet @publishArgs dotnet @publishArgs
if ($RecycleAppPool) {
Write-Host "2) Stopping IIS app pool via WinRM..." -ForegroundColor Cyan
$sec = ConvertTo-SecureString $WinRmCredentialPass -AsPlainText -Force
$cred = New-Object pscredential($WinRmCredentialUser, $sec)
$invokeParams = @{
ComputerName = $WinRmComputer
Credential = $cred
ScriptBlock = {
Import-Module WebAdministration
Stop-WebAppPool -Name $using:AppPoolName -ErrorAction SilentlyContinue
}
}
if ($UseWinRmHttps) { $invokeParams["UseSSL"] = $true }
try {
Invoke-Command @invokeParams
} catch {
Write-Warning "WinRM stop failed: $($_.Exception.Message)`nIf not on domain/Kerberos, enable HTTPS WinRM or add TrustedHosts (winrm set winrm/config/client '@{TrustedHosts=\"\"\"$WinRmComputer\"\"\"}'), or set `$RecycleAppPool = $false`."
}
}
Write-Host "2) Syncing via WinSCP (FTP mirror with delete)..." -ForegroundColor Cyan Write-Host "2) Syncing via WinSCP (FTP mirror with delete)..." -ForegroundColor Cyan
$tempScript = New-TemporaryFile $tempScript = New-TemporaryFile
@" @"
@@ -70,13 +103,22 @@ exit
Remove-Item $tempScript -ErrorAction SilentlyContinue Remove-Item $tempScript -ErrorAction SilentlyContinue
if ($RecycleAppPool) { if ($RecycleAppPool) {
Write-Host "3) Recycling IIS app pool via WinRM..." -ForegroundColor Cyan Write-Host "4) Starting IIS app pool via WinRM..." -ForegroundColor Cyan
$sec = ConvertTo-SecureString $WinRmCredentialPass -AsPlainText -Force $sec = ConvertTo-SecureString $WinRmCredentialPass -AsPlainText -Force
$cred = New-Object pscredential($WinRmCredentialUser, $sec) $cred = New-Object pscredential($WinRmCredentialUser, $sec)
Invoke-Command -ComputerName $WinRmComputer -Credential $cred -ScriptBlock { $invokeParams = @{
Import-Module WebAdministration ComputerName = $WinRmComputer
Stop-WebAppPool -Name $using:AppPoolName -ErrorAction SilentlyContinue Credential = $cred
Start-WebAppPool -Name $using:AppPoolName ScriptBlock = {
Import-Module WebAdministration
Start-WebAppPool -Name $using:AppPoolName
}
}
if ($UseWinRmHttps) { $invokeParams["UseSSL"] = $true }
try {
Invoke-Command @invokeParams
} catch {
Write-Warning "WinRM start failed: $($_.Exception.Message)`nIf not on domain/Kerberos, enable HTTPS WinRM or add TrustedHosts, or set `$RecycleAppPool = $false`."
} }
} }