Last active
February 23, 2022 22:14
-
-
Save guillemcanal/441cf4f0bf5da4ee7b84d778911eabba to your computer and use it in GitHub Desktop.
Revisions
-
Guillem CANAL revised this gist
May 28, 2020 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -76,6 +76,8 @@ wsl --set-default Alpine wsl --set-version Alpine 2 wsl --user root exec ` sh -c '$(wget -O- https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/create-default-user.sh)' wsl --user root exec ` sh -c '$(wget -O- https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/glibc-install.sh)' #--- Configure Powsershell --- -
May 28, 2020 . 1 changed file with 41 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,41 @@ #!/usr/bin/env sh set -e get_latest_release_version() { curl --silent "https://api.github.com/repos/$1/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/' } package_installed() { apk info -vv | grep "$1" 1> /dev/null } main() { local GITHUB_PROJECT="sgerrand/alpine-pkg-glibc" local VERSION="$(get_latest_release_version "$GITHUB_PROJECT")" local RELEASE_PUBKEY_PATH="/etc/apk/keys/sgerrand.rsa.pub" local RELEASE_PATH="https://github.com/sgerrand/alpine-pkg-glibc/releases/download/$VERSION" local DEFAULT_LANG="en_US" [ -f "$RELEASE_PUBKEY_PATH" ] || { sudo wget -q -O $RELEASE_PUBKEY_PATH https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub } package_installed glibc-$VERSION || { sudo curl -s -OL $RELEASE_PATH/glibc-$VERSION.apk sudo apk add glibc-$VERSION.apk } package_installed glibc-bin-$VERSION || { sudo curl -s -OL $RELEASE_PATH/glibc-bin-${VERSION}.apk sudo apk add glibc-bin-$VERSION.apk } package_installed glibc-i18n-$VERSION || { sudo curl -s -OL $RELEASE_PATH/glibc-i18n-$VERSION.apk sudo apk add glibc-i18n-$VERSION.apk sudo /usr/glibc-compat/bin/localedef -i $DEFAULT_LANG -f UTF-8 $DEFAULT_LANG.UTF-8 } } main -
May 28, 2020 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -53,7 +53,8 @@ choco install -y ` vlc ` qbittorrent ` 7zip ` gsudo ` googledrive refreshenv -
May 28, 2020 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -52,7 +52,8 @@ choco install -y ` wpd ` vlc ` qbittorrent ` 7zip ` gsudo refreshenv -
May 28, 2020 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -51,7 +51,8 @@ choco install -y ` spotify ` wpd ` vlc ` qbittorrent ` 7zip refreshenv -
May 28, 2020 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -49,7 +49,9 @@ choco install -y ` mkcert ` sharex ` spotify ` wpd ` vlc ` qbittorrent refreshenv -
May 28, 2020 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -48,7 +48,8 @@ choco install -y ` starship ` mkcert ` sharex ` spotify ` wpd refreshenv -
May 28, 2020 . 1 changed file with 20 additions and 462 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,18 +7,10 @@ # Step 4: Run the script # Install-BoxstarterPackage -PackageName "https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/boxstarter.ps1" -Credential $cred #--- Check Windows version --- if ([Environment]::OSVersion.Version.Major -ne 10) { Write-Error 'Upgrade to Windows 10 before running this script' Exit } #--- Windows Update --- @@ -28,8 +20,8 @@ Install-WindowsUpdate -AcceptEula #--- Check Windows Revision --- if ((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ReleaseId -lt 2004) { Write-Error 'You need to run Windows Update and install Feature Updates to at least version 2004' Exit } #--- Termporarily disable --- @@ -47,28 +39,27 @@ choco install -y cascadiacode #--- Apps --- choco install -y ` wsl-alpine ` firefox ` docker-desktop ` visualstudiocode ` jetbrainstoolbox ` microsoft-windows-terminal ` starship ` mkcert ` sharex ` spotify refreshenv #--- Install WSL2 Kernel--- $wslUpdateSource = "https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi" $wslMsiArgs = @( '/i', $wslUpdateSource, '/quiet', '/norestart' ) Start-Process -FilePath msiexec -ArgumentList $wslMsiArgs -NoNewWindow -Wait @@ -85,444 +76,11 @@ wsl --user root exec ` if(!(Test-Path -Path $profile)) { New-item -type file -force $profile } Invoke-WebRequest ` -Uri "https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/Microsoft.PowerShell_profile.ps1" ` -OutFile $profile #--- Restore Temporary Settings --- Enable-UAC Enable-MicrosoftUpdate -
May 28, 2020 . 1 changed file with 13 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,6 +7,7 @@ # Step 4: Run the script # Install-BoxstarterPackage -PackageName "https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/boxstarter.ps1" -Credential $cred #--- Check Windows version --- if ([Environment]::OSVersion.Version.Major -ne 10) { Write-Error 'Upgrade to Windows 10 before running this script' @@ -52,6 +53,7 @@ choco install -y ` visualstudiocode ` jetbrainstoolbox ` microsoft-windows-terminal ` starship ` mkcert ` sharex ` spotify @@ -75,6 +77,17 @@ Start-Process -FilePath msiexec -ArgumentList $wslMsiArgs -NoNewWindow -Wait wsl --set-default Alpine wsl --set-version Alpine 2 wsl --user root exec ` sh -c '$(wget -O- https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/create-default-user.sh)' #--- Configure Powsershell --- if(!(Test-Path -Path $profile)) { New-item -type file -force $profile } Invoke-WebRequest ` -Uri "https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/Microsoft.PowerShell_profile.ps1" ` -OutFile $profile #--- Block Telemetry--- -
May 28, 2020 . 1 changed file with 28 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,28 @@ #!/usr/bin/env sh set -ex main() { local USERNAME="user" local PASSWORD="changeme" apk -U add sudo vim git zsh curl libstdc++ getent group sudo 1> /dev/null || { addgroup -g 99 sudo echo '%sudo ALL=(ALL) NOPASSWD: ALL' | sudo EDITOR='tee -a' visudo } id -u $USERNAME || { adduser -u 1000 -D -s /bin/zsh $USERNAME usermod -aG sudo $USERNAME yes $PASSWORD | passwd $USERNAME } test -d "/home/$USERNAME/.oh-my-zsh" || { su - $USERNAME -c 'sh -c "RUNZSH=no $(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"' } Alpine.exe config --default-user $USERNAME } main -
May 28, 2020 . 1 changed file with 110 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,110 @@ # Styling # Import-Module posh-git # Import-Module oh-my-posh # Set-Theme Robbyrussell # See: https://github.com/felixrieseberg/windows-development-environment # Increase history $MaximumHistoryCount = 10000 # Produce UTF-8 by default $PSDefaultParameterValues["Out-File:Encoding"]="utf8" # Show selection menu for tab Set-PSReadlineKeyHandler -Chord Tab -Function MenuComplete # Use Starship shell $Env:STARSHIP_CONFIG = "$Env:USERPROFILE\.starship.toml" Invoke-Expression (&starship init powershell) # Go to the Alpine directory function wsla { Set-Location '\\wsl$\Alpine\home\gcanal' } function wsll { wsl -l -v } function wsls { wsl --shutdown } # Helper Functions ####################################################### function reload-profile { & $profile } function find-file($name) { ls -recurse -filter "*${name}*" -ErrorAction SilentlyContinue | foreach { $place_path = $_.directory echo "${place_path}\${_}" } } function print-path { ($Env:Path).Split(";") } function unzip ($file) { $dirname = (Get-Item $file).Basename echo("Extracting", $file, "to", $dirname) New-Item -Force -ItemType directory -Path $dirname expand-archive $file -OutputPath $dirname -ShowProgress } # Unixlike commands ####################################################### function which($name) { (Get-Command $name).Path } function df { get-volume } function sed($file, $find, $replace){ (Get-Content $file).replace("$find", $replace) | Set-Content $file } function sed-recursive($filePattern, $find, $replace) { $files = ls . "$filePattern" -rec foreach ($file in $files) { (Get-Content $file.PSPath) | Foreach-Object { $_ -replace "$find", "$replace" } | Set-Content $file.PSPath } } function grep($regex, $dir) { if ( $dir ) { ls $dir | select-string $regex return } $input | select-string $regex } function grepv($regex) { $input | ? { !$_.Contains($regex) } } function export($name, $value) { set-item -force -path "env:$name" -value $value; } function pkill($name) { ps $name -ErrorAction SilentlyContinue | kill } function pgrep($name) { ps $name } function touch($file) { "" | Out-File $file -Encoding ASCII } -
May 28, 2020 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,11 @@ # Step 1: Open an elevated PowerShell prompt and set execution policy # Set-ExecutionPolicy Unrestricted -Force # Step 2: Install Boxstarter # . { iwr -useb https://boxstarter.org/bootstrapper.ps1 } | iex; Get-Boxstarter -Force # Step 3: Store your user credential (select your username name and provide your password in the dialog box) # $cred=Get-Credential # Step 4: Run the script # Install-BoxstarterPackage -PackageName "https://gist.github.com/guillemcanal/441cf4f0bf5da4ee7b84d778911eabba/raw/boxstarter.ps1" -Credential $cred #--- Check Windows version --- if ([Environment]::OSVersion.Version.Major -ne 10) { -
May 28, 2020 . 1 changed file with 20 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -31,6 +31,8 @@ Disable-UAC choco install -y Microsoft-Windows-Subsystem-Linux -source windowsfeatures choco install -y VirtualMachinePlatform -source windowsfeatures refreshenv #--- Fonts choco install -y cascadiacode @@ -48,6 +50,24 @@ choco install -y ` refreshenv #--- Install WSL2 Kernel--- $wslUpdateSource = "https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi" $wslMsiArgs = @( '/i', $wslUpdateSource, '/quiet', '/norestart' ) Start-Process -FilePath msiexec -ArgumentList $wslMsiArgs -NoNewWindow -Wait #--- Setup WSL2 --- wsl --set-default Alpine wsl --set-version Alpine 2 #--- Block Telemetry--- # Description: -
May 28, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,7 +24,7 @@ if ((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").Rele } #--- Termporarily disable --- Disable-MicrosoftUpdate Disable-UAC #--- Windows Subsystems/Features --- -
May 28, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,490 @@ #--- Check Windows version --- if ([Environment]::OSVersion.Version.Major -ne 10) { Write-Error 'Upgrade to Windows 10 before running this script' Exit } #--- Utility Functions --- function _ForceMkdir($path) { if (!(Test-Path $path)) { New-Item -ItemType Directory -Force -Path $path } } #--- Windows Update --- Enable-UAC Enable-MicrosoftUpdate Install-WindowsUpdate -AcceptEula #--- Check Windows Revision --- if ((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ReleaseId -lt 2004) { Write-Error 'You need to run Windows Update and install Feature Updates to at least version 2004' Exit } #--- Termporarily disable --- Disable-WindowsUpdate Disable-UAC #--- Windows Subsystems/Features --- choco install -y Microsoft-Windows-Subsystem-Linux -source windowsfeatures choco install -y VirtualMachinePlatform -source windowsfeatures #--- Fonts choco install -y cascadiacode #--- Apps --- choco install -y ` wsl-alpine ` firefox ` docker-desktop ` visualstudiocode ` jetbrainstoolbox ` microsoft-windows-terminal ` mkcert ` sharex ` spotify refreshenv #--- Block Telemetry--- # Description: # This script blocks telemetry related domains via the hosts file and related # IPs via Windows Firewall. # # Please note that adding these domains may break certain software like iTunes # or Skype. As this issue is location dependent for some domains, they are not # commented by default. The domains known to cause issues marked accordingly. # Please see the related issue: # <https://github.com/W4RH4WK/Debloat-Windows-10/issues/79> # Thanks to raydric, this function should be used instead of `mkdir -force`. # # While `mkdir -force` works fine when dealing with regular folders, it behaves # strange when using it at registry level. If the target registry key is # already present, all values within that key are purged. Write-Output "Disabling telemetry via Group Policies" _ForceMkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 Write-Output "Adding telemetry domains to hosts file" $hosts_file = "$env:systemroot\System32\drivers\etc\hosts" $domains = @( "184-86-53-99.deploy.static.akamaitechnologies.com" "a-0001.a-msedge.net" "a-0002.a-msedge.net" "a-0003.a-msedge.net" "a-0004.a-msedge.net" "a-0005.a-msedge.net" "a-0006.a-msedge.net" "a-0007.a-msedge.net" "a-0008.a-msedge.net" "a-0009.a-msedge.net" "a1621.g.akamai.net" "a1856.g2.akamai.net" "a1961.g.akamai.net" #"a248.e.akamai.net" # makes iTunes download button disappear (#43) "a978.i6g1.akamai.net" "a.ads1.msn.com" "a.ads2.msads.net" "a.ads2.msn.com" "ac3.msn.com" "ad.doubleclick.net" "adnexus.net" "adnxs.com" "ads1.msads.net" "ads1.msn.com" "ads.msn.com" "aidps.atdmt.com" "aka-cdn-ns.adtech.de" "a-msedge.net" "any.edge.bing.com" "a.rad.msn.com" "az361816.vo.msecnd.net" "az512334.vo.msecnd.net" "b.ads1.msn.com" "b.ads2.msads.net" "bingads.microsoft.com" "b.rad.msn.com" "bs.serving-sys.com" "c.atdmt.com" "cdn.atdmt.com" "cds26.ams9.msecn.net" "choice.microsoft.com" "choice.microsoft.com.nsatc.net" "compatexchange.cloudapp.net" "corpext.msitadfs.glbdns2.microsoft.com" "corp.sts.microsoft.com" "cs1.wpc.v0cdn.net" "db3aqu.atdmt.com" "df.telemetry.microsoft.com" "diagnostics.support.microsoft.com" "e2835.dspb.akamaiedge.net" "e7341.g.akamaiedge.net" "e7502.ce.akamaiedge.net" "e8218.ce.akamaiedge.net" "ec.atdmt.com" "fe2.update.microsoft.com.akadns.net" "feedback.microsoft-hohm.com" "feedback.search.microsoft.com" "feedback.windows.com" "flex.msn.com" "g.msn.com" "h1.msn.com" "h2.msn.com" "hostedocsp.globalsign.com" "i1.services.social.microsoft.com" "i1.services.social.microsoft.com.nsatc.net" "ipv6.msftncsi.com" "ipv6.msftncsi.com.edgesuite.net" "lb1.www.ms.akadns.net" "live.rads.msn.com" "m.adnxs.com" "msedge.net" "msftncsi.com" "msnbot-65-55-108-23.search.msn.com" "msntest.serving-sys.com" "oca.telemetry.microsoft.com" "oca.telemetry.microsoft.com.nsatc.net" "onesettings-db5.metron.live.nsatc.net" "pre.footprintpredict.com" "preview.msn.com" "rad.live.com" "rad.msn.com" "redir.metaservices.microsoft.com" "reports.wes.df.telemetry.microsoft.com" "schemas.microsoft.akadns.net" "secure.adnxs.com" "secure.flashtalking.com" "services.wes.df.telemetry.microsoft.com" "settings-sandbox.data.microsoft.com" #"settings-win.data.microsoft.com" # may cause issues with Windows Updates "sls.update.microsoft.com.akadns.net" #"sls.update.microsoft.com.nsatc.net" # may cause issues with Windows Updates "sqm.df.telemetry.microsoft.com" "sqm.telemetry.microsoft.com" "sqm.telemetry.microsoft.com.nsatc.net" "ssw.live.com" "static.2mdn.net" "statsfe1.ws.microsoft.com" "statsfe2.update.microsoft.com.akadns.net" "statsfe2.ws.microsoft.com" "survey.watson.microsoft.com" "telecommand.telemetry.microsoft.com" "telecommand.telemetry.microsoft.com.nsatc.net" "telemetry.appex.bing.net" "telemetry.microsoft.com" "telemetry.urs.microsoft.com" "vortex-bn2.metron.live.com.nsatc.net" "vortex-cy2.metron.live.com.nsatc.net" "vortex.data.microsoft.com" "vortex-sandbox.data.microsoft.com" "vortex-win.data.microsoft.com" "cy2.vortex.data.microsoft.com.akadns.net" "watson.live.com" "watson.microsoft.com" "watson.ppe.telemetry.microsoft.com" "watson.telemetry.microsoft.com" "watson.telemetry.microsoft.com.nsatc.net" "wes.df.telemetry.microsoft.com" "win10.ipv6.microsoft.com" "www.bingads.microsoft.com" "www.go.microsoft.akadns.net" "www.msftncsi.com" "client.wns.windows.com" #"wdcp.microsoft.com" # may cause issues with Windows Defender Cloud-based protection #"dns.msftncsi.com" # This causes Windows to think it doesn't have internet #"storeedgefd.dsx.mp.microsoft.com" # breaks Windows Store "wdcpalt.microsoft.com" "settings-ssl.xboxlive.com" "settings-ssl.xboxlive.com-c.edgekey.net" "settings-ssl.xboxlive.com-c.edgekey.net.globalredir.akadns.net" "e87.dspb.akamaidege.net" "insiderservice.microsoft.com" "insiderservice.trafficmanager.net" "e3843.g.akamaiedge.net" "flightingserviceweurope.cloudapp.net" #"sls.update.microsoft.com" # may cause issues with Windows Updates "static.ads-twitter.com" # may cause issues with Twitter login "www-google-analytics.l.google.com" "p.static.ads-twitter.com" # may cause issues with Twitter login "hubspot.net.edge.net" "e9483.a.akamaiedge.net" #"www.google-analytics.com" #"padgead2.googlesyndication.com" #"mirror1.malwaredomains.com" #"mirror.cedia.org.ec" "stats.g.doubleclick.net" "stats.l.doubleclick.net" "adservice.google.de" "adservice.google.com" "googleads.g.doubleclick.net" "pagead46.l.doubleclick.net" "hubspot.net.edgekey.net" "insiderppe.cloudapp.net" # Feedback-Hub "livetileedge.dsx.mp.microsoft.com" # extra "fe2.update.microsoft.com.akadns.net" "s0.2mdn.net" "statsfe2.update.microsoft.com.akadns.net" "survey.watson.microsoft.com" "view.atdmt.com" "watson.microsoft.com" "watson.ppe.telemetry.microsoft.com" "watson.telemetry.microsoft.com" "watson.telemetry.microsoft.com.nsatc.net" "wes.df.telemetry.microsoft.com" "m.hotmail.com" # can cause issues with Skype (#79) or other services (#171) "apps.skype.com" "c.msn.com" # "login.live.com" # prevents login to outlook and other live apps "pricelist.skype.com" "s.gateway.messenger.live.com" "ui.skype.com" ) Write-Output "" | Out-File -Encoding ASCII -Append $hosts_file foreach ($domain in $domains) { if (-Not (Select-String -Path $hosts_file -Pattern $domain)) { Write-Output "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file } } Write-Output "Adding telemetry ips to firewall" $ips = @( "134.170.30.202" "137.116.81.24" "157.56.106.189" "184.86.53.99" "2.22.61.43" "2.22.61.66" "204.79.197.200" "23.218.212.69" "65.39.117.230" "65.52.108.33" # Causes problems with Microsoft Store "65.55.108.23" "64.4.54.254" ) Remove-NetFirewallRule -DisplayName "Block Telemetry IPs" -ErrorAction SilentlyContinue New-NetFirewallRule -DisplayName "Block Telemetry IPs" -Direction Outbound ` -Action Block -RemoteAddress ([string[]]$ips) #--- Disable Services --- # Description: # This script disables unwanted Windows services. If you do not want to disable # certain services comment out the corresponding lines below. $services = @( "diagnosticshub.standardcollector.service" # Microsoft (R) Diagnostics Hub Standard Collector Service "DiagTrack" # Diagnostics Tracking Service "dmwappushservice" # WAP Push Message Routing Service (see known issues) "HomeGroupListener" # HomeGroup Listener "HomeGroupProvider" # HomeGroup Provider "lfsvc" # Geolocation Service "MapsBroker" # Downloaded Maps Manager "NetTcpPortSharing" # Net.Tcp Port Sharing Service "RemoteAccess" # Routing and Remote Access "RemoteRegistry" # Remote Registry "SharedAccess" # Internet Connection Sharing (ICS) "TrkWks" # Distributed Link Tracking Client #"WbioSrvc" # Windows Biometric Service (required for Fingerprint reader / facial detection) #"WlanSvc" # WLAN AutoConfig "WMPNetworkSvc" # Windows Media Player Network Sharing Service "wscsvc" # Windows Security Center Service #"WSearch" # Windows Search "XblAuthManager" # Xbox Live Auth Manager "XblGameSave" # Xbox Live Game Save Service "XboxNetApiSvc" # Xbox Live Networking Service "ndu" # Windows Network Data Usage Monitor # Services which cannot be disabled #"WdNisSvc" ) foreach ($service in $services) { Write-Output "Trying to disable $service" Get-Service -Name $service | Set-Service -StartupType Disabled } #--- Remove Default Apps --- # Description: # This script removes unwanted Apps that come with Windows. If you do not want # to remove certain Apps comment out the corresponding lines below. Write-Output "Uninstalling default apps" $apps = @( # default Windows 10 apps "Microsoft.3DBuilder" "Microsoft.Appconnector" "Microsoft.BingFinance" "Microsoft.BingNews" "Microsoft.BingSports" "Microsoft.BingTranslator" "Microsoft.BingWeather" #"Microsoft.FreshPaint" "Microsoft.GamingServices" "Microsoft.Microsoft3DViewer" "Microsoft.MicrosoftOfficeHub" "Microsoft.MicrosoftPowerBIForWindows" "Microsoft.MicrosoftSolitaireCollection" #"Microsoft.MicrosoftStickyNotes" "Microsoft.MinecraftUWP" "Microsoft.NetworkSpeedTest" "Microsoft.Office.OneNote" #"Microsoft.OneConnect" "Microsoft.People" "Microsoft.Print3D" "Microsoft.SkypeApp" "Microsoft.Wallet" #"Microsoft.Windows.Photos" "Microsoft.WindowsAlarms" #"Microsoft.WindowsCalculator" "Microsoft.WindowsCamera" "microsoft.windowscommunicationsapps" "Microsoft.WindowsMaps" "Microsoft.WindowsPhone" "Microsoft.WindowsSoundRecorder" #"Microsoft.WindowsStore" # can't be re-installed "Microsoft.Xbox.TCUI" "Microsoft.XboxApp" "Microsoft.XboxGameOverlay" "Microsoft.XboxGamingOverlay" "Microsoft.XboxSpeechToTextOverlay" "Microsoft.YourPhone" "Microsoft.ZuneMusic" "Microsoft.ZuneVideo" # Threshold 2 apps "Microsoft.CommsPhone" "Microsoft.ConnectivityStore" "Microsoft.GetHelp" "Microsoft.Getstarted" "Microsoft.Messaging" "Microsoft.Office.Sway" "Microsoft.OneConnect" "Microsoft.WindowsFeedbackHub" # Creators Update apps "Microsoft.Microsoft3DViewer" #"Microsoft.MSPaint" #Redstone apps "Microsoft.BingFoodAndDrink" "Microsoft.BingHealthAndFitness" "Microsoft.BingTravel" "Microsoft.WindowsReadingList" # Redstone 5 apps "Microsoft.MixedReality.Portal" "Microsoft.ScreenSketch" "Microsoft.XboxGamingOverlay" "Microsoft.YourPhone" # non-Microsoft "2FE3CB00.PicsArt-PhotoStudio" "46928bounde.EclipseManager" "4DF9E0F8.Netflix" "613EBCEA.PolarrPhotoEditorAcademicEdition" "6Wunderkinder.Wunderlist" "7EE7776C.LinkedInforWindows" "89006A2E.AutodeskSketchBook" "9E2F88E3.Twitter" "A278AB0D.DisneyMagicKingdoms" "A278AB0D.MarchofEmpires" "ActiproSoftwareLLC.562882FEEB491" # next one is for the Code Writer from Actipro Software LLC "CAF9E577.Plex" "ClearChannelRadioDigital.iHeartRadio" "D52A8D61.FarmVille2CountryEscape" "D5EA27B7.Duolingo-LearnLanguagesforFree" "DB6EA5DB.CyberLinkMediaSuiteEssentials" "DolbyLaboratories.DolbyAccess" "DolbyLaboratories.DolbyAccess" "Drawboard.DrawboardPDF" "Facebook.Facebook" "Fitbit.FitbitCoach" "Flipboard.Flipboard" "GAMELOFTSA.Asphalt8Airborne" "KeeperSecurityInc.Keeper" "Microsoft.BingNews" "NORDCURRENT.COOKINGFEVER" "PandoraMediaInc.29680B314EFC2" "Playtika.CaesarsSlotsFreeCasino" "ShazamEntertainmentLtd.Shazam" "SlingTVLLC.SlingTV" "SpotifyAB.SpotifyMusic" #"TheNewYorkTimes.NYTCrossword" "ThumbmunkeysLtd.PhototasticCollage" "TuneIn.TuneInRadio" "WinZipComputing.WinZipUniversal" "XINGAG.XING" "flaregamesGmbH.RoyalRevolt2" "king.com.*" "king.com.BubbleWitch3Saga" "king.com.CandyCrushSaga" "king.com.CandyCrushSodaSaga" # apps which cannot be removed using Remove-AppxPackage #"Microsoft.BioEnrollment" #"Microsoft.MicrosoftEdge" #"Microsoft.Windows.Cortana" #"Microsoft.WindowsFeedback" #"Microsoft.XboxGameCallableUI" #"Microsoft.XboxIdentityProvider" #"Windows.ContactSupport" # apps which other apps depend on "Microsoft.Advertising.Xaml" ) foreach ($app in $apps) { Write-Output "Trying to remove $app" Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage -AllUsers Get-AppXProvisionedPackage -Online | Where-Object DisplayName -EQ $app | Remove-AppxProvisionedPackage -Online } # Prevents Apps from re-installing $cdm = @( "ContentDeliveryAllowed" "FeatureManagementEnabled" "OemPreInstalledAppsEnabled" "PreInstalledAppsEnabled" "PreInstalledAppsEverEnabled" "SilentInstalledAppsEnabled" "SubscribedContent-314559Enabled" "SubscribedContent-338387Enabled" "SubscribedContent-338388Enabled" "SubscribedContent-338389Enabled" "SubscribedContent-338393Enabled" "SubscribedContentEnabled" "SystemPaneSuggestionsEnabled" ) _ForceMkdir "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" foreach ($key in $cdm) { Set-ItemProperty "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" $key 0 } _ForceMkdir "HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore" Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore" "AutoDownload" 2 # Prevents "Suggested Applications" returning _ForceMkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" "DisableWindowsConsumerFeatures" 1 #--- Restore Temporary Settings --- Enable-UAC Enable-MicrosoftUpdate Install-WindowsUpdate -AcceptEula refreshenv
Guillem CANAL
revised
this gist