Andreas/noid-privacy
1
0
Fork 0
mirror of https://github.com/NexusOne23/noid-privacy.git synced 2026-02-07 04:01:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
noid-privacy/install.ps1

332 lines
12 KiB
PowerShell
Raw Blame History

#Requires -Version 5.1
<#
.SYNOPSIS
NoID Privacy - One-Line Installer
.DESCRIPTION
Downloads and installs the latest version of NoID Privacy from GitHub.
This script checks prerequisites, downloads the latest release, extracts it,
and prepares it for execution.
.EXAMPLE
# Run from web (one-liner)
irm https://raw.githubusercontent.com/NexusOne23/noid-privacy/main/install.ps1 | iex
.NOTES
Author: NexusOne23
Version: 1.0.0
Requires: PowerShell 5.1+, Windows 11, Admin Rights
#>
function Install-NoIDPrivacy {
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[string]$InstallPath = "$env:USERPROFILE\NoIDPrivacy",
[Parameter(Mandatory = $false)]
[switch]$SkipAdminCheck
)
$ErrorActionPreference = 'Stop'
$ProgressPreference = 'SilentlyContinue'
# Colors
$ColorSuccess = 'Green'
$ColorError = 'Red'
$ColorWarning = 'Yellow'
$ColorInfo = 'Cyan'
function Write-ColorOutput {
param(
[Parameter(Mandatory)]
[string]$Message,
[Parameter(Mandatory = $false)]
[string]$Color = 'White',
[Parameter(Mandatory = $false)]
[switch]$NoNewline
)
if ($NoNewline) {
Write-Host $Message -ForegroundColor $Color -NoNewline
}
else {
Write-Host $Message -ForegroundColor $Color
}
}
function Test-Administrator {
$identity = [Security.Principal.WindowsIdentity]::GetCurrent()
$principal = [Security.Principal.WindowsPrincipal]::new($identity)
return $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}
function Get-LatestRelease {
try {
Write-ColorOutput "Fetching latest release from GitHub..." -Color $ColorInfo
$release = Invoke-RestMethod -Uri "https://api.github.com/repos/NexusOne23/noid-privacy/releases/latest" -UseBasicParsing
return $release
}
catch {
Write-ColorOutput "No releases found. Using main branch instead..." -Color $ColorWarning
return $null
}
}
function Test-SafeInstallPath {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[string]$Path
)
try {
$fullPath = (Resolve-Path -LiteralPath $Path -ErrorAction Stop).Path
}
catch {
$fullPath = [System.IO.Path]::GetFullPath($Path)
}
$normalized = $fullPath.TrimEnd('\').ToLowerInvariant()
# Block drive roots (e.g. C:\)
if ($normalized -match '^[a-z]:$') {
Write-ColorOutput "ERROR: Installation path '$fullPath' is a drive root and is not allowed." -Color $ColorError
return $false
}
# Block critical system locations
$blocked = @()
if ($env:WINDIR) { $blocked += $env:WINDIR.TrimEnd('\\').ToLowerInvariant() }
if ($env:ProgramFiles) { $blocked += $env:ProgramFiles.TrimEnd('\\').ToLowerInvariant() }
if (${env:ProgramFiles(x86)}) { $blocked += ${env:ProgramFiles(x86)}.TrimEnd('\\').ToLowerInvariant() }
if ($env:SystemRoot) { $blocked += $env:SystemRoot.TrimEnd('\\').ToLowerInvariant() }
if ($env:USERPROFILE) { $blocked += $env:USERPROFILE.TrimEnd('\\').ToLowerInvariant() }
foreach ($b in $blocked) {
if ([string]::IsNullOrEmpty($b)) { continue }
if ($normalized -eq $b -or $normalized.StartsWith($b + '\\')) {
Write-ColorOutput "ERROR: Installation path '$fullPath' is too close to a critical system directory ($b)." -Color $ColorError
return $false
}
}
return $true
}
# Banner
Write-Host ""
Write-Host "===============================================================" -ForegroundColor Cyan
Write-Host " NoID Privacy - One-Line Installer " -ForegroundColor Cyan
Write-Host " Professional Windows 11 Security & Privacy Hardening Framework " -ForegroundColor Cyan
Write-Host "===============================================================" -ForegroundColor Cyan
Write-Host ""
# Step 1: Check Administrator
if (-not $SkipAdminCheck) {
Write-ColorOutput "Checking administrator privileges..." -Color $ColorInfo
if (-not (Test-Administrator)) {
Write-ColorOutput "ERROR: Administrator rights required!" -Color $ColorError
Write-ColorOutput " Please run PowerShell as Administrator and try again." -Color $ColorWarning
Write-ColorOutput @"
To run as Administrator:
1. Press Win + X
2. Click "Terminal (Admin)" or "PowerShell (Admin)"
3. Run the install command again
"@ -Color $ColorInfo
exit 1
}
Write-ColorOutput "Administrator privileges confirmed" -Color $ColorSuccess
}
# Step 2: Check PowerShell Version
Write-ColorOutput "Checking PowerShell version..." -Color $ColorInfo
$psVersion = $PSVersionTable.PSVersion
if ($psVersion.Major -lt 5 -or ($psVersion.Major -eq 5 -and $psVersion.Minor -lt 1)) {
Write-ColorOutput "ERROR: PowerShell 5.1 or higher required!" -Color $ColorError
Write-ColorOutput " Current version: $($psVersion.ToString())" -Color $ColorWarning
exit 1
}
Write-ColorOutput "PowerShell version OK ($($psVersion.ToString()))" -Color $ColorSuccess
# Step 3: Check Windows Version
Write-ColorOutput "Checking Windows version..." -Color $ColorInfo
$osInfo = Get-ComputerInfo
$buildNumber = [int]$osInfo.OsBuildNumber
if ($buildNumber -lt 22000) {
Write-ColorOutput "ERROR: Windows 11 required!" -Color $ColorError
Write-ColorOutput " Current build: $buildNumber (Windows 10 or older)" -Color $ColorWarning
exit 1
}
$osVersion = if ($buildNumber -ge 26200) { "25H2" }
elseif ($buildNumber -ge 26100) { "24H2" }
elseif ($buildNumber -ge 22631) { "23H2" }
else { "Unknown" }
Write-ColorOutput "Windows 11 $osVersion detected (Build $buildNumber)" -Color $ColorSuccess
# Step 4: Create Install Directory
Write-ColorOutput "Creating installation directory..." -Color $ColorInfo
if (-not (Test-SafeInstallPath -Path $InstallPath)) {
Write-ColorOutput "Installation aborted due to unsafe install path." -Color $ColorError
exit 1
}
if (Test-Path $InstallPath) {
Write-ColorOutput "Directory already exists: $InstallPath" -Color $ColorWarning
$response = Read-Host " Overwrite existing installation? (Y/N)"
if ($response -ne 'Y') {
Write-ColorOutput "Installation cancelled by user" -Color $ColorWarning
exit 0
}
Write-ColorOutput "Removing old installation..." -Color $ColorInfo
Remove-Item -Path $InstallPath -Recurse -Force
}
New-Item -ItemType Directory -Path $InstallPath -Force | Out-Null
Write-ColorOutput "Install directory created: $InstallPath" -Color $ColorSuccess
# Step 5: Download Latest Release or Main Branch
$downloadUrl = $null
$downloadPath = Join-Path $env:TEMP "NoIDPrivacy.zip"
$release = Get-LatestRelease
if ($release) {
Write-ColorOutput "Latest release: $($release.tag_name)" -Color $ColorInfo
$zipAsset = $release.assets | Where-Object { $_.name -like "*.zip" } | Select-Object -First 1
if ($zipAsset) {
$downloadUrl = $zipAsset.browser_download_url
Write-ColorOutput "Downloading release: $($zipAsset.name)" -Color $ColorInfo
}
}
if (-not $downloadUrl) {
Write-ColorOutput "Downloading from main branch..." -Color $ColorInfo
$downloadUrl = "https://github.com/NexusOne23/noid-privacy/archive/refs/heads/main.zip"
}
try {
Invoke-WebRequest -Uri $downloadUrl -OutFile $downloadPath -UseBasicParsing
Write-ColorOutput "Download complete" -Color $ColorSuccess
}
catch {
Write-ColorOutput "ERROR: Download failed!" -Color $ColorError
Write-ColorOutput " $($_.Exception.Message)" -Color $ColorWarning
exit 1
}
# Step 6: Extract Archive
Write-ColorOutput "Extracting files..." -Color $ColorInfo
try {
Expand-Archive -Path $downloadPath -DestinationPath $InstallPath -Force
# Move files from subdirectory to root (GitHub zip structure)
$subDir = Get-ChildItem -Path $InstallPath -Directory | Select-Object -First 1
if ($subDir) {
Get-ChildItem -Path $subDir.FullName -Recurse | ForEach-Object {
$dest = Join-Path $InstallPath $_.FullName.Substring($subDir.FullName.Length + 1)
if ($_.PSIsContainer) {
New-Item -ItemType Directory -Path $dest -Force | Out-Null
}
else {
Move-Item -Path $_.FullName -Destination $dest -Force
}
}
Remove-Item -Path $subDir.FullName -Recurse -Force
}
Remove-Item -Path $downloadPath -Force
Write-ColorOutput "Files extracted successfully" -Color $ColorSuccess
}
catch {
Write-ColorOutput "ERROR: Extraction failed!" -Color $ColorError
Write-ColorOutput " $($_.Exception.Message)" -Color $ColorWarning
exit 1
}
# Step 7: Unblock Files
Write-ColorOutput "Unblocking PowerShell scripts..." -Color $ColorInfo
Get-ChildItem -Path $InstallPath -Recurse -Include *.ps1, *.psm1, *.psd1 | Unblock-File
Write-ColorOutput "All files unblocked" -Color $ColorSuccess
# Step 8: Display Success Message
Write-Host ""
Write-Host "===============================================================" -ForegroundColor Green
Write-Host " INSTALLATION COMPLETE! " -ForegroundColor Green
Write-Host "===============================================================" -ForegroundColor Green
Write-Host ""
Write-Host "Installation Path: $InstallPath" -ForegroundColor Green
Write-Host ""
Write-Host "Next Steps:" -ForegroundColor Green
Write-Host ""
Write-Host "1. Review the documentation:" -ForegroundColor Green
Write-Host " README: $InstallPath\README.md" -ForegroundColor Green
Write-Host ""
Write-Host "2. Create a system backup (CRITICAL!):" -ForegroundColor Green
Write-Host " - System Restore Point" -ForegroundColor Green
Write-Host " - Full system image" -ForegroundColor Green
Write-Host " - VM snapshot (if applicable)" -ForegroundColor Green
Write-Host ""
Write-Host "3. Run the interactive setup:" -ForegroundColor Green
Write-Host " cd `"$InstallPath`"" -ForegroundColor Green
Write-Host " .\Start-NoIDPrivacy.bat" -ForegroundColor Green
Write-Host ""
Write-Host "4. Or run directly with PowerShell:" -ForegroundColor Green
Write-Host " cd `"$InstallPath`"" -ForegroundColor Green
Write-Host " .\NoIDPrivacy.ps1 -Module All" -ForegroundColor Green
Write-Host ""
Write-Host "5. After execution, verify settings:" -ForegroundColor Green
Write-Host " .\Tools\Verify-Complete-Hardening.ps1" -ForegroundColor Green
Write-Host ""
Write-Host "IMPORTANT WARNINGS:" -ForegroundColor Yellow
Write-Host ""
Write-Host "- This tool modifies CRITICAL system settings" -ForegroundColor Yellow
Write-Host "- BACKUP your system BEFORE running" -ForegroundColor Yellow
Write-Host "- Test in a VM first (recommended)" -ForegroundColor Yellow
Write-Host "- Domain-joined systems: Coordinate with IT" -ForegroundColor Yellow
Write-Host "- Read SECURITY.md for security considerations" -ForegroundColor Yellow
Write-Host ""
Write-Host "Documentation:" -ForegroundColor Cyan
Write-Host "- README.md - Complete guide" -ForegroundColor Cyan
Write-Host "- CHANGELOG.md - Version history" -ForegroundColor Cyan
Write-Host "- SECURITY.md - Security policy" -ForegroundColor Cyan
Write-Host "- LICENSE - GPL v3.0 dual-license" -ForegroundColor Cyan
Write-Host ""
Write-Host "Community & Support:" -ForegroundColor Cyan
Write-Host "- GitHub Issues: https://github.com/NexusOne23/noid-privacy/issues" -ForegroundColor Cyan
Write-Host "- Discussions: https://github.com/NexusOne23/noid-privacy/discussions" -ForegroundColor Cyan
Write-Host ""
Write-Host ""
Write-ColorOutput "Press any key to start interactive menu..." -Color $ColorInfo -NoNewline
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
Write-Host ""
# Auto-start interactive menu after user confirmation
Write-ColorOutput "Starting NoID Privacy..." -Color $ColorInfo
try {
Push-Location $InstallPath
& .\Start-NoIDPrivacy.bat
Pop-Location
}
catch {
Write-ColorOutput "Could not auto-start. Please run manually:" -Color $ColorWarning
Write-ColorOutput " cd `"$InstallPath`"" -Color $ColorInfo
Write-ColorOutput " .\Start-NoIDPrivacy.bat" -Color $ColorInfo
}
Write-Host ""
Write-ColorOutput "NoID Privacy - Keeping Windows 11 secure and private!" -Color $ColorSuccess
}
# Call the function
Install-NoIDPrivacy @PSBoundParameters
Reference in a new issue View git blame Copy permalink