1 #!powershell
2 
3 # Copyright: (c) 2018, Kevin Subileau (@ksubileau)
4 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
5 
6 #Requires -Module Ansible.ModuleUtils.Legacy
7 
8 $ErrorActionPreference = "Stop"
9 
10 # List of ssl bridging methods as string. Used for parameter validation and conversion to integer flag, so order is important!
11 $ssl_bridging_methods = @("none", "https_http", "https_https")
12 
13 $params = Parse-Args -arguments $args -supports_check_mode $true
14 $check_mode = Get-AnsibleParam -obj $params -name "_ansible_check_mode" -type "bool" -default $false
15 $diff_mode = Get-AnsibleParam -obj $params -name "_ansible_diff" -type "bool" -default $false
16 
17 $certificate = Get-AnsibleParam $params -name "certificate_hash" -type "str"
18 $max_connections = Get-AnsibleParam $params -name "max_connections" -type "int"
19 $ssl_bridging = Get-AnsibleParam -obj $params -name "ssl_bridging" -type "str" -validateset $ssl_bridging_methods
20 $enable_only_messaging_capable_clients  = Get-AnsibleParam $params -name "enable_only_messaging_capable_clients" -type "bool"
21 
22 $result = @{
23   changed = $false
24 }
25 $diff_text = $null
26 
27 # Ensure RemoteDesktopServices module is loaded
28 if ($null -eq (Get-Module -Name RemoteDesktopServices -ErrorAction SilentlyContinue)) {
29     Import-Module -Name RemoteDesktopServices
30 }
31 
32 if ($null -ne $certificate)
33 {
34     # Validate cert path
35     $cert_path = "cert:\LocalMachine\My\$certificate"
36     If (-not (Test-Path -LiteralPath $cert_path) )
37     {
38         Fail-Json -obj $result -message "Unable to locate certificate at $cert_path"
39     }
40 
41     # Get current certificate hash
42     $current_cert = (Get-Item -LiteralPath "RDS:\GatewayServer\SSLCertificate\Thumbprint").CurrentValue
43     if ($current_cert -ne $certificate) {
44         Set-Item -LiteralPath "RDS:\GatewayServer\SSLCertificate\Thumbprint" -Value $certificate -WhatIf:$check_mode
45         $diff_text += "-Certificate = $current_cert`n+Certificate = $certificate`n"
46         $result.changed = $true
47     }
48 }
49 
50 if ($null -ne $max_connections)
51 {
52     # Set the correct value for unlimited connections
53     # TODO Use a more explicit value, maybe a string (ex: "max", "none" or "unlimited") ?
54     If ($max_connections -eq -1)
55     {
56         $max_connections = (Get-Item -LiteralPath "RDS:\GatewayServer\MaxConnectionsAllowed").CurrentValue
57     }
58 
59     # Get current connections limit
60     $current_max_connections = (Get-Item -LiteralPath "RDS:\GatewayServer\MaxConnections").CurrentValue
61     if ($current_max_connections -ne $max_connections) {
62         Set-Item -LiteralPath "RDS:\GatewayServer\MaxConnections" -Value $max_connections -WhatIf:$check_mode
63         $diff_text += "-MaxConnections = $current_max_connections`n+MaxConnections = $max_connections`n"
64         $result.changed = $true
65     }
66 }
67 
68 if ($null -ne $ssl_bridging)
69 {
70     $current_ssl_bridging = (Get-Item -LiteralPath "RDS:\GatewayServer\SSLBridging").CurrentValue
71     # Convert the integer value to its representative string
72     $current_ssl_bridging_str = $ssl_bridging_methods[$current_ssl_bridging]
73 
74     if ($current_ssl_bridging_str -ne $ssl_bridging) {
75         Set-Item -LiteralPath "RDS:\GatewayServer\SSLBridging" -Value ([array]::IndexOf($ssl_bridging_methods, $ssl_bridging)) -WhatIf:$check_mode
76         $diff_text += "-SSLBridging = $current_ssl_bridging_str`n+SSLBridging = $ssl_bridging`n"
77         $result.changed = $true
78     }
79 }
80 
81 if ($null -ne $enable_only_messaging_capable_clients)
82 {
83     $current_enable_only_messaging_capable_clients = (Get-Item -LiteralPath "RDS:\GatewayServer\EnableOnlyMessagingCapableClients").CurrentValue
84     # Convert the integer value to boolean
85     $current_enable_only_messaging_capable_clients = $current_enable_only_messaging_capable_clients -eq 1
86 
87     if ($current_enable_only_messaging_capable_clients -ne $enable_only_messaging_capable_clients) {
88         Set-Item -LiteralPath "RDS:\GatewayServer\EnableOnlyMessagingCapableClients" -Value ([int]$enable_only_messaging_capable_clients) -WhatIf:$check_mode
89         $diff_text += "-EnableOnlyMessagingCapableClients = $current_enable_only_messaging_capable_clients`n+EnableOnlyMessagingCapableClients = $enable_only_messaging_capable_clients`n"
90         $result.changed = $true
91     }
92 }
93 
94 if ($diff_mode -and $result.changed -eq $true) {
95     $result.diff = @{
96         prepared = $diff_text
97     }
98 }
99 
100 Exit-Json $result
101