vultrwin.sh - Opengist

Revision 332d36c307f3130ca2175c2073f04d9c4653fde7

windows-init.bat · 2.2 KiB · Batchfile Raw

powershell -Command "iwr https://github.com/PowerShell/PowerShell/releases/download/v7.1.3/PowerShell-7.1.3-win-x64.msi -OutFile c:\powershell.msi" msiexec /i c:\powershell.msi /quiet "C:\Program Files\PowerShell\7\pwsh" -Command "Invoke-WebRequest https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.11-I601-Win10.exe -OutFile c:\openvpn-setup.exe" c:\openvpn-setup.exe /S "C:\Program Files\PowerShell\7\pwsh" -Command "set-service -name OpenVPNService -StartupType Automatic" net start OpenVPNService netsh advfirewall firewall add rule name="3389" dir=in action=allow protocol=tcp localport=3389 "C:\Program Files\PowerShell\7\pwsh" -Command "Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0" "C:\Program Files\PowerShell\7\pwsh" -Command "New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -Name DefaultShell -Value 'C:\Program Files\PowerShell\7\pwsh.exe' -PropertyType String -Force" net start sshd net stop sshd rem add the line rem Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo rem manually to c:\programdata\ssh\sshd_config, above the line "Match Group administrators" rem "C:\Program Files\PowerShell\7\pwsh" -Command "echo 'Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo' >> c:\programdata\ssh\sshd_config" net start sshd netsh advfirewall firewall add rule name="vpn 22" dir=in action=allow protocol=tcp localport=22 set authkeysurl= "C:\Program Files\PowerShell\7\pwsh" -Command "iwr %authkeysurl% -OutFile c:\programdata\ssh\administrators_authorized_keys" rem https://superuser.com/a/1605117 "C:\Program Files\PowerShell\7\pwsh" -Command "$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys; $acl.SetAccessRuleProtection($true, $false); $administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule('Administrators','FullControl','Allow'); $systemRule = New-Object system.security.accesscontrol.filesystemaccessrule('SYSTEM','FullControl','Allow'); $acl.SetAccessRule($administratorsRule); $acl.SetAccessRule($systemRule); $acl | Set-Acl" "C:\Program Files\PowerShell\7\pwsh" -Command "iwr -useb get.scoop.sh | iex; scoop install git; scoop update; scoop bucket add extras; scoop install chromium rclone"

1	powershell -Command "iwr https://github.com/PowerShell/PowerShell/releases/download/v7.1.3/PowerShell-7.1.3-win-x64.msi -OutFile c:\powershell.msi"
2	msiexec /i c:\powershell.msi /quiet
3
4	"C:\Program Files\PowerShell\7\pwsh" -Command "Invoke-WebRequest https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.11-I601-Win10.exe -OutFile c:\openvpn-setup.exe"
5	c:\openvpn-setup.exe /S
6	"C:\Program Files\PowerShell\7\pwsh" -Command "set-service -name OpenVPNService -StartupType Automatic"
7	net start OpenVPNService
8	netsh advfirewall firewall add rule name="3389" dir=in action=allow protocol=tcp localport=3389
9
10	"C:\Program Files\PowerShell\7\pwsh" -Command "Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0"
11	"C:\Program Files\PowerShell\7\pwsh" -Command "New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -Name DefaultShell -Value 'C:\Program Files\PowerShell\7\pwsh.exe' -PropertyType String -Force"
12	net start sshd
13	net stop sshd
14	rem add the line
15	rem Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo
16	rem manually to c:\programdata\ssh\sshd_config, above the line "Match Group administrators"
17	rem "C:\Program Files\PowerShell\7\pwsh" -Command "echo 'Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo' >> c:\programdata\ssh\sshd_config"
18	net start sshd
19	netsh advfirewall firewall add rule name="vpn 22" dir=in action=allow protocol=tcp localport=22
20	set authkeysurl=
21	"C:\Program Files\PowerShell\7\pwsh" -Command "iwr %authkeysurl% -OutFile c:\programdata\ssh\administrators_authorized_keys"
22	rem https://superuser.com/a/1605117
23	"C:\Program Files\PowerShell\7\pwsh" -Command "$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys; $acl.SetAccessRuleProtection($true, $false); $administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule('Administrators','FullControl','Allow'); $systemRule = New-Object system.security.accesscontrol.filesystemaccessrule('SYSTEM','FullControl','Allow'); $acl.SetAccessRule($administratorsRule); $acl.SetAccessRule($systemRule); $acl \| Set-Acl"
24
25	"C:\Program Files\PowerShell\7\pwsh" -Command "iwr -useb get.scoop.sh \| iex; scoop install git; scoop update; scoop bucket add extras; scoop install chromium rclone"