Windows kickstart Powershell with local repo always tries to contact Internet

Hi,

I seem to be unable to install the stuff without internet connection as the script fails.

My setup:
I have an environment without internet, separated net segments (and a global DNS).
I mirrored Index of /IcingaForWindows to our Apache (http) and it is accessible from the client (I can download the kickstarter.zip manually).

I tried running the kickstarterscript on Windows according to tutorial: Getting Started - Icinga for Windows. I modified the starter like this:

[Net.ServicePointManager]::SecurityProtocol = 'tls12, tls11';
$ProgressPreference                         = 'SilentlyContinue';
[string]$ScriptFile                         = 'C:\Users\Public\IcingaForWindows.ps1';

Invoke-WebRequest `
    -UseBasicParsing `
    -Uri 'http://localserver/IcingaForWindows.ps1' `
    -OutFile $ScriptFile;

& $ScriptFile `
    -ModuleDirectory 'C:\Program Files\WindowsPowerShell\Modules\' `
    -IcingaRepository 'http://localserver/repositories/stable';

This fails with “Invalid JSON primitive”. I guess because it cannot find the ifw.repo.json.

If I do " -IcingaRepository ‘http://localserver/repositories/stable/ifw.repo.json’ (like the sample in the script itself); the script runs longer failing with “cannot download kickstart… from packages.icinga.com”. So it seems to work at first but then still tries to contact the Internet.
If I modify “Remotesource” in ifw.repo.json the script runs further, wizard starts, accepts the config but fails again later on, contacting packages.icinga.com.

Hijacking the packages.icinga.com is no option as we have multiple webservers, but only one DNS.

How is that supposed to work offline?

You should use powershell to sync your repo:

Sync-IcingaRepository -Name "Icinga Stable" -Path C:\TEMP\ -RemotePath "https://yourserver/stable" -Source https://packages.icinga.com/IcingaForWindows/stable/ifw.repo.json

Hi thanks for the reply.

My problem is: The only machine with access to packages.icinga.com is a highly secured RedHat (no powershell on this one), so even if that script modifies the respective files, it won’t help as the files will be copied over to different linux webservers (with different URLs) afterwards.

Question remains: Why is “-IcingaRepository” only honored at the beginning of the script but not, when the kickstarter-package is downloaded (wich is still part of the IcingaForWindows.ps1).
Is this a failure of the script or one of me?

I might have solved the issues of the (manually run) kickstarter-script itself, I’ll have to check some thoughts when having access to the system again.