forked from AlexNabokikh/windows-playbook
-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup.ps1
46 lines (41 loc) · 2.12 KB
/
setup.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# Set PowerShell execution policy to RemoteSigned for the current user
$ExecutionPolicy = Get-ExecutionPolicy -Scope CurrentUser
if ($ExecutionPolicy -eq "RemoteSigned") {
Write-Verbose "Execution policy is already set to RemoteSigned for the current user, skipping..." -Verbose
}
else {
Write-Verbose "Setting execution policy to RemoteSigned for the current user..." -Verbose
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned
}
# Install chocolatey
if ([bool](Get-Command -Name 'choco' -ErrorAction SilentlyContinue)) {
Write-Verbose "Chocolatey is already installed, skip installation." -Verbose
}
else {
Write-Verbose "Installing Chocolatey..." -Verbose
Set-ExecutionPolicy Bypass -Scope Process -Force; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
}
# Install OpenSSH Server
if ([bool](Get-Service -Name sshd -ErrorAction SilentlyContinue)) {
Write-Verbose "OpenSSH is already installed, skip installation." -Verbose
}
else {
Write-Verbose "Installing OpenSSH..." -Verbose
$openSSHpackages = Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH.Server*' | Select-Object -ExpandProperty Name
foreach ($package in $openSSHpackages) {
Add-WindowsCapability -Online -Name $package
}
# Start the sshd service
Write-Verbose "Starting OpenSSH service..." -Verbose
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
Write-Verbose "Confirm the Firewall rule is configured..." -Verbose
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
}
else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}
}