From c14e25543549a9876c782cdaff07bca2d752956f Mon Sep 17 00:00:00 2001 From: he3als <65787561+he3als@users.noreply.github.com> Date: Thu, 28 Sep 2023 23:33:32 +0100 Subject: [PATCH] feat: replace WinGet with script it's more reliable and faster this way --- src/playbook/Configuration/atlas/start.yml | 37 +++---- .../7. Security/Defender/Toggle Defender.cmd | 6 +- src/playbook/Executables/BRAVE.ps1 | 20 ---- src/playbook/Executables/LIBREWOLF.ps1 | 53 +++++----- src/playbook/Executables/SOFTWARE.ps1 | 96 +++++++++++++++++++ src/playbook/Executables/WINGET.ps1 | 91 ------------------ 6 files changed, 143 insertions(+), 160 deletions(-) delete mode 100644 src/playbook/Executables/BRAVE.ps1 create mode 100644 src/playbook/Executables/SOFTWARE.ps1 delete mode 100644 src/playbook/Executables/WINGET.ps1 diff --git a/src/playbook/Configuration/atlas/start.yml b/src/playbook/Configuration/atlas/start.yml index 66c837dfa9..ab5c4d6952 100644 --- a/src/playbook/Configuration/atlas/start.yml +++ b/src/playbook/Configuration/atlas/start.yml @@ -44,28 +44,29 @@ actions: - !writeStatus: {status: 'Installing software'} - !run: - exe: 'NSudoLC.exe' - args: '-U:E -UseCurrentConsole -Wait powershell.exe -NoP -File "WINGET.ps1"' + exe: 'powershell.exe' + args: '-NoP -File "SOFTWARE.ps1"' wait: true exeDir: true weight: 150 + - !writeStatus: {status: 'Installing Google Chrome', option: 'browser-chrome'} - !run: - exe: 'NSudoLC.exe' - args: '-U:E -UseCurrentConsole -Wait powershell.exe -NoP -File "WINGET.ps1" LibreWolf.LibreWolf' + exe: 'powershell.exe' + args: '-NoP -File "SOFTWARE.ps1" -Chrome' wait: true exeDir: true weight: 150 - option: 'librewolf-winget' + option: 'browser-chrome' + - !writeStatus: {status: 'Installing Brave', option: 'browser-brave'} - !run: - exe: 'NSudoLC.exe' - args: '-U:E -UseCurrentConsole -Wait powershell.exe -NoP -File "WINGET.ps1" Google.Chrome' + exe: 'powershell.exe' + args: '-NoP -File "SOFTWARE.ps1" -Brave' wait: true exeDir: true weight: 150 - option: 'browser-chrome' - ################ - ## Non-WinGet ## - ################ + option: 'browser-brave' + + - !writeStatus: {status: 'Installing LibreWolf', option: 'browser-librewolf'} - !run: exe: 'powershell.exe' args: '-NoP -File LIBREWOLF.ps1' @@ -73,22 +74,12 @@ actions: wait: true weight: 150 option: 'librewolf-winupdater' - # Can't be installed system-wide with Chocolatey or other package managers - # https://github.com/brave/brave-browser/issues/25571 - !run: exe: 'powershell.exe' - args: '-NoP -File BRAVE.ps1' + args: '-NoP -File "LIBREWOLF.ps1" noupdater' exeDir: true wait: true weight: 150 - option: 'browser-brave' - - !taskKill {name: 'brave', option: 'browser-brave'} + option: 'librewolf-winget' ################ END NO LOCAL BUILD ################ - - # Should be cleaned up by cleanmgr, fails most of the time anyways - - # - !file: - # path: '%windir%\SoftwareDistribution' - # weight: 20 - # ignoreErrors: true diff --git a/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd b/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd index 06cb0258ac..65f9cbbcd2 100644 --- a/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd +++ b/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd @@ -26,9 +26,9 @@ exit /b %errorlevel% : end batch / begin PowerShell #> param ( - [switch]$Enable, - [switch]$Disable, - [switch]$SafeMode, + [switch]$Enable, + [switch]$Disable, + [switch]$SafeMode, [switch]$DisableFailedMessage ) diff --git a/src/playbook/Executables/BRAVE.ps1 b/src/playbook/Executables/BRAVE.ps1 deleted file mode 100644 index e144e8b1b9..0000000000 --- a/src/playbook/Executables/BRAVE.ps1 +++ /dev/null @@ -1,20 +0,0 @@ -$tempDir = "$env:windir\Temp\$([System.IO.Path]::GetRandomFileName())" -New-Item $tempDir -ItemType Directory -Force - -Invoke-WebRequest "https://laptop-updates.brave.com/latest/winx64" -OutFile "$tempDir\BraveSetup.exe" -UseBasicParsing -if (!$?) { - Write-Error "Downloading Brave failed." - exit 1 -} - -& "$tempDir\BraveSetup.exe" /silent /install - -do { - $processesFound = Get-Process | ? { "BraveSetup" -contains $_.Name } | Select-Object -ExpandProperty Name - if ($processesFound) { - Write-Host "Still running: $($processesFound -join ', ')" - Start-Sleep -Seconds 2 - } else { - Remove-Item "$tempDir" -ErrorAction SilentlyContinue -Force -Recurse - } -} until (!$processesFound) \ No newline at end of file diff --git a/src/playbook/Executables/LIBREWOLF.ps1 b/src/playbook/Executables/LIBREWOLF.ps1 index 6a0722d6c3..98796b1af4 100644 --- a/src/playbook/Executables/LIBREWOLF.ps1 +++ b/src/playbook/Executables/LIBREWOLF.ps1 @@ -3,7 +3,7 @@ $ProgressPreference = "SilentlyContinue" # stop on errors, as each command is vital $ErrorActionPreference = "Stop" -$updaterPath = "$env:ProgramFiles\LibreWolf\librewolf-winupdater" +if ($args -ne 'noupdater') { $updaterPath = "$env:ProgramFiles\LibreWolf\librewolf-winupdater" } $librewolfPath = "$env:ProgramFiles\LibreWolf" $desktop = [Environment]::GetFolderPath("Desktop") $startMenu = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs" @@ -18,20 +18,23 @@ Write-Warning "Getting the latest LibreWolf download link" $librewolfVersion = Invoke-RestMethod -Uri "https://gitlab.com/api/v4/projects/44042130/releases" | ForEach-Object { $_.name } | Select-Object -First 1 $librewolfFileName = "librewolf-$librewolfVersion-windows-x86_64-setup.exe" $librewolfDownload = "https://gitlab.com/api/v4/projects/44042130/packages/generic/librewolf/$librewolfVersion/$librewolfFileName" -Write-Warning "Getting the latest LibreWolf-WinUpdater download link" -$librewolfUpdaterURI = "https://codeberg.org/api/v1/repos/ltguillaume/librewolf-winupdater/releases?draft=false&pre-release=false&page=1&limit=1" -$librewolfUpdaterDownload = (Invoke-RestMethod -Uri "$librewolfUpdaterURI" -Headers @{ "accept" = "application/json" }).Assets | - Where-Object { $_.name -like "*.zip" } | - Select-Object -ExpandProperty browser_download_url - +if ($args -ne 'noupdater') { + Write-Warning "Getting the latest LibreWolf-WinUpdater download link" + $librewolfUpdaterURI = "https://codeberg.org/api/v1/repos/ltguillaume/librewolf-winupdater/releases?draft=false&pre-release=false&page=1&limit=1" + $librewolfUpdaterDownload = (Invoke-RestMethod -Uri "$librewolfUpdaterURI" -Headers @{ "accept" = "application/json" }).Assets | + Where-Object { $_.name -like "*.zip" } | + Select-Object -ExpandProperty browser_download_url +} # output paths $outputLibrewolf = "$env:SystemDrive\$librewolfFileName" -$outputLibrewolfUpdater = "$env:SystemDrive\librewolf-winupdater.zip" +if ($args -ne 'noupdater') { $outputLibrewolfUpdater = "$env:SystemDrive\librewolf-winupdater.zip" } Write-Warning "Downloading the latest LibreWolf setup" Invoke-WebRequest -Uri $librewolfDownload -OutFile $outputLibrewolf -Write-Warning "Downloading the latest LibreWolf WinUpdater ZIP" -Invoke-WebRequest -Uri $librewolfUpdaterDownload -OutFile $outputLibrewolfUpdater +if ($args -ne 'noupdater') { + Write-Warning "Downloading the latest LibreWolf WinUpdater ZIP" + Invoke-WebRequest -Uri $librewolfUpdaterDownload -OutFile $outputLibrewolfUpdater +} Write-Warning "Installing LibreWolf silently" Start-Process -Wait -FilePath $outputLibrewolf -ArgumentList "/S" @@ -39,18 +42,22 @@ if (!(Test-Path $librewolfPath)) { Write-Host "Installing LibreWolf silently failed." exit 1 } -Write-Warning "Installing/extracting Librewolf-WinUpdater" -Expand-Archive -Path $outputLibrewolfUpdater -DestinationPath "$env:ProgramFiles\LibreWolf\librewolf-winupdater" -Force +if ($args -ne 'noupdater') { + Write-Warning "Installing/extracting Librewolf-WinUpdater" + Expand-Archive -Path $outputLibrewolfUpdater -DestinationPath "$env:ProgramFiles\LibreWolf\librewolf-winupdater" -Force +} -Write-Warning "Adding automatic updater task" -$Title = "LibreWolf WinUpdater" -$Action = New-ScheduledTaskAction -Execute "$updaterPath\LibreWolf-WinUpdater.exe" -Argument "/Scheduled" -$Settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -RunOnlyIfNetworkAvailable -$7Hours = New-ScheduledTaskTrigger -Once -At (Get-Date -Minute 0 -Second 0).AddHours(1) -RepetitionInterval (New-TimeSpan -Hours 7) -$AtLogon = New-ScheduledTaskTrigger -AtLogOn -$AtLogon.Delay = 'PT1M' -$User = (Get-CimInstance -ClassName Win32_ComputerSystem | Select-Object -ExpandProperty UserName) -replace ".*\\" -Register-ScheduledTask -TaskName "$Title ($User)" -Action $Action -Settings $Settings -Trigger $7Hours,$AtLogon -User $User -RunLevel Highest -Force | Out-Null +if ($args -ne 'noupdater') { + Write-Warning "Adding automatic updater task" + $Title = "LibreWolf WinUpdater" + $Action = New-ScheduledTaskAction -Execute "$updaterPath\LibreWolf-WinUpdater.exe" -Argument "/Scheduled" + $Settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -RunOnlyIfNetworkAvailable + $7Hours = New-ScheduledTaskTrigger -Once -At (Get-Date -Minute 0 -Second 0).AddHours(1) -RepetitionInterval (New-TimeSpan -Hours 7) + $AtLogon = New-ScheduledTaskTrigger -AtLogOn + $AtLogon.Delay = 'PT1M' + $User = (Get-CimInstance -ClassName Win32_ComputerSystem | Select-Object -ExpandProperty UserName) -replace ".*\\" + Register-ScheduledTask -TaskName "$Title ($User)" -Action $Action -Settings $Settings -Trigger $7Hours,$AtLogon -User $User -RunLevel Highest -Force | Out-Null +} Write-Warning "Creating shortcuts" function Create-Shortcut { @@ -62,8 +69,8 @@ function Create-Shortcut { $Shortcut.Save() } Create-Shortcut -Source "$librewolfPath\librewolf.exe" -Destination "$desktop\LibreWolf.lnk" -WorkingDir $librewolfPath -Create-Shortcut -Source "$updaterPath\Librewolf-WinUpdater.exe" -Destination "$startMenu\LibreWolf\LibreWolf WinUpdater.lnk" -WorkingDir $librewolfPath +if ($args -ne 'noupdater') { Create-Shortcut -Source "$updaterPath\Librewolf-WinUpdater.exe" -Destination "$startMenu\LibreWolf\LibreWolf WinUpdater.lnk" -WorkingDir $librewolfPath } Write-Warning "Removing temporary installer files" Remove-Item "$outputLibrewolf" -Force -Remove-Item "$outputLibrewolfUpdater" -Force \ No newline at end of file +if ($args -ne 'noupdater') { Remove-Item "$outputLibrewolfUpdater" -Force } \ No newline at end of file diff --git a/src/playbook/Executables/SOFTWARE.ps1 b/src/playbook/Executables/SOFTWARE.ps1 new file mode 100644 index 0000000000..91ec219830 --- /dev/null +++ b/src/playbook/Executables/SOFTWARE.ps1 @@ -0,0 +1,96 @@ +param ( + [switch]$Chrome, + [switch]$Brave +) + +# ----------------------------------------------------------------------------------------------------------- # +# Software is no longer installed with a package manager anymore to be as fast and as reliable as possible. # +# ----------------------------------------------------------------------------------------------------------- # + +# Create temporary directory +$tempDir = Join-Path -Path $env:TEMP -ChildPath $([System.IO.Path]::GetRandomFileName()) +New-Item $tempDir -ItemType Directory -Force | Out-Null +Set-Location $tempDir + +# Chrome +if ($Chrome) { + Write-Host "Installing Google Chrome..." + & curl.exe -LSs "https://dl.google.com/dl/chrome/install/googlechromestandaloneenterprise64.msi" -o "$tempDir\chrome.msi" + Start-Process -FilePath "$tempDir\chrome.msi" -WindowStyle Hidden -ArgumentList '/qn' -Wait + exit +} + +# Brave +if ($Brave) { + Write-Host "Installing Brave..." + & curl.exe -LSs "https://laptop-updates.brave.com/latest/winx64" -o "$tempDir\BraveSetup.exe" + if (!$?) { + Write-Error "Downloading Brave failed." + exit 1 + } + + & "$tempDir\BraveSetup.exe" /silent /install + + do { + $processesFound = Get-Process | Where-Object { "BraveSetup" -contains $_.Name } | Select-Object -ExpandProperty Name + if ($processesFound) { + Write-Host "Still running BraveSetup." + Start-Sleep -Seconds 2 + } else { + Remove-Item "$tempDir" -ErrorAction SilentlyContinue -Force -Recurse + } + } until (!$processesFound) + + Stop-Process -Name "brave" -Force -ErrorAction SilentlyContinue + exit +} + +#################### +## Software ## +#################### + +# Visual C++ Runtimes (referred to as vcredists for short) +# https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist +$legacyArgs1 = '/q' +$legacyArgs2 = '/q /norestart' +$modernArgs = "/install /quiet /norestart" + +$vcredists = @{ + # 2005 + "https://download.microsoft.com/download/8/B/4/8B42259F-5D70-43F4-AC2E-4B208FD8D66A/vcredist_x64.EXE" = $legacyArgs1 + # 2008 + "https://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x64.exe" = $legacyArgs1 + # 2010 + "https://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC/vcredist_x64.exe" = $legacyArgs2 + # 2012 + "https://download.microsoft.com/download/1/6/B/16B06F60-3B20-4FF2-B699-5E9B7962F9AE/VSU_4/vcredist_x64.exe" = $modernArgs + # 2013 + "https://aka.ms/highdpimfc2013x64enu" = $modernArgs + # 2015+ + "https://aka.ms/vs/17/release/vc_redist.x64.exe" = $modernArgs +} + +$num = 0; foreach ($a in $vcredists.GetEnumerator()) { + $num++; $vcredist = "$tempDir\vcredist$num.exe" + # curl is faster than Invoke-WebRequest + Write-Host "Installing Visual C++ Runtime $num..." + & curl.exe -LSs "$($a.Name)" -o "$vcredist" + Start-Process -FilePath $vcredist -WindowStyle Hidden -ArgumentList $a.Value -Wait +} + +# 7-Zip +if ($env:PROCESSOR_ARCHITECTURE -eq 'amd64') {$arch = 'x64'} else {$arch = 'arm64'} +$website = 'https://7-zip.org/' +$download = $website + ((Invoke-WebRequest $website -UseBasicParsing).Links.href | Where-Object { $_ -like "a/7z2301-$arch.exe" }) +& curl.exe -LSs $download -o "$tempDir\7zip.exe" +Start-Process -FilePath "$tempDir\7zip.exe" -WindowStyle Hidden -ArgumentList '/S' -Wait + +# Legacy DirectX runtimes +& curl.exe -LSs "https://download.microsoft.com/download/8/4/A/84A35BF1-DAFE-4AE8-82AF-AD2AE20B6B14/directx_Jun2010_redist.exe" -o "$tempDir\directx.exe" +Write-Host "Extracting legacy DirectX runtimes..." +Start-Process -FilePath "$tempDir\directx.exe" -WindowStyle Hidden -ArgumentList "/q /c /t:`"$tempDir\directx`"" -Wait +Write-Host "Installing legacy DirectX runtimes..." +Start-Process -FilePath "$tempDir\directx\dxsetup.exe" -WindowStyle Hidden -ArgumentList '/silent' -Wait + +# Remove temporary directory +Remove-Item -Path $tempDir -Force -Recurse *>$null \ No newline at end of file diff --git a/src/playbook/Executables/WINGET.ps1 b/src/playbook/Executables/WINGET.ps1 deleted file mode 100644 index bd67c81683..0000000000 --- a/src/playbook/Executables/WINGET.ps1 +++ /dev/null @@ -1,91 +0,0 @@ -# https://learn.microsoft.com/en-us/windows/package-manager/winget/#install-winget-on-windows-sandbox - -$progressPreference = 'SilentlyContinue' -$wingetPath = "$env:LOCALAPPDATA\Microsoft\WindowsApps\winget.exe" - -if (!(Get-Command winget -ErrorAction SilentlyContinue)) {$getLatest = $true} else { - $currentVersion = winget -v - $latestVersion = Invoke-RestMethod -Uri "https://api.github.com/repos/microsoft/winget-cli/releases/latest" -TimeoutSec 60 | Select-Object -ExpandProperty tag_name - if ($latestVersion -ne $currentVersion) {$getLatest = $true} -} - -if ($getLatest) { - # Make temporary directory - $tempDir = Join-Path -Path $env:TEMP -ChildPath $([System.IO.Path]::GetRandomFileName()) - New-Item $tempDir -ItemType Directory -Force | Out-Null - Set-Location $tempDir - - Write-Host "Installing WinGet..." - # Download WinGet - Invoke-WebRequest -Uri 'https://aka.ms/getwinget' -OutFile '.\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle' -UseBasicParsing - - # Get dependencies - if ($null -eq (Get-AppxPackage 'Microsoft.VCLibs.140.00.UWPDesktop')) { - Write-Host "Installing VCLibs..." - - Invoke-WebRequest -Uri 'https://aka.ms/Microsoft.VCLibs.x64.14.00.Desktop.appx' -OutFile '.\Microsoft.VCLibs.x64.14.00.Desktop.appx' -UseBasicParsing - Add-AppxProvisionedPackage -Online -PackagePath ".\Microsoft.VCLibs.x64.14.00.Desktop.appx" -SkipLicense - } - if ($null -eq (Get-AppxPackage 'Microsoft.VCLibs.140.00.UWPDesktop')) { - Write-Information "Installing Microsoft.UI.Xaml 2.7.3..." - - Invoke-WebRequest -Uri 'https://nuget.org/api/v2/package/Microsoft.UI.Xaml/2.7.3' -OutFile '.\Microsoft.UI.Xaml.2.7.zip' -UseBasicParsing - Expand-Archive 'Microsoft.UI.Xaml.2.7.zip' -Force - if ($env:PROCESSOR_ARCHITECTURE -eq 'AMD64') { $arch = 'x64' } elseif ($env:PROCESSOR_ARCHITECTURE -eq 'ARM64') { $arch = 'arm64' } - Copy-Item -Path ".\Microsoft.UI.Xaml.2.7\tools\AppX\$arch\Release\Microsoft.UI.Xaml.2.7.appx" -Destination "." - - Add-AppxProvisionedPackage -Online -PackagePath ".\Microsoft.UI.Xaml.2.7.appx" -SkipLicense - } - - # Get license for LTSC and other SKUs - # Uses GitHub API, so it will not work in some regions, but LTSC is not officially supported anyways - $license = (Invoke-RestMethod https://api.github.com/repos/microsoft/winget-cli/releases/latest -UseBasicParsing -TimeoutSec 60).Assets | Where-Object { $_.name -like "*License*.xml" } - if ($?) { Invoke-WebRequest -UseBasicParsing -OutFile "license.xml" $license.browser_download_url } - if (Test-Path '.\license.xml') { $license = @{LicensePath = ".\license.xml"} } - - # Install WinGet - Add-AppxProvisionedPackage -Online -PackagePath .\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle @license -} - -$attempts = 0 -while(!(Test-Path $wingetPath) -or ($(winget -v) -eq $currentVersion)) { - Start-Sleep 2 - $attempts =+ 1 - - # if after 5 mins it's still not there, fail - if ($attempts -gt 250) { - Write-Host "WinGet installation failed, GitHub is likely unreachable and user is probably on LTSC." - exit 1 - } -} - -$wingetExtraArgs = '--ignore-local-archive-malware-scan --ignore-security-hash --disable-interactivity' -if ($latestVersion -ne $currentVersion) {$wingetExtraArgs = $null} - -if ($wingetExtraArgs) { - Write-Information "Configuring WinGet..." - # This is only temporary to ensure reliability, it's reverted after all WinGet actions - winget settings --enable InstallerHashOverride - winget settings --enable LocalArchiveMalwareScanOverride -} - -Write-Information "Installing dependencies with WinGet..." -$installList = @( - # Visual C++ Redistributables - "Microsoft.VCRedist.2005.x64", - "Microsoft.VCRedist.2008.x64", - "Microsoft.VCRedist.2010.x64", - "Microsoft.VCRedist.2012.x64", - "Microsoft.VCRedist.2013.x64", - "Microsoft.VCRedist.2015+.x64", - # Runtime libries for legacy DirectX SDK runtimes - # Useful for old games - "Microsoft.DirectX", - "7zip.7zip" -) - -foreach ($app in $installList) { - & winget install -e --id $app --accept-package-agreements --accept-source-agreements --force -h $wingetArgs -} - -Remove-Item -Path $tempDir -Force -Recurse *>$null \ No newline at end of file