Skip to content

Instantly share code, notes, and snippets.

@efonte

efonte/0-SystemConfiguration.ps1

Last active June 25, 2018 12:43
Show Gist options
  • Save efonte/7aed5a5f92bb65091548b3623b0b5d17 to your computer and use it in GitHub Desktop.
Save efonte/7aed5a5f92bb65091548b3623b0b5d17 to your computer and use it in GitHub Desktop.
Download ZIP
Windows 10 Post-Install Boxstarter Script
Raw
0-SystemConfiguration.ps1
#The command to run, built from the raw link of this gist
#START http://boxstarter.org/package/url?https://gist.github.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/0-SystemConfiguration.ps1
#########################################
# Set Execution Policy #
#########################################
# Boxstarter options
$Boxstarter.RebootOk=$true # Allow reboots?
$Boxstarter.NoPassword=$false # Is this a machine with no login password?
$Boxstarter.AutoLogin=$true # Save my password securely and auto-login after a reboot
# Basic setup
Write-Host "Setting execution policy"
Update-ExecutionPolicy Unrestricted
###########################################
# Update Windows and reboot if necessary #
###########################################
Write-Host "Enable MicrosoftUpdate"
Enable-MicrosoftUpdate
Write-Host "Change Windows Updates to 'Notify to schedule restart'"
# Change Windows Updates to "Notify to schedule restart"
If (!(Test-Path "HKCU:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings")) {
New-Item -Path HKCU:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name UxOption -Type DWord -Value 1
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings")) {
New-Item -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name UxOption -Type DWord -Value 1
Write-Host "Disable P2P Update downlods outside of local network"
# Disable P2P Update downlods outside of local network
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config")) {
New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config -Name DODownloadMode -Type DWord -Value 1
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization -Name SystemSettingsDownloadMode -Type DWord -Value 3
If (!(Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config")) {
New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config -Name DODownloadMode -Type DWord -Value 1
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization -Name SystemSettingsDownloadMode -Type DWord -Value 3
Write-Host "Install WindowsUpdate"
Install-WindowsUpdate -AcceptEula # -GetUpdatesFromMS
##################
# Internet Settings
##################
Write-Host "Change default DNS to Google DNS"
# look for nic w/ gateway
$GWNic=(Get-NetIPConfiguration -All | Where-Object {$_.IPv4DefaultGateway -ne $null}).interfaceindex
# set dns servers to both ipv4/ipv6, reference https://developers.google.com/speed/public-dns/docs/using
Set-DnsClientServerAddress -InterfaceIndex $GWNic -ServerAddresses ("8.8.8.8","8.8.4.4","2001:4860:4860::8888","2001:4860:4860::8844")
##################
# Privacy Settings
##################
#Write-Host "Disable IE ESC"
#Disable-InternetExplorerESC
#Write-Host "Disable UAC"
#Disable-UAC
#Disable-BingSearch
# Privacy: Let apps use my advertising ID: Disable
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo")) {
New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Name Enabled -Type DWord -Value 0
If (!(Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo")) {
New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Name Enabled -Type DWord -Value 0
# Privacy: SmartScreen Filter for Store Apps: Disable
# If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost")) {
# New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Force | Out-Null
# }
# Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Name EnableWebContentEvaluation -Type DWord -Value 0
# If (-Not (Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost")) {
# New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Force | Out-Null
# }
# Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Name EnableWebContentEvaluation -Type DWord -Value 0
# WiFi Sense: HotSpot Sharing: Disable
If (-Not (Test-Path "HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting")) {
New-Item -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Name value -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting")) {
New-Item -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Name value -Type DWord -Value 0
# WiFi Sense: Shared HotSpot Auto-Connect: Disable
If (-Not (Test-Path "HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots")) {
New-Item -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Name value -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots")) {
New-Item -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Name value -Type DWord -Value 0
# Start Menu: Disable Cortana (Commented out by default - this is personal preference)
# TODO: Figure this out - need another VM to test, mine's already disabled via domain, etc.
# Disable Telemetry (requires a reboot to take effect)
# If (-Not (Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection")) {
# New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Force | Out-Null
# }
# Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Name AllowTelemetry -Type DWord -Value 0
# If (-Not (Test-Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection")) {
# New-Item -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Force | Out-Null
# }
# Set-ItemProperty -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Name AllowTelemetry -Type DWord -Value 0
# Get-Service DiagTrack,Dmwappushservice | Stop-Service | Set-Service -StartupType Disabled
############################
# Personal Preferences on UI
############################
# Change Explorer home screen back to "This PC"
# If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced")) {
# New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Force | Out-Null
# }
# Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name LaunchTo -Type DWord -Value 1
# If (-Not (Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced")) {
# New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Force | Out-Null
# }
# Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name LaunchTo -Type DWord -Value 1
# # Change it back to "Quick Access" (Windows 10 default)
# #Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name LaunchTo -Type DWord -Value 2
# These make "Quick Access" behave much closer to the old "Favorites"
# Disable Quick Access: Recent Files
# If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer")) {
# New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Force | Out-Null
# }
# Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowRecent -Type DWord -Value 0
# # Disable Quick Access: Frequent Folders
# Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowFrequent -Type DWord -Value 0
# If (-Not (Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer")) {
# New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Force | Out-Null
# }
# Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowRecent -Type DWord -Value 0
# # Disable Quick Access: Frequent Folders
# Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowFrequent -Type DWord -Value 0
# # To Restore:
# #Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowRecent -Type DWord -Value 1
# #Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowFrequent -Type DWord -Value 1
# Disable the Lock Screen (the one before password prompt - to prevent dropping the first character)
# If (-Not (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization)) {
# New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows -Name Personalization | Out-Null
# }
# Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization -Name NoLockScreen -Type DWord -Value 1
# If (-Not (Test-Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\Personalization)) {
# New-Item -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows -Name Personalization | Out-Null
# }
# Set-ItemProperty -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\Personalization -Name NoLockScreen -Type DWord -Value 1
# # To Restore:
# #Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization -Name NoLockScreen -Type DWord -Value 1
#########################
# Set explorer options #
#########################
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowFileExtensions -DisableOpenFileExplorerToQuickAccess
#Set-TaskbarOptions -Size Small -Lock
#Need a check to see if this reboot has already been done...
#if (Test-PendingReboot) { Invoke-Reboot }
Raw
1-BaseAppsSetup.ps1
#The command to run, built from the raw link of this gist
#START http://boxstarter.org/package/url?https://gist.githubusercontent.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/1-BaseAppsSetup.ps1
# Boxstarter options
$Boxstarter.RebootOk=$false # Allow reboots?
$Boxstarter.NoPassword=$false # Is this a machine with no login password?
$Boxstarter.AutoLogin=$true # Save my password securely and auto-login after a reboot
$env:ChocolateyAllowEmptyChecksums=$true
###########################################
# Install base stuff #
###########################################
cinst -y chocolatey
cinst -y chocolateygui
cinst -y 7zip.install
cinst -y winrar
cinst -y spotify
cinst -y notepadplusplus.install
cinst -y notepad3.install
cinst -y inkscape
cinst -y unchecky
# cinst -y openvpn # TODO: add switch so that it doesn't start with windows
# cinst -y skype #removed because then the skype update crashes
# cinst -y hipchat
cinst -y googlechrome
cinst -y firefox
cinst -y adobereader
# cinst -y filezilla #=> Need switch for authorization
# cinst -y mremoteng
cinst -y winmerge
cinst -y vlc
# cinst -y toggl #Timetracker
cinst -y haroopad
cinst -y googledrive
cinst -y dropbox
cinst -y greenshot
cinst -y imagemagick.app
# cinst -y windirstat
cinst -y jre8
cinst -y qbittorrent
cinst -y ipfilter-updater
cinst -y mkvtoolnix
cinst -y makemkv
cinst -y gmkvextractgui
Install-ChocolateyPinnedTaskBarItem "$($Boxstarter.programFiles)\Google\Chrome\Application\chrome.exe"
Raw
2-DevApps.ps1
#The command to run, built from the raw link of this gist
#START http://boxstarter.org/package/url?https://gist.github.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/2-DevApps.ps1
# Boxstarter options
$Boxstarter.RebootOk=$false # Allow reboots?
$Boxstarter.NoPassword=$false # Is this a machine with no login password?
$Boxstarter.AutoLogin=$true # Save my password securely and auto-login after a reboot
$env:ChocolateyAllowEmptyChecksums=$true
cinst -y jdk8
cinst -y git.install
# cinst -y tortoisegit
# cinst -y poshgit #Look into that, powershell for git.
cinst -y putty.install
cinst -y sublimetext3
cinst -y github
cinst -y visualstudiocode
cinst -y papercut
# cinst -y fiddler4
# cinst -y linqpad
cinst -y postman
# cinst -y soapui
# cinst -y virtualbox
# cinst -y vagrant
# cinst -y vmwareworkstation
cinst -y nodejs.install
# cinst -y visualstudio2017community
cinst -y python3
cinst -y jetbrainstoolbox
cinst -y intellijidea-ultimate
cinst -y pycharm
cinst -y webstorm
cinst -y bitnami-xampp
cinst -y hyper
cinst -y insomnia-rest-api-client
# cwindowsfeatures IIS-WebServerRole
Raw
README.md

Windows 10 Post-Install Boxstarter Script

Thanks to https://blog.codybunch.com/2017/03/27/Basic-Automated-Windows-10-post-install/

PS C:\> START http://boxstarter.org/package/url?https://gist.github.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/0-SystemConfiguration.ps1

PS C:\> START http://boxstarter.org/package/url?https://gist.githubusercontent.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/1-BaseAppsSetup.ps1

PS C:\> START http://boxstarter.org/package/url?https://gist.github.com/F0NT3/7aed5a5f92bb65091548b3623b0b5d17/raw/51b8fdd0a8ad8bfdbae47dbe036bff16b1a795d4/2-DevApps.ps1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment