add pwsh
This commit is contained in:
65
.pwsh/setup.ps1
Normal file
65
.pwsh/setup.ps1
Normal file
@@ -0,0 +1,65 @@
|
||||
# Windows initial setup script
|
||||
# Run as Administrator: powershell -ExecutionPolicy Bypass -File setup.ps1
|
||||
|
||||
# packages
|
||||
$packages = @(
|
||||
"Microsoft.WindowsTerminal"
|
||||
"Microsoft.PowerShell"
|
||||
"Microsoft.OpenSSH.Beta"
|
||||
"Microsoft.VisualStudioCode"
|
||||
"Microsoft.WSL"
|
||||
"Microsoft.PowerToys"
|
||||
"Git.Git"
|
||||
"Vim.Vim"
|
||||
"Nvidia.CUDA"
|
||||
"Mozilla.Firefox"
|
||||
"Python.Python.3.13"
|
||||
"jqlang.jq"
|
||||
"Anthropic.ClaudeCode"
|
||||
)
|
||||
|
||||
foreach ($pkg in $packages) {
|
||||
Write-Host "Installing $pkg ..." -ForegroundColor Cyan
|
||||
winget install --id $pkg --accept-source-agreements --accept-package-agreements -e
|
||||
}
|
||||
|
||||
# enable and start sshd
|
||||
Write-Host "Setting up OpenSSH Server ..." -ForegroundColor Cyan
|
||||
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 2>$null
|
||||
Set-Service -Name sshd -StartupType Automatic
|
||||
Start-Service sshd
|
||||
New-NetFirewallRule -Name "OpenSSH-Server" -DisplayName "OpenSSH Server" -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 2>$null
|
||||
|
||||
# configure sshd
|
||||
Write-Host "Configuring sshd ..." -ForegroundColor Cyan
|
||||
$sshdConfig = "C:\ProgramData\ssh\sshd_config"
|
||||
if (Test-Path $sshdConfig) {
|
||||
$content = Get-Content $sshdConfig -Raw
|
||||
# disable password auth, enable empty passwords, disable admin authorized_keys override
|
||||
if ($content -notmatch "(?m)^PasswordAuthentication no") {
|
||||
Add-Content $sshdConfig "`nPasswordAuthentication no"
|
||||
}
|
||||
if ($content -notmatch "(?m)^PermitEmptyPasswords yes") {
|
||||
Add-Content $sshdConfig "PermitEmptyPasswords yes"
|
||||
}
|
||||
# comment out Match Group administrators if not already
|
||||
(Get-Content $sshdConfig) | ForEach-Object {
|
||||
if ($_ -match "^Match Group administrators") { "#$_" } else { $_ }
|
||||
} | Set-Content $sshdConfig
|
||||
Restart-Service sshd
|
||||
Write-Host "sshd configured" -ForegroundColor Green
|
||||
}
|
||||
|
||||
# set default shell to pwsh for ssh
|
||||
# NOTE: if pwsh path is wrong, ssh auth will fail with "Permission denied"
|
||||
# verify path with: (Get-Command pwsh).Source
|
||||
$pwshPath = (Get-Command pwsh -ErrorAction SilentlyContinue).Source
|
||||
if ($pwshPath) {
|
||||
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value $pwshPath -PropertyType String -Force
|
||||
Write-Host "Default SSH shell: $pwshPath" -ForegroundColor Green
|
||||
}
|
||||
|
||||
# pin packages to exclude from upgrade --all
|
||||
winget pin add --id EpicGames.EpicGamesLauncher 2>$null
|
||||
|
||||
Write-Host "Done" -ForegroundColor Green
|
||||
Reference in New Issue
Block a user