Step 1: Review Your Packages

Step 2: Choose Your Integration Method

Step 3: Copy Your Script or Download Config

Option 1: Copy Script

Option 2: Download Config

Step 4: Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)

Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the packages and push them to a repository
  Download Packages

Option 2: Internalized Package (Reliable, Scalable)

Open Source
- Download the packages:
  Download Packages
- Follow manual internalization instructions
Package Internalizer (C4B)
- Run: (additional options)
- For package and dependencies run:
- Automate package internalization

Step 5: Copy Your Script

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###

#### We initialize a few things that are needed by this script - there are no other requirements.
$ErrorActionPreference = "Stop"

#### Set TLS 1.2 (3072) as that is the minimum required by various up-to-date repositories.
#### Use integers because the enumeration value for TLS 1.2 won't exist
#### in .NET 4.0, even though they are addressable if .NET 4.5+ is
#### installed (.NET 4.5 is an in-place upgrade).
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072

#### We use this variable for future REST calls.
$RequestArguments = @{
    UseBasicParsing = $true
}

## 2. TOP LEVEL VARIABLES ##

### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
$NugetRepositoryUrl = "INTERNAL REPO URL"

### b. Internal Repository Credential ###
#### If required, add the repository access credential here
# $NugetRepositoryCredential = [PSCredential]::new(
#     "username",
#     ("password" | ConvertTo-SecureString -AsPlainText -Force)
# )
# $RequestArguments.Credential = $NugetRepositoryCredential

### c. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it
$ChocolateyDownloadUrl = "$($NugetRepositoryUrl.TrimEnd('/'))/package/chocolatey.2.0.0.nupkg"

### d. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService"

#### ii. If using a Client Salt, add it here
# $ChocolateyCentralManagementClientSalt = "clientsalt"

#### iii. If using a Service Salt, add it here
# $ChocolateyCentralManagementServiceSalt = "servicesalt"

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository

#### Download the Nupkg, appending .zip to the filename to handle archive cmdlet limitations
if (-not (Get-Command choco.exe -ErrorAction SilentlyContinue)) {
    $TempDirectory = Join-Path $env:Temp "chocolateyInstall"
    if (-not (Test-Path $TempDirectory -PathType Container)) {
        $null = New-Item -Path $TempDirectory -ItemType Directory
    }
    $DownloadedNupkg = Join-Path $TempDirectory "$(Split-Path $ChocolateyDownloadUrl -Leaf).zip"
    Invoke-WebRequest -Uri $ChocolateyDownloadUrl -OutFile $DownloadedNupkg @RequestArguments

    #### Extract the Nupkg, and run the chocolateyInstall script
    if (Get-Command Microsoft.PowerShell.Archive\Expand-Archive -ErrorAction SilentlyContinue) {
        Microsoft.PowerShell.Archive\Expand-Archive -Path $DownloadedNupkg -DestinationPath $TempDirectory -Force
    } else {
        # PowerShell versions <4.0 do not have this function available
        try {
            $shellApplication = New-Object -ComObject Shell.Application
            $zipPackage = $shellApplication.NameSpace($DownloadedNupkg)
            $destinationFolder = $shellApplication.NameSpace($TempDirectory)
            $destinationFolder.CopyHere($zipPackage.Items(), 0x10)
        } catch {
            Write-Warning "Unable to unzip package using built-in compression."
            throw $_
        }
    }

    & $(Join-Path $TempDirectory "tools\chocolateyInstall.ps1")
}

if (-not (Get-Command choco.exe -ErrorAction SilentlyContinue)) {
    refreshenv
}

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
# choco feature enable -n useFipsCompliantChecksums

### b. Apply Recommended Configuration ###
#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
choco config set --name cacheLocation --value C:\ProgramData\chocolatey\cache

#### Increase timeout to at least 4 hours
choco config set --name commandExecutionTimeoutSeconds --value 14400

#### Turn off download progress when running choco through integrations
choco feature disable --name showDownloadProgress

### c. Sources ###
#### Remove the default community package repository source
choco source list --limitoutput | ConvertFrom-Csv -Header 'Name', 'Location' -Delimiter '|' | ForEach-Object {
    if ($_.Location -eq 'https://community.chocolatey.org/api/v2/') {
        choco source remove -n $_.Name
    }
}

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE may require changes
if ($NugetRepositoryCredential) {
    choco source add --name ChocolateyInternal --source $NugetRepositoryUrl --user $NugetRepositoryCredential.UserName --password $NugetRepositoryCredential.GetNetworkCredential().Password --priority 1
} else {
    choco source add --name ChocolateyInternal --source $NugetRepositoryUrl --priority 1
}

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
choco upgrade chocolatey --confirm

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
choco install chocolatey-license --source $NugetRepositoryUrl --confirm

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
if ("chocolatey-license" -in (choco list --localonly --limitoutput | ConvertFrom-Csv -Header "Name" -Delimiter "|").Name) {
    choco source disable --name chocolatey.licensed
} else {
    Write-Warning "Not disabling 'chocolatey.licensed' feed, as Chocolatey-License has not been installed."
}

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
if ("chocolatey-license" -in (choco list --localonly --limitoutput | ConvertFrom-Csv -Header "Name" -Delimiter "|").Name) {
    choco install chocolatey.extension --source $NugetRepositoryUrl --confirm
} else {
    Write-Warning "Not installing 'chocolatey.extension', as Chocolatey-License has not been installed."
}

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
choco feature disable --name showNonElevatedWarnings
choco feature enable --name useBackgroundService
choco feature enable --name useBackgroundServiceWithNonAdministratorsOnly
choco feature enable --name allowBackgroundServiceUninstallsFromUserInstallsOnly
choco config set --name allowedBackgroundServiceCommands --value "install,upgrade,uninstall"

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
if ($ChocolateyCentralManagementUrl) {
    choco install chocolatey-agent --source $NugetRepositoryUrl --confirm
    choco config set --name CentralManagementServiceUrl --value $ChocolateyCentralManagementUrl
    if ($ChocolateyCentralManagementClientSalt) {
        choco config set --name centralManagementClientCommunicationSaltAdditivePassword --value $ChocolateyCentralManagementClientSalt
    }
    if ($ChocolateyCentralManagementServiceSalt) {
        choco config set --name centralManagementServiceCommunicationSaltAdditivePassword --value $ChocolateyCentralManagementServiceSalt
    }
    choco feature enable --name useChocolateyCentralManagement
    choco feature enable --name useChocolateyCentralManagementDeployments
}

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. chocolatey.chocolatey
##### You will require the chocolatey.chocolatey collection to be installed
##### on all machines using this playbook.
##### Please see https://github.com/chocolatey/chocolatey-ansible/#installing-the-collection-from-ansible-galaxy

- name: Install and Configure Chocolatey
  hosts: all

## 2. TOP LEVEL VARIABLES ##
  vars:

### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
    nuget_repository_url: INTERNAL REPO URL

### b. Internal Repository Credential ###
#### If required, add the repository access credential here and
#### uncomment lines with source_username and source_password below
#    nuget_repository_username: username
#    nuget_repository_password: password

### c. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
#    chocolatey_central_management_url: https://chocolatey-central-management:24020/ChocolateyManagementService

#### ii. If using a Client Salt, add it here
#    chocolatey_central_management_client_salt: clientsalt

#### iii. If using a Service Salt, add it here
#    chocolatey_central_management_service_salt: servicesalt

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository

  tasks:
  - name: Install chocolatey
    win_chocolatey:
      name: chocolatey
      source: ""{{ nuget_repository_url }}""
      # source_username: ""{{ nuget_repository_username }}""
      # source_password: ""{{ nuget_repository_password }}""

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
#   - name: Enable FIPS compliance
#     win_chocolatey_feature:
#       name: useFipsCompliantChecksums
#       state: enabled

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
  - name: Set the cache location
    win_chocolatey_config:
      name: cacheLocation
      state: present
      value: C:\ProgramData\chocolatey\cache

#### Increase timeout to at least 4 hours
  - name: Set the command execution timeout
    win_chocolatey_config:
      name: commandExecutionTimeoutSeconds
      state: present
      value: 14400

#### Turn off download progress when running choco through integrations
  - name: Disable showing download progress
    win_chocolatey_feature:
      name: showDownloadProgress
      state: disabled

### c. Sources ###
#### Remove the default community package repository source
  - name: Remove Chocolatey Community Repository
    win_chocolatey_source:
      name: chocolatey
      state: absent

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here
#### NOTE: This EXAMPLE may require changes
  - name: Add Internal Repository
    win_chocolatey_source:
      name: ChocolateyInternal
      state: present
      source: {{ nuget_repository_url }}
      # source_username: {{ nuget_repository_username }}
      # source_password: {{ nuget_repository_password }}
      priority: 1

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
  - name: Upgrade Chocolatey
    win_chocolatey:
      name: chocolatey
      state: latest

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.
### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
  - name: Install Chocolatey License
    win_chocolatey:
      name: chocolatey-license
      source: ChocolateyInternal
      state: latest

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
  - name: Disable Chocolatey Community Repository
    win_chocolatey_source:
      name: chocolatey.licensed
      state: disabled

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
  - name: Install Chocolatey Extension
    win_chocolatey:
      name: chocolatey.extension
      source: ChocolateyInternal
      state: latest

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
  - name: Hide not-elevated warnings
    win_chocolatey_feature:
      name: showNonElevatedWarnings
      state: disabled

  - name: Use background mode for self-service
    win_chocolatey_feature:
      name: useBackgroundService
      state: enabled

  - name: Use background service for non-admins
    win_chocolatey_feature:
      name: useBackgroundServiceWithNonAdministratorsOnly
      state: enabled

  - name: Allow background uninstallation for user installs
    win_chocolatey_feature:
      name: allowBackgroundServiceUninstallsFromUserInstallsOnly
      state: enabled

  - name: Set allowed background service commands
    win_chocolatey_config:
      name: backgroundServiceAllowedCommands
      state: present
      value: install,upgrade,uninstall

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
  - name: Install Chocolatey Agent
    when: chocolatey_central_management_url is defined
    win_chocolatey:
      name: chocolatey-agent
      source: ChocolateyInternal
      state: latest

  - name: Set the Central Management Service URL
    when: chocolatey_central_management_url is defined
    win_chocolatey_config:
      name: CentralManagementServiceUrl
      state: present
      value: {{ chocolatey_central_management_url }}

  - name: Set the Central Management Client Salt
    when: chocolatey_central_management_client_salt is defined
    win_chocolatey_config:
      name: centralManagementClientCommunicationSaltAdditivePassword
      state: present
      value: {{ chocolatey_central_management_client_salt }}

  - name: Set the Central Management Service Salt
    when: chocolatey_central_management_service_salt is defined
    win_chocolatey_config:
      name: centralManagementServiceCommunicationSaltAdditivePassword
      state: present
      value: {{ chocolatey_central_management_service_salt }}

  - name: Use Central Management
    when: chocolatey_central_management_url is defined
    win_chocolatey_feature:
      name: useChocolateyCentralManagement
      state: enabled

  - name: Use Central Management Deployments
    when: chocolatey_central_management_url is defined
    win_chocolatey_feature:
      name: useChocolateyCentralManagementDeployments
      state: enabled

See docs at https://docs.chef.io/resource_chocolatey_package.html.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### The Chocolatey resources are available with any recent version of Chef.
#### We utilise the Chocolatey recipe to install the Chocolatey binaries.
include_recipe "chocolatey"

## 2. TOP LEVEL VARIABLES ##
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
NugetRepositoryUrl = "INTERNAL REPO URL"

### b. Internal Repository Credential ###
#### If required, add the repository access credential here
# NugetRepositoryUsername = "username"
# NugetRepositoryPassword = "password"

### c. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
ChocolateyNupkgUrl = "INTERNAL REPO URL/package/chocolatey.2.0.0.nupkg",

### d. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService"

#### ii. If using a Client Salt, add it here
# ChocolateyCentralManagementClientSalt = "clientsalt"

#### iii. If using a Service Salt, add it here
# ChocolateyCentralManagementServiceSalt = "servicesalt"

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
node['chocolatey']['install vars'] = {
  'chocolateyDownloadUrl' => "#{ChocolateyNupkgUrl}",
}

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
# chocolatey_feature 'useFipsCompliantChecksums' do
#   action :enable
# end

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
chocolatey_config 'cacheLocation' do
  value 'C:\ProgramData\chocolatey\cache'
end

#### Increase timeout to at least 4 hours
chocolatey_config 'commandExecutionTimeoutSeconds' do
  value '14400'
end

#### Turn off download progress when running choco through integrations
chocolatey_feature 'showDownloadProgress' do
  action :disable
end

### c. Sources ###
#### Remove the default community package repository source
chocolatey_source 'chocolatey' do
  action :remove
end

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE may require changes
chocolatey_source 'ChocolateyInternal' do
  source "#{NugetRepositoryUrl}"
  priority 1
  action   :add
end

execute 'ChocolateyInternal' do
  command "choco source add --name ChocolateyInternal -s #{NugetRepositoryUrl} -u=#{NugetRepositoryUsername} -p=#{NugetRepositoryPassword} --priority=1"
  only_if { NugetRepositoryUsername != nil || NugetRepositoryPassword != nil }
end

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
chocolatey_package 'chocolatey' do
  action :upgrade
  source "#{NugetRepositoryUrl}"
end

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
chocolatey_package 'chocolatey-license' do
  action :install
  source "#{NugetRepositoryUrl}"
end

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
chocolatey_source 'chocolatey.licensed' do
  action            :disable
end

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
chocolatey_package 'chocolatey.extention' do
  action     install
  source     "#{NugetRepositoryUrl}"
end

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
chocolatey_feature 'showNonElevatedWarnings' do
  action :disable
end

chocolatey_feature 'useBackgroundService' do
  action :enable
end

chocolatey_feature 'useBackgroundServiceWithNonAdministratorsOnly' do
  action :enable
end

chocolatey_feature 'allowBackgroundServiceUninstallsFromUserInstallsOnly' do
  action :enable
end

chocolatey_config 'backgroundServiceAllowedCommands' do
  value 'install,upgrade,uninstall'
end

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
chocolatey_package 'chocolatey-agent' do
  action     install
  source     "#{NugetRepositoryUrl}"
  # user       "#{NugetRepositoryUsername}"
  # password   "#{NugetRepositoryPassword}"
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_config 'CentralManagementServiceUrl' do
  value  "#{ChocolateyCentralManagementUrl}"
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_config 'centralManagementClientCommunicationSaltAdditivePassword' do
  value   "#{ChocolateyCentralManagementClientSalt}"
  only_if { ChocolateyCentralManagementClientSalt != nil }
end

chocolatey_config 'centralManagementServiceCommunicationSaltAdditivePassword' do
  value   "#{ChocolateyCentralManagementServiceSalt}"
  only_if { ChocolateyCentralManagementServiceSalt != nil }
end

chocolatey_feature 'useChocolateyCentralManagement' do
  action :enable
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_feature 'useChocolateyCentralManagementDeployments' do
  action :enable
  only_if { ChocolateyCentralManagementUrl != nil }
end

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.

If Applicable - Chocolatey Configuration/Installation


#requires -Modules cChoco
## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. Requires chocolatey\cChoco DSC module to be installed on the machine compiling the DSC manifest
#### NOTE: This will need to be installed before running the DSC portion of this script
if (-not (Get-Module cChoco -ListAvailable)) {
    $null = Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
    if (($PSGallery = Get-PSRepository -Name PSGallery).InstallationPolicy -ne "Trusted") {
        Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
    }
    Install-Module -Name cChoco
    if ($PSGallery.InstallationPolicy -ne "Trusted") {
        Set-PSRepository -Name PSGallery -InstallationPolicy $PSGallery.InstallationPolicy
    }
}

#### ii. Requires a hosted copy of the install.ps1 script
##### This should be available to download without authentication.
##### The original script can be found here: https://community.chocolatey.org/install.ps1

Configuration ChocolateyConfig {
## 2. TOP LEVEL VARIABLES ##
    param(
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
        $NugetRepositoryUrl      = "INTERNAL REPO URL",

### b. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
        $ChocolateyNupkgUrl      = "INTERNAL REPO URL/package/chocolatey.2.0.0.nupkg",

### c. Internal Repository Credential ###
#### If required, add the repository access credential here
#        $NugetRepositoryCredential = [PSCredential]::new(
#            "username",
#            ("password" | ConvertTo-SecureString -AsPlainText -Force)
#        ),

### d. Install.ps1 URL
#### The path to the hosted install script:
        $ChocolateyInstallPs1Url = "https://community.chocolatey.org/install.ps1"

### e. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
#        $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService",

#### ii. If using a Client Salt, add it here
#        $ChocolateyCentralManagementClientSalt = "clientsalt",

#### iii. If using a Service Salt, add it here
#        $ChocolateyCentralManagementServiceSalt = "servicesalt"
    )
    Import-DscResource -ModuleName PSDesiredStateConfiguration
    Import-DscResource -ModuleName cChoco

    Node 'localhost' {
## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
        Environment chocoDownloadUrl {
            Name  = "chocolateyDownloadUrl"
            Value = $ChocolateyNupkgUrl
        }

        cChocoInstaller installChocolatey {
            DependsOn = "[Environment]chocoDownloadUrl"
            InstallDir = Join-Path $env:ProgramData "chocolatey"
            ChocoInstallScriptUrl = $ChocolateyInstallPs1Url
        }

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
#        cChocoFeature featureFipsCompliance {
#            FeatureName = "useFipsCompliantChecksums"
#        }

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
        cChocoConfig cacheLocation {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            ConfigName = "cacheLocation"
            Value      = "C:\ProgramData\chocolatey\cache"
        }

#### Increase timeout to at least 4 hours
        cChocoConfig commandExecutionTimeoutSeconds {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            ConfigName = "commandExecutionTimeoutSeconds"
            Value      = 14400
        }

#### Turn off download progress when running choco through integrations
        cChocoFeature showDownloadProgress {
            DependsOn   = "[cChocoInstaller]installChocolatey"
            FeatureName = "showDownloadProgress"
            Ensure      = "Absent"
        }

### c. Sources ###
#### Remove the default community package repository source
        cChocoSource removeCommunityRepository {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            Name       = "chocolatey"
            Ensure     = "Absent"
        }

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here.
#### NOTE: This EXAMPLE may require changes
        cChocoSource addInternalSource {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            Name        = "ChocolateyInternal"
            Source      = $NugetRepositoryUrl
            Credentials = $NugetRepositoryCredential
            Priority    = 1
        }

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
        cChocoPackageInstaller updateChocolatey {
            DependsOn   = "[cChocoSource]addInternalSource", "[cChocoSource]removeCommunityRepository"
            Name        = "chocolatey"
            AutoUpgrade = $true
        }

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
        cChocoPackageInstaller chocolateyLicense {
            DependsOn = "[cChocoPackageInstaller]updateChocolatey"
            Name      = "chocolatey-license"
        }

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
        Script disableLicensedSource {
            DependsOn  = "[cChocoPackageInstaller]chocolateyLicense"
            GetScript  = {
                $Source = choco source list --limitoutput | `
                    ConvertFrom-Csv -Delimiter '|' -Header Name, Source, Disabled | `
                    Where-Object Name -eq "chocolatey.licensed"

                return @{
                    Result = if ($Source) {
                        [bool]::Parse($Source.Disabled)
                    } else {
                        Write-Warning "Source 'chocolatey.licensed' was not present."
                        $true  # Source does not need disabling
                    }
                }
            }
            SetScript  = {
                $null = choco source disable --name "chocolatey.licensed"
            }
            TestScript = {
                $State = [ScriptBlock]::Create($GetScript).Invoke()
                return $State.Result
            }
        }

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
        cChocoPackageInstaller chocolateyLicensedExtension {
            DependsOn = "[Script]disableLicensedSource"
            Name      = "chocolatey.extension"
        }

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
        cChocoFeature hideElevatedWarnings {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "showNonElevatedWarnings"
            Ensure      = "Absent"
        }

        cChocoFeature useBackgroundService {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "useBackgroundService"
            Ensure      = "Present"
        }

        cChocoFeature useBackgroundServiceWithNonAdmins {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "useBackgroundServiceWithNonAdministratorsOnly"
            Ensure      = "Present"
        }

        cChocoFeature useBackgroundServiceUninstallsForUserInstalls {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "allowBackgroundServiceUninstallsFromUserInstallsOnly"
            Ensure      = "Present"
        }

        cChocoConfig allowedBackgroundServiceCommands {
            DependsOn   = "[cChocoFeature]useBackgroundService"
            ConfigName = "backgroundServiceAllowedCommands"
            Value       = "install,upgrade,uninstall"
        }

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
        if ($ChocolateyCentralManagementUrl) {
            cChocoPackageInstaller chocolateyAgent {
                DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension"
                Name      = "chocolatey-agent"
            }

            cChocoConfig centralManagementServiceUrl {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                ConfigName = "CentralManagementServiceUrl"
                Value       = $ChocolateyCentralManagementUrl
            }

            if ($ChocolateyCentralManagementClientSalt) {
                cChocoConfig centralManagementClientSalt {
                    DependsOn  = "[cChocoPackageInstaller]chocolateyAgent"
                    ConfigName = "centralManagementClientCommunicationSaltAdditivePassword"
                    Value      = $ChocolateyCentralManagementClientSalt
                }
            }

            if ($ChocolateyCentralManagementServiceSalt) {
                cChocoConfig centralManagementServiceSalt {
                    DependsOn  = "[cChocoPackageInstaller]chocolateyAgent"
                    ConfigName = "centralManagementServiceCommunicationSaltAdditivePassword"
                    Value      = $ChocolateyCentralManagementServiceSalt
                }
            }

            cChocoFeature useCentralManagement {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                FeatureName = "useChocolateyCentralManagement"
                Ensure      = "Present"
            }

            cChocoFeature useCentralManagementDeployments {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                FeatureName = "useChocolateyCentralManagementDeployments"
                Ensure      = "Present"
            }
        }
    }
}

# If working this into an existing configuration with a good method for
$ConfigData = @{
    AllNodes = @(
        @{
            NodeName                    = "localhost"
            PSDscAllowPlainTextPassword = $true
        }
    )
}

try {
    Push-Location $env:Temp
    $Config = ChocolateyConfig -ConfigurationData $ConfigData
    Start-DscConfiguration -Path $Config.PSParentPath -Wait -Verbose -Force
} finally {
    Pop-Location
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. Requires puppetlabs/chocolatey module
####  See https://forge.puppet.com/puppetlabs/chocolatey


## 2. TOP LEVEL VARIABLES ##
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
$_repository_url = 'INTERNAL REPO URL'

### b. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
$_choco_download_url = 'INTERNAL REPO URL/package/chocolatey.2.0.0.nupkg'

### c. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# $_chocolatey_central_management_url = 'https://chocolatey-central-management:24020/ChocolateyManagementService'

#### ii. If using a Client Salt, add it here
# $_chocolatey_central_management_client_salt = "clientsalt"

#### iii. If using a Service Salt, add it here
# $_chocolatey_central_management_service_salt = 'servicesalt'


## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
### Note: `chocolatey_download_url is completely different than normal
###  source locations. This is directly to the bare download url for the
###  chocolatey.nupkg, similar to what you see when you browse to
###  https://community.chocolatey.org/api/v2/package/chocolatey
class {'chocolatey':
  chocolatey_download_url => $_choco_download_url,
  use_7zip                => false,
}


## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations

#chocolateyfeature {'useFipsCompliantChecksums':
#  ensure => enabled,
#}

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
chocolateyconfig {'cacheLocation':
  value => 'C:\ProgramData\chocolatey\cache',
}

#### Increase timeout to at least 4 hours
chocolateyconfig {'commandExecutionTimeoutSeconds':
  value => '14400',
}

#### Turn off download progress when running choco through integrations
chocolateyfeature {'showDownloadProgress':
  ensure => disabled,
}

### c. Sources ###
#### Remove the default community package repository source
chocolateysource {'chocolatey':
  ensure   => absent,
  location => 'https://community.chocolatey.org/api/v2/',
}

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE requires changes
chocolateysource {'internal_chocolatey':
  ensure             => present,
  location           => $_repository_url,
  priority           => 1,
  username           => 'optional',
  password           => 'optional,not ensured',
  bypass_proxy       => true,
  admin_only         => false,
  allow_self_service => false,
}

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/

package {'chocolatey':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
}


## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/guides/organizations/organizational-deployment-guide#exercise-4-create-a-package-for-the-license

# TODO: Add resource for installing/ensuring the chocolatey-license package
package {'chocolatey-license':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
}

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
## Disabled sources still need all other attributes until
## https://tickets.puppetlabs.com/browse/MODULES-4449 is resolved.
## Password is necessary with user, but not ensurable, so it should not
## matter what it is set to here. If you ever do get into trouble here,
## the password is your license GUID.
chocolateysource {'chocolatey.licensed':
  ensure   => disabled,
  priority => '10',
  user     => 'customer',
  password => '1234',
  require  => Package['chocolatey-license'],
}

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
package {'chocolatey.extension':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
  require  => Package['chocolatey-license'],
}

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
chocolateyfeature {'showNonElevatedWarnings':
  ensure => disabled,
}

chocolateyfeature {'useBackgroundService':
  ensure => enabled,
}

chocolateyfeature {'useBackgroundServiceWithNonAdministratorsOnly':
  ensure => enabled,
}

chocolateyfeature {'allowBackgroundServiceUninstallsFromUserInstallsOnly':
  ensure => enabled,
}

chocolateyconfig {'backgroundServiceAllowedCommands':
  value => 'install,upgrade,uninstall',
}

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
if $_chocolatey_central_management_url {
  package {'chocolatey-agent':
    ensure   => latest,
    provider => chocolatey,
    source   => $_repository_url,
    require  => Package['chocolatey-license'],
  }

  chocolateyconfig {'CentralManagementServiceUrl':
    value   => $_chocolatey_central_management_url,
  }

  if $_chocolatey_central_management_client_salt {
    chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
      value => $_chocolatey_central_management_client_salt,
    }
  }

  if $_chocolatey_central_management_service_salt {
    chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
      value => $_chocolatey_central_management_client_salt,
    }
  }

  chocolateyfeature {'useChocolateyCentralManagement':
    ensure  => enabled,
    require => Package['chocolatey-agent'],
  }

  chocolateyfeature {'useChocolateyCentralManagementDeployments':
    ensure  => enabled,
    require => Package['chocolatey-agent'],
  }
}

Need Help? View our docs or file an issue.

There is already a version of this package in your Script Builder

Current Version	New Version

Downloads:

166,382

Downloads of v 1.15.0:

285

Last Update:

25 Feb 2023

Package Maintainer(s):

Software Author(s):

Mitchell Hashimoto
Armon Dadgar
HashiCorp

Tags:

consul service consul.io

Consul

This is not the latest version of Consul available.

1.15.0 | Updated: 25 Feb 2023

Downloads:

166,382

Downloads of v 1.15.0:

285

Maintainer(s):

Software Author(s):

Mitchell Hashimoto
Armon Dadgar
HashiCorp

Tags:

consul service consul.io

Consul 1.15.0

This is not the latest version of Consul available.

Some Checks Have Failed or Are Not Yet Complete

Not All Tests Have Passed

Hide Checks

Validation Testing Passed

Verification Testing Passed

Details

Scan Testing Resulted in Flagged as a Note:

At least one file within this package has greater than 0 detections, but less than 5

Details

Learn More

Deployment Method: Individual Install, Upgrade, & Uninstall

To install Consul, run the following command from the command line or from PowerShell:

To upgrade Consul, run the following command from the command line or from PowerShell:

To uninstall Consul, run the following command from the command line or from PowerShell:

NOTE

This applies to both open source and commercial editions of Chocolatey.

1. Enter Your Internal Repository Url

(this should look similar to https://community.chocolatey.org/api/v2/)

2. Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)

Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the package and push it to a repository Download

Option 2: Internalized Package (Reliable, Scalable)

Open Source
- Download the package:
  Download
- Follow manual internalization instructions

Package Internalizer (C4B)

Run: (additional options)

choco download consul --internalize --version=1.15.0 --source=https://community.chocolatey.org/api/v2/

For package and dependencies run:

choco push --source="'INTERNAL REPO URL'"

Automate package internalization

3. Copy Your Script

choco upgrade consul -y --source="'INTERNAL REPO URL'" --version="'1.15.0'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade consul -y --source="'INTERNAL REPO URL'" --version="'1.15.0'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode


- name: Install consul
  win_chocolatey:
    name: consul
    version: '1.15.0'
    source: INTERNAL REPO URL
    state: present

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.


chocolatey_package 'consul' do
  action    :install
  source   'INTERNAL REPO URL'
  version  '1.15.0'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


cChocoPackageInstaller consul
{
    Name     = "consul"
    Version  = "1.15.0"
    Source   = "INTERNAL REPO URL"
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'consul':
  ensure   => '1.15.0',
  provider => 'chocolatey',
  source   => 'INTERNAL REPO URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.

4. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

Package Approved

This package was approved as a trusted package on 25 Feb 2023.

Description

Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.
Uses NSSM as the service wrapper. More info at: https://nssm.cc/

Package Parameters

The package parameters can be set - https://www.consul.io/docs/agent/options.html
These parameters can be passed to the installer with the use of -params.
For example: -params '-config-file="%PROGRAMDATA%\consul\dsc-config\default.json"'.

Files

tools\.skipAutoUninstall

tools\chocolateyBeforeModify.ps1

Get-Process consul -ErrorAction SilentlyContinue | Stop-Process -Force -ErrorAction SilentlyContinue

tools\chocolateyInstall.ps1

if (Test-Path Function:\au_GetLatest) {
  return
}

# Defaults
$serviceName = "consul"
$binariesPath = Split-Path -parent $MyInvocation.MyCommand.Definition
$toolsPath = Split-Path -Parent $MyInvocation.MyCommand.Definition
$wrapperExe = "$env:ChocolateyInstall\bin\nssm.exe"
$serviceInstallationDirectory = "$env:PROGRAMDATA\consul"
$serviceLogDirectory = "$serviceInstallationDirectory\logs"
$serviceConfigDirectory = "$serviceInstallationDirectory\config"
$serviceDataDirectory = "$serviceInstallationDirectory\data"

$packageParameters = $env:chocolateyPackageParameters
if (-not ($packageParameters)) {
  $packageParameters = ""
  Write-Debug "No Package Parameters Passed in"
}

# Create Service Directories
Write-Host "Creating $serviceLogDirectory"
New-Item -ItemType directory -Path "$serviceLogDirectory" -ErrorAction SilentlyContinue | Out-Null
Write-Host "Creating $serviceConfigDirectory"
New-Item -ItemType directory -Path "$serviceConfigDirectory" -ErrorAction SilentlyContinue | Out-Null

# Unzip and move Consul
Get-ChocolateyUnzip -fileFullPath $(Join-Path $binariesPath "consul_$($env:ChocolateyPackageVersion)_windows_386.zip") -fileFullPath64 $(Join-Path $binariesPath "consul_$($env:ChocolateyPackageVersion)_windows_amd64.zip") -destination "$toolsPath"

# Create event log source
# User -Force to avoid "A key at this path already exists" exception. Overwrite not an issue since key is not further modified
$registryPath = 'HKLM:\SYSTEM\CurrentControlSet\services\eventlog\Application'
New-Item -Path $registryPath -Name consul -Force | Out-Null
# Set EventMessageFile value
Set-ItemProperty $registryPath\consul EventMessageFile "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\EventLogMessages.dll" | Out-Null

# Set up task scheduler for log rotation
$logrotate = ('%SYSTEMROOT%\System32\forfiles.exe /p \"{0}\" /s /m *.* /c \"cmd /c Del @path\" /d -7' -f "$serviceLogDirectory")
SchTasks.exe /Create /SC DAILY /TN ""ConsulLogrotate"" /TR ""$($logrotate)"" /ST 09:00 /F | Out-Null

# Set up task scheduler for log rotation. Only works for Powershell 4 or Server 2012R2 so this block can replace
# using SchTasks.exe for registering services once machines have retired the older version of PS or upgraded to 2012R2
#$command = ('$now = Get-Date; dir "{0}" | where {{$_.LastWriteTime -le $now.AddDays(-7)}} | del -whatif' -f $serviceLogDirectory)
#$action = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument "-NoProfile -WindowStyle Hidden -command $($command)"
#$trigger = New-ScheduledTaskTrigger -Daily -At 9am
#Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "ConsulLogrotate" -Description "Log rotation for consul"

#Uninstall service if it already exists. Stops the service first if it's running
$service = Get-Service $serviceName -ErrorAction SilentlyContinue
if ($service) {
  Write-Host "Uninstalling existing service"
  if($service.Status -ne "Stopped" -and $service.Status -ne "Stopping") {
    Write-Host "Stopping consul process ..."
    $service.Stop();
  }

  $service.WaitForStatus("Stopped", (New-TimeSpan -Minutes 1));
  if($service.Status -ne "Stopped") {
    throw "$serviceName could not be stopped within the allotted timespan.  Stop the service and try again."
  }

  $service = Get-WmiObject -Class Win32_Service -Filter "Name='$serviceName'"
  $service.delete() | Out-Null
}

Write-Host "Installing service: $serviceName"
# Install the service
& $wrapperExe install $serviceName $(Join-Path $toolsPath "consul.exe") "agent -ui -config-dir=$serviceConfigDirectory -data-dir=$serviceDataDirectory $packageParameters" | Out-Null
& $wrapperExe set $serviceName AppEnvironmentExtra GOMAXPROCS=$env:NUMBER_OF_PROCESSORS | Out-Null
& $wrapperExe set $serviceName ObjectName NetworkService | Out-Null
& $wrapperExe set $serviceName AppStdout "$serviceLogDirectory\consul-output.log" | Out-Null
& $wrapperExe set $serviceName AppStderr "$serviceLogDirectory\consul-error.log" | Out-Null
& $wrapperExe set $serviceName AppRotateBytes 10485760 | Out-Null
& $wrapperExe set $serviceName AppRotateFiles 1 | Out-Null
& $wrapperExe set $serviceName AppRotateOnline 1 | Out-Null

Write-Verbose "Service installed"

# When nssm fully supports Rotate/Post Event hooks
# $command = ('$now = Get-Date; dir "{0}" | where {{$_.LastWriteTime -le $now.AddDays(-7)}} | del -whatif' -f $serviceLogDirectory)
# $action = ("Powershell.exe -NoProfile -WindowStyle Hidden -command '$({{0}})'" -f $command)
# & $wrapperExe set consul AppEvents "Rotate/Post" $action | Out-Null

# Restart service on failure natively via Windows sc. There is a memory leak if service restart is performed via NSSM
# The NSSM configuration will set the default behavior of NSSM to stop the service if
# consul fails (for example, unable to resolve cluster) and end the nssm.exe and consul.exe process.
# The sc configuration will set Recovery under the Consul service properties such that a new instance will be started on failure,
# spawning new nssm.exe and consul.exe processes. In short, nothing changed from a functionality perspective (the service will
# still attempt to restart on failure) but this method kills the nssm.exe process thus avoiding memory hog.
& $wrapperExe set $serviceName AppExit Default Exit | Out-Null
Write-Verbose "sc failure"
cmd.exe /c "sc failure $serviceName reset= 0 actions= restart/60000" | Out-Null

Write-Verbose "Stop service"
# Let this call to Get-Service throw if the service does not exist
$service = Get-Service $serviceName
if($service.Status -ne "Stopped" -and $service.Status -ne "Stopping") {
  $service.Stop()
}

Write-Verbose "Wait for service to stop"
$service.WaitForStatus("Stopped", (New-TimeSpan -Minutes 1));

Write-Verbose "Start service"
Start-Service $serviceName

Write-Host "Installed service: $serviceName"

tools\chocolateyUninstall.ps1

$service = Get-Service "consul" -ErrorAction SilentlyContinue

if ($service) {
	if ($service.Status -eq "Running") {
		Write-Host "Stopping consul process ..."
		net stop consul | Out-Null
	}

	$service = Get-WmiObject -Class Win32_Service -Filter "Name='consul'"
	$service.delete() | Out-Null
}

SchTasks.exe /Delete /F /TN "ConsulLogrotate" 2>&1 | Out-Null

Write-Host "Removing C:\ProgramData\consul\ ..."
takeown /f "C:\ProgramData\consul\" /a /r /d Y | Out-Null
icacls "C:\ProgramData\consul" /grant administrators:F /t | Out-Null
Remove-Item -Path "C:\ProgramData\consul\" -Force -Recurse -ErrorAction SilentlyContinue | Out-Null

tools\consul_1.15.0_windows_386.zip

md5: FE8586EF1261430FADEFD29C3566EDA1 | sha1: E46D54AD14E0EE452C75D412D3735D754A590504 | sha256: FC8FF0949BB2D132D204A87317997B55471AEC467889D777A0F44AA9DA81FD7C | sha512: 233ED79D3ACE1EECC19CD416B464DACE744C7504B3A91676B2644027E5C45266B583EA164F233511AF04A32F1522EA10752E2F65349F55A475A7923111933926

tools\consul_1.15.0_windows_amd64.zip

md5: A8CB71596BE0113581BBD9A995AF9F28 | sha1: 7ADDD7BB01AD122E63CE41468AB17BD92C7DADBD | sha256: CDE8EE091EA1E46E4D4D97ADD06344563AEBFDF1F22BD4E19656C773C272D9C2 | sha512: CF1B7209BBA990091A07DE2AF34AE95FF2BFE2CBE9B95EE94B6EB67271179D72A39FEB5AA5181A6178CA5A82AD40260ADB242FF95D8C248C98BF3F16DBABE468

tools\LICENSE.txt

tools\VERIFICATION.txt

Virus Scan Results

consul.1.15.0.nupkg (465f9f82b617) - ## / 59
consul_1.15.0_windows_386.zip (fc8ff0949bb2) - ## / 60
consul_1.15.0_windows_amd64.zip (cde8ee091ea1) - ## / 58
consul.exe (bb4d883858b0) - ## / 67
consul.exe (1a6dc94b19bb) - ## / 67

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Version History

Version	Downloads	Last Updated	Status
Consul 1.15.3	42	Friday, June 2, 2023	Approved
Consul 1.15.2	910	Sunday, April 2, 2023	Approved
Consul 1.15.1	589	Wednesday, March 8, 2023	Approved
Consul 1.15.0	285	Saturday, February 25, 2023	Approved
Consul 1.14.4	4554	Thursday, February 23, 2023	Approved
Consul 1.9.0	16468	Tuesday, January 5, 2021	Approved
Consul 1.8.7	2038	Monday, December 28, 2020	Approved
Consul 1.8.6	115	Monday, December 28, 2020	Approved
Consul 1.8.5	1078	Thursday, November 5, 2020	Approved
Consul 1.8.4	542	Wednesday, November 4, 2020	Approved
Consul 1.8.3	147	Wednesday, November 4, 2020	Approved
Consul 1.8.2	169	Tuesday, November 3, 2020	Approved
Consul 1.8.1	197	Thursday, October 29, 2020	Approved
Consul 1.8.0	2516	Tuesday, August 11, 2020	Approved
Consul 1.7.5	163	Tuesday, August 11, 2020	Approved
Consul 1.7.4	321	Saturday, August 8, 2020	Approved
Consul 1.7.3	158	Saturday, August 8, 2020	Approved
Consul 1.7.2	3363	Wednesday, June 17, 2020	Approved
Consul 1.7.1	184	Wednesday, June 17, 2020	Approved
Consul 1.7.0	194	Tuesday, June 16, 2020	Approved
Consul 1.6.10	288	Sunday, December 27, 2020	Approved
Consul 1.6.9	143	Sunday, December 27, 2020	Approved
Consul 1.6.8	99	Sunday, December 27, 2020	Approved
Consul 1.6.7	93	Saturday, December 26, 2020	Approved
Consul 1.6.6	187	Tuesday, June 16, 2020	Approved
Consul 1.6.5	1753	Friday, April 17, 2020	Approved
Consul 1.6.4	427	Friday, April 17, 2020	Approved
Consul 1.6.3	235	Wednesday, April 15, 2020	Approved
Consul 1.6.2	335	Thursday, April 9, 2020	Approved
Consul 1.6.1	12654	Friday, October 4, 2019	Approved
Consul 1.6.0	371	Friday, October 4, 2019	Approved
Consul 1.5.3	254	Friday, October 4, 2019	Approved
Consul 1.5.2	3662	Monday, July 8, 2019	Approved
Consul 1.5.1	1953	Monday, June 24, 2019	Approved
Consul 1.5.0	293	Monday, June 24, 2019	Approved
Consul 1.4.5	358	Monday, June 24, 2019	Approved
Consul 1.4.4	334	Monday, June 24, 2019	Approved
Consul 1.4.3	2292	Wednesday, March 6, 2019	Approved
Consul 1.4.2	534	Wednesday, March 6, 2019	Approved
Consul 1.4.1	252	Tuesday, March 5, 2019	Approved
Consul 1.4.0	1718	Tuesday, December 11, 2018	Approved
Consul 1.3.1	355	Monday, December 10, 2018	Approved
Consul 1.3.0	818	Saturday, November 10, 2018	Approved
Consul 1.2.3	2268	Friday, October 12, 2018	Approved
Consul 1.2.2	4104	Thursday, August 2, 2018	Approved
Consul 1.2.1	764	Monday, July 16, 2018	Approved
Consul 1.2.0	682	Wednesday, June 27, 2018	Approved
Consul 1.1.0	1029	Monday, June 4, 2018	Approved
Consul 1.0.7	1439	Monday, April 23, 2018	Approved
Consul 1.0.6	409	Friday, April 20, 2018	Approved
Consul 1.0.5	303	Friday, April 20, 2018	Approved
Consul 1.0.3	6414	Friday, January 26, 2018	Approved
Consul 1.0.2	497	Wednesday, January 24, 2018	Approved
Consul 1.0.1	368	Wednesday, January 24, 2018	Approved
Consul 1.0.0	5393	Monday, October 23, 2017	Approved
Consul 0.9.3	9859	Saturday, September 16, 2017	Approved
Consul 0.9.2	440	Saturday, September 16, 2017	Approved
Consul 0.9.1	337	Saturday, September 16, 2017	Approved
Consul 0.9.0	1369	Wednesday, July 26, 2017	Approved
Consul 0.8.5	3972	Friday, June 30, 2017	Approved
Consul 0.8.4	482	Friday, June 30, 2017	Approved
Consul 0.8.3	472	Friday, June 30, 2017	Approved
Consul 0.8.2	414	Friday, June 30, 2017	Approved
Consul 0.8.1	498	Friday, June 30, 2017	Approved
Consul 0.8.0	4098	Monday, April 10, 2017	Approved
Consul 0.7.5	11638	Tuesday, February 21, 2017	Approved
Consul 0.7.4.1	439	Thursday, February 16, 2017	Approved
Consul 0.7.4	409	Wednesday, February 15, 2017	Approved
Consul 0.7.3	517	Wednesday, February 15, 2017	Approved
Consul 0.7.2	1455	Monday, January 2, 2017	Approved
Consul 0.7.1	524	Friday, December 30, 2016	Approved
Consul 0.7.0	3840	Monday, September 19, 2016	Approved
Consul 0.6.4	5255	Wednesday, April 20, 2016	Approved
Consul 0.6.3.2	618	Monday, March 7, 2016	Approved
Consul 0.6.3.1	488	Thursday, February 25, 2016	Approved
Consul 0.6.3	816	Friday, January 22, 2016	Approved
Consul 0.5.2	9174	Wednesday, October 14, 2015	Approved
Consul 0.5.0	20931	Monday, June 1, 2015	Approved
consul 0.4.1	666	Friday, October 31, 2014	Approved
consul 0.3.1	505	Wednesday, August 13, 2014	Approved

HashiCorp 2019

Release Notes

1.15.0 (February 23, 2023)

BREAKING CHANGES:

acl errors: Delete and get requests now return descriptive errors when the specified resource cannot be found. Other ACL request errors provide more information about when a resource is missing. Add error for when the ACL system has not been bootstrapped.
- Delete Token/Policy/AuthMethod/Role/BindingRule endpoints now return 404 when the resource cannot be found.
  - New error formats: "Requested * does not exist: ACL not found", "* not found in namespace $NAMESPACE: ACL not found"
- Read Token/Policy/Role endpoints now return 404 when the resource cannot be found.
  - New error format: "Cannot find * to delete"
- Logout now returns a 401 error when the supplied token cannot be found
  - New error format: "Supplied token does not exist"
- Token Self endpoint now returns 404 when the token cannot be found.
  - New error format: "Supplied token does not exist" [GH-16105]
acl: remove all acl migration functionality and references to the legacy acl system. [GH-15947]
acl: remove all functionality and references for legacy acl policies. [GH-15922]
config: Deprecate -join, -join-wan, start_join, and start_join_wan.
These options are now aliases of -retry-join, -retry-join-wan, retry_join, and retry_join_wan, respectively. [GH-15598]
connect: Add peer field to service-defaults upstream overrides. The addition of this field makes it possible to apply upstream overrides only to peer services. Prior to this change, overrides would be applied based on matching the namespace and name fields only, which means users could not have different configuration for local versus peer services. With this change, peer upstreams are only affected if the peer field matches the destination peer name. [GH-15956]
connect: Consul will now error and exit when using the consul connect envoy command if the Envoy version is incompatible. To ignore this check use flag --ignore-envoy-compatibility [GH-15818]
extensions: Refactor Lambda integration to get configured with the Envoy extensions field on service-defaults configuration entries. [GH-15817]
ingress-gateway: upstream cluster will have empty outlier_detection if passive health check is unspecified [GH-15614]
xds: Remove the connect.enable_serverless_plugin agent configuration option. Now
Lambda integration is enabled by default. [GH-15710]

SECURITY:

Upgrade to use Go 1.20.1.
This resolves vulnerabilities CVE-2022-41724 in crypto/tls and CVE-2022-41723 in net/http. [GH-16263]

FEATURES:

API Gateway (Beta) This version adds support for API gateway on VMs. API gateway provides a highly-configurable ingress for requests coming into a Consul network. For more information, refer to the API gateway documentation. [GH-16369]
acl: Add new acl.tokens.config_file_registration config field which specifies the token used
to register services and checks that are defined in config files. [GH-15828]
acl: anonymous token is logged as 'anonymous token' instead of its accessor ID [GH-15884]
cli: adds new CLI commands consul troubleshoot upstreams and consul troubleshoot proxy to troubleshoot Consul's service mesh configuration and network issues. [GH-16284]
command: Adds the operator usage instances subcommand for displaying total services, connect service instances and billable service instances in the local datacenter or globally. [GH-16205]
config-entry(ingress-gateway): support outlier detection (passive health check) for upstream cluster [GH-15614]
connect: adds support for Envoy access logging. Access logging can be enabled using the proxy-defaults config entry. [GH-15864]
xds: Add a built-in Envoy extension that inserts Lua HTTP filters. [GH-15906]
xds: Insert originator service identity into Envoy's dynamic metadata under the consul namespace. [GH-15906]

IMPROVEMENTS:

connect: for early awareness of Envoy incompatibilities, when using the consul connect envoy command the Envoy version will now be checked for compatibility. If incompatible Consul will error and exit. [GH-15818]
grpc: client agents will switch server on error, and automatically retry on RESOURCE_EXHAUSTED responses [GH-15892]
raft: add an operator api endpoint and a command to initiate raft leadership transfer. [GH-14132]
acl: Added option to allow for an operator-generated bootstrap token to be passed to the acl bootstrap command. [GH-14437]
agent: Give better error when client specifies wrong datacenter when auto-encrypt is enabled. [GH-14832]
api: updated the go module directive to 1.18. [GH-15297]
ca: support Vault agent auto-auth config for Vault CA provider using AWS/GCP authentication. [GH-15970]
cli: always use name "global" for proxy-defaults config entries [GH-14833]
cli: connect envoy command errors if grpc ports are not open [GH-15794]
client: add support for RemoveEmptyTags in Prepared Queries templates. [GH-14244]
connect: Warn if ACLs are enabled but a token is not provided to envoy [GH-15967]
container: Upgrade container image to use to Alpine 3.17. [GH-16358]
dns: support RFC 2782 SRV lookups for prepared queries using format _<query id or name>._tcp.query[.<datacenter>].<domain>. [GH-14465]
ingress-gateways: Don't log error when gateway is registered without a config entry [GH-15001]
licensing: (Enterprise Only) Consul Enterprise non-terminating production licenses do not degrade or terminate Consul upon expiration. They will only fail when trying to upgrade to a newer version of Consul. Evaluation licenses still terminate.
raft: Added experimental wal backend for log storage. [GH-16176]
sdk: updated the go module directive to 1.18. [GH-15297]
telemetry: Added a consul.xds.server.streamsUnauthenticated metric to track
the number of active xDS streams handled by the server that are unauthenticated
because ACLs are not enabled or ACL tokens were missing. [GH-15967]
ui: Update sidebar width to 280px [GH-16204]
ui: update Ember version to 3.27; [GH-16227]

DEPRECATIONS:

acl: Deprecate the token query parameter and warn when it is used for authentication. [GH-16009]
cli: The -id flag on acl token operations has been changed to -accessor-id for clarity in documentation. The -id flag will continue to work, but operators should use -accessor-id in the future. [GH-16044]

BUG FIXES:

agent configuration: Fix issue of using unix socket when https is used. [GH-16301]
cache: refactor agent cache fetching to prevent unnecessary fetches on error [GH-14956]
cli: fatal error if config file does not have HCL or JSON extension, instead of warn and skip [GH-15107]
cli: fix ACL token processing unexpected precedence [GH-15274]
peering: Fix bug where services were incorrectly imported as connect-enabled. [GH-16339]
peering: Fix issue where mesh gateways would use the wrong address when contacting a remote peer with the same datacenter name. [GH-16257]
peering: Fix issue where secondary wan-federated datacenters could not be used as peering acceptors. [GH-16230]

Dependencies

- NSSM (≥ 2.24.0)

Discussion for the Consul Package

Ground Rules:

This discussion is only about Consul and the Consul package. If you have feedback for Chocolatey, please contact the Google Group.
This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
Tell us what you love about the package or Consul, or tell us what needs improvement.
Share your experiences with the package, or extra configuration or gotchas that you've found.
If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.

Resources

Events

Courses

166,382

285

25 Feb 2023

Consul

Consul 1.15.0

Some Checks Have Failed or Are Not Yet Complete

Deployment Method: Individual Install, Upgrade, & Uninstall

Deployment Method:

1. Enter Your Internal Repository Url

2. Setup Your Environment

1. Ensure you are set for organizational deployment

2. Get the package into your environment

3. Copy Your Script

4. If applicable - Chocolatey configuration/installation

Package Parameters

1.15.0 (February 23, 2023)

Ground Rules: