Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes. If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:
## 1. REQUIREMENTS ## ### Here are the requirements necessary to ensure this is successful. ### a. Internal/Private Cloud Repository Set Up ### #### You'll need an internal/private cloud repository you can use. These are #### generally really quick to set up and there are quite a few options. #### Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they #### are repository servers and will give you the ability to manage multiple #### repositories and types from one server installation. ### b. Download Chocolatey Package and Put on Internal Repository ### #### You need to have downloaded the Chocolatey package as well. #### Please see https://chocolatey.org/install#organization ### c. Other Requirements ### #### We initialize a few things that are needed by this script - there are no other requirements. $ErrorActionPreference = "Stop" #### Set TLS 1.2 (3072) as that is the minimum required by various up-to-date repositories. #### Use integers because the enumeration value for TLS 1.2 won't exist #### in .NET 4.0, even though they are addressable if .NET 4.5+ is #### installed (.NET 4.5 is an in-place upgrade). [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 #### We use this variable for future REST calls. $RequestArguments = @{ UseBasicParsing = $true } ## 2. TOP LEVEL VARIABLES ## ### a. Your internal repository url (the main one). ### #### Should be similar to what you see when you browse #### to https://community.chocolatey.org/api/v2/ $NugetRepositoryUrl = "INTERNAL REPO URL" ### b. Internal Repository Credential ### #### If required, add the repository access credential here # $NugetRepositoryCredential = [PSCredential]::new( # "username", # ("password" | ConvertTo-SecureString -AsPlainText -Force) # ) # $RequestArguments.Credential = $NugetRepositoryCredential ### c. Chocolatey nupkg download url ### #### This url should result in an immediate download when you navigate to it $ChocolateyDownloadUrl = "$($NugetRepositoryUrl.TrimEnd('/'))/package/chocolatey.2.3.0.nupkg" ### d. Chocolatey Central Management (CCM) ### #### If using CCM to manage Chocolatey, add the following: #### i. Endpoint URL for CCM # $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService" #### ii. If using a Client Salt, add it here # $ChocolateyCentralManagementClientSalt = "clientsalt" #### iii. If using a Service Salt, add it here # $ChocolateyCentralManagementServiceSalt = "servicesalt" ## 3. ENSURE CHOCOLATEY IS INSTALLED ## ### Ensure Chocolatey is installed from your internal repository #### Download the Nupkg, appending .zip to the filename to handle archive cmdlet limitations if (-not (Get-Command choco.exe -ErrorAction SilentlyContinue)) { $TempDirectory = Join-Path $env:Temp "chocolateyInstall" if (-not (Test-Path $TempDirectory -PathType Container)) { $null = New-Item -Path $TempDirectory -ItemType Directory } $DownloadedNupkg = Join-Path $TempDirectory "$(Split-Path $ChocolateyDownloadUrl -Leaf).zip" Invoke-WebRequest -Uri $ChocolateyDownloadUrl -OutFile $DownloadedNupkg @RequestArguments #### Extract the Nupkg, and run the chocolateyInstall script if (Get-Command Microsoft.PowerShell.Archive\Expand-Archive -ErrorAction SilentlyContinue) { Microsoft.PowerShell.Archive\Expand-Archive -Path $DownloadedNupkg -DestinationPath $TempDirectory -Force } else { # PowerShell versions "#{ChocolateyNupkgUrl}", } ## 4. CONFIGURE CHOCOLATEY BASELINE ## ### a. FIPS Feature ### #### If you need FIPS compliance - make this the first thing you configure #### before you do any additional configuration or package installations # chocolatey_feature 'useFipsCompliantChecksums' do # action :enable # end ### b. Apply Recommended Configuration ### #### Move cache location so Chocolatey is very deterministic about #### cleaning up temporary data and the location is secured to admins chocolatey_config 'cacheLocation' do value 'C:\ProgramData\chocolatey\cache' end #### Increase timeout to at least 4 hours chocolatey_config 'commandExecutionTimeoutSeconds' do value '14400' end #### Turn off download progress when running choco through integrations chocolatey_feature 'showDownloadProgress' do action :disable end ### c. Sources ### #### Remove the default community package repository source chocolatey_source 'chocolatey' do action :remove end #### Add internal default sources #### You could have multiple sources here, so we will provide an example #### of one using the remote repo variable here #### NOTE: This EXAMPLE may require changes chocolatey_source 'ChocolateyInternal' do source "#{NugetRepositoryUrl}" priority 1 action :add end execute 'ChocolateyInternal' do command "choco source add --name ChocolateyInternal -s #{NugetRepositoryUrl} -u=#{NugetRepositoryUsername} -p=#{NugetRepositoryPassword} --priority=1" only_if { NugetRepositoryUsername != nil || NugetRepositoryPassword != nil } end ### b. Keep Chocolatey Up To Date ### #### Keep chocolatey up to date based on your internal source #### You control the upgrades based on when you push an updated version #### to your internal repository. #### Note the source here is to the OData feed, similar to what you see #### when you browse to https://community.chocolatey.org/api/v2/ chocolatey_package 'chocolatey' do action :upgrade source "#{NugetRepositoryUrl}" end ## 5. ENSURE CHOCOLATEY FOR BUSINESS ## ### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down. ### a. Ensure The License File Is Installed ### #### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license chocolatey_package 'chocolatey-license' do action :install source "#{NugetRepositoryUrl}" end ### b. Disable The Licensed Source ### #### The licensed source cannot be removed, so it must be disabled. #### This must occur after the license has been set by the license package. chocolatey_source 'chocolatey.licensed' do action :disable end ### c. Ensure Chocolatey Licensed Extension ### #### You will have downloaded the licensed extension to your internal repository #### as you have disabled the licensed repository in step 5b. #### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension) chocolatey_package 'chocolatey.extention' do action install source "#{NugetRepositoryUrl}" end #### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable: #### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder #### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer #### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization #### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer #### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit #### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle #### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn #### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding #### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere #### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management #### - Other - https://docs.chocolatey.org/en-us/features/paid/ ### d. Ensure Self-Service Anywhere ### #### If you have desktop clients where users are not administrators, you may #### to take advantage of deploying and configuring Self-Service anywhere chocolatey_feature 'showNonElevatedWarnings' do action :disable end chocolatey_feature 'useBackgroundService' do action :enable end chocolatey_feature 'useBackgroundServiceWithNonAdministratorsOnly' do action :enable end chocolatey_feature 'allowBackgroundServiceUninstallsFromUserInstallsOnly' do action :enable end chocolatey_config 'backgroundServiceAllowedCommands' do value 'install,upgrade,uninstall' end ### e. Ensure Chocolatey Central Management ### #### If you want to manage and report on endpoints, you can set up and configure ### Central Management. There are multiple portions to manage, so you'll see ### a section on agents here along with notes on how to configure the server ### side components. chocolatey_package 'chocolatey-agent' do action install source "#{NugetRepositoryUrl}" # user "#{NugetRepositoryUsername}" # password "#{NugetRepositoryPassword}" only_if { ChocolateyCentralManagementUrl != nil } end chocolatey_config 'CentralManagementServiceUrl' do value "#{ChocolateyCentralManagementUrl}" only_if { ChocolateyCentralManagementUrl != nil } end chocolatey_config 'centralManagementClientCommunicationSaltAdditivePassword' do value "#{ChocolateyCentralManagementClientSalt}" only_if { ChocolateyCentralManagementClientSalt != nil } end chocolatey_config 'centralManagementServiceCommunicationSaltAdditivePassword' do value "#{ChocolateyCentralManagementServiceSalt}" only_if { ChocolateyCentralManagementServiceSalt != nil } end chocolatey_feature 'useChocolateyCentralManagement' do action :enable only_if { ChocolateyCentralManagementUrl != nil } end chocolatey_feature 'useChocolateyCentralManagementDeployments' do action :enable only_if { ChocolateyCentralManagementUrl != nil } end
Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.
#requires -Modules cChoco ## 1. REQUIREMENTS ## ### Here are the requirements necessary to ensure this is successful. ### a. Internal/Private Cloud Repository Set Up ### #### You'll need an internal/private cloud repository you can use. These are #### generally really quick to set up and there are quite a few options. #### Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they #### are repository servers and will give you the ability to manage multiple #### repositories and types from one server installation. ### b. Download Chocolatey Package and Put on Internal Repository ### #### You need to have downloaded the Chocolatey package as well. #### Please see https://chocolatey.org/install#organization ### c. Other Requirements ### #### i. Requires chocolatey\cChoco DSC module to be installed on the machine compiling the DSC manifest #### NOTE: This will need to be installed before running the DSC portion of this script if (-not (Get-Module cChoco -ListAvailable)) { $null = Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force if (($PSGallery = Get-PSRepository -Name PSGallery).InstallationPolicy -ne "Trusted") { Set-PSRepository -Name PSGallery -InstallationPolicy Trusted } Install-Module -Name cChoco if ($PSGallery.InstallationPolicy -ne "Trusted") { Set-PSRepository -Name PSGallery -InstallationPolicy $PSGallery.InstallationPolicy } } #### ii. Requires a hosted copy of the install.ps1 script ##### This should be available to download without authentication. ##### The original script can be found here: https://community.chocolatey.org/install.ps1 Configuration ChocolateyConfig { ## 2. TOP LEVEL VARIABLES ## param( ### a. Your internal repository url (the main one). ### #### Should be similar to what you see when you browse #### to https://community.chocolatey.org/api/v2/ $NugetRepositoryUrl = "INTERNAL REPO URL", ### b. Chocolatey nupkg download url ### #### This url should result in an immediate download when you navigate to it in #### a web browser $ChocolateyNupkgUrl = "INTERNAL REPO URL/package/chocolatey.2.3.0.nupkg", ### c. Internal Repository Credential ### #### If required, add the repository access credential here # $NugetRepositoryCredential = [PSCredential]::new( # "username", # ("password" | ConvertTo-SecureString -AsPlainText -Force) # ), ### d. Install.ps1 URL #### The path to the hosted install script: $ChocolateyInstallPs1Url = "https://community.chocolatey.org/install.ps1" ### e. Chocolatey Central Management (CCM) ### #### If using CCM to manage Chocolatey, add the following: #### i. Endpoint URL for CCM # $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService", #### ii. If using a Client Salt, add it here # $ChocolateyCentralManagementClientSalt = "clientsalt", #### iii. If using a Service Salt, add it here # $ChocolateyCentralManagementServiceSalt = "servicesalt" ) Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName cChoco Node 'localhost' { ## 3. ENSURE CHOCOLATEY IS INSTALLED ## ### Ensure Chocolatey is installed from your internal repository Environment chocoDownloadUrl { Name = "chocolateyDownloadUrl" Value = $ChocolateyNupkgUrl } cChocoInstaller installChocolatey { DependsOn = "[Environment]chocoDownloadUrl" InstallDir = Join-Path $env:ProgramData "chocolatey" ChocoInstallScriptUrl = $ChocolateyInstallPs1Url } ## 4. CONFIGURE CHOCOLATEY BASELINE ## ### a. FIPS Feature ### #### If you need FIPS compliance - make this the first thing you configure #### before you do any additional configuration or package installations # cChocoFeature featureFipsCompliance { # FeatureName = "useFipsCompliantChecksums" # } ### b. Apply Recommended Configuration ### #### Move cache location so Chocolatey is very deterministic about #### cleaning up temporary data and the location is secured to admins cChocoConfig cacheLocation { DependsOn = "[cChocoInstaller]installChocolatey" ConfigName = "cacheLocation" Value = "C:\ProgramData\chocolatey\cache" } #### Increase timeout to at least 4 hours cChocoConfig commandExecutionTimeoutSeconds { DependsOn = "[cChocoInstaller]installChocolatey" ConfigName = "commandExecutionTimeoutSeconds" Value = 14400 } #### Turn off download progress when running choco through integrations cChocoFeature showDownloadProgress { DependsOn = "[cChocoInstaller]installChocolatey" FeatureName = "showDownloadProgress" Ensure = "Absent" } ### c. Sources ### #### Remove the default community package repository source cChocoSource removeCommunityRepository { DependsOn = "[cChocoInstaller]installChocolatey" Name = "chocolatey" Ensure = "Absent" } #### Add internal default sources #### You could have multiple sources here, so we will provide an example #### of one using the remote repo variable here. #### NOTE: This EXAMPLE may require changes cChocoSource addInternalSource { DependsOn = "[cChocoInstaller]installChocolatey" Name = "ChocolateyInternal" Source = $NugetRepositoryUrl Credentials = $NugetRepositoryCredential Priority = 1 } ### b. Keep Chocolatey Up To Date ### #### Keep chocolatey up to date based on your internal source #### You control the upgrades based on when you push an updated version #### to your internal repository. #### Note the source here is to the OData feed, similar to what you see #### when you browse to https://community.chocolatey.org/api/v2/ cChocoPackageInstaller updateChocolatey { DependsOn = "[cChocoSource]addInternalSource", "[cChocoSource]removeCommunityRepository" Name = "chocolatey" AutoUpgrade = $true } ## 5. ENSURE CHOCOLATEY FOR BUSINESS ## ### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down. ### a. Ensure The License File Is Installed ### #### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license cChocoPackageInstaller chocolateyLicense { DependsOn = "[cChocoPackageInstaller]updateChocolatey" Name = "chocolatey-license" } ### b. Disable The Licensed Source ### #### The licensed source cannot be removed, so it must be disabled. #### This must occur after the license has been set by the license package. Script disableLicensedSource { DependsOn = "[cChocoPackageInstaller]chocolateyLicense" GetScript = { $Source = choco source list --limitoutput | ` ConvertFrom-Csv -Delimiter '|' -Header Name, Source, Disabled | ` Where-Object Name -eq "chocolatey.licensed" return @{ Result = if ($Source) { [bool]::Parse($Source.Disabled) } else { Write-Warning "Source 'chocolatey.licensed' was not present." $true # Source does not need disabling } } } SetScript = { $null = choco source disable --name "chocolatey.licensed" } TestScript = { $State = [ScriptBlock]::Create($GetScript).Invoke() return $State.Result } } ### c. Ensure Chocolatey Licensed Extension ### #### You will have downloaded the licensed extension to your internal repository #### as you have disabled the licensed repository in step 5b. #### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension) cChocoPackageInstaller chocolateyLicensedExtension { DependsOn = "[Script]disableLicensedSource" Name = "chocolatey.extension" } #### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable: #### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder #### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer #### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization #### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer #### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit #### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle #### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn #### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding #### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere #### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management #### - Other - https://docs.chocolatey.org/en-us/features/paid/ ### d. Ensure Self-Service Anywhere ### #### If you have desktop clients where users are not administrators, you may #### to take advantage of deploying and configuring Self-Service anywhere cChocoFeature hideElevatedWarnings { DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension" FeatureName = "showNonElevatedWarnings" Ensure = "Absent" } cChocoFeature useBackgroundService { DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension" FeatureName = "useBackgroundService" Ensure = "Present" } cChocoFeature useBackgroundServiceWithNonAdmins { DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension" FeatureName = "useBackgroundServiceWithNonAdministratorsOnly" Ensure = "Present" } cChocoFeature useBackgroundServiceUninstallsForUserInstalls { DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension" FeatureName = "allowBackgroundServiceUninstallsFromUserInstallsOnly" Ensure = "Present" } cChocoConfig allowedBackgroundServiceCommands { DependsOn = "[cChocoFeature]useBackgroundService" ConfigName = "backgroundServiceAllowedCommands" Value = "install,upgrade,uninstall" } ### e. Ensure Chocolatey Central Management ### #### If you want to manage and report on endpoints, you can set up and configure ### Central Management. There are multiple portions to manage, so you'll see ### a section on agents here along with notes on how to configure the server ### side components. if ($ChocolateyCentralManagementUrl) { cChocoPackageInstaller chocolateyAgent { DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension" Name = "chocolatey-agent" } cChocoConfig centralManagementServiceUrl { DependsOn = "[cChocoPackageInstaller]chocolateyAgent" ConfigName = "CentralManagementServiceUrl" Value = $ChocolateyCentralManagementUrl } if ($ChocolateyCentralManagementClientSalt) { cChocoConfig centralManagementClientSalt { DependsOn = "[cChocoPackageInstaller]chocolateyAgent" ConfigName = "centralManagementClientCommunicationSaltAdditivePassword" Value = $ChocolateyCentralManagementClientSalt } } if ($ChocolateyCentralManagementServiceSalt) { cChocoConfig centralManagementServiceSalt { DependsOn = "[cChocoPackageInstaller]chocolateyAgent" ConfigName = "centralManagementServiceCommunicationSaltAdditivePassword" Value = $ChocolateyCentralManagementServiceSalt } } cChocoFeature useCentralManagement { DependsOn = "[cChocoPackageInstaller]chocolateyAgent" FeatureName = "useChocolateyCentralManagement" Ensure = "Present" } cChocoFeature useCentralManagementDeployments { DependsOn = "[cChocoPackageInstaller]chocolateyAgent" FeatureName = "useChocolateyCentralManagementDeployments" Ensure = "Present" } } } } # If working this into an existing configuration with a good method for $ConfigData = @{ AllNodes = @( @{ NodeName = "localhost" PSDscAllowPlainTextPassword = $true } ) } try { Push-Location $env:Temp $Config = ChocolateyConfig -ConfigurationData $ConfigData Start-DscConfiguration -Path $Config.PSParentPath -Wait -Verbose -Force } finally { Pop-Location }
Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.
## 1. REQUIREMENTS ## ### Here are the requirements necessary to ensure this is successful. ### a. Internal/Private Cloud Repository Set Up ### #### You'll need an internal/private cloud repository you can use. These are #### generally really quick to set up and there are quite a few options. #### Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they #### are repository servers and will give you the ability to manage multiple #### repositories and types from one server installation. ### b. Download Chocolatey Package and Put on Internal Repository ### #### You need to have downloaded the Chocolatey package as well. #### Please see https://chocolatey.org/install#organization ### c. Other Requirements ### #### i. Requires puppetlabs/chocolatey module #### See https://forge.puppet.com/puppetlabs/chocolatey ## 2. TOP LEVEL VARIABLES ## ### a. Your internal repository url (the main one). ### #### Should be similar to what you see when you browse #### to https://community.chocolatey.org/api/v2/ $_repository_url = 'INTERNAL REPO URL' ### b. Chocolatey nupkg download url ### #### This url should result in an immediate download when you navigate to it in #### a web browser $_choco_download_url = 'INTERNAL REPO URL/package/chocolatey.2.3.0.nupkg' ### c. Chocolatey Central Management (CCM) ### #### If using CCM to manage Chocolatey, add the following: #### i. Endpoint URL for CCM # $_chocolatey_central_management_url = 'https://chocolatey-central-management:24020/ChocolateyManagementService' #### ii. If using a Client Salt, add it here # $_chocolatey_central_management_client_salt = "clientsalt" #### iii. If using a Service Salt, add it here # $_chocolatey_central_management_service_salt = 'servicesalt' ## 3. ENSURE CHOCOLATEY IS INSTALLED ## ### Ensure Chocolatey is installed from your internal repository ### Note: `chocolatey_download_url is completely different than normal ### source locations. This is directly to the bare download url for the ### chocolatey.nupkg, similar to what you see when you browse to ### https://community.chocolatey.org/api/v2/package/chocolatey class {'chocolatey': chocolatey_download_url => $_choco_download_url, use_7zip => false, } ## 4. CONFIGURE CHOCOLATEY BASELINE ## ### a. FIPS Feature ### #### If you need FIPS compliance - make this the first thing you configure #### before you do any additional configuration or package installations #chocolateyfeature {'useFipsCompliantChecksums': # ensure => enabled, #} ### b. Apply Recommended Configuration ### #### Move cache location so Chocolatey is very deterministic about #### cleaning up temporary data and the location is secured to admins chocolateyconfig {'cacheLocation': value => 'C:\ProgramData\chocolatey\cache', } #### Increase timeout to at least 4 hours chocolateyconfig {'commandExecutionTimeoutSeconds': value => '14400', } #### Turn off download progress when running choco through integrations chocolateyfeature {'showDownloadProgress': ensure => disabled, } ### c. Sources ### #### Remove the default community package repository source chocolateysource {'chocolatey': ensure => absent, location => 'https://community.chocolatey.org/api/v2/', } #### Add internal default sources #### You could have multiple sources here, so we will provide an example #### of one using the remote repo variable here #### NOTE: This EXAMPLE requires changes chocolateysource {'internal_chocolatey': ensure => present, location => $_repository_url, priority => 1, username => 'optional', password => 'optional,not ensured', bypass_proxy => true, admin_only => false, allow_self_service => false, } ### b. Keep Chocolatey Up To Date ### #### Keep chocolatey up to date based on your internal source #### You control the upgrades based on when you push an updated version #### to your internal repository. #### Note the source here is to the OData feed, similar to what you see #### when you browse to https://community.chocolatey.org/api/v2/ package {'chocolatey': ensure => latest, provider => chocolatey, source => $_repository_url, } ## 5. ENSURE CHOCOLATEY FOR BUSINESS ## ### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down. ### a. Ensure The License File Is Installed ### #### Create a license package using script from https://docs.chocolatey.org/en-us/guides/organizations/organizational-deployment-guide#exercise-4-create-a-package-for-the-license # TODO: Add resource for installing/ensuring the chocolatey-license package package {'chocolatey-license': ensure => latest, provider => chocolatey, source => $_repository_url, } ### b. Disable The Licensed Source ### #### The licensed source cannot be removed, so it must be disabled. #### This must occur after the license has been set by the license package. ## Disabled sources still need all other attributes until ## https://tickets.puppetlabs.com/browse/MODULES-4449 is resolved. ## Password is necessary with user, but not ensurable, so it should not ## matter what it is set to here. If you ever do get into trouble here, ## the password is your license GUID. chocolateysource {'chocolatey.licensed': ensure => disabled, priority => '10', user => 'customer', password => '1234', require => Package['chocolatey-license'], } ### c. Ensure Chocolatey Licensed Extension ### #### You will have downloaded the licensed extension to your internal repository #### as you have disabled the licensed repository in step 5b. #### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension) package {'chocolatey.extension': ensure => latest, provider => chocolatey, source => $_repository_url, require => Package['chocolatey-license'], } #### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable: #### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder #### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer #### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization #### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer #### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit #### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle #### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn #### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding #### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere #### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management #### - Other - https://docs.chocolatey.org/en-us/features/paid/ ### d. Ensure Self-Service Anywhere ### #### If you have desktop clients where users are not administrators, you may #### to take advantage of deploying and configuring Self-Service anywhere chocolateyfeature {'showNonElevatedWarnings': ensure => disabled, } chocolateyfeature {'useBackgroundService': ensure => enabled, } chocolateyfeature {'useBackgroundServiceWithNonAdministratorsOnly': ensure => enabled, } chocolateyfeature {'allowBackgroundServiceUninstallsFromUserInstallsOnly': ensure => enabled, } chocolateyconfig {'backgroundServiceAllowedCommands': value => 'install,upgrade,uninstall', } ### e. Ensure Chocolatey Central Management ### #### If you want to manage and report on endpoints, you can set up and configure ### Central Management. There are multiple portions to manage, so you'll see ### a section on agents here along with notes on how to configure the server ### side components. if $_chocolatey_central_management_url { package {'chocolatey-agent': ensure => latest, provider => chocolatey, source => $_repository_url, require => Package['chocolatey-license'], } chocolateyconfig {'CentralManagementServiceUrl': value => $_chocolatey_central_management_url, } if $_chocolatey_central_management_client_salt { chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword': value => $_chocolatey_central_management_client_salt, } } if $_chocolatey_central_management_service_salt { chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword': value => $_chocolatey_central_management_client_salt, } } chocolateyfeature {'useChocolateyCentralManagement': ensure => enabled, require => Package['chocolatey-agent'], } chocolateyfeature {'useChocolateyCentralManagementDeployments': ensure => enabled, require => Package['chocolatey-agent'], } } (责任编辑:) |