From 5dc4dad915dcbd1bb1f50a3a1910ab021e78a423 Mon Sep 17 00:00:00 2001 From: Olivier Date: Sun, 24 May 2026 09:56:25 +0200 Subject: [PATCH] Configure Firefox defaults and uBlock --- README.fr.md | 11 +- README.md | 11 +- powershell/Configure-FirefoxDefaults.ps1 | 207 +++++++++++++++++++++++ powershell/libres-softwares-install.ps1 | 14 +- 4 files changed, 240 insertions(+), 3 deletions(-) create mode 100644 powershell/Configure-FirefoxDefaults.ps1 diff --git a/README.fr.md b/README.fr.md index 0fd1139..773ffc1 100644 --- a/README.fr.md +++ b/README.fr.md @@ -20,6 +20,7 @@ Petite boîte à outils Windows pour installer des packs de logiciels libres ave | Chemin | Rôle | | --- | --- | | 🧭 [`powershell/libres-softwares-install.ps1`](./powershell/libres-softwares-install.ps1) | Installateur interactif pour une liste de logiciels sélectionnés. | +| 🦊 [`powershell/Configure-FirefoxDefaults.ps1`](./powershell/Configure-FirefoxDefaults.ps1) | Définit Firefox ESR comme navigateur par défaut et force l'installation de uBlock Origin pour tous les utilisateurs. | | 🧹 [`powershell/Winget-Remove-BuiltInApps.ps1`](./powershell/Winget-Remove-BuiltInApps.ps1) | Suppression de certaines applications Windows intégrées pour l'utilisateur courant avec winget. | | 🚫 [`powershell/Remove-BuiltInApps.ps1`](./powershell/Remove-BuiltInApps.ps1) | Suppression de certaines applications Appx intégrées sans winget avec blocages registre pour les futurs utilisateurs. | | 🚀 [`winget/libre-soft-start-pack.yaml`](./winget/libre-soft-start-pack.yaml) | Pack automatisé de départ : Firefox ESR, 7-Zip et VLC. | @@ -44,7 +45,7 @@ Les packs YAML automatisés n'imposent pas de version précise de Windows. Ils n ## 🧭 Installateur Interactif -Choisis les logiciels à installer depuis un menu PowerShell. +Choisis les logiciels à installer depuis un menu PowerShell. Quand Firefox ESR est installé depuis ce script, les paramètres Firefox par défaut et les policies uBlock Origin sont configurés automatiquement. ![Capture de l'installateur interactif](./img/interactive.png) @@ -87,6 +88,14 @@ Exemple : winget configure --file .\winget\libre-soft-start-pack.yaml --accept-configuration-agreements ``` +Après l'installation d'un pack qui inclut Firefox ESR, lance le script de configuration Firefox depuis un terminal administrateur : + +```powershell +powershell -ExecutionPolicy Bypass -File .\powershell\Configure-FirefoxDefaults.ps1 +``` + +Le script écrit les policies Firefox, force l'installation de uBlock Origin depuis Mozilla Add-ons, configure les paramètres gérés de uBlock Origin et importe les associations d'applications Windows par défaut pour les futurs utilisateurs. + ## 🧹 Supprimer des Applications Intégrées Utilise le script de nettoyage Appx pour supprimer certaines applications intégrées sans winget et limiter leur reprovisionnement pour les nouveaux utilisateurs. diff --git a/README.md b/README.md index c9101ae..c9d7d6e 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ Small Windows toolkit to install libre software packs with `winget` and remove s | Path | Purpose | | --- | --- | | 🧭 [`powershell/libres-softwares-install.ps1`](./powershell/libres-softwares-install.ps1) | Interactive installer for a curated list of applications. | +| 🦊 [`powershell/Configure-FirefoxDefaults.ps1`](./powershell/Configure-FirefoxDefaults.ps1) | Sets Firefox ESR as default browser and force-installs uBlock Origin for all users. | | 🧹 [`powershell/Winget-Remove-BuiltInApps.ps1`](./powershell/Winget-Remove-BuiltInApps.ps1) | Removes selected built-in Windows applications for the current user with winget. | | 🚫 [`powershell/Remove-BuiltInApps.ps1`](./powershell/Remove-BuiltInApps.ps1) | Removes selected built-in Appx applications without winget and writes registry blocks for future users. | | 🚀 [`winget/libre-soft-start-pack.yaml`](./winget/libre-soft-start-pack.yaml) | Automated starter pack: Firefox ESR, 7-Zip and VLC. | @@ -44,7 +45,7 @@ The automated YAML packs do not enforce a specific Windows release. They require ## 🧭 Interactive Installer -Choose the software you want to install from a PowerShell menu. +Choose the software you want to install from a PowerShell menu. When Firefox ESR is installed from this script, Firefox defaults and uBlock Origin policies are configured automatically. ![Interactive installer screenshot](./img/interactive.png) @@ -87,6 +88,14 @@ Example: winget configure --file .\winget\libre-soft-start-pack.yaml --accept-configuration-agreements ``` +After installing a pack that includes Firefox ESR, run the Firefox configuration script from an administrator terminal: + +```powershell +powershell -ExecutionPolicy Bypass -File .\powershell\Configure-FirefoxDefaults.ps1 +``` + +The script writes Firefox enterprise policies, force-installs uBlock Origin from Mozilla Add-ons, configures managed uBlock Origin defaults and imports Windows default app associations for future users. + ## 🧹 Remove Built-In Apps Use the Appx cleanup script when you want to remove selected built-in applications without winget and reduce reprovisioning for newly created users. diff --git a/powershell/Configure-FirefoxDefaults.ps1 b/powershell/Configure-FirefoxDefaults.ps1 new file mode 100644 index 0000000..b4b125a --- /dev/null +++ b/powershell/Configure-FirefoxDefaults.ps1 @@ -0,0 +1,207 @@ +# Requires running as administrator +# Configures Firefox ESR as the default browser and force-installs uBlock Origin. + +[CmdletBinding(SupportsShouldProcess = $true)] +param( + [string]$AssociationsPath = "$env:ProgramData\WindowsLibreSoftwareToolkit\FirefoxDefaultAssociations.xml" +) + +$ErrorActionPreference = "Stop" + +$IsAdministrator = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole( + [Security.Principal.WindowsBuiltInRole]::Administrator +) + +if (-not $IsAdministrator) { + Write-Error "This script must be run from an administrator PowerShell session." + exit 1 +} + +function Get-FirefoxExecutablePath { + $CandidatePaths = @() + + $AppPath = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe" -ErrorAction SilentlyContinue + if ($AppPath -and $AppPath.'(default)') { + $CandidatePaths += $AppPath.'(default)' + } + + $UninstallRoots = @( + "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", + "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" + ) + + foreach ($Root in $UninstallRoots) { + $FirefoxInstall = Get-ItemProperty -Path $Root -ErrorAction SilentlyContinue | + Where-Object { $_.DisplayName -like "Mozilla Firefox*" -and $_.InstallLocation } | + Select-Object -First 1 + + if ($FirefoxInstall) { + $CandidatePaths += (Join-Path $FirefoxInstall.InstallLocation "firefox.exe") + } + } + + $CandidatePaths += @( + "$env:ProgramFiles\Mozilla Firefox\firefox.exe", + "${env:ProgramFiles(x86)}\Mozilla Firefox\firefox.exe" + ) + + foreach ($Path in ($CandidatePaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | Select-Object -Unique)) { + if (Test-Path $Path) { + return (Resolve-Path $Path).Path + } + } + + return $null +} + +function Get-FirefoxAssociationProgIds { + $CapabilitiesPath = "HKLM:\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities" + $UrlAssociationsPath = Join-Path $CapabilitiesPath "URLAssociations" + $FileAssociationsPath = Join-Path $CapabilitiesPath "FileAssociations" + + $UrlAssociations = Get-ItemProperty -Path $UrlAssociationsPath -ErrorAction SilentlyContinue + $FileAssociations = Get-ItemProperty -Path $FileAssociationsPath -ErrorAction SilentlyContinue + + $HttpProgId = $UrlAssociations.http + $HttpsProgId = $UrlAssociations.https + $HtmlProgId = $FileAssociations.".html" + $HtmProgId = $FileAssociations.".htm" + + if (-not $HttpProgId) { + $HttpProgId = "FirefoxURL-308046B0AF4A39CB" + } + + if (-not $HttpsProgId) { + $HttpsProgId = $HttpProgId + } + + if (-not $HtmlProgId) { + $HtmlProgId = "FirefoxHTML-308046B0AF4A39CB" + } + + if (-not $HtmProgId) { + $HtmProgId = $HtmlProgId + } + + return [PSCustomObject]@{ + Http = $HttpProgId + Https = $HttpsProgId + Html = $HtmlProgId + Htm = $HtmProgId + } +} + +function Set-FirefoxEnterprisePolicies { + param( + [string]$FirefoxExe + ) + + $FirefoxDirectory = Split-Path -Parent $FirefoxExe + $DistributionDirectory = Join-Path $FirefoxDirectory "distribution" + $PoliciesPath = Join-Path $DistributionDirectory "policies.json" + + $Policies = [ordered]@{ + policies = [ordered]@{ + DontCheckDefaultBrowser = $true + DisableDefaultBrowserAgent = $true + ExtensionSettings = [ordered]@{ + "uBlock0@raymondhill.net" = [ordered]@{ + installation_mode = "force_installed" + install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" + } + } + "3rdparty" = [ordered]@{ + Extensions = [ordered]@{ + "uBlock0@raymondhill.net" = [ordered]@{ + adminSettings = [ordered]@{ + selectedFilterLists = @( + "user-filters", + "ublock-filters", + "ublock-badware", + "ublock-privacy", + "ublock-abuse", + "ublock-unbreak", + "ublock-quick-fixes", + "easylist", + "easyprivacy", + "urlhaus-1", + "plowe-0" + ) + userSettings = [ordered]@{ + advancedUserEnabled = $false + cloudStorageEnabled = $false + contextMenuEnabled = $true + showIconBadge = $true + } + } + } + } + } + } + } + + if ($PSCmdlet.ShouldProcess($PoliciesPath, "Write Firefox enterprise policies")) { + New-Item -Path $DistributionDirectory -ItemType Directory -Force | Out-Null + $Policies | ConvertTo-Json -Depth 12 | Set-Content -Path $PoliciesPath -Encoding UTF8 + Write-Host "Firefox enterprise policies written: $PoliciesPath" -ForegroundColor Green + } +} + +function Set-FirefoxDefaultAssociations { + param( + [string]$OutputPath + ) + + $ProgIds = Get-FirefoxAssociationProgIds + $OutputDirectory = Split-Path -Parent $OutputPath + + $Xml = @" + + + + + + + +"@ + + if ($PSCmdlet.ShouldProcess($OutputPath, "Write Firefox default app associations")) { + New-Item -Path $OutputDirectory -ItemType Directory -Force | Out-Null + Set-Content -Path $OutputPath -Value $Xml -Encoding UTF8 + Write-Host "Default app associations written: $OutputPath" -ForegroundColor Green + } + + $SystemPolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" + + if ($PSCmdlet.ShouldProcess($SystemPolicyPath, "Set default associations policy")) { + New-Item -Path $SystemPolicyPath -Force | Out-Null + New-ItemProperty -Path $SystemPolicyPath -Name "DefaultAssociationsConfiguration" -Value $OutputPath -PropertyType String -Force | Out-Null + Write-Host "Default associations policy configured." -ForegroundColor Green + } + + if ($PSCmdlet.ShouldProcess("DISM", "Import default app associations for new users")) { + $Arguments = "/Online", "/Import-DefaultAppAssociations:$OutputPath" + $Process = Start-Process -FilePath "dism.exe" -ArgumentList $Arguments -NoNewWindow -Wait -PassThru + + if ($Process.ExitCode -ne 0) { + Write-Warning "DISM failed to import default app associations. Exit code: $($Process.ExitCode)" + } + else { + Write-Host "Default app associations imported for future users." -ForegroundColor Green + } + } +} + +$FirefoxExe = Get-FirefoxExecutablePath + +if (-not $FirefoxExe) { + Write-Error "Firefox was not found. Install Firefox ESR first, then run this script again." + exit 1 +} + +Write-Host "Firefox found: $FirefoxExe" -ForegroundColor Cyan +Set-FirefoxEnterprisePolicies -FirefoxExe $FirefoxExe +Set-FirefoxDefaultAssociations -OutputPath $AssociationsPath + +Write-Host "" +Write-Host "Firefox defaults configured. Restart Windows or sign out before creating/testing new users." -ForegroundColor Green diff --git a/powershell/libres-softwares-install.ps1 b/powershell/libres-softwares-install.ps1 index fd8a57c..d6a773d 100644 --- a/powershell/libres-softwares-install.ps1 +++ b/powershell/libres-softwares-install.ps1 @@ -105,6 +105,18 @@ foreach ($logiciel in $logicielsAInstaller) { if ($process.ExitCode -eq 0) { Write-Host "OK $($logiciel.Nom) installe avec succes" -ForegroundColor Green + + if ($logiciel.ID -eq "Mozilla.Firefox.ESR.fr") { + $configurationFirefox = Join-Path $PSScriptRoot "Configure-FirefoxDefaults.ps1" + + if (Test-Path $configurationFirefox) { + Write-Host "Configuration de Firefox ESR comme navigateur par defaut avec uBlock Origin..." -ForegroundColor Cyan + & $configurationFirefox + } else { + Write-Warning "Script de configuration Firefox introuvable: $configurationFirefox" + } + } + $reussites++ $resultats += @{Logiciel = $logiciel.Nom; Statut = "Succes"} } else { @@ -138,4 +150,4 @@ Write-Host "Total: $reussites reussite(s), $echecs echec(s)" -ForegroundColor $( Write-Host "===========================================================" -ForegroundColor Cyan Write-Host "" Write-Host "Appuyez sur une touche pour quitter..." -$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") \ No newline at end of file +$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")