安裝研發服務器

重裝服務器真是一個耗精力的過程，尤爲是用ghost作數據全盤備份，數據ghost恢復蝸牛通常的速度，再加上ghost竟然人生第一次碰到了軟件會異常問題，真的是讓人痛苦不堪啊。從如今想來，可能不如用imagex來備份數據，imagex至少能夠直接mount，省了我不斷的恢復過程啊。回想起來，選ghost惟一的理由，應該是：全盤備份，能夠必要時候全盤恢復。不過，這個不是這裏的重點。這裏主要講服務安裝時候，自動化腳本構建。固然，使用構建腳本的方法，可能真的不如直接手動操做，可是，萬一須要第二臺或第二次再來一遍呢。固然，程序員對於人肉方法，也是傾向於不屑一顧的。

1. 組織架構

公司轉向了事業部制，大概的公司結構以下：  基本SVN設計是，每一個事業部有一個SVN庫，下面設一級目錄，HW/FPGA/FW/SW，分別受權不一樣的工程師訪問。

2. 建立用戶和用戶組

用戶歸屬於事業部，須要建立事業部組，事業部下根據研發性質，在細分紅HW/FPGA/FW/SW用戶組，建立用戶用命令「net user」，從Excel生成命令腳本使用Excel的VBA生成，代碼以下：

Sub CreateScript()
    Dim row As Integer, i As Integer
    Dim tsUsr As TextStream, tsSmtp As TextStream
    Dim usr As String, grp As String, cmt As String
    Dim outFolder As String
    
    Set fso = CreateObject("Scripting.FileSystemObject")
    outFolder = "D:\BYHX\Server\"
    Set tsUsr = fso.OpenTextFile(outFolder & "0.servadmin.cmd", ForWriting, True)
    Set tsSmtp = fso.OpenTextFile(outFolder & "0.sendmail.ps1", ForWriting, True)
    
    ' PowerShell，須要先執行如下的語句，才能執行ps1腳本
    tsSmtp.WriteLine "# Execute below command first, then ps1 script will allowed."
    tsSmtp.WriteLine "# Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser"
    
    ' 建立事業部和大的用戶性質用戶組
    For row = 2 To 18
        grp = Range("L" & row)
        If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
        tsUsr.WriteLine "net localgroup " & grp & " /add /comment:""" & Range("M" & row) & """"
    Next row
    
    ' 建立事業部下研發分類用戶組，以及列出同類研發事業部組列表
    For row = 2 To 13
        grp = Range("L" & row)
        cmt = Range("M" & row)
        If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
        tsUsr.WriteLine "net localgroup " & grp & "-HW   /add /comment:""" & cmt & " 硬件"""
        tsUsr.WriteLine "net localgroup " & grp & "-FPGA /add /comment:""" & cmt & " FPGA"""
        tsUsr.WriteLine "net localgroup " & grp & "-FW   /add /comment:""" & cmt & " 嵌入"""
        tsUsr.WriteLine "net localgroup " & grp & "-SW   /add /comment:""" & cmt & " 軟件"""
    Next row
    
    For row = 2 To 1000
        usr = Trim(Range("A" & row).Text)
        grp = Trim(Range("D" & row).Text)
        ' 行的A列爲空，表示處理結束
        If usr = "" Then Exit For
        ' 非RD的，添加BU前綴
        If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
        ' 添加用戶
        tsUsr.WriteLine "net user " & usr & " """ & Range("B" & row) & """ /add /active:yes /expires:never /fullname:" & Range("C" & row)
        ' 用戶密碼永不過時
        tsUsr.WriteLine "wmic useraccount where name='" & usr & "' set passwordexpires=false"
        ' 把用戶添加到事業部
        tsUsr.WriteLine "net localgroup " & grp & " " & usr & " /add"
        
        ' 根據研發內容，添加用戶到事業部研發組
        If Range("E" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-HW   " & usr & " /add" & vbCrLf & "net localgroup RD-AllHW   " & usr & " /add"
        If Range("F" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-FPGA " & usr & " /add" & vbCrLf & "net localgroup RD-AllFPGA " & usr & " /add"
        If Range("G" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-FW   " & usr & " /add" & vbCrLf & "net localgroup RD-AllFW   " & usr & " /add"
        If Range("H" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-SW   " & usr & " /add" & vbCrLf & "net localgroup RD-AllSW   " & usr & " /add"
        If Range("I" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup BU-Leader " & usr & " /add"
    Next row
        
    tsUsr.Close
    tsSmtp.Close
    MsgBox "OK"
End Sub

3. 安裝和配置SVN

3.1 創建SVN庫

安裝完畢以後，創建一個Demo庫，手動添加管理帳號的讀寫訪問權限，拷貝出帳號認證配置文件，再準備好須要的svn的hook文件。 準備好事業部列表文件「1.svn-repo.txt」，每行只有事業部的名稱（從Excel拷貝出來便可），用批處理命令，生成SVN庫，以及離線SVN配置。

for /f %%i in (1.svn-repo.txt) do (
svnadmin create E:\Repositories\%%i
mkdir %%i\conf\
mkdir %%i\hooks\
copy /y VisualSVN-WinAuthz.ini %%i\conf\
copy /y pre-commit.cmd %%i\hooks\
)

3.2 建立一級目錄並配置

用svn命令，管理帳號，建立各個庫的一級目錄：

for /f %%i in (1.svn-repo.txt) do (
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/hw -m "Create hardware folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/fpga -m "Create FPGA folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/fw -m "Create firmware folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/sw -m "Create software folder"
)

用相似的循環，用「PsGetsid」工具，獲取用戶的SID信息文件，單個SID信息相似於

SID for my-co-server\whom:
S-1-5-21-316025195-1075053894-3005689260-1012

利用shell腳本，處理SID信息（注意先轉換「sidresult.txt」爲unix格式）

cat sidresult.txt | egrep "SID\ for|S\-1" | sed -e 'N;s/\n//g' | sed -e 's/^.*\\//g' > sidlist.txt 

處理完信息相似於：

whom:S-1-5-21-316025195-1075053894-3005689260-1012

有了SID信息表以後，用Excel的VBA，處理權限信息：

Function GetSID(sName As String)
    Dim sidFile As TextStream
    Dim outFolder As String
    Dim str As String, s1 As String
    Dim pos As Integer
    
    outFolder = "D:\BYHX\Server\"
    
    Set sidFile = fso.OpenTextFile(outFolder & "sidlist.txt", ForReading)
    Do While Not sidFile.AtEndOfStream
        str = sidFile.ReadLine
        pos = InStr(str, ":")
        s1 = Left(str, pos - 1)
        If s1 = sName Then
            GetSID = mid(str, pos + 1)
            Exit Do
        End If
    Loop
End Function

Sub ModiPrivilege()
    Dim row As Integer, i As Integer
    Dim outFolder As String
    Dim authFile As TextStream
    Dim str As String, s1 As String
    Dim usr As String, grp As String
    
    Set fso = CreateObject("Scripting.FileSystemObject")
    outFolder = "D:\BYHX\Server\"

    ' 給負責人添加庫的徹底權限
    For row = 2 To 1000
        usr = Trim(Range("A" & row).Text)
        grp = Trim(Range("D" & row).Text)
        ' 行的A列爲空，表示處理結束
        If usr = "" Then Exit For
        ' 非RD的，添加BU前綴
        If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
        
        If Range("I" & row).Text = "Y" Then
            str = outFolder & grp & "\conf\VisualSVN-WinAuthz.ini"
            Set authFile = fso.OpenTextFile(str, ForAppending)
            authFile.WriteLine GetSID(usr) & "=rw"
            authFile.Close
        End If
    Next row

    ' 事業部下研發分類用戶組，設置權限
    For row = 2 To 13
        grp = Range("L" & row)
        If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
        
        Set authFile = fso.OpenTextFile(outFolder & grp & "\conf\VisualSVN-WinAuthz.ini", ForAppending)
        authFile.WriteLine vbCrLf & "[/hw]"
        authFile.WriteLine GetSID(grp & "-HW") & "=rw"
        authFile.WriteLine vbCrLf & "[/fpga]"
        authFile.WriteLine GetSID(grp & "-FPGA") & "=rw"
        authFile.WriteLine vbCrLf & "[/fw]"
        authFile.WriteLine GetSID(grp & "-FW") & "=rw"
        authFile.WriteLine vbCrLf & "[/sw]"
        authFile.WriteLine GetSID(grp & "-SW") & "=rw"
        authFile.Close
    Next row
    
    MsgBox "OK"
End Sub

將離線的SVN配置文件，複製到SVN庫目錄，重啓SVN服務，SVN配置完成。

4. 發送通知郵件

須要把各個帳戶的密碼，通知到各位同仁。將Excel的用戶名和密碼這兩列，複製到文本文件。轉爲unix格式。發送郵件腳本以下：

#!/usr/bin/bash input="mailaccount.txt" while IFS= read -r line do _usr=`echo -n $line | gawk '{printf "%s",$1}'` _pwd=`echo -n $line | gawk '{printf "%s",$2}' | ./htmlenc.exe` cat SwithMailSettings.xml | sed -e "s/__to_person__/$_usr/g" -e "s/__password__/$_pwd/g" > account.xml ./SwithMail.exe /s /x account.xml done < "$input" 

命令行郵件工具選擇了「SwithMail」，依據的是7 Command Line Utilities to Easily Send Email Using SMTP的推薦。固然，用PowerShell也能夠，就是比較麻煩一點點。