olivier/Windows
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cbe534db313c409e4e8bf54ad14e29e5b88732b2
Windows/powershell/Install-Firefox.ps1
T

243 lines
8.8 KiB
PowerShell
Raw Blame History

# Requires running as administrator
# Installs Firefox ESR, configures it as the default browser and force-installs uBlock Origin.
[CmdletBinding(SupportsShouldProcess = $true)]
param(
[string]$FirefoxPackageId = "Mozilla.Firefox.ESR.fr",
[string]$AssociationsPath = "$env:ProgramData\WindowsLibreSoftwareToolkit\FirefoxDefaultAssociations.xml"
)
$ErrorActionPreference = "Stop"
$IsAdministrator = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(
[Security.Principal.WindowsBuiltInRole]::Administrator
)
if (-not $IsAdministrator) {
Write-Error "This script must be run from an administrator PowerShell session."
exit 1
}
function Install-FirefoxEsr {
param(
[string]$PackageId
)
if (-not (Get-Command winget -ErrorAction SilentlyContinue)) {
Write-Error "winget was not found. Install App Installer or enable winget before running this script."
exit 1
}
Write-Host "Installing Firefox ESR with winget: $PackageId" -ForegroundColor Cyan
if ($PSCmdlet.ShouldProcess($PackageId, "Install Firefox ESR")) {
$Arguments = @(
"install",
"--id", $PackageId,
"--silent",
"--accept-source-agreements",
"--accept-package-agreements"
)
$Process = Start-Process -FilePath "winget" -ArgumentList $Arguments -NoNewWindow -Wait -PassThru
if ($Process.ExitCode -ne 0) {
Write-Error "Firefox ESR installation failed. winget exit code: $($Process.ExitCode)"
exit $Process.ExitCode
}
Write-Host "Firefox ESR installed or already present." -ForegroundColor Green
}
}
function Get-FirefoxExecutablePath {
$CandidatePaths = @()
$AppPath = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe" -ErrorAction SilentlyContinue
if ($AppPath -and $AppPath.'(default)') {
$CandidatePaths += $AppPath.'(default)'
}
$UninstallRoots = @(
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*"
)
foreach ($Root in $UninstallRoots) {
$FirefoxInstall = Get-ItemProperty -Path $Root -ErrorAction SilentlyContinue |
Where-Object { $_.DisplayName -like "Mozilla Firefox*" -and $_.InstallLocation } |
Select-Object -First 1
if ($FirefoxInstall) {
$CandidatePaths += (Join-Path $FirefoxInstall.InstallLocation "firefox.exe")
}
}
$CandidatePaths += @(
"$env:ProgramFiles\Mozilla Firefox\firefox.exe",
"${env:ProgramFiles(x86)}\Mozilla Firefox\firefox.exe"
)
foreach ($Path in ($CandidatePaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | Select-Object -Unique)) {
if (Test-Path $Path) {
return (Resolve-Path $Path).Path
}
}
return $null
}
function Get-FirefoxAssociationProgIds {
$CapabilitiesPath = "HKLM:\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities"
$UrlAssociationsPath = Join-Path $CapabilitiesPath "URLAssociations"
$FileAssociationsPath = Join-Path $CapabilitiesPath "FileAssociations"
$UrlAssociations = Get-ItemProperty -Path $UrlAssociationsPath -ErrorAction SilentlyContinue
$FileAssociations = Get-ItemProperty -Path $FileAssociationsPath -ErrorAction SilentlyContinue
$HttpProgId = $UrlAssociations.http
$HttpsProgId = $UrlAssociations.https
$HtmlProgId = $FileAssociations.".html"
$HtmProgId = $FileAssociations.".htm"
if (-not $HttpProgId) {
$HttpProgId = "FirefoxURL-308046B0AF4A39CB"
}
if (-not $HttpsProgId) {
$HttpsProgId = $HttpProgId
}
if (-not $HtmlProgId) {
$HtmlProgId = "FirefoxHTML-308046B0AF4A39CB"
}
if (-not $HtmProgId) {
$HtmProgId = $HtmlProgId
}
return [PSCustomObject]@{
Http = $HttpProgId
Https = $HttpsProgId
Html = $HtmlProgId
Htm = $HtmProgId
}
}
function Set-FirefoxEnterprisePolicies {
param(
[string]$FirefoxExe
)
$FirefoxDirectory = Split-Path -Parent $FirefoxExe
$DistributionDirectory = Join-Path $FirefoxDirectory "distribution"
$PoliciesPath = Join-Path $DistributionDirectory "policies.json"
$Policies = [ordered]@{
policies = [ordered]@{
DontCheckDefaultBrowser = $true
DisableDefaultBrowserAgent = $true
ExtensionSettings = [ordered]@{
"uBlock0@raymondhill.net" = [ordered]@{
installation_mode = "force_installed"
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
}
}
"3rdparty" = [ordered]@{
Extensions = [ordered]@{
"uBlock0@raymondhill.net" = [ordered]@{
adminSettings = [ordered]@{
selectedFilterLists = @(
"user-filters",
"ublock-filters",
"ublock-badware",
"ublock-privacy",
"ublock-abuse",
"ublock-unbreak",
"ublock-quick-fixes",
"easylist",
"easyprivacy",
"urlhaus-1",
"plowe-0"
)
userSettings = [ordered]@{
advancedUserEnabled = $false
cloudStorageEnabled = $false
contextMenuEnabled = $true
showIconBadge = $true
}
}
}
}
}
}
}
if ($PSCmdlet.ShouldProcess($PoliciesPath, "Write Firefox enterprise policies")) {
New-Item -Path $DistributionDirectory -ItemType Directory -Force | Out-Null
$Policies | ConvertTo-Json -Depth 12 | Set-Content -Path $PoliciesPath -Encoding UTF8
Write-Host "Firefox enterprise policies written: $PoliciesPath" -ForegroundColor Green
}
}
function Set-FirefoxDefaultAssociations {
param(
[string]$OutputPath
)
$ProgIds = Get-FirefoxAssociationProgIds
$OutputDirectory = Split-Path -Parent $OutputPath
$Xml = @"
<?xml version="1.0" encoding="UTF-8"?>
<DefaultAssociations>
<Association Identifier=".htm" ProgId="$($ProgIds.Htm)" ApplicationName="Firefox" />
<Association Identifier=".html" ProgId="$($ProgIds.Html)" ApplicationName="Firefox" />
<Association Identifier="http" ProgId="$($ProgIds.Http)" ApplicationName="Firefox" />
<Association Identifier="https" ProgId="$($ProgIds.Https)" ApplicationName="Firefox" />
</DefaultAssociations>
"@
if ($PSCmdlet.ShouldProcess($OutputPath, "Write Firefox default app associations")) {
New-Item -Path $OutputDirectory -ItemType Directory -Force | Out-Null
Set-Content -Path $OutputPath -Value $Xml -Encoding UTF8
Write-Host "Default app associations written: $OutputPath" -ForegroundColor Green
}
$SystemPolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System"
if ($PSCmdlet.ShouldProcess($SystemPolicyPath, "Set default associations policy")) {
New-Item -Path $SystemPolicyPath -Force | Out-Null
New-ItemProperty -Path $SystemPolicyPath -Name "DefaultAssociationsConfiguration" -Value $OutputPath -PropertyType String -Force | Out-Null
Write-Host "Default associations policy configured." -ForegroundColor Green
}
if ($PSCmdlet.ShouldProcess("DISM", "Import default app associations for new users")) {
$Arguments = "/Online", "/Import-DefaultAppAssociations:$OutputPath"
$Process = Start-Process -FilePath "dism.exe" -ArgumentList $Arguments -NoNewWindow -Wait -PassThru
if ($Process.ExitCode -ne 0) {
Write-Warning "DISM failed to import default app associations. Exit code: $($Process.ExitCode)"
}
else {
Write-Host "Default app associations imported for future users." -ForegroundColor Green
}
}
}
Install-FirefoxEsr -PackageId $FirefoxPackageId
$FirefoxExe = Get-FirefoxExecutablePath
if (-not $FirefoxExe) {
Write-Error "Firefox was not found after installation. Check the winget package result and retry."
exit 1
}
Write-Host "Firefox found: $FirefoxExe" -ForegroundColor Cyan
Set-FirefoxEnterprisePolicies -FirefoxExe $FirefoxExe
Set-FirefoxDefaultAssociations -OutputPath $AssociationsPath
Write-Host ""
Write-Host "Firefox ESR installed and configured. Restart Windows or sign out before creating/testing new users." -ForegroundColor Green
Reference in New Issue View Git Blame Copy Permalink