Update bootstrap-Windows.ps1 script

* Add 1Password install step * Add Scoop install step * Remove SSH key generation step * Make 1Password, Hyper-V, Containers, and SSH Server steps optional * Refactor to run Scoop install as unelevated then relaunch as elevated for remaining tasks
2024-08-09 11:29:38 +01:00 · 2024-08-09 11:29:38 +01:00 · 6627939060
commit 6627939060
parent 3606f4bbb9
2 changed files with 81 additions and 22 deletions
--- a/README.md
+++ b/README.md
@ -31,7 +31,7 @@ $ curl -O https://code.infektor.net/config/bootstrap/raw/master/bootstrap-Fedora
 To bootstrap a Windows instance:

 ```console
-$ Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://code.infektor.net/config/bootstrap/raw/master/bootstrap-Windows.ps1'))
+$ Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://git.infektor.net/config/bootstrap/raw/update/bootstrap-Windows.ps1'))
 ```

 ## Package
--- a/bootstrap-Windows.ps1
+++ b/bootstrap-Windows.ps1
@ -1,26 +1,85 @@
-[CmdletBinding()]
-Param(
-  [Parameter(Mandatory=$true)]
-  [String]$email,
-  [String]$sshKeyType = "ed25519"
-)
+$is_elevated = [bool]([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
+$choices = '&Yes', '&No'

-# Install Chocolatey
-Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
+if (-Not $is_elevated) {
+  Write-Host "Not running as Administrator. Performing unprivileged actions..."

-# Enable Hyper-V and containters
-Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
-Enable-WindowsOptionalFeature -Online -FeatureName Containers -All
+  # Install Scoop
+  $scoop_installer = "$env:USERPROFILE/Downloads/ScoopInstaller.ps1"
+  Invoke-WebRequest -Uri https://get.scoop.sh -OutFile $scoop_installer
+  &$scoop_installer -ScoopDir "$env:LocalAppData/Scoop" -ScoopGlobalDir "$env:ProgramData/Scoop"

-# Install OpenSSH and start service
-choco install --yes "--package-parameters=/SSHServerFeature" openssh
-Start-Service sshd
-Set-Service -Name sshd -StartupType 'Automatic'
+  # The command you want to run with elevated privileges
+  $Command = "Set-ExecutionPolicy Bypass -Scope Process -Force; " +
+             "[System.Net.ServicePointManager]::SecurityProtocol = " +
+             "[System.Net.ServicePointManager]::SecurityProtocol -bor 3072; " +
+             "iex ((New-Object System.Net.WebClient).DownloadString('https://git.infektor.net/config/bootstrap/raw/update/bootstrap-Windows.ps1'))"

-# generate keys and authorize them
-ssh-keygen -t "$sshKeyType" -C "$email" -f "$env:USERPROFILE/.ssh/$sshKeyType"
-# TODO: authorize public key for admin
+  # Create a temporary batch file
+  $batchFile = [System.IO.Path]::GetTempFileName() + ".bat"
+  $batchContent = "@echo off`r`n" + `
+                  "powershell.exe -NoProfile -ExecutionPolicy Bypass -Command `"$Command`"`r`n" + `
+                  "pause"

-# Install Windows-Terminal and Debian
-choco install --yes microsoft-windows-terminal
-wsl --install --distribution Debia
+  # Write the batch content to the file
+  Set-Content -Path $batchFile -Value $batchContent
+
+  # Start the batch file with elevated privileges
+  $StartInfo = New-Object System.Diagnostics.ProcessStartInfo
+  $StartInfo.FileName = $batchFile
+  $StartInfo.Verb = "runas"
+  $StartInfo.UseShellExecute = $true
+
+  [System.Diagnostics.Process]::Start($StartInfo) | Out-Null
+} else {
+  Write-Host "Running as Administrator. Performing privileged actions..."
+
+  # Install 1Password
+  $decision = $Host.UI.PromptForChoice('Install 1Password', 'Proceed?', $choices, 0)
+  if ($decision -eq 0) {
+    $1password_installer = "$env:USERPROFILE/Downloads/1PasswordSetup-latest.exe"
+    Invoke-WebRequest -Uri "https://downloads.1password.com/win/1PasswordSetup-latest.exe" -OutFile "$1password_installer"
+    &$1password_installer
+    Remove-Item $1password_installer
+  } else {
+    echo 'Skipping 1Password'
+  }
+
+  # Enable Hyper-V
+  $decision = $Host.UI.PromptForChoice('Enable Hyper-V', 'Proceed?', $choices, 0)
+  if ($decision -eq 0) {
+    Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
+  } else {
+    echo 'Skipping Hyper-V'
+  }
+
+  # Enable Containters
+  $decision = $Host.UI.PromptForChoice('Enable Containers', 'Proceed?', $choices, 0)
+  if ($decision -eq 0) {
+    Enable-WindowsOptionalFeature -Online -FeatureName Containers -All
+  } else {
+    echo 'Skipping Containers'
+  }
+
+  # Get the shell application object
+  $shellApp = New-Object -ComObject "Shell.Application"
+
+  # Run the command without elevation
+  $shellApp.ShellExecute("powershell.exe", "-NoProfile -Command `"& { $nonElevatedCommand }`"", "", "open", 0)
+
+  # Start-Process -NoNewWindow -Credential "$env:UserDomain\$env:UserName" -FilePath "powershell.exe" -ArgumentList "-NoProfile -Command & { & $($command) }"
+  # Start-Process -FilePath "powershell.exe" -ArgumentList "-NoProfile -Command & { & $($command) }" -Credential $user -WindowStyle Hidden
+
+  # Install Chocolatey
+  iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
+
+  # Install SSH Server
+  $decision = $Host.UI.PromptForChoice('Install SSH Server', 'Proceed?', $choices, 0)
+  if ($decision -eq 0) {
+    choco install --yes "--package-parameters=/SSHServerFeature" openssh
+    Start-Service sshd
+    Set-Service -Name sshd -StartupType 'Automatic'
+  } else {
+    echo 'Skipping SSH Server'
+  }
+}