Last active May 14, 2024 04:29
Windows Quick Setup

Initialize a Windows box

Setup a Fresh Windows Box

After setting up your account on windows, the first thing you should do is

Click This Link or run this command

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; . { iwr -useb } | iex; Get-Boxstarter -Force; Install-BoxstarterPackage -PackageName -DisableReboots


y'know I just need to reinstall windows on VMs or a personal machine from time to time. apparently often enough to make a big fuss about it.

How this works

We use Boxstarter as the init library, and anypackage as a universal package manager. Boxstarter provides a set of utilities that are fundamentally built around 100% interrupt free Windows Environment Installations. I do prefer the fewest possible interrupts, but I don't actually care about it having 0. I just want it to be more convenient.

TODO: Provide multiple links and then also a CLI for the base packages.

Is some of the audio stuff "base system" things?

Edit the Start Menu

If neccessary %appdata%\Microsoft\Windows\Start Menu\Programs controls how your start menu looks Additionally C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp is startup programs for all users And for finer control over the programs that launch at startup you can use the registry editor on


Run a non-admin process from admin pwsh

$credential = Get-Credential -UserName $Env:USERNAME
Start-Process -FilePath pwsh.exe -ArgumentList '-noprofile' -Credential $credential -Wait


  • Consider Chocolatey Non-Admin Install (
  • Explicitly Test/Enable TLS1.2 in pwsh (
  • Explicitylu Enable TLS1.2 for single-command setup
  • Solution for installing packages from the microsoft store
  • Create Usecase-Specific Versions (Gaming, Productivity, Audio Production, etc.)
  • Single Command
  • Review comments for accuract
  • Review package params and make good choices
  • Figure out why Set-BoxstarterTaskbarOptions isn't an available cmdlet in my version, which should be the latest
  • Find packages that aren't available on chocolatey and do something about that
  • Install Developer tools with scoop instead of chocolatey, for isolation

Potential TODO

  • Get a "/NoDesktopIcon" option into all of these packages.
  • Integrate some "de-bloat" process
  • Automate disabling the windows search index and replacing it with everything
  • Write a script that compares Chocolatey Installed packages to Packages that are on the system? Why?

What do I install on all my machines?

Why do I install these on all my machines, what do I want to do, no matter what computer I'm at?

  • Chrome
  • Bitwarden


  • Discord


  • VSCode

Packages Outside of Chocolatey

There's really only a few options here

  1. Add some automated download-and-run capabilities to the script and a list of links.
  2. Just maintain a list of links and manually download and run them
  3. Actually maintain a collection of chocolatey packages for my needs

Something I should do on this front is write a script that checks what packages are installed on the system and compares them to the packages installed by chocolatey, so that I can more easily determine what they are and update this.

The options for this have changed, there are now multiple package managers, including several developed at microsoft. I should use a combination of Chocolatey, Scoop, WinGet, and perhaps vcpkg.

The following are personal preferences. If a tool is available as a signed Appx in the Microsoft store, probably I should grab it with Add-AppxPackage or perhaps winget If winget does that sort of thing? example pkgs:

  • Discord
  • Slack

Otherwise I should prefer Scoop, because it has two core premises I'm fond of.

  • Don't need admin rights
  • Isolate packages to $user/scoop Isolation and not requiring admin rights is :chefskiss:

Scoop is sort of intended for cli developer tools, so I should mostly prefer it for those use-cases.

The package management landscape has gotten a bit more complex since I last investigated, and there's OneGet by microsoft which came and went -- it supports multiple providers and offers a winget like API. And the continually developed community installer anypackage

Anypackage actually offers the ability to configure package priorities albeit a bit awkwardly. But that's what I'm gonna use to unify the scoop/winget/choco/etc. situation.

# During Scoop installs
Add-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# After Scoop installs are done.
Remove-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"

List of Unavailable Packages

  • Backblaze Backups
  • Glasswire (Maybe some other similar Firewall, -- portmaster/safing)
  • Zeal (Documentation Browser)
  • ZimWiki
  • Zoom
  • Signal
  • RescueTime
  • PowerToys?

Packages that have since been added

  • Anki (anki)
  • Amazon Workspaces (amazon-workspaces)
  • Logitech GHub (lghub)
  • NZXT CAM (nzxt or nzxt-cam) That said, nzxt cam wants me to log in, and I don't want to. So I should review and see if I actually need this? And further, the answer is actually I don't This is a system specific tool...

Net New Addons? TODO

Useful Sources and Inspirations

# NOTE: Worst-Case Scenario I should be able to include the command to setup Chocolatey
# and the command to setup boxstarter at the top of this script
# And then provide a "download and run this script command"
# (Get-Host).Version
# (Get-WmiObject -Query 'SELECT * FROM Win32_OperatingSystem').Version
# Temporary Setup
# More Permanent Setup --
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles -EnableShowFileExtensions -EnableShowFullPathInTitleBar
# Move-LibraryDirectory "Personal" "$env:UserProfile\OneDrive\Documents"
# Historically was called Set-TaskbarOptions
# Is there a way I can check which version of Boxstarter I have and decide which option to use based on that?
# Ideally I select functionality based on a combination of Boxstarter Version and Windows Version.
try {
Set-BoxstarterTaskbarOptions -Size Small -Dock Bottom -MultiMonitorOn -MultiMonitorMode All -Combine Always
} catch {
Write-Host "You're using an older version of Boxstarter, so we need to use the old command 'Set-TaskbarOptions'"
Write-Host "The older command doesn't have support for -MultiMonitorOn or -MultiMonitorMode"
Write-Host "You'll have to configure those settings manually."
Set-TaskbarOptions -Size Small -Dock Bottom -Combine Always -MultiMonitorOn -MultiMonitorMode All
Disable-BingSearch # Disables Bing in TaskBar/Start Menu
# I really tried to setup AnyPackge, but PackageManagement/OneGet was getting in my way
# Setup AnyPackage
# Universal Package Installer Supporting Multiple Providers
# Change Trust on PSGallery
# If we are in April 2020 or Later, we should force Tls12, as previous versions are unsupported.
# [Net.ServicePointManager]::SecurityProtocol = "tls12"
# Set-PSRepository
# Can only Install AnyPackage with -AllowClobber
# Should I test the versions before blindly installing?
Get-Module -ListAvailable PackageManagement, PowerShellGet
Set-ExecutionPolicy RemoteSigned -Scope Process -Force;
Install-PackageProvider -Name Nuget -Force
# Transition from external management to management via Install-Module
# External Management might be Appx Install from Microsoft Store.
# Requires Powershell >= 5.1 or Powershell Core(but what version?)
# This will get us a PowerShellGet v3 something which is unmaintained.
Install-Module -Name PowerShellGet -Force -AllowPrerelease
# But PSResourceGet is the continuation of PowerShellGet v3
# PSResourceGet GA expected Powershell 7.4
# Install from powershellget v3
# Install-PSResource Microsoft.PowerShell.PSResourceGet -Prerelease
Install-Module -Name Microsoft.PowerShell.PSResourceGet -AllowPrerelease
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
Set-PSRepository -Name PSGallery -InstallationPolicy Untrusted
# Update-Module -Name PowerShellGet -AllowPrerelease
# Register PSResource Repositories
Register-PSResourceRepository -Name "NuGetGallery" -Uri ""
# Register-PSResourceRepository -Name "AdoFeedName" -Uri <My_ADO_Feed_Uri
# Register-PSResourceRepository -Name "GithubPackagesFeed" -Uri "<NAMESPACE>/index.json"
# Register-PSResourceRepository -Name "JFrogFeed" -Uri "https://<myaccount><myrepository>/index.json"
# Add Package Sources
Register-PackageSource -Name Chocolatey -ProviderName Chocolatey -Location
# Find-Package -Name Sysinternals
# Install-Module -AllowClobber AnyPackage
# AllowClobber is default in PSResourceGet
Install-PSResource AnyPackage
Install-Module AnyPackage.PSResourceGet
Install-PSResource AnyPackage.Scoop
# winget reqs
# Install-Module AnyPackage.WinGet -Force
if (
([Environment]::OSVersion.Version.Major -ge 10 -and
[Environment]::OSVersion.Version.Build -ge 16299) -or
[Environment]::OSVersion.Major -eq 11) {
# Also need winget cli so install that prior to this.
Install-Module AnyPackage.WinGet -Force
# Not totally sure what's going on here but I do want to install KeePassXC through WinGet
# While Bypassing UAC if possible.
winget install -e --id KeePassXCTeam.KeePassXC
Install-Module AnyPackage.Chocolatey -Force
# These are about Windows Update Files and Add/Remove Programs
# They may be practical during regular windows use, but are not the most
# relevant here.
# Install-PSResource AnyPackage.Programs
# Install-PSResource AnyPackage.Msu
# Browsers
#choco install firefox -y --params "/NoDesktopShortcut /RemoveDistributionDir"
#choco install GoogleChrome -y
# Software Development
choco install vscode.install -y --params "/NoDesktopIcon"
#$ code --install-extension /path/to/rust-analyzer.vsix
# TODO: use vscode commands to preinstall some useful extensions.
# choco install zeal.install -y
# Office Suite (just in case)
#choco install libreoffice-fresh -y
# Communication / Messaging
# Installing/Upgrading Discord via Chocolatey corrupts the installation.
choco install discord.install -y
choco install slack -y
# choco install telegram.install -y
#choco install signal -y --params "/NoShortcut"
# choco install franz -y # This Package is Garbage, don't be fooled.
# Utilities/Tools
choco install portmaster -y
choco install tailscail -y
# choco install 7zip.install -y # NOTE: May close the 'explorer process', should check and restart
#choco install vlc -y --params "/Language:en"
# WinGet
# > The winget command line tool is only supported on Windows 10 1709 (build 16299) or later at this time.
# TODO: Figure out a way to update all Appx packages?
if (
[Environment]::OSVersion.Version.Major -ge 10 -and
[Environment]::OSVersion.Version.Build -ge 16299) {
# TODO: Test if it's available before installing it outright.
Add-AppxPackage -RegisterByFamilyName -MainPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe
# Flux is Superseded by more recent Windows version having this builtin.
if ([Environment]::OSVersion.Version.Major -lt 10) {
choco install f.lux.install -y
} else {
# TODO: Enable Nightlight from CLI command?
#choco install sysinternals -y
# Prefer a nicer tool than teamviewer maybe?
#choco install teamviewer -y
#choco install wireshark -y
#choco install windirstat -y # Perhaps there's a better choice, Wiztree
#choco install dropbox -y # Should I get GoogleDrive and iCloud?
choco install bitwarden -y # Consider Keepass
#?choco install virtualbox -y --params "/NoDesktopShortcut"
#choco install calibre -y # E-Book Management
#choco install qbittorrent -y
#choco install tor-browser -y # diet anonymity
# Graphical Tools
#choco install krita -y # Digital Art and Photo Manipulation
# Gaming
#? Dolphin Emulator? -- playnite actually supports emulators
# I know playnite likes to have installed to work with games
# I don't know if it needs other launchers installed in order to install and update their games.
#choco install playnite -y # Unified Game Launcher
#choco install steam -y
#choco install steam-cleaner -y # Cleanup left-behind artifacts from uninstalling games, from various clients
# Streaming
#choco install streamlabs-obs -y # Consider switching to obs-studio + plugin suite
# Tear-Down & Finish with Upgrades
Install-WindowsUpdate -AcceptEula -SuppressReboots
# Think about if I should setup any cloud storage and point my LibraryDirectories in one of those locations (Probably yes)
#Move-LibraryDirectory "Personal" "$env:UserProfile\skydrive\documents"
# Scoop Requires Non-Admin Rights
# Scoop
# iex (new-object net.webclient).downloadstring('')
Invoke-WebRequest -useb | Invoke-Expression
# TODO: This command errors out currently...
# Add-MpPreference : Cannot validate argument on parameter 'ExclusionPath'. The argument is null or empty.
# Provide an argument that is not null or empty, and then try the command again.
Add-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# Enable multi-connection downloads for scoop
scoop install aria2
# Utilities
scoop install git
scoop install copyq # clipboard manager
# Windows 10 includes ssh
if ([Environment]::OSVersion.Version.Major -lt 10) {
scoop install openssh
# Programming Languages
scoop install go
# Programming Language Version Managers
scoop install [email protected]
scoop hold pyenv
scoop install pipx # python exe manager
pipx ensurepath
pipx install poetry
scoop install volta # node
# scoop bucket add dorado
scoop install rustup
Remove-MpPreference -ExclusionPath "$($env:programdata)\scoop", "$($env:scoop)"
# Post-Scoop Programming Language steps.
rustup self update
rustup update
rustup component add clippy
rustup component add rustfmt
# TODO: Consider corepack as well
#volta install node
#volta inatall yarn
#npm install --global pnpm
#npm install --global typescript
pyenv update
# Should always be latest Python, no? -- or none and only project specific?
# pyenv install 3.11.2 # This launches an MSI GUI
# Remember SSH key password in windows credential manager
# scoop install pshazz
# git config --global credential.helper manager
