azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
claudetools/projects/msp-tools/guru-rmm/agent/deploy/glaztech-slc/install.ps1
Mike Swanson 6c316aa701 Add VPN configuration tools and agent documentation 
Created comprehensive VPN setup tooling for Peaceful Spirit L2TP/IPsec connection
and enhanced agent documentation framework.

VPN Configuration (PST-NW-VPN):
- Setup-PST-L2TP-VPN.ps1: Automated L2TP/IPsec setup with split-tunnel and DNS
- Connect-PST-VPN.ps1: Connection helper with PPP adapter detection, DNS (192.168.0.2), and route config (192.168.0.0/24)
- Connect-PST-VPN-Standalone.ps1: Self-contained connection script for remote deployment
- Fix-PST-VPN-Auth.ps1: Authentication troubleshooting for CHAP/MSChapv2
- Diagnose-VPN-Interface.ps1: Comprehensive VPN interface and routing diagnostic
- Quick-Test-VPN.ps1: Fast connectivity verification (DNS/router/routes)
- Add-PST-VPN-Route-Manual.ps1: Manual route configuration helper
- vpn-connect.bat, vpn-disconnect.bat: Simple batch file shortcuts
- OpenVPN config files (Windows-compatible, abandoned for L2TP)

Key VPN Implementation Details:
- L2TP creates PPP adapter with connection name as interface description
- UniFi auto-configures DNS (192.168.0.2) but requires manual route to 192.168.0.0/24
- Split-tunnel enabled (only remote traffic through VPN)
- All-user connection for pre-login auto-connect via scheduled task
- Authentication: CHAP + MSChapv2 for UniFi compatibility

Agent Documentation:
- AGENT_QUICK_REFERENCE.md: Quick reference for all specialized agents
- documentation-squire.md: Documentation and task management specialist agent
- Updated all agent markdown files with standardized formatting

Project Organization:
- Moved conversation logs to dedicated directories (guru-connect-conversation-logs, guru-rmm-conversation-logs)
- Cleaned up old session JSONL files from projects/msp-tools/
- Added guru-connect infrastructure (agent, dashboard, proto, scripts, .gitea workflows)
- Added guru-rmm server components and deployment configs

Technical Notes:
- VPN IP pool: 192.168.4.x (client gets 192.168.4.6)
- Remote network: 192.168.0.0/24 (router at 192.168.0.10)
- PSK: rrClvnmUeXEFo90Ol+z7tfsAZHeSK6w7
- Credentials: pst-admin / 24Hearts$

Files: 15 VPN scripts, 2 agent docs, conversation log reorganization,
guru-connect/guru-rmm infrastructure additions

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-18 11:51:47 -07:00

200 lines
8.1 KiB
PowerShell
Raw Permalink Blame History

# GuruRMM Agent Installer
# Client: Glaztech Industries
# Site: SLC - Salt Lake City
# Compatible with: Windows 7 SP1+ / PowerShell 2.0+
$ErrorActionPreference = "Stop"
# Get script directory (works on all PowerShell versions including 2.0)
$ScriptDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
if (-not $ScriptDir) { $ScriptDir = (Get-Location).Path }
$InstallPath = "C:\Program Files\GuruRMM"
$ConfigPath = "C:\ProgramData\GuruRMM"
$ServiceName = "GuruRMMAgent"
Write-Host "GuruRMM Agent Installer" -ForegroundColor Cyan
Write-Host "========================" -ForegroundColor Cyan
Write-Host "Client: Glaztech Industries"
Write-Host "Site: SLC - Salt Lake City"
Write-Host ""
# Check for admin privileges
$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")
if (-not $isAdmin) {
Write-Host "ERROR: Please run as Administrator" -ForegroundColor Red
Write-Host "Right-click PowerShell and select 'Run as Administrator'"
exit 1
}
# Check Windows version
$osVersion = [Environment]::OSVersion.Version
Write-Host "Detected Windows version: $($osVersion.Major).$($osVersion.Minor)" -ForegroundColor Gray
if ($osVersion.Major -lt 6 -or ($osVersion.Major -eq 6 -and $osVersion.Minor -lt 1)) {
Write-Host "ERROR: Windows 7 SP1 or later is required" -ForegroundColor Red
exit 1
}
# Enable TLS 1.2 on Windows 7/8/8.1 if needed (required for secure connections)
# Windows 10+ has TLS 1.2 enabled by default
if ($osVersion.Major -eq 6) {
Write-Host "Checking TLS 1.2 support..." -ForegroundColor Gray
$tls12Path = "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2"
$tls12ClientPath = "$tls12Path\Client"
$needsReboot = $false
# Check if TLS 1.2 Client key exists and is enabled
$tls12Enabled = $false
try {
if (Test-Path $tls12ClientPath) {
$enabled = Get-ItemProperty -Path $tls12ClientPath -Name "Enabled" -ErrorAction SilentlyContinue
$disabled = Get-ItemProperty -Path $tls12ClientPath -Name "DisabledByDefault" -ErrorAction SilentlyContinue
if ($enabled.Enabled -eq 1 -and $disabled.DisabledByDefault -eq 0) {
$tls12Enabled = $true
}
}
} catch {}
if (-not $tls12Enabled) {
Write-Host "Enabling TLS 1.2 for secure connections..." -ForegroundColor Yellow
# Create protocol keys if they don't exist
if (-not (Test-Path $tls12Path)) {
New-Item -Path $tls12Path -Force | Out-Null
}
if (-not (Test-Path $tls12ClientPath)) {
New-Item -Path $tls12ClientPath -Force | Out-Null
}
# Enable TLS 1.2 for client connections
New-ItemProperty -Path $tls12ClientPath -Name "Enabled" -Value 1 -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $tls12ClientPath -Name "DisabledByDefault" -Value 0 -PropertyType DWORD -Force | Out-Null
# Also create Server keys for completeness
$tls12ServerPath = "$tls12Path\Server"
if (-not (Test-Path $tls12ServerPath)) {
New-Item -Path $tls12ServerPath -Force | Out-Null
}
New-ItemProperty -Path $tls12ServerPath -Name "Enabled" -Value 1 -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $tls12ServerPath -Name "DisabledByDefault" -Value 0 -PropertyType DWORD -Force | Out-Null
# Enable TLS 1.2 in WinHTTP (for .NET and other apps)
$winHttpPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
try {
if (-not (Test-Path $winHttpPath)) {
New-Item -Path $winHttpPath -Force | Out-Null
}
# 0x800 = TLS 1.2
New-ItemProperty -Path $winHttpPath -Name "DefaultSecureProtocols" -Value 0x800 -PropertyType DWORD -Force | Out-Null
} catch {}
# Also for 64-bit on 32-bit keys
$winHttp64Path = "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
try {
if (Test-Path "HKLM:\SOFTWARE\Wow6432Node") {
if (-not (Test-Path $winHttp64Path)) {
New-Item -Path $winHttp64Path -Force | Out-Null
}
New-ItemProperty -Path $winHttp64Path -Name "DefaultSecureProtocols" -Value 0x800 -PropertyType DWORD -Force | Out-Null
}
} catch {}
Write-Host " TLS 1.2 enabled successfully" -ForegroundColor Green
$needsReboot = $true
} else {
Write-Host " TLS 1.2 already enabled" -ForegroundColor Gray
}
if ($needsReboot) {
Write-Host " NOTE: A reboot may be required for TLS changes to take effect" -ForegroundColor Yellow
}
}
# Stop existing service if running
$service = $null
try { $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue } catch {}
if ($service) {
Write-Host "Stopping existing service..." -ForegroundColor Yellow
try { Stop-Service -Name $ServiceName -Force -ErrorAction SilentlyContinue } catch {}
Start-Sleep -Seconds 3
}
# Create install directory
Write-Host "Creating install directory: $InstallPath" -ForegroundColor Green
if (-not (Test-Path $InstallPath)) {
New-Item -ItemType Directory -Path $InstallPath -Force | Out-Null
}
# Create config directory
Write-Host "Creating config directory: $ConfigPath" -ForegroundColor Green
if (-not (Test-Path $ConfigPath)) {
New-Item -ItemType Directory -Path $ConfigPath -Force | Out-Null
}
# Verify source files exist
if (-not (Test-Path "$ScriptDir\gururmm-agent.exe")) {
Write-Host "ERROR: gururmm-agent.exe not found in $ScriptDir" -ForegroundColor Red
exit 1
}
if (-not (Test-Path "$ScriptDir\agent.toml")) {
Write-Host "ERROR: agent.toml not found in $ScriptDir" -ForegroundColor Red
exit 1
}
# Copy files
Write-Host "Copying agent files..." -ForegroundColor Green
Write-Host " Source: $ScriptDir" -ForegroundColor Gray
Copy-Item -Path "$ScriptDir\gururmm-agent.exe" -Destination "$InstallPath\gururmm-agent.exe" -Force
Copy-Item -Path "$ScriptDir\agent.toml" -Destination "$ConfigPath\agent.toml" -Force
Write-Host " Binary: $InstallPath\gururmm-agent.exe" -ForegroundColor Gray
Write-Host " Config: $ConfigPath\agent.toml" -ForegroundColor Gray
# Install Windows service
Write-Host "Installing Windows service..." -ForegroundColor Green
$installResult = & "$InstallPath\gururmm-agent.exe" install 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "Service installation output:" -ForegroundColor Yellow
Write-Host $installResult
}
# Wait for service to register
Start-Sleep -Seconds 2
# Start the service
Write-Host "Starting service..." -ForegroundColor Green
$startResult = & "$InstallPath\gururmm-agent.exe" start 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "Service start output:" -ForegroundColor Yellow
Write-Host $startResult
}
# Verify service status
Start-Sleep -Seconds 3
$service = $null
try { $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue } catch {}
if ($service -and $service.Status -eq "Running") {
Write-Host ""
Write-Host "========================================" -ForegroundColor Green
Write-Host "SUCCESS: GuruRMM Agent installed and running!" -ForegroundColor Green
Write-Host "========================================" -ForegroundColor Green
Write-Host ""
Write-Host "Site Code: DARK-GROVE-7839" -ForegroundColor Cyan
Write-Host ""
Write-Host "Useful commands:" -ForegroundColor White
Write-Host " Status: $InstallPath\gururmm-agent.exe status"
Write-Host " Stop: $InstallPath\gururmm-agent.exe stop"
Write-Host " Start: $InstallPath\gururmm-agent.exe start"
Write-Host " Uninstall: $InstallPath\gururmm-agent.exe uninstall"
} elseif ($service) {
Write-Host ""
Write-Host "WARNING: Service installed but status is: $($service.Status)" -ForegroundColor Yellow
Write-Host "Check logs in Event Viewer > Windows Logs > Application"
} else {
Write-Host ""
Write-Host "WARNING: Service may not have installed correctly" -ForegroundColor Yellow
Write-Host "Try running manually: $InstallPath\gururmm-agent.exe status"
}
Reference in New Issue View Git Blame Copy Permalink