vultrwin.sh - Opengist

Revision ca9601fb94069bb5eae414b4b584aca0d527fad5

windows-init.bat · 2.1 KiB · Batchfile Raw

powershell -Command "iwr https://github.com/PowerShell/PowerShell/releases/download/v7.1.3/PowerShell-7.1.3-win-x64.msi -OutFile c:\powershell.msi" msiexec /i c:\powershell.msi /quiet set path="C:\Program Files\PowerShell\7\;%path%" pwsh -Command "Invoke-WebRequest https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.11-I601-Win10.exe -OutFile c:\openvpn-setup.exe" c:\openvpn-setup.exe /S pwsh -Command "set-service -name OpenVPNService -StartupType Automatic" net start OpenVPNService netsh advfirewall firewall add rule name="3389" dir=in action=allow protocol=tcp localport=3389 pwsh -Command "Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0" pwsh -Command "Install-Module -Force OpenSSHUtils -Scope AllUsers" pwsh -Command "New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -Name DefaultShell -Value 'C:\Program Files\PowerShell\7\pwsh.exe' -PropertyType String -Force" net start sshd net stop sshd pwsh -Command "echo 'Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo' >> c:\programdata\ssh\sshd_config" pwsh -Command "echo 'PubkeyAuthentication yes' >> c:\programdata\ssh\sshd_config" pwsh -Command "echo 'PasswordAuthentication no' >> c:\programdata\ssh\sshd_config" net start sshd netsh advfirewall firewall add rule name="vpn 22" dir=in action=allow protocol=tcp localport=22 set authkeysurl= pwsh -Command "iwr %authkeysurl% -OutFile c:\programdata\ssh\administrators_authorized_keys" rem https://superuser.com/a/1605117 pwsh -Command "$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys; $acl.SetAccessRuleProtection($true, $false); $administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule('Administrators','FullControl','Allow'); $systemRule = New-Object system.security.accesscontrol.filesystemaccessrule('SYSTEM','FullControl','Allow'); $acl.SetAccessRule($administratorsRule); $acl.SetAccessRule($systemRule); $acl | Set-Acl" pwsh -Command "iwr -useb get.scoop.sh | iex" pwsh -Command "scoop install git" pwsh -Command "scoop update" pwsh -Command "scoop bucket add extras" pwsh -Command "scoop install chromium rclone"

1	powershell -Command "iwr https://github.com/PowerShell/PowerShell/releases/download/v7.1.3/PowerShell-7.1.3-win-x64.msi -OutFile c:\powershell.msi"
2	msiexec /i c:\powershell.msi /quiet
3	set path="C:\Program Files\PowerShell\7\;%path%"
4
5	pwsh -Command "Invoke-WebRequest https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.11-I601-Win10.exe -OutFile c:\openvpn-setup.exe"
6	c:\openvpn-setup.exe /S
7	pwsh -Command "set-service -name OpenVPNService -StartupType Automatic"
8	net start OpenVPNService
9	netsh advfirewall firewall add rule name="3389" dir=in action=allow protocol=tcp localport=3389
10
11	pwsh -Command "Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0"
12	pwsh -Command "Install-Module -Force OpenSSHUtils -Scope AllUsers"
13	pwsh -Command "New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -Name DefaultShell -Value 'C:\Program Files\PowerShell\7\pwsh.exe' -PropertyType String -Force"
14	net start sshd
15	net stop sshd
16	pwsh -Command "echo 'Subsystem powershell c:/progra~1/powershell/7/pwsh.exe -sshs -NoLogo' >> c:\programdata\ssh\sshd_config"
17	pwsh -Command "echo 'PubkeyAuthentication yes' >> c:\programdata\ssh\sshd_config"
18	pwsh -Command "echo 'PasswordAuthentication no' >> c:\programdata\ssh\sshd_config"
19	net start sshd
20	netsh advfirewall firewall add rule name="vpn 22" dir=in action=allow protocol=tcp localport=22
21	set authkeysurl=
22	pwsh -Command "iwr %authkeysurl% -OutFile c:\programdata\ssh\administrators_authorized_keys"
23	rem https://superuser.com/a/1605117
24	pwsh -Command "$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys; $acl.SetAccessRuleProtection($true, $false); $administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule('Administrators','FullControl','Allow'); $systemRule = New-Object system.security.accesscontrol.filesystemaccessrule('SYSTEM','FullControl','Allow'); $acl.SetAccessRule($administratorsRule); $acl.SetAccessRule($systemRule); $acl \| Set-Acl"
25
26	pwsh -Command "iwr -useb get.scoop.sh \| iex"
27	pwsh -Command "scoop install git"
28	pwsh -Command "scoop update"
29	pwsh -Command "scoop bucket add extras"
30	pwsh -Command "scoop install chromium rclone"