Skip to content

Instantly share code, notes, and snippets.

@zenware

zenware/boxstarter.ps1

Last active May 14, 2024 04:29
Show Gist options
  • Save zenware/02c838b73e98b8f3f45c5ed027da9c39 to your computer and use it in GitHub Desktop.
Save zenware/02c838b73e98b8f3f45c5ed027da9c39 to your computer and use it in GitHub Desktop.
Download ZIP
Windows Quick Setup
Raw
readme.md

Initialize a Windows box

Setup a Fresh Windows Box

After setting up your account on windows, the first thing you should do is

Click This Link or run this command

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; . { iwr -useb https://boxstarter.org/bootstrapper.ps1 } | iex; Get-Boxstarter -Force; Install-BoxstarterPackage -PackageName https://gist.githubusercontent.com/zenware/02c838b73e98b8f3f45c5ed027da9c39/raw/boxstarter.ps1 -DisableReboots

Motivation

y'know I just need to reinstall windows on VMs or a personal machine from time to time. apparently often enough to make a big fuss about it.

How this works

We use Boxstarter as the init library, and anypackage as a universal package manager. Boxstarter provides a set of utilities that are fundamentally built around 100% interrupt free Windows Environment Installations. I do prefer the fewest possible interrupts, but I don't actually care about it having 0. I just want it to be more convenient.

TODO: Provide multiple links and then also a CLI for the base packages.

Use-case One-Click Link Single Command
Base System data2 data3
Development data12 data13
Streaming data12 data13
Productivity data12 data13
Audio data12 data13
Gaming data12 data13

Is some of the audio stuff "base system" things?

Edit the Start Menu

If neccessary %appdata%\Microsoft\Windows\Start Menu\Programs controls how your start menu looks Additionally C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp is startup programs for all users And for finer control over the programs that launch at startup you can use the registry editor on

HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
HKCU:Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved

Run a non-admin process from admin pwsh

$credential = Get-Credential -UserName $Env:USERNAME
Start-Process -FilePath pwsh.exe -ArgumentList '-noprofile' -Credential $credential -Wait

TODO

  • Consider Chocolatey Non-Admin Install (https://docs.chocolatey.org/en-us/choco/setup#non-administrative-install)
  • Explicitly Test/Enable TLS1.2 in pwsh (https://docs.chocolatey.org/en-us/choco/setup#additional-considerations)
  • Explicitylu Enable TLS1.2 for single-command setup
  • Solution for installing packages from the microsoft store
  • Create Usecase-Specific Versions (Gaming, Productivity, Audio Production, etc.)
  • Single Command
  • Review comments for accuract
  • Review package params and make good choices
  • Figure out why Set-BoxstarterTaskbarOptions isn't an available cmdlet in my version, which should be the latest
  • Find packages that aren't available on chocolatey and do something about that
  • Install Developer tools with scoop instead of chocolatey, for isolation

Potential TODO

  • Get a "/NoDesktopIcon" option into all of these packages.
  • Integrate some "de-bloat" process
  • Automate disabling the windows search index and replacing it with everything
  • Write a script that compares Chocolatey Installed packages to Packages that are on the system? Why?

What do I install on all my machines?

Why do I install these on all my machines, what do I want to do, no matter what computer I'm at?

  • Chrome
  • Bitwarden

Communication

  • Discord

Tools

  • VSCode

Packages Outside of Chocolatey

There's really only a few options here

  1. Add some automated download-and-run capabilities to the script and a list of links.
  2. Just maintain a list of links and manually download and run them
  3. Actually maintain a collection of chocolatey packages for my needs

Something I should do on this front is write a script that checks what packages are installed on the system and compares them to the packages installed by chocolatey, so that I can more easily determine what they are and update this.

The options for this have changed, there are now multiple package managers, including several developed at microsoft. I should use a combination of Chocolatey, Scoop, WinGet, and perhaps vcpkg.

The following are personal preferences. If a tool is available as a signed Appx in the Microsoft store, probably I should grab it with Add-AppxPackage or perhaps winget If winget does that sort of thing? example pkgs:

  • Discord
  • Slack

Otherwise I should prefer Scoop, because it has two core premises I'm fond of.

  • Don't need admin rights
  • Isolate packages to $user/scoop Isolation and not requiring admin rights is :chefskiss:

Scoop is sort of intended for cli developer tools, so I should mostly prefer it for those use-cases.

The package management landscape has gotten a bit more complex since I last investigated, and there's OneGet by microsoft which came and went -- it supports multiple providers and offers a winget like API. And the continually developed community installer anypackage

Anypackage actually offers the ability to configure package priorities albeit a bit awkwardly. But that's what I'm gonna use to unify the scoop/winget/choco/etc. situation.

# During Scoop installs
Add-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# After Scoop installs are done.
Remove-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"

List of Unavailable Packages

  • Backblaze Backups
  • Battle.net
  • Glasswire (Maybe some other similar Firewall, -- portmaster/safing)
  • Zeal (Documentation Browser)
  • ZimWiki
  • Zoom
  • Signal
  • RescueTime
  • PowerToys?

Packages that have since been added

  • Anki (anki)
  • Amazon Workspaces (amazon-workspaces)
  • Logitech GHub (lghub)
  • NZXT CAM (nzxt or nzxt-cam) That said, nzxt cam wants me to log in, and I don't want to. So I should review and see if I actually need this? And further, the answer is actually I don't This is a system specific tool...

Net New Addons? TODO

Useful Sources and Inspirations

Raw
boxstarter.ps1
# NOTE: Worst-Case Scenario I should be able to include the command to setup Chocolatey
# and the command to setup boxstarter at the top of this script
# And then provide a "download and run this script command"
# (Get-Host).Version
# (Get-WmiObject -Query 'SELECT * FROM Win32_OperatingSystem').Version
# Temporary Setup
Disable-UAC
Disable-MicrosoftUpdate
# More Permanent Setup -- https://boxstarter.org/WinConfig
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles -EnableShowFileExtensions -EnableShowFullPathInTitleBar
# Move-LibraryDirectory "Personal" "$env:UserProfile\OneDrive\Documents"
# Historically was called Set-TaskbarOptions
# Is there a way I can check which version of Boxstarter I have and decide which option to use based on that?
# Ideally I select functionality based on a combination of Boxstarter Version and Windows Version.
try {
Set-BoxstarterTaskbarOptions -Size Small -Dock Bottom -MultiMonitorOn -MultiMonitorMode All -Combine Always
} catch {
Write-Host "You're using an older version of Boxstarter, so we need to use the old command 'Set-TaskbarOptions'"
Write-Host "The older command doesn't have support for -MultiMonitorOn or -MultiMonitorMode"
Write-Host "You'll have to configure those settings manually."
Set-TaskbarOptions -Size Small -Dock Bottom -Combine Always -MultiMonitorOn -MultiMonitorMode All
}
Disable-BingSearch # Disables Bing in TaskBar/Start Menu
Disable-GameBarTips
# I really tried to setup AnyPackge, but PackageManagement/OneGet was getting in my way
# Setup AnyPackage
# Universal Package Installer Supporting Multiple Providers
# Change Trust on PSGallery
# If we are in April 2020 or Later, we should force Tls12, as previous versions are unsupported.
# [Net.ServicePointManager]::SecurityProtocol = "tls12"
# Set-PSRepository
# Can only Install AnyPackage with -AllowClobber
# Should I test the versions before blindly installing?
Get-Module -ListAvailable PackageManagement, PowerShellGet
Set-ExecutionPolicy RemoteSigned -Scope Process -Force;
Install-PackageProvider -Name Nuget -Force
# Transition from external management to management via Install-Module
# External Management might be Appx Install from Microsoft Store.
# Requires Powershell >= 5.1 or Powershell Core(but what version?)
# This will get us a PowerShellGet v3 something which is unmaintained.
Install-Module -Name PowerShellGet -Force -AllowPrerelease
# But PSResourceGet is the continuation of PowerShellGet v3
# https://devblogs.microsoft.com/powershell/psresourceget-preview-is-now-available/
# PSResourceGet GA expected Powershell 7.4
# Install from powershellget v3
# Install-PSResource Microsoft.PowerShell.PSResourceGet -Prerelease
Install-Module -Name Microsoft.PowerShell.PSResourceGet -AllowPrerelease
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
Set-PSRepository -Name PSGallery -InstallationPolicy Untrusted
# Update-Module -Name PowerShellGet -AllowPrerelease
# Register PSResource Repositories
Register-PSResourceRepository -Name "NuGetGallery" -Uri "https://api.nuget.org/v3/index.json"
# Register-PSResourceRepository -Name "AdoFeedName" -Uri <My_ADO_Feed_Uri
# Register-PSResourceRepository -Name "GithubPackagesFeed" -Uri "https://nuget.pkg.github.com/<NAMESPACE>/index.json"
# Register-PSResourceRepository -Name "JFrogFeed" -Uri "https://<myaccount>.jfrog.io/artifactory/api/nuget/v3/<myrepository>/index.json"
#
# Add Package Sources
Register-PackageSource -Name Chocolatey -ProviderName Chocolatey -Location http://chocolatey.org/api/v2/
# Find-Package -Name Sysinternals
# Install-Module -AllowClobber AnyPackage
# AllowClobber is default in PSResourceGet
Install-PSResource AnyPackage
Install-Module AnyPackage.PSResourceGet
Install-PSResource AnyPackage.Scoop
# winget reqs
# Install-Module AnyPackage.WinGet -Force
if (
([Environment]::OSVersion.Version.Major -ge 10 -and
[Environment]::OSVersion.Version.Build -ge 16299) -or
[Environment]::OSVersion.Major -eq 11) {
# Also need winget cli so install that prior to this.
Install-Module AnyPackage.WinGet -Force
# Not totally sure what's going on here but I do want to install KeePassXC through WinGet
# While Bypassing UAC if possible.
winget install -e --id KeePassXCTeam.KeePassXC
}
Install-Module AnyPackage.Chocolatey -Force
# These are about Windows Update Files and Add/Remove Programs
# They may be practical during regular windows use, but are not the most
# relevant here.
# Install-PSResource AnyPackage.Programs
# Install-PSResource AnyPackage.Msu
# Browsers
#choco install firefox -y --params "/NoDesktopShortcut /RemoveDistributionDir"
#choco install GoogleChrome -y
# Software Development
choco install vscode.install -y --params "/NoDesktopIcon"
#$ code --install-extension /path/to/rust-analyzer.vsix
# TODO: use vscode commands to preinstall some useful extensions.
# choco install zeal.install -y
# Office Suite (just in case)
#choco install libreoffice-fresh -y
# Communication / Messaging
# Installing/Upgrading Discord via Chocolatey corrupts the installation.
choco install discord.install -y
choco install slack -y
# choco install telegram.install -y
#choco install signal -y --params "/NoShortcut"
# choco install franz -y # This Package is Garbage, don't be fooled.
# Utilities/Tools
choco install portmaster -y
choco install tailscail -y
# choco install 7zip.install -y # NOTE: May close the 'explorer process', should check and restart
#choco install vlc -y --params "/Language:en"
# WinGet
# https://learn.microsoft.com/en-us/windows/package-manager/winget/
# > The winget command line tool is only supported on Windows 10 1709 (build 16299) or later at this time.
# TODO: Figure out a way to update all Appx packages?
if (
[Environment]::OSVersion.Version.Major -ge 10 -and
[Environment]::OSVersion.Version.Build -ge 16299) {
# TODO: Test if it's available before installing it outright.
# https://learn.microsoft.com/en-us/powershell/module/appx/?view=windowsserver2019-ps
# https://github.com/microsoft/winget-cli/issues/1426
Add-AppxPackage -RegisterByFamilyName -MainPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe
}
# Flux is Superseded by more recent Windows version having this builtin.
if ([Environment]::OSVersion.Version.Major -lt 10) {
choco install f.lux.install -y
} else {
# TODO: Enable Nightlight from CLI command?
}
#choco install sysinternals -y
# Prefer a nicer tool than teamviewer maybe?
#choco install teamviewer -y
#choco install wireshark -y
#choco install windirstat -y # Perhaps there's a better choice, Wiztree
#choco install dropbox -y # Should I get GoogleDrive and iCloud?
choco install bitwarden -y # Consider Keepass
#?choco install virtualbox -y --params "/NoDesktopShortcut"
#choco install calibre -y # E-Book Management
#choco install qbittorrent -y
#choco install tor-browser -y # diet anonymity
# Graphical Tools
#choco install krita -y # Digital Art and Photo Manipulation
# Gaming
#? Dolphin Emulator? -- playnite actually supports emulators
# I know playnite likes to have itch.io installed to work with itch.io games
# I don't know if it needs other launchers installed in order to install and update their games.
#choco install playnite -y # Unified Game Launcher
#choco install steam -y
#choco install steam-cleaner -y # Cleanup left-behind artifacts from uninstalling games, from various clients
# Streaming
#choco install streamlabs-obs -y # Consider switching to obs-studio + obs.live plugin suite
# Tear-Down & Finish with Upgrades
Enable-UAC
Enable-MicrosoftUpdate
Install-WindowsUpdate -AcceptEula -SuppressReboots
# Think about if I should setup any cloud storage and point my LibraryDirectories in one of those locations (Probably yes)
#Move-LibraryDirectory "Personal" "$env:UserProfile\skydrive\documents"
Raw
scoop.ps1
# Scoop Requires Non-Admin Rights
# Scoop
# iex (new-object net.webclient).downloadstring('https://get.scoop.sh')
Invoke-WebRequest -useb get.scoop.sh | Invoke-Expression
# TODO: This command errors out currently...
# Add-MpPreference : Cannot validate argument on parameter 'ExclusionPath'. The argument is null or empty.
# Provide an argument that is not null or empty, and then try the command again.
Add-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# Enable multi-connection downloads for scoop
scoop install aria2
# Utilities
scoop install git
scoop install copyq # clipboard manager
# Windows 10 includes ssh
if ([Environment]::OSVersion.Version.Major -lt 10) {
scoop install openssh
}
# Programming Languages
scoop install go
# Programming Language Version Managers
# https://github.com/ScoopInstaller/Main/issues/4143
# https://github.com/rstudio/reticulate/issues/1342
scoop install pyenv@2.64.11
scoop hold pyenv
scoop install pipx # python exe manager
pipx ensurepath
pipx install poetry
scoop install volta # node
# scoop bucket add dorado
scoop install rustup
Remove-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# Post-Scoop Programming Language steps.
# https://visualstudio.microsoft.com/visual-cpp-build-tools/
# https://rust-analyzer.github.io/manual.html#rustup
rustup self update
rustup update
rustup component add clippy
rustup component add rustfmt
# TODO: Consider corepack as well
#volta install node
#volta inatall yarn
#npm install --global pnpm
#npm install --global typescript
pyenv update
# Should always be latest Python, no? -- or none and only project specific?
# pyenv install 3.11.2 # This launches an MSI GUI
# Remember SSH key password in windows credential manager
# scoop install pshazz
# git config --global credential.helper manager
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment