Public/Initialize-NLBaseline.ps1
|
<# .SYNOPSIS Initializes the NLBaseline workspace .DESCRIPTION Sets up the workspace folder, creates folder structure, copies baseline files, and creates config.json .PARAMETER WorkspacePath Path to the workspace folder .PARAMETER AppRegistrationId App Registration Client ID (optional, can be configured later) .PARAMETER AppSecret App Registration Secret (optional, can be configured later) .PARAMETER TenantId Tenant ID (optional, can be configured later) .PARAMETER OpenAIEndpoint OpenAI endpoint URL (optional, can be configured later) .PARAMETER OpenAIKey OpenAI API key (optional, can be configured later) .EXAMPLE Initialize-NLBaseline -WorkspacePath "C:\NLBaseline\Workspace" #> function Initialize-NLBaseline { [CmdletBinding()] param( [Parameter(Mandatory=$true)] [string]$WorkspacePath, [string]$AppRegistrationId, [string]$AppSecret, [string]$TenantId, [string]$OpenAIEndpoint, [string]$OpenAIKey ) try { Write-Log -Message "Starting NLBaseline initialization" -Level "INFO" # Create workspace folder if it doesn't exist if (-not (Test-Path -Path $WorkspacePath)) { Write-Log -Message "Creating workspace folder: $WorkspacePath" -Level "INFO" New-Item -ItemType Directory -Path $WorkspacePath -Force | Out-Null } # Validate write permissions try { $testFile = Join-Path -Path $WorkspacePath -ChildPath ".test" "test" | Out-File -FilePath $testFile -Force Remove-Item -Path $testFile -Force } catch { throw "No write permissions on workspace folder: $WorkspacePath" } # Create folder structure Write-Log -Message "Creating folder structure" -Level "INFO" $folders = @( "Baseline", "Custom", "Scripts\Platform", "Scripts\Deployment", "Intune\Exports", "Intune\Imports", "Deployment", "Logs", "Reports" ) foreach ($folder in $folders) { $folderPath = Join-Path -Path $WorkspacePath -ChildPath $folder if (-not (Test-Path -Path $folderPath)) { New-Item -ItemType Directory -Path $folderPath -Force | Out-Null Write-Verbose "Created folder: $folderPath" } } # Copy baseline files from module resources Write-Log -Message "Copying baseline files" -Level "INFO" $modulePath = $PSScriptRoot -replace 'Public$', '' $resourcesPath = Join-Path -Path $modulePath -ChildPath "Resources\Baseline" $baselineDest = Join-Path -Path $WorkspacePath -ChildPath "Baseline" if (Test-Path -Path $resourcesPath) { $baselineFiles = Get-ChildItem -Path $resourcesPath -Filter "*.json" | Where-Object { $_.Name -ne 'WMISettings.json' } foreach ($file in $baselineFiles) { $destPath = Join-Path -Path $baselineDest -ChildPath $file.Name Copy-Item -Path $file.FullName -Destination $destPath -Force Write-Verbose "Copied: $($file.Name)" } $wmiPath = Join-Path -Path $resourcesPath -ChildPath "WMISettings.json" if (Test-Path -Path $wmiPath) { try { $wmiSettings = Get-Content -Path $wmiPath -Raw | ConvertFrom-Json $baselineWMI = Convert-WMISettingsToBaseline -WMISettings $wmiSettings $wmiDest = Join-Path -Path $baselineDest -ChildPath "WMISettings.json" $baselineWMI | ConvertTo-Json -Depth 10 | Set-Content -Path $wmiDest -Force Write-Verbose "Converted and copied: WMISettings.json" } catch { Write-Log -Message "Failed to convert WMISettings.json: $_" -Level "WARNING" } } Write-Log -Message "Copied $($baselineFiles.Count) baseline files" -Level "INFO" } else { Write-Log -Message "Warning: Baseline resources not found at $resourcesPath" -Level "WARNING" } # Copy Exploit Protection files Write-Log -Message "Copying Exploit Protection files" -Level "INFO" $exploitPath = Join-Path -Path $modulePath -ChildPath "Resources\ExploitProtections" $exploitDest = Join-Path -Path $WorkspacePath -ChildPath "ExploitProtections" if (Test-Path -Path $exploitPath) { if (-not (Test-Path -Path $exploitDest)) { New-Item -ItemType Directory -Path $exploitDest -Force | Out-Null } Copy-Item -Path "$exploitPath\*" -Destination $exploitDest -Recurse -Force Write-Log -Message "Copied Exploit Protection files" -Level "INFO" } # Copy Event Viewer Custom Views Write-Log -Message "Copying Event Viewer Custom Views" -Level "INFO" $eventViewerPath = Join-Path -Path $modulePath -ChildPath "Resources\EventViewerCustomViews" $eventViewerDest = Join-Path -Path $WorkspacePath -ChildPath "EventViewerCustomViews" if (Test-Path -Path $eventViewerPath) { if (-not (Test-Path -Path $eventViewerDest)) { New-Item -ItemType Directory -Path $eventViewerDest -Force | Out-Null } Copy-Item -Path "$eventViewerPath\*.xml" -Destination $eventViewerDest -Force Write-Log -Message "Copied Event Viewer Custom Views" -Level "INFO" } # Copy Country IP Data Write-Log -Message "Copying Country IP Data" -Level "INFO" $countryIPPath = Join-Path -Path $modulePath -ChildPath "Resources\CountryIPsData" $countryIPDest = Join-Path -Path $WorkspacePath -ChildPath "CountryIPsData" if (Test-Path -Path $countryIPPath) { if (-not (Test-Path -Path $countryIPDest)) { New-Item -ItemType Directory -Path $countryIPDest -Force | Out-Null } Copy-Item -Path "$countryIPPath\*" -Destination $countryIPDest -Recurse -Force Write-Log -Message "Copied Country IP Data" -Level "INFO" } # Copy Mitigations CSV Write-Log -Message "Copying Process Mitigations" -Level "INFO" $mitigationsPath = Join-Path -Path $modulePath -ChildPath "Resources\Mitigations" $mitigationsDest = Join-Path -Path $WorkspacePath -ChildPath "Mitigations" if (Test-Path -Path $mitigationsPath) { if (-not (Test-Path -Path $mitigationsDest)) { New-Item -ItemType Directory -Path $mitigationsDest -Force | Out-Null } Copy-Item -Path "$mitigationsPath\*" -Destination $mitigationsDest -Recurse -Force Write-Log -Message "Copied Process Mitigations" -Level "INFO" } # Copy Intune Files (exported policies) Write-Log -Message "Copying Intune Files" -Level "INFO" $intuneFilesPath = Join-Path -Path $modulePath -ChildPath "Resources\IntuneFiles" $intuneFilesDest = Join-Path -Path $WorkspacePath -ChildPath "IntuneFiles" if (Test-Path -Path $intuneFilesPath) { if (-not (Test-Path -Path $intuneFilesDest)) { New-Item -ItemType Directory -Path $intuneFilesDest -Force | Out-Null } Copy-Item -Path "$intuneFilesPath\*" -Destination $intuneFilesDest -Recurse -Force Write-Log -Message "Copied Intune Files" -Level "INFO" } # Copy Winget AutoUpdate ADMX/ADML files Write-Log -Message "Copying Winget AutoUpdate ADMX files" -Level "INFO" $wingetPath = Join-Path -Path $modulePath -ChildPath "Resources\WingetAutoUpdate" $wingetDest = Join-Path -Path $WorkspacePath -ChildPath "WingetAutoUpdate" if (Test-Path -Path $wingetPath) { if (-not (Test-Path -Path $wingetDest)) { New-Item -ItemType Directory -Path $wingetDest -Force | Out-Null } Copy-Item -Path "$wingetPath\*" -Destination $wingetDest -Recurse -Force Write-Log -Message "Copied Winget AutoUpdate files" -Level "INFO" } # Copy CIS Benchmark files if available Write-Log -Message "Copying CIS Benchmark files" -Level "INFO" $cisPath = Join-Path -Path $modulePath -ChildPath "Resources\CIS" $cisDest = Join-Path -Path $WorkspacePath -ChildPath "CIS" if (Test-Path -Path $cisPath) { if (-not (Test-Path -Path $cisDest)) { New-Item -ItemType Directory -Path $cisDest -Force | Out-Null } Copy-Item -Path "$cisPath\*" -Destination $cisDest -Recurse -Force Write-Log -Message "Copied CIS Benchmark files" -Level "INFO" } else { Write-Log -Message "CIS Benchmark files not found in module resources. Download from https://www.cisecurity.org" -Level "WARNING" } # Create ring configuration template in Deployment folder Write-Log -Message "Creating ring configuration template" -Level "INFO" $deploymentPath = Join-Path -Path $WorkspacePath -ChildPath "Deployment" $ringConfigPath = Join-Path -Path $deploymentPath -ChildPath "ring-configuration.json" if (-not (Test-Path -Path $ringConfigPath)) { try { $ringTemplate = Get-RingConfigurationTemplate $ringTemplate | ConvertTo-Json -Depth 10 | Set-Content -Path $ringConfigPath -Encoding UTF8 -Force Write-Log -Message "Created ring-configuration.json template" -Level "INFO" Write-Host "Created ring configuration template: $ringConfigPath" -ForegroundColor Green } catch { Write-Log -Message "Failed to create ring configuration template: $_" -Level "WARNING" } } # Create config.json Write-Log -Message "Creating config.json" -Level "INFO" $configPath = Join-Path -Path $WorkspacePath -ChildPath "config.json" # Load template $templatePath = Join-Path -Path $modulePath -ChildPath "Templates\config.json.template" if (Test-Path -Path $templatePath) { $config = Get-Content -Path $templatePath -Raw | ConvertFrom-Json } else { # Create default config structure $config = @{ AppRegistration = @{ ClientId = "" ClientSecret = "" TenantId = "" } OpenAI = @{ Endpoint = "" ApiKey = "" } Workspace = @{ BasePath = $WorkspacePath Initialized = (Get-Date -Format "yyyy-MM-dd HH:mm:ss") Version = "1.0.0" } Intune = @{ LastSync = $null SyncEnabled = $false } } | ConvertTo-Json | ConvertFrom-Json } # Fill in provided values if ($AppRegistrationId) { $config.AppRegistration.ClientId = $AppRegistrationId } if ($AppSecret) { $config.AppRegistration.ClientSecret = $AppSecret } if ($TenantId) { $config.AppRegistration.TenantId = $TenantId } if ($OpenAIEndpoint) { $config.OpenAI.Endpoint = $OpenAIEndpoint } if ($OpenAIKey) { $config.OpenAI.ApiKey = $OpenAIKey } $config.Workspace.BasePath = $WorkspacePath $config.Workspace.Initialized = (Get-Date -Format "yyyy-MM-dd HH:mm:ss") # Save config $config | ConvertTo-Json -Depth 10 | Set-Content -Path $configPath -Force # Store workspace path Set-WorkspacePath -WorkspacePath $WorkspacePath Write-Log -Message "NLBaseline initialization completed successfully" -Level "INFO" -WorkspacePath $WorkspacePath Write-Host "`nInitialization completed successfully!`n" -ForegroundColor Green Write-Host "Workspace: $WorkspacePath" -ForegroundColor Cyan Write-Host "Config file: $configPath" -ForegroundColor Cyan Write-Host "`nYou can now configure App Registration and OpenAI settings in config.json`n" -ForegroundColor Yellow return $true } catch { Write-Log -Message "Initialization failed: $_" -Level "ERROR" Write-Error "Failed to initialize NLBaseline: $_" return $false } } |