Building on our previous post, Patch Management for SMBs, let’s explore Chocolatey—a powerful tool that simplifies software management for individuals and businesses alike. Whether you’re a small business owner or an IT admin for a growing enterprise, Chocolatey can save you time and reduce complexity in managing software.

What is Chocolatey and Why Should You Care?

Chocolatey is a Windows package manager that enables you to automate the installation, update, and configuration of software. Think of it as a command-line tool for managing software packages, similar to apt on Linux or Homebrew on macOS. Using a package manager can significantly benefit system administrators in the following ways:

• Efficiency: Install or update multiple applications with a single command.
• Consistency: Ensure all systems in your environment have the same software versions.
• Automation: Integrate software management into CI/CD pipelines or scripts.
• Scalability: Manage software across dozens or even thousands of systems easily.

The Basics of Chocolatey

Getting started with Chocolatey is straightforward. Follow these steps to set up and use Chocolatey:

# Install Chocolatey
Set-ExecutionPolicy Bypass -Scope Process -Force
Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

# Search for packages 
choco search 

# Install a package 
choco install googlechrome -y

# Update all installed packages
choco upgrade all -y

# Uninstall a package
choco uninstall googlechrome -y

Using Chocolatey in Your Enterprise

Imagine you’re managing software updates for a team of 50 employees. Rather than manually updating software on each machine, what if you could:

1. Prepare Packages: Use Chocolatey to create a central repository of software.
2. Distribute Software: Automate installation across systems via PowerShell or deployment tools.
3. Maintain Updates: Ensure everyone is on the latest, secure versions.

Sounds exciting, right?

Within an enterprise environment, using the public package manager is nice, but it introduces risks that you may not be willing to take. This is why Chocolatey also supports the creation of your own packages, which can be hosted internally, allowing for more control and dependability.

How to Build your First Package

This step-by-step guide demonstrates how to build your first Chocolatey package, offering insight into the typical development cycle.

Create Package Structure: Initialize a new project

choco new helloworld 

# Results in the following file structure

# helloworld/ 
# ├── tools/ 
# │ ├── chocolateyInstall.ps1 
# │ ├── chocolateyUninstall.ps1 
# ├── helloworld.nuspec

Modify the .nuspec File: Open helloworld.nuspec in a text editor and modify it with the example below.

<?xml version="1.0" encoding="utf-8"?>
<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
  <metadata>
    <id>helloworld</id>
    <version>1.0.0</version>
    <title>Hello World Package</title>
    <authors>YourName</authors>
    <owners>YourName</owners>
    <description>A simple Chocolatey package that prints "Hello, World!"</description>
    <tags>example hello world chocolatey</tags>
    <projectUrl>https://example.com</projectUrl>
    <licenseUrl>https://example.com/license</licenseUrl>
  </metadata>
</package>

Write the Installation Script: Open tools\chocolateyInstall.ps1 and add the following example code as a boilerplate for downloading and installing basic packages.

$packageUrl = 'https://example.com/helloworld.exe'
$installerPath = Join-Path $env:TEMP 'helloworld.exe'
Invoke-WebRequest -Uri $packageUrl -OutFile $installerPath
Start-Process -FilePath $installerPath -ArgumentList '/quiet' -Wait
Remove-Item $installerPath

Write the Uninstall Script: Navigate to tools\chocolateyUninstall.ps1 and add your code to programmatically uninstall the package.

Write-Host "Uninstalling Hello World package..." -ForegroundColor Yellow

# If software was installed, include uninstallation steps here

Package the Files: The following command will generate helloworld.1.0.0.nupkg .

choco pack

Install and Test: Always verify your package installs properly before use.

choco install helloworld --source .

Uninstall:

choco uninstall helloworld -y

Publish the Package to Chocolatey.org (optional): If you would like to share your package with the world, you can upload your package by logging into Chocolatey.org and create an API key. Then, you can publish the package with the command below.

choco push helloworld.1.0.0.nupkg --source https://push.chocolatey.org/ --api-key <YOUR_API_KEY>

Maintaining Updates

# Increment Version: Open helloworld.nuspec and increment the <version> tag (e.g., 1.0.1).

# Modify Scripts: Update chocolateyInstall.ps1 or other relevant scripts.

# Repack the Package 
choco pack

# Test Locally:
choco install helloworld --source .

# Push to Chocolatey (optional): 
choco push helloworld.1.0.1.nupkg --source https://push.chocolatey.org/ --api-key <YOUR_API_KEY>

Tips for Ongoing Maintenance

• Automate Version Checking: Use a script to check for new versions of dependent software and automatically update the .nuspec and installation scripts.
• Validate Packages: Run choco validate before submitting.
• Monitor Issues: Monitor package downloads and address issues using Chocolatey.org.

What if you Don’t Want to Use Chocolatey.org?

Very often, organizations want to host their packages internally instead of sharing their code to the world. This can be done with more commercial package managers like JFrog Artifactory, but the three examples I’ll show below are free alternatives:

Option 1: Hosting with a Simple File Share

This is the easiest method and doesn’t require installing additional software. You can use any network file share or local folder.

Note: The example below uses HTTP, but HTTPS is strongly recommended to secure network traffic when transferring packages. Therefore, this method is recommended only for development purposes.

Create a Directory for the Repository: Create a folder, e.g., C:\ChocoRepo.

Add Packages to the Repository: Place your .nupkg files into this directory.

Serve the Directory Over HTTP (Optional): Use a simple web server like IIS, NGINX, or Python’s HTTP Server to serve the folder over HTTP. For example:

python -m http.server 8080 --directory C:\ChocoRepo

Add the Repository to Chocolatey: Use Chocolatey’s source command to add the repository:

choco source add -n="LocalRepo" -s="http://localhost:8080"

Install Packages from the Repository: Install packages like this:

choco install <package-name> --source="http://localhost:8080"

Option 2: Hosting with NuGet.Server

NuGet.Server provides a lightweight, free solution to host packages using a self-contained ASP.NET application.

Install NuGet.Server:

• Install the .NET SDK if you don’t already have it.
• Create a new ASP.NET project:

dotnet new nugetconfig -n ChocoRepo 
cd ChocoRepo 
dotnet add package NuGet.Server

Configure NuGet.Server: Open the web.config file and ensure the packageSources section points to your desired folder:

<add key="packageSources" value="C:\ChocoRepo"/>

Add Packages: Place .nupkg files in the directory specified in the configuration.

Run the Server: Run the application:

dotnet run

Add the Repository to Chocolatey: Add the repository URL:

choco source add -n="MyNuGetRepo" -s="http://localhost:5000"

Install Packages: Install packages from your repository:

choco install <package-name> --source="http://localhost:5000"

Option 3: Free External Tools

If you want to avoid hosting locally, you can use free external solutions:

GitHub Releases

Upload .nupkg files as releases on GitHub.

Use the raw GitHub URL as a source:

choco source add -n="GitHubRepo" -s="https://raw.githubusercontent.com/username/repo/main"

Azure DevOps Artifacts (Free Tier): Azure DevOps provides free hosting for small-scale repositories. Follow their documentation for creating a NuGet feed and use it as a Chocolatey source.

Conclusion

Chocolatey transforms software management from a tedious task into an automated, scalable process. Whether you’re a small business or a growing enterprise, adopting Chocolatey simplifies patch management, enhances security, and saves time. Start small by using Chocolatey on a single system, and expand its use as you see its potential.

Interested in hiring us to do the hard work for you? Schedule a call to get started.

Resources

• Chocolatey Official Documentation
• NuGet.Server Setup
• Previous Blog Post: Patch Management for SMBs