Blog Marcina Bojko

Linux,Windows,serwer, i tak dalej ;)

hv_default – version 1.18

leave a comment »

Written by marcinbojko

Październik 16, 2016 at 19:48

Napisane w Uncategorized

Quick Zabbix (agent/server) migration from 2.2/3.0 to 3.2 (installed from official repository)

leave a comment »

  1. Backup your machine (physical/virtual)
  2. Run (for server AND agent)

    # stop services
    systemctl stop zabbix-server
    systemctl stop zabbix-agent
    # clean cache
    yum clean all
    # upgrade releases from 2.x/3.0 to 3.2
    yum upgrade
    # disable additional repository
    yum-config-manager --disable zabbix-non-supported
    # update
    yum update -y
    # clean cache
    yum clean all
    # enable services
    systemctl enable zabbix-server
    systemctl enable zabbix-agent


    # for agents
    systemctl stop zabbix-agent
    yum clean all
    yum upgrade
    yum-config-manager --disable zabbix-non-supported
    yum install zabbix-agent -y
    yum clean all
    systemctl enable zabbix-agent
    systemctl start zabbix-agent

Written by marcinbojko

Październik 15, 2016 at 14:21

HV-Default – confirmed working with Hyper-V 2016

leave a comment »

New version available:

Written by marcinbojko

Październik 13, 2016 at 18:36

Napisane w Uncategorized, work

Tagged with , ,

Puppet & The Foreman & Powershell DSC – Windows Updates: Neverending story.

leave a comment »

Nobody likes Windows Updates even Microsoft itself. But sometimes one should make sure, you have perks your system needs. But, we co do it old fashion way: check, update, reboot, repeat. Boring, and completly not in a way DevOps do.

Again, Win_manage to the rescue.

First we make sure what we want to do:


  dsc_dayofweek: sunday
  dsc_afterhour: 11
  dsc_usenotify: true


  dsc_updatenow: 'true'
  dsc_category: security
  dsc_updatenow: 'true'
  dsc_category: important
  dsc_updatenow: 'true'
  dsc_category: optional


  message: Machine requested a reboot
  when: pending

But what does it do? First, we should prepare update schedule: let’s say, we can start auto-updates on Sunday, after 11 AM (remember 11 AM = 11:00, and 11:00 PM=23:00)

Second: we want to install 3 type of updates: security, important and optional.

Third: we want to auto-reboot our machine (dsc_reboot) and notify us about pending updates count BEFORE and AFTER update patch set (dsc_usenotify: true)

So, we can switch from:




in a time needed to get some music🙂

Written by marcinbojko

Październik 9, 2016 at 18:36

Puppet & The Foreman & Powershell DSC – The Road So Far.

leave a comment »

During last few weeks I was able to push and heavy test puppet-dsc code in a lots of environments and setups.

We had sysprepped Windows Server 2012 R2 images (different versions, builds and setups), a lots of Windows 10 Professional Workstations (Original, 1511, 1607 builds), few Windows 8.1 Pro – really great statistic sample.

As for now:

  • Windows Server 2012 and Windows 2012 R2 – fully supported
  • Windows 8.1/10 (original)/10 (1511) – fully supported
  • Windows Server 2016/Windows 10 (1607) – unsupported due to parsing bug in Powershell 5.1 – Work in progress
  • Windows 7/8 – not tested
  • Windows 2008 R2 – not tested

Implemented modules:

  • Chocolatey – with features and sources support (adding, removing, modyfing)
  • DSC_WindowsFeature
  • DSC_WindowsOptionalFeature
  • DSC_Service
  • DSC_Environment
  • DSC_Group
  • DSC_xFirewall
  • DSC_Reboot

More code is coming, but this fine set allows you to deploy and manage a lots of types of servers and workstations.

Written by marcinbojko

Październik 7, 2016 at 19:47

Puppet & The Foreman & Powershell DSC – your System Center in a box :)

leave a comment »

Few weeks ago I started a little project – complete Puppet module called: win_manage.

My goal was to manage Windows based machines almost as easy as Linux servers, as little code inside as possible (you know, I am not a developer in any kind). And when I was thinking: KISS is no more possible with this project, I’ve found Puppet Powershell DSC module:

Adding another resources it is just a breeze, the biggest part of work was to test almost every setting provided by Microsoft, to have working examples in day-to-day SysAdmin/DevOP job.

And yes, I know – we have plenty of things like this, sold with different price plans, different support plans and so on. But if you cannot afford pricey tools like Puppet Enterprise or System Center 2012 R2 in your environment, this little project comes to help you🙂

First things first – why?

  1. We have excellent granularity using Puppet and Foreman architecture without complicated AD GPO with filters.
  2. Nested groups/copying groups helps so much in creating cloned environment
  3. It doesn’t matter what provider do you use: physical, virtual, VMWare,Hyper-V, Azure – it just works.
  4. With additional modules like Chocolatey and our private sources (and private CDNs) the story is completed – no more AD MSI voodoo stuff. Software deployment and maintenance just got really better.
  5. One is is to deploy, second thing is to maintain and manage. Securing running services or making permanent changes in your environment is as much important as just deploy them.
  6. No more ‚just another script’ approach.
  7. Everyone can afford simple machine with simple YAML examples😉

So my work in progress looks just like this:




Host Groups


Parameters to set

We love YAML driven configuration: setting users, rules, applications is just as easy as writing very light code:

Setting registry:

 dsc_valuename: Password
 dsc_valuedata: af af af af af af af af
 dsc_valuetype: binary
 dsc_valuename: ControlPassword
 dsc_valuedata: af af af af af af af af
 dsc_valuetype: binary

Adding features:

 dsc_ensure: present
 dsc_name: Web-Server
 dsc_includeallsubfeature: true
 dsc_ensure: present
 dsc_name: DSC-Service

Installing and maintaining latest version of packages:

 ensure: latest
 ensure: latest
 ensure: latest
 ensure: latest

So, what to do next? I will be adding additional DSC Resources to module and hopefully will be able to make it public. Stay tuned and keep your fingers crossed😉


Written by marcinbojko

Październik 4, 2016 at 19:11

Chocolatey i własne źródło pakietów.

leave a comment »

Bez wątpienia – Chocolatey ( jest doskonałym zarządcą pakietów dla systemu WIndows – zwłaszcza w instalacjach DesiredStateConfiguration. Trochę przytłacza mnogość sposobów instalacji pakietów (w zasadzie, każdy pakiet potrafi być oddzielnym kawałkiem kodu), jednak rekompensuje to z nawiązką ich niskim skomplikowaniem.

Owszem, sporo pakietów jest w oryginalnym repozytorium, jednak nie wszystkie pakiety źródłowe posiadają publiczne linki, tak aby można je było umieścić w samym pakiecie.

Rozwiązaniem jest np. tworzenie pakietów w repozytorium, a same binarki trzymać np. 2 miejscach – firmowy intranet oraz linki publiczne.

Ponieważ mnie zawsze brakuje wspomnianych pakietów przedstawiam wam własne źródło, gdzie postaram się uzupełniać przydatne i brakujące pakiety.

Kilka zasad:

  1. Wszystkie pakiety binarne trzymane są w moim Dropboxie – katalog /public/choco.
  2. Wszystkie pakiety binarne podpisane są SHA256
  3. Wszystkie pakiety są weryfikowane przez Virus Total a ich suma SHA256 MUSI zgadzać się z sumą z linka VirusTotal. W opisie pakietu widnieje ich suma kontrolna.
  4. Repozytorium jest publiczne – jeżeli chcesz umieścić swój pakiet – odpowiadasz za niego🙂

Bez zbędnej zwłoki:

Samo źródło:

Nuget v2:

RSS źródła z pakietami:


Jak dodać źródło do swojego Chocolatey’a?

choco source add -n=NAZWA -s"" --priority=10

Jak zainstalować/aktualizować pakiet?

choco install nazwapakietu -y

choco upgrade nazwapakietu -y


Jak usunąć pakiet?

choco uninstall nazwapakietu -y


Jakie pakiety są w repo?

Na dzień dzisiejszy:

WPS-Office-Personal –

Zabbix-Agent3 –


Pozostałe pakiety przerabiam z sum kontrolnych MD5 na SHA256 co zajmuje mi nieco czasu.



Written by marcinbojko

Październik 1, 2016 at 12:57

%d bloggers like this: