OpenDSC

A C# library ecosystem for building Microsoft DSC v3 resources with ease, including a comprehensive set of built-in resources for Windows and cross-platform management, plus a Local Configuration Manager (LCM) service for continuous monitoring and remediation.

Features

• 🚀 Quick scaffolding with project templates
• 📦 Supports .NET Standard 2.0, .NET 8, .NET 9, and .NET 10
• ⚡ Native AOT compilation support
• 🔧 Automatic CLI generation
• 📋 Automatic JSON schema generation
• 📄 Automatic resource manifest generation
• 🎯 Type-safe DSC resource implementation
• 🔀 Multi-resource support (requires DSC v3.2+)
• 🏗️ Built-in resources for Windows and cross-platform management
• 🔄 Local Configuration Manager (LCM) service for continuous monitoring

Libraries

| Library | Description | |-----------------------------------|-------------------------------------| | OpenDsc.Templates | DSC project templates | | OpenDsc.Resource | Core DSC resource implementation | | OpenDsc.Resource.CommandLine | CLI and resource manifest generator |

Built-in Resources

This repository includes a comprehensive set of DSC resources for managing Windows and cross-platform systems:

Windows Resources

• OpenDsc.Windows/Environment - Manage Windows environment variables
• OpenDsc.Windows/Group - Manage local Windows groups and membership
• OpenDsc.Windows/Service - Manage Windows services
• OpenDsc.Windows/ScheduledTask - Manage Windows scheduled tasks
• OpenDsc.Windows/User - Manage local Windows user accounts
• OpenDsc.Windows/UserRight - Manage Windows user rights assignments (privileges)
• OpenDsc.Windows/Shortcut - Manage Windows shortcuts (.lnk files)
• OpenDsc.Windows/OptionalFeature - Manage Windows optional features via DISM
• OpenDsc.Windows/AccountLockoutPolicy - Manage Windows account lockout policy
• OpenDsc.Windows/AuditPolicy - Manage Windows audit policy
• OpenDsc.Windows/PasswordPolicy - Manage Windows password policy
• OpenDsc.Windows.FileSystem/AccessControlList - Manage file and directory permissions (ACLs)

SQL Server Resources

• OpenDsc.SqlServer/Login - Manage SQL Server logins
• OpenDsc.SqlServer/Database - Manage SQL Server databases
• OpenDsc.SqlServer/DatabaseRole - Manage SQL Server database roles
• OpenDsc.SqlServer/ServerRole - Manage SQL Server server roles
• OpenDsc.SqlServer/DatabasePermission - Manage SQL Server database permissions
• OpenDsc.SqlServer/ServerPermission - Manage SQL Server server permissions
• OpenDsc.SqlServer/AgentJob - Manage SQL Server Agent jobs
• OpenDsc.SqlServer/Configuration - Manage SQL Server configuration values
• OpenDsc.SqlServer/DatabaseUser - Manage SQL Server database users
• OpenDsc.SqlServer/LinkedServer - Manage SQL Server linked servers
• OpenDsc.SqlServer/ObjectPermission - Manage SQL Server object permissions

Cross-Platform Resources

• OpenDsc.FileSystem/File - Manage files
• OpenDsc.FileSystem/Directory - Manage directories with hash-based synchronization
• OpenDsc.FileSystem/SymbolicLink - Manage symbolic links
• OpenDsc.Json/Value - Manage JSON values at JSONPath locations
• OpenDsc.Xml/Element - Manage XML element content and attributes
• OpenDsc.Archive.Zip/Compress - Create ZIP archives from files and directories
• OpenDsc.Archive.Zip/Expand - Extract ZIP archives to specified locations

POSIX Resources

POSIX (Portable Operating System Interface) resources are designed for Unix-like operating systems that follow POSIX standards, including Linux and macOS. These resources provide Unix-specific functionality not available on Windows.

• OpenDsc.Posix.FileSystem/Permission - Manage POSIX file and directory permissions and ownership

Quick Start

1. Install the Templates

dotnet new install OpenDsc.Templates

2. Create a New DSC Resource Project

dotnet new dsc --resource-name "MyCompany/MyResource" --resource-description "My DSC resource"

For Native AOT support:

dotnet new dsc --aot true --resource-name "MyCompany/MyResource"

3. Implement Your Resource

using OpenDsc.Resource;
using OpenDsc.Resource.CommandLine;

[DscResource("MyCompany/MyResource", Description = "Manage my resource")]
public class Resource(JsonSerializerContext context) : DscResource<Schema>(context), IGettable<Schema>
{
    public Schema Get(Schema instance)
    {
        // Implementation
    }
}

4. Create the Command Line Interface

using OpenDsc.Resource.CommandLine;

var resource = new Resource(SourceGenerationContext.Default);
var command = new CommandBuilder()
    .AddResource<Resource, Schema>(resource)
    .Build();
return command.Parse(args).Invoke();

5. Build and Run

.\build.ps1

Local Configuration Manager (LCM)

The LCM is a cross-platform background service that continuously monitors and optionally remediates DSC configurations. It supports two operational modes:

• Monitor Mode - Periodically runs dsc config test to detect drift from desired state
• Remediate Mode - Automatically applies corrections when drift is detected using dsc config set

The LCM also supports pull mode, allowing it to download configurations from the OpenDSC Pull Server with automatic updates, API key rotation, and compliance reporting.

For detailed documentation, see the LCM README.

Quick Start

Install as a Windows Service:

.\build.ps1 -Msi
msiexec /i artifacts\msi\OpenDsc.Lcm.msi

Or run as a console application:

# Configure via environment variables
$env:LCM_ConfigurationPath = "C:\configs\local\main.dsc.yaml"
$env:LCM_ConfigurationMode = "Monitor"
$env:LCM_ConfigurationModeInterval = "00:15:00"

.\artifacts\Lcm\OpenDsc.Lcm.exe

Configuration File Locations

| Platform | Configuration Directory | Logging | | --- | --- | --- | | Windows | %ProgramData%\OpenDSC\LCM | Windows Event Log (Application) | | Linux | /etc/opendsc/lcm | systemd journal | | macOS | /Library/Preferences/OpenDSC/LCM | Unified Logging |

OpenDSC Pull Server

The OpenDSC Pull Server is a REST API-based centralized configuration server that integrates with the LCM for pull mode operations. It provides:

• Configuration storage and distribution
• Composite configurations for combining multiple configurations
• Node registration and management with mTLS authentication
• Automatic certificate rotation
• Compliance reporting
• Multi-database support (SQLite, SQL Server, PostgreSQL)
• Interactive API documentation via Scalar

For detailed documentation, see the Server README.

Examples

See the built-in resources and test projects for real-world examples:

• Windows Management: User accounts, groups, services, environment variables, optional features
• File System: Files, directories, access control lists, archives
• Cross-Platform: XML element management, ZIP compression and extraction

Using Built-in Resources

T