hiro/ray
1
0
Fork 0
mirror of https://github.com/vale981/ray synced 2025-03-10 05:16:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ray/.buildkite/windows/install/scripts/Installers/Initialize-VM.ps1
ellimac54 772d25cc38
Add Initial Windows Dockerfile (#17474)
2021-09-03 11:41:06 -07:00

131 lines
5.2 KiB
PowerShell
Raw Blame History

################################################################################
## File: Initialize-VM.ps1
## Desc: VM initialization script, machine level configuration
################################################################################
function Disable-InternetExplorerESC {
$AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
$UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0 -Force
Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0 -Force
$ieProcess = Get-Process -Name Explorer -ErrorAction SilentlyContinue
if ($ieProcess){
Stop-Process -Name Explorer -Force -ErrorAction Continue
}
Write-Host "IE Enhanced Security Configuration (ESC) has been disabled."
}
function Disable-InternetExplorerWelcomeScreen {
$AdminKey = "HKLM:\Software\Policies\Microsoft\Internet Explorer\Main"
New-Item -Path $AdminKey -Value 1 -Force
Set-ItemProperty -Path $AdminKey -Name "DisableFirstRunCustomize" -Value 1 -Force
Write-Host "Disabled IE Welcome screen"
}
function Disable-UserAccessControl {
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "ConsentPromptBehaviorAdmin" -Value 00000000 -Force
Write-Host "User Access Control (UAC) has been disabled."
}
# Enable $ErrorActionPreference='Stop' for AllUsersAllHosts
Add-Content -Path $profile.AllUsersAllHosts -Value '$ErrorActionPreference="Stop"'
# Set TLS1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor "Tls12"
Write-Host "Disable Antivirus nok"
#Set-MpPreference -DisableRealtimeMonitoring $true
# Disable Windows Update
#$AutoUpdatePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
#If (Test-Path -Path $AutoUpdatePath) {
# Set-ItemProperty -Path $AutoUpdatePath -Name NoAutoUpdate -Value 1
# Write-Host "Disabled Windows Update"
#}
#else {
# Write-Host "Windows Update key does not exist"
#}
# Install .NET Framework 3.5 (required by Chocolatey)
# Explicitly install all 4.7 sub features to include ASP.Net.
# As of 1/16/2019, WinServer 19 lists .Net 4.7 as NET-Framework-45-Features
#DISM /Online /Enable-Feature /FeatureName:NetFx3ServerFeatures
#Install-WindowsFeature -Name NET-Framework-Features -Source C:\install\sxs\
#Install-WindowsFeature -Name NET-Framework-Features -IncludeAllSubFeature
Install-WindowsFeature -Name NET-Framework-45-Features -IncludeAllSubFeature
if (Test-IsWin16) {
Install-WindowsFeature -Name BITS -IncludeAllSubFeature
Install-WindowsFeature -Name DSC-Service
}
Write-Host "Disable UAC"
Disable-UserAccessControl
Write-Host "Disable IE Welcome Screen"
Disable-InternetExplorerWelcomeScreen
Write-Host "Disable IE ESC"
#Disable-InternetExplorerESC
Write-Host "Setting local execution policy"
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine -ErrorAction Continue | Out-Null
Get-ExecutionPolicy -List
Write-Host "Enable long path behavior"
# See https://docs.microsoft.com/en-us/windows/desktop/fileio/naming-a-file#maximum-path-length-limitation
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -Value 1
Write-Host "Install chocolatey"
$chocoExePath = 'C:\ProgramData\Chocolatey\bin'
if ($($env:Path).ToLower().Contains($($chocoExePath).ToLower())) {
Write-Host "Chocolatey found in PATH, skipping install..."
Exit
}
# Add to system PATH
$systemPath = [Environment]::GetEnvironmentVariable('Path', [System.EnvironmentVariableTarget]::Machine)
$systemPath += ';' + $chocoExePath
[Environment]::SetEnvironmentVariable("PATH", $systemPath, [System.EnvironmentVariableTarget]::Machine)
# Update local process' path
$userPath = [Environment]::GetEnvironmentVariable('Path', [System.EnvironmentVariableTarget]::User)
if ($userPath) {
$env:Path = $systemPath + ";" + $userPath
}
else {
$env:Path = $systemPath
}
# Run the installer
Invoke-Expression ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
# Turn off confirmation
choco feature enable -n allowGlobalConfirmation
# https://github.com/chocolatey/choco/issues/89
# Remove some of the command aliases, like `cpack` #89
Remove-Item -Path $env:ChocolateyInstall\bin\cpack.exe -Force
if (Test-IsWin16) {
# Install vcredist140
Choco-Install -PackageName vcredist140
}
if (Test-IsWin19) {
# Install vcredist2010
$Vc2010x86Name = "vcredist_x86.exe"
$Vc2010x86URI = "https://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC/${Vc2010x86Name}"
$Vc2010x64Name = "vcredist_x64.exe"
$Vc2010x64URI = "https://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC/${Vc2010x64Name}"
$ArgumentList = ("/install", "/quiet", "/norestart")
Install-Binary -Url $Vc2010x86URI -Name $Vc2010x86Name -ArgumentList $ArgumentList
Install-Binary -Url $Vc2010x64URI -Name $Vc2010x64Name -ArgumentList $ArgumentList
}
# Initialize environmental variable ChocolateyToolsLocation by invoking choco Get-ToolsLocation function
Import-Module "$env:ChocolateyInstall\helpers\chocolateyInstaller.psm1" -Force
Get-ToolsLocation
Reference in a new issue View git blame Copy permalink