forked from rgl/windows-vagrant
-
Notifications
You must be signed in to change notification settings - Fork 0
/
optimize.ps1
180 lines (154 loc) · 5.99 KB
/
optimize.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
Set-StrictMode -Version Latest
$ProgressPreference = 'SilentlyContinue'
$ErrorActionPreference = 'Stop'
trap {
Write-Host
Write-Host "ERROR: $_"
($_.ScriptStackTrace -split '\r?\n') -replace '^(.*)$','ERROR: $1' | Write-Host
($_.Exception.ToString() -split '\r?\n') -replace '^(.*)$','ERROR EXCEPTION: $1' | Write-Host
Write-Host
Write-Host 'Sleeping for 60m to give you time to look around the virtual machine before self-destruction...'
Start-Sleep -Seconds (60*60)
Exit 1
}
#
# enable TLS 1.2.
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol `
-bor [Net.SecurityProtocolType]::Tls12
#
# run automatic maintenance.
Add-Type @'
using System;
using System.Runtime.InteropServices;
public static class Windows
{
[DllImport("kernel32", SetLastError=true)]
public static extern UInt64 GetTickCount64();
public static TimeSpan GetUptime()
{
return TimeSpan.FromMilliseconds(GetTickCount64());
}
}
'@
function Wait-Condition {
param(
[scriptblock]$Condition,
[int]$DebounceSeconds=15
)
process {
$begin = [Windows]::GetUptime()
do {
Start-Sleep -Seconds 3
try {
$result = &$Condition
} catch {
$result = $false
}
if (-not $result) {
$begin = [Windows]::GetUptime()
continue
}
} while ((([Windows]::GetUptime()) - $begin).TotalSeconds -lt $DebounceSeconds)
}
}
function Get-ScheduledTasks() {
$s = New-Object -ComObject 'Schedule.Service'
try {
$s.Connect()
Get-ScheduledTasksInternal $s.GetFolder('\')
} finally {
[System.Runtime.Interopservices.Marshal]::ReleaseComObject($s) | Out-Null
}
}
function Get-ScheduledTasksInternal($Folder) {
$Folder.GetTasks(0)
$Folder.GetFolders(0) | ForEach-Object {
Get-ScheduledTasksInternal $_
}
}
function Test-IsMaintenanceTask([xml]$definition) {
# see MaintenanceSettings (maintenanceSettingsType) Element at https://msdn.microsoft.com/en-us/library/windows/desktop/hh832151(v=vs.85).aspx
$ns = New-Object System.Xml.XmlNamespaceManager($definition.NameTable)
$ns.AddNamespace('t', $definition.DocumentElement.NamespaceURI)
$null -ne $definition.SelectSingleNode("/t:Task/t:Settings/t:MaintenanceSettings", $ns)
}
Write-Host 'Running Automatic Maintenance...'
MSchedExe.exe Start
Wait-Condition {@(Get-ScheduledTasks | Where-Object {($_.State -ge 4) -and (Test-IsMaintenanceTask $_.XML)}).Count -eq 0} -DebounceSeconds 60
#
# generate the .net frameworks native images.
# NB this is normally done in the Automatic Maintenance step, but for
# some reason, sometimes its not.
# see https://docs.microsoft.com/en-us/dotnet/framework/tools/ngen-exe-native-image-generator
Get-ChildItem "$env:windir\Microsoft.NET\*\*\ngen.exe" | ForEach-Object {
Write-Host "Generating the .NET Framework native images with $_..."
&$_ executeQueuedItems /nologo /silent
}
#
# remove temporary files.
# NB we ignore the packer generated files so it won't complain in the output.
Write-Host 'Stopping services that might interfere with temporary file removal...'
function Stop-ServiceForReal($name) {
while ($true) {
Stop-Service -ErrorAction SilentlyContinue $name
if ((Get-Service $name).Status -eq 'Stopped') {
break
}
}
}
Stop-ServiceForReal TrustedInstaller # Windows Modules Installer
Stop-ServiceForReal wuauserv # Windows Update
Stop-ServiceForReal BITS # Background Intelligent Transfer Service
@(
"$env:LOCALAPPDATA\Temp\*"
"$env:windir\Temp\*"
"$env:windir\Logs\*"
"$env:windir\Panther\*"
"$env:windir\WinSxS\ManifestCache\*"
"$env:windir\SoftwareDistribution\Download"
) | Where-Object {Test-Path $_} | ForEach-Object {
Write-Host "Removing temporary files $_..."
try {
takeown.exe /D Y /R /F $_ | Out-Null
icacls.exe $_ /grant:r Administrators:F /T /C /Q 2>&1 | Out-Null
} catch {
Write-Host "Ignoring taking ownership of temporary files error: $_"
}
Remove-Item $_ -Exclude 'packer-*' -Recurse -Force -ErrorAction SilentlyContinue | Out-Null
}
#
# cleanup the WinSxS folder.
# NB even thou the automatic maintenance includes a component cleanup task,
# it will not clean everything, as such, dism will clean the rest.
# NB to analyse the used space use: dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
# see https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/clean-up-the-winsxs-folder
Write-Host 'Cleaning up the WinSxS folder...'
dism.exe /Online /Quiet /Cleanup-Image /StartComponentCleanup /ResetBase
if ($LASTEXITCODE) {
throw "Failed with Exit Code $LASTEXITCODE"
}
# NB even after cleaning up the WinSxS folder the "Backups and Disabled Features"
# field of the analysis report will display a non-zero number because the
# disabled features packages are still on disk. you can remove them with:
# Get-WindowsOptionalFeature -Online `
# | Where-Object {$_.State -eq 'Disabled'} `
# | ForEach-Object {
# Write-Host "Removing feature $($_.FeatureName)..."
# dism.exe /Online /Quiet /Disable-Feature "/FeatureName:$($_.FeatureName)" /Remove
# }
# NB a removed feature can still be installed from other sources (e.g. windows update).
Write-Host 'Analyzing the WinSxS folder...'
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
#
# reclaim the free disk space.
Write-Host 'Reclaiming the free disk space...'
$results = defrag.exe C: /H /L
if ($results -eq 'The operation completed successfully.') {
$results
} else {
Write-Host 'Zero filling the free disk space...'
(New-Object System.Net.WebClient).DownloadFile('https://download.sysinternals.com/files/SDelete.zip', "$env:TEMP\SDelete.zip")
Expand-Archive "$env:TEMP\SDelete.zip" $env:TEMP
Remove-Item "$env:TEMP\SDelete.zip"
&"$env:TEMP\sdelete64.exe" -accepteula -z C:
}