Deploy Firefox policies to all installs
This commit is contained in:
+12
-2
@@ -25,13 +25,18 @@ quand Firefox ESR est selectionne via l'installateur interactif.
|
|||||||
|
|
||||||
## Fichiers et cles crees
|
## Fichiers et cles crees
|
||||||
|
|
||||||
Le script ecrit un fichier `policies.json` dans le dossier d'installation Firefox :
|
Le script ecrit un fichier `policies.json` dans chaque dossier d'installation
|
||||||
|
Firefox detecte :
|
||||||
|
|
||||||
```text
|
```text
|
||||||
C:\Program Files\Mozilla Firefox\distribution\policies.json
|
C:\Program Files\Mozilla Firefox\distribution\policies.json
|
||||||
```
|
```
|
||||||
|
|
||||||
Selon l'installation, le dossier peut etre sous `Program Files (x86)`.
|
Selon l'installation, le dossier peut etre sous `Program Files (x86)` ou dans un
|
||||||
|
dossier `Mozilla Firefox ESR`.
|
||||||
|
|
||||||
|
Le fichier est ecrit en UTF-8 sans BOM et relu immediatement pour verifier que le
|
||||||
|
JSON est valide.
|
||||||
|
|
||||||
Le script ecrit aussi un fichier XML d'associations Windows :
|
Le script ecrit aussi un fichier XML d'associations Windows :
|
||||||
|
|
||||||
@@ -176,6 +181,11 @@ Pour verifier les policies Firefox :
|
|||||||
2. va sur `about:policies` ;
|
2. va sur `about:policies` ;
|
||||||
3. verifie l'onglet `Active`.
|
3. verifie l'onglet `Active`.
|
||||||
|
|
||||||
|
Si uBlock Origin n'apparait pas, commence par verifier `about:policies`. Si
|
||||||
|
`ExtensionSettings` n'est pas visible dans les policies actives, Firefox ne lit
|
||||||
|
pas le fichier `policies.json` attendu. Dans ce cas, verifie que le fichier est
|
||||||
|
present dans le dossier `distribution` du Firefox reellement lance.
|
||||||
|
|
||||||
Pour verifier uBlock Origin :
|
Pour verifier uBlock Origin :
|
||||||
|
|
||||||
1. ouvre Firefox avec un nouveau profil utilisateur Windows ;
|
1. ouvre Firefox avec un nouveau profil utilisateur Windows ;
|
||||||
|
|||||||
@@ -51,6 +51,16 @@ function Install-FirefoxEsr {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function Get-FirefoxExecutablePath {
|
function Get-FirefoxExecutablePath {
|
||||||
|
$FirefoxPaths = Get-FirefoxExecutablePaths
|
||||||
|
|
||||||
|
if ($FirefoxPaths.Count -gt 0) {
|
||||||
|
return $FirefoxPaths[0]
|
||||||
|
}
|
||||||
|
|
||||||
|
return $null
|
||||||
|
}
|
||||||
|
|
||||||
|
function Get-FirefoxExecutablePaths {
|
||||||
$CandidatePaths = @()
|
$CandidatePaths = @()
|
||||||
|
|
||||||
$AppPath = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe" -ErrorAction SilentlyContinue
|
$AppPath = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe" -ErrorAction SilentlyContinue
|
||||||
@@ -75,16 +85,20 @@ function Get-FirefoxExecutablePath {
|
|||||||
|
|
||||||
$CandidatePaths += @(
|
$CandidatePaths += @(
|
||||||
"$env:ProgramFiles\Mozilla Firefox\firefox.exe",
|
"$env:ProgramFiles\Mozilla Firefox\firefox.exe",
|
||||||
|
"$env:ProgramFiles\Mozilla Firefox ESR\firefox.exe",
|
||||||
"${env:ProgramFiles(x86)}\Mozilla Firefox\firefox.exe"
|
"${env:ProgramFiles(x86)}\Mozilla Firefox\firefox.exe"
|
||||||
|
"${env:ProgramFiles(x86)}\Mozilla Firefox ESR\firefox.exe"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
$FirefoxPaths = @()
|
||||||
|
|
||||||
foreach ($Path in ($CandidatePaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | Select-Object -Unique)) {
|
foreach ($Path in ($CandidatePaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | Select-Object -Unique)) {
|
||||||
if (Test-Path $Path) {
|
if (Test-Path $Path) {
|
||||||
return (Resolve-Path $Path).Path
|
$FirefoxPaths += (Resolve-Path $Path).Path
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $null
|
return @($FirefoxPaths | Select-Object -Unique)
|
||||||
}
|
}
|
||||||
|
|
||||||
function Get-FirefoxAssociationProgIds {
|
function Get-FirefoxAssociationProgIds {
|
||||||
@@ -124,15 +138,7 @@ function Get-FirefoxAssociationProgIds {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function Set-FirefoxEnterprisePolicies {
|
function Get-FirefoxEnterprisePolicies {
|
||||||
param(
|
|
||||||
[string]$FirefoxExe
|
|
||||||
)
|
|
||||||
|
|
||||||
$FirefoxDirectory = Split-Path -Parent $FirefoxExe
|
|
||||||
$DistributionDirectory = Join-Path $FirefoxDirectory "distribution"
|
|
||||||
$PoliciesPath = Join-Path $DistributionDirectory "policies.json"
|
|
||||||
|
|
||||||
$Policies = [ordered]@{
|
$Policies = [ordered]@{
|
||||||
policies = [ordered]@{
|
policies = [ordered]@{
|
||||||
DontCheckDefaultBrowser = $true
|
DontCheckDefaultBrowser = $true
|
||||||
@@ -173,12 +179,31 @@ function Set-FirefoxEnterprisePolicies {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return $Policies
|
||||||
|
}
|
||||||
|
|
||||||
|
function Set-FirefoxEnterprisePolicies {
|
||||||
|
param(
|
||||||
|
[string[]]$FirefoxExecutables
|
||||||
|
)
|
||||||
|
|
||||||
|
$Policies = Get-FirefoxEnterprisePolicies
|
||||||
|
$PoliciesJson = $Policies | ConvertTo-Json -Depth 12
|
||||||
|
$Utf8NoBom = [System.Text.UTF8Encoding]::new($false)
|
||||||
|
|
||||||
|
foreach ($FirefoxExe in ($FirefoxExecutables | Select-Object -Unique)) {
|
||||||
|
$FirefoxDirectory = Split-Path -Parent $FirefoxExe
|
||||||
|
$DistributionDirectory = Join-Path $FirefoxDirectory "distribution"
|
||||||
|
$PoliciesPath = Join-Path $DistributionDirectory "policies.json"
|
||||||
|
|
||||||
if ($PSCmdlet.ShouldProcess($PoliciesPath, "Write Firefox enterprise policies")) {
|
if ($PSCmdlet.ShouldProcess($PoliciesPath, "Write Firefox enterprise policies")) {
|
||||||
New-Item -Path $DistributionDirectory -ItemType Directory -Force | Out-Null
|
New-Item -Path $DistributionDirectory -ItemType Directory -Force | Out-Null
|
||||||
$Policies | ConvertTo-Json -Depth 12 | Set-Content -Path $PoliciesPath -Encoding UTF8
|
[System.IO.File]::WriteAllText($PoliciesPath, $PoliciesJson, $Utf8NoBom)
|
||||||
|
Get-Content -Path $PoliciesPath -Raw | ConvertFrom-Json | Out-Null
|
||||||
Write-Host "Firefox enterprise policies written: $PoliciesPath" -ForegroundColor Green
|
Write-Host "Firefox enterprise policies written: $PoliciesPath" -ForegroundColor Green
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
function Set-FirefoxDefaultAssociations {
|
function Set-FirefoxDefaultAssociations {
|
||||||
param(
|
param(
|
||||||
@@ -228,14 +253,15 @@ function Set-FirefoxDefaultAssociations {
|
|||||||
Install-FirefoxEsr -PackageId $FirefoxPackageId
|
Install-FirefoxEsr -PackageId $FirefoxPackageId
|
||||||
|
|
||||||
$FirefoxExe = Get-FirefoxExecutablePath
|
$FirefoxExe = Get-FirefoxExecutablePath
|
||||||
|
$FirefoxExecutables = Get-FirefoxExecutablePaths
|
||||||
|
|
||||||
if (-not $FirefoxExe) {
|
if (-not $FirefoxExe -or $FirefoxExecutables.Count -eq 0) {
|
||||||
Write-Error "Firefox was not found after installation. Check the winget package result and retry."
|
Write-Error "Firefox was not found after installation. Check the winget package result and retry."
|
||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
|
|
||||||
Write-Host "Firefox found: $FirefoxExe" -ForegroundColor Cyan
|
Write-Host "Firefox found: $FirefoxExe" -ForegroundColor Cyan
|
||||||
Set-FirefoxEnterprisePolicies -FirefoxExe $FirefoxExe
|
Set-FirefoxEnterprisePolicies -FirefoxExecutables $FirefoxExecutables
|
||||||
Set-FirefoxDefaultAssociations -OutputPath $AssociationsPath
|
Set-FirefoxDefaultAssociations -OutputPath $AssociationsPath
|
||||||
|
|
||||||
Write-Host ""
|
Write-Host ""
|
||||||
|
|||||||
Reference in New Issue
Block a user