Set-up Windows 🪟

Jump to… ↓Apps ↓RDP ↓SSH ↓Caddy

Open… About Apps Autostart Bluetooth Clipboard Display Disks Keyboard Network Power Phone Link Background Sound Themes Taskbar Users RDP Update

Download… intellij-keymaps.zip

Apps ↑

winget install Microsoft.PowerShell
winget install Microsoft.Office
winget install Microsoft.PowerToys
winget install QL-Win.QuickLook
winget install Google.Chrome
winget install Telegram.TelegramDesktop
winget install Spotify.Spotify
winget install AgileBits.1Password

winget install Git.Git
winget install CaddyServer.Caddy
winget install Microsoft.Edit
winget install Microsoft.VisualStudioCode
winget install JetBrains.IntelliJIDEA.Community
winget install Syntevo.SmartGit
winget install WinDirStat.WinDirStat
winget install OBSProject.OBSStudio
winget install Adobe.Acrobat.Reader.64-bit
winget install IDRIX.VeraCrypt
winget install OpenJS.NodeJS.LTS
winget install Jellyfin.Server
winget install Proton.ProtonVPN 
winget install MongoDB.Server
winget install MongoDB.Shell
winget install MongoDB.DatabaseTools

TextBlaze Banana

Remote Desktop ↑

Enable RDP

Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Create user

$userName = "username"
$isAdmin = true

# Generate random password
$bytes = New-Object byte[] 32
[System.Security.Cryptography.RandomNumberGenerator]::Fill($bytes)
$PasswordPlain = [Convert]::ToBase64String($bytes)
$Password = ConvertTo-SecureString $PasswordPlain -AsPlainText -Force

# Create user
New-LocalUser -Name $userName -Password $Password

# Disable password expiration for this user
Set-LocalUser -Name $userName -PasswordNeverExpires $true

# Add to groups
if ($isAdmin) {
    Add-LocalGroupMember -Group "Administrators" -Member $userName
}
Add-LocalGroupMember -Group "Remote Desktop Users" -Member $userName

Write-Output ("Created user " + $userName + " with password " + $PasswordPlain)

Disable default 'Administrator' user

Disable-LocalUser -Name "Administrator"

SSH↑

Create key pair

ssh-keygen
Get-Content (Join-Path $env:UserProfile ".ssh\id_ed25519.pub")

➔ Add the public key on GitHub and/or BitBucket

Caddy↑

winget install CaddyServer.Caddy

create folders

mkdir C:\DEV\server
mkdir C:\DEV\server\public
edit C:\DEV\server\Caddyfile.txt

Static file server (basic auth)

caddy hash-password --plaintext "cleartext-password"
$2a$14$hDzNcuuBmX5gh8RdtK6yV.pDnARwYd/YlGaaTXJnHefAcbD7wKeIm

Caddyfile.txt

wiibeeri.ch {
    root * C:\DEV\server\public
    file_server browse

    basicauth {
        c $2a$14$hDzNcuuBmX5gh8RdtK6yV.pDnARwYd/YlGaaTXJnHefAcbD7wKeIm
    }
}

Open the firewall

New-NetFirewallRule -DisplayName "Caddy HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Caddy HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow

run server

caddy run --config "C:\DEV\server\Caddyfile.txt"

More automation?

create my own unattended.xml