216 lines
9.5 KiB
PowerShell
216 lines
9.5 KiB
PowerShell
# ============================================================
|
||
# Скрипт установки и настройки Windows ПК
|
||
# Запуск: irm https://git.help-d.ru/go | iex
|
||
# Требования: PowerShell от имени администратора
|
||
# ============================================================
|
||
|
||
Write-Host "`n==========================================" -ForegroundColor Cyan
|
||
Write-Host " АВТОМАТИЧЕСКАЯ НАСТРОЙКА ПК" -ForegroundColor Cyan
|
||
Write-Host "==========================================`n" -ForegroundColor Cyan
|
||
|
||
# ============================================================
|
||
# 1. ОТКЛЮЧЕНИЕ АНТИВИРУСА
|
||
# ============================================================
|
||
Write-Host "[1/8] Отключаю антивирус Windows Defender..." -ForegroundColor Yellow
|
||
|
||
Set-MpPreference -DisableRealtimeMonitoring $true
|
||
Set-MpPreference -DisableBehaviorMonitoring $true
|
||
Set-MpPreference -DisableBlockAtFirstSeen $true
|
||
Set-MpPreference -DisableIOAVProtection $true
|
||
Set-MpPreference -DisablePrivacyMode $true
|
||
Set-MpPreference -DisableArchiveScanning $true
|
||
Set-MpPreference -DisableIntrusionPreventionSystem $true
|
||
Set-MpPreference -DisableScriptScanning $true
|
||
|
||
Stop-Service -Name WinDefend -Force -ErrorAction SilentlyContinue
|
||
Stop-Service -Name MsMpSvc -Force -ErrorAction SilentlyContinue
|
||
|
||
Write-Host " Антивирус отключен" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 2. ВЫБОР ПРОФИЛЯ УСТАНОВКИ
|
||
# ============================================================
|
||
Write-Host "[2/8] Выбор профиля установки..." -ForegroundColor Yellow
|
||
|
||
Write-Host "`nВыберите профиль установки:" -ForegroundColor Cyan
|
||
Write-Host " 1 - Обычная (базовые программы)" -ForegroundColor Yellow
|
||
Write-Host " 2 - Для слабых ПК (облегчённая)" -ForegroundColor Yellow
|
||
Write-Host " 3 - Для ЭЦП (криптография)" -ForegroundColor Yellow
|
||
Write-Host " 4 - Рабочая станция (полная)" -ForegroundColor Yellow
|
||
|
||
$choice = Read-Host "Введите номер"
|
||
|
||
switch ($choice) {
|
||
"1" { $profile = "base" }
|
||
"2" { $profile = "weak" }
|
||
"3" { $profile = "ecp" }
|
||
"4" { $profile = "work" }
|
||
default { $profile = "base" }
|
||
}
|
||
|
||
Write-Host "Выбран профиль: $profile" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 3. ПЕРЕМЕННЫЕ И ПОДГОТОВКА
|
||
# ============================================================
|
||
$repo = "https://git.help-d.ru/helmut/auto-turning/raw/branch/main"
|
||
$temp = "$env:TEMP\win_setup"
|
||
|
||
Write-Host "[3/8] Подготовка временной папки..." -ForegroundColor Yellow
|
||
Remove-Item $temp -Recurse -Force -ErrorAction SilentlyContinue
|
||
New-Item -ItemType Directory -Path $temp -Force | Out-Null
|
||
Write-Host " Готово" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 4. СКАЧИВАНИЕ УСТАНОВЩИКОВ ИЗ ВЫБРАННОЙ ПАПКИ
|
||
# ============================================================
|
||
Write-Host "[4/8] Скачиваю установщики из папки: $profile ..." -ForegroundColor Yellow
|
||
|
||
# Список файлов для скачивания (добавляйте свои)
|
||
$files = @(
|
||
"7zip.msi",
|
||
"adobe_reader.exe"
|
||
)
|
||
|
||
# Дополнительные файлы для разных профилей
|
||
switch ($profile) {
|
||
"ecp" {
|
||
$files += "crypto_pro.msi"
|
||
$files += "root_cert.cer"
|
||
}
|
||
"work" {
|
||
$files += "office.iso"
|
||
$files += "visual_studio.exe"
|
||
$files += "docker.msi"
|
||
}
|
||
}
|
||
|
||
foreach ($file in $files) {
|
||
$url = "$repo/installers/$profile/$file"
|
||
$output = "$temp\$file"
|
||
Write-Host " Скачиваю: $file" -ForegroundColor Gray
|
||
try {
|
||
Invoke-WebRequest -Uri $url -OutFile $output -ErrorAction Stop
|
||
Write-Host " OK" -ForegroundColor Green
|
||
} catch {
|
||
Write-Host " Ошибка: $file не найден, пропускаю" -ForegroundColor Red
|
||
}
|
||
}
|
||
|
||
Write-Host " Скачивание завершено" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 5. УСТАНОВКА ПРОГРАММ
|
||
# ============================================================
|
||
Write-Host "[5/8] Установка программ..." -ForegroundColor Yellow
|
||
|
||
# 7-Zip
|
||
if (Test-Path "$temp\7zip.msi") {
|
||
Write-Host " Устанавливаю 7-Zip..." -ForegroundColor Gray
|
||
msiexec /i "$temp\7zip.msi" /quiet /norestart
|
||
Start-Sleep -Seconds 2
|
||
}
|
||
|
||
# Adobe Reader
|
||
if (Test-Path "$temp\adobe_reader.exe") {
|
||
Write-Host " Устанавливаю Adobe Reader..." -ForegroundColor Gray
|
||
Start-Process -FilePath "$temp\adobe_reader.exe" -ArgumentList "/sAll /msi EULA_ACCEPT=YES" -Wait -NoNewWindow
|
||
}
|
||
|
||
# КриптоПро (для профиля ЭЦП)
|
||
if ($profile -eq "ecp" -and (Test-Path "$temp\crypto_pro.msi")) {
|
||
Write-Host " Устанавливаю КриптоПро..." -ForegroundColor Gray
|
||
msiexec /i "$temp\crypto_pro.msi" /quiet /norestart
|
||
Start-Sleep -Seconds 3
|
||
}
|
||
|
||
# Visual Studio (для профиля work)
|
||
if ($profile -eq "work" -and (Test-Path "$temp\visual_studio.exe")) {
|
||
Write-Host " Устанавливаю Visual Studio..." -ForegroundColor Gray
|
||
Start-Process -FilePath "$temp\visual_studio.exe" -ArgumentList "--quiet" -Wait -NoNewWindow
|
||
}
|
||
|
||
Write-Host " Установка завершена" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 6. НАСТРОЙКА SSH (если нужна)
|
||
# ============================================================
|
||
Write-Host "[6/8] Настройка SSH..." -ForegroundColor Yellow
|
||
|
||
# Скачиваем SSH отдельно (если есть в репозитории)
|
||
try {
|
||
Invoke-WebRequest -Uri "$repo/installers/ssh.msi" -OutFile "$temp\ssh.msi" -ErrorAction Stop
|
||
|
||
# Установка SSH
|
||
Write-Host " Устанавливаю SSH сервер..." -ForegroundColor Gray
|
||
msiexec /i "$temp\ssh.msi" /quiet /norestart
|
||
Start-Sleep -Seconds 3
|
||
|
||
# Создаём папку .ssh
|
||
$sshPath = "$env:USERPROFILE\.ssh"
|
||
New-Item -ItemType Directory -Path $sshPath -Force | Out-Null
|
||
|
||
# Добавляем публичный ключ
|
||
$pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHceolzaC/nnN14/lVqeXzcXcIANtQgJcIaFczLIchVo efgufk\admin@ISERVER"
|
||
$pubKey | Out-File "$sshPath\authorized_keys" -Encoding utf8 -Force
|
||
|
||
# Настройка sshd_config
|
||
$config = "C:\ProgramData\ssh\sshd_config"
|
||
if (Test-Path $config) {
|
||
$content = Get-Content $config
|
||
$content = $content -replace '^#Port 22', 'Port 2222'
|
||
$content = $content -replace '^Match Group administrators', '#Match Group administrators'
|
||
$content = $content -replace '^ AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys', '# AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys'
|
||
$content | Set-Content $config
|
||
}
|
||
|
||
# Перезапуск службы
|
||
Restart-Service sshd -Force
|
||
Write-Host " SSH настроен на порт 2222" -ForegroundColor Green
|
||
} catch {
|
||
Write-Host " SSH не найден в репозитории, пропускаю" -ForegroundColor Gray
|
||
}
|
||
|
||
# ============================================================
|
||
# 7. ЧИСТКА И ВКЛЮЧЕНИЕ АНТИВИРУСА
|
||
# ============================================================
|
||
Write-Host "[7/8] Чистка и включение антивируса..." -ForegroundColor Yellow
|
||
|
||
Remove-Item $temp -Recurse -Force
|
||
Write-Host " Временные файлы удалены" -ForegroundColor Green
|
||
|
||
Set-MpPreference -DisableRealtimeMonitoring $false
|
||
Set-MpPreference -DisableBehaviorMonitoring $false
|
||
Set-MpPreference -DisableBlockAtFirstSeen $false
|
||
Set-MpPreference -DisableIOAVProtection $false
|
||
Set-MpPreference -DisablePrivacyMode $false
|
||
Set-MpPreference -DisableArchiveScanning $false
|
||
Set-MpPreference -DisableIntrusionPreventionSystem $false
|
||
Set-MpPreference -DisableScriptScanning $false
|
||
|
||
Start-Service -Name WinDefend -ErrorAction SilentlyContinue
|
||
Write-Host " Антивирус включен" -ForegroundColor Green
|
||
|
||
# ============================================================
|
||
# 8. ВЫВОД РЕЗУЛЬТАТА
|
||
# ============================================================
|
||
Write-Host "[8/8] Завершение..." -ForegroundColor Yellow
|
||
|
||
$ip = (Get-NetIPAddress -AddressFamily IPv4 | Where-Object {$_.InterfaceAlias -notlike "*Loopback*" -and $_.PrefixOrigin -ne "WellKnown"}).IPAddress
|
||
|
||
Write-Host "`n==========================================" -ForegroundColor Green
|
||
Write-Host " УСТАНОВКА ЗАВЕРШЕНА!" -ForegroundColor Green
|
||
Write-Host "==========================================" -ForegroundColor Green
|
||
Write-Host ""
|
||
Write-Host " Профиль: $profile" -ForegroundColor Cyan
|
||
Write-Host ""
|
||
|
||
# Показываем SSH данные только если SSH был установлен
|
||
if (Get-Service sshd -ErrorAction SilentlyContinue) {
|
||
Write-Host " SSH подключение:" -ForegroundColor Cyan
|
||
Write-Host " ssh -p 2222 $env:USERNAME@$ip" -ForegroundColor Yellow
|
||
Write-Host ""
|
||
}
|
||
|
||
Write-Host " Проверка: Get-Service sshd" -ForegroundColor Gray
|
||
Write-Host "==========================================`n" -ForegroundColor Green |