akanealw/fileserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated script spacing

Browse Source
This commit is contained in:
akanealw
2023-08-20 12:37:30 -05:00
parent 8dc9abd968
commit fa27f78eee
1 changed files with 143 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

272
files/bashscripts/debian/debian-essentials.sh
View File

@@ -1,33 +1,40 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
if [[ ! -f /etc/apt/apt.conf.d/local ]]
then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update bookworm to new debian.sources file
#if [[ -f /etc/apt/sources.list.d/debian.sources ]] ; then
# isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
# if [ $isInFile -eq 0 ]; then
# mkdir /etc/apt/mirrors > /dev/null 2>&1
# echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
# echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
# echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
# echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
# echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
# echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
# echo "" >> /etc/apt/sources.list.d/debian.sources
# echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
# echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
# echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
# echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
# mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
# rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
# fi
#fi
if [[ -f /etc/apt/sources.list.d/debian.sources ]]
then
echo "Sources already updated"
else
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]
then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
else
echo "Bullseye detected, skipping sources update"
fi
fi
# update and upgrade
apt-get update
@@ -38,20 +45,22 @@ apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unz
# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]; then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
if [ $isInFile -eq 0 ]
then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
fi
# create akanealw file in /etc/sudoers.d
if [[ ! -f /etc/sudoers.d/akanealw ]] ; then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
if [[ ! -f /etc/sudoers.d/akanealw ]]
then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
fi
# enable ping for all users
@@ -127,115 +136,120 @@ echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# create credentials and map network drives
isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
if [ $isInFile -eq 0 ]; then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
if [ $isInFile -eq 0 ]
then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
fi
# ask to install samba
if [[ ! -f /etc/samba/smb.conf ]] ; then
read -r -p "Install Samba? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
apt-get install -y samba --no-install-recommends
# configure default samba share
(echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw
sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf
isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]")
if [ $isInFile -eq 0 ]; then
echo "[akanealw]" >> /etc/samba/smb.conf
echo " comment = akanealw" >> /etc/samba/smb.conf
echo " read only = no" >> /etc/samba/smb.conf
echo " path = /home/akanealw" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
fi
fi
if [[ ! -f /etc/samba/smb.conf ]]
then
read -r -p "Install Samba? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
apt-get install -y samba --no-install-recommends
(echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw
sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf
isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]")
if [ $isInFile -eq 0 ]
then
echo "[akanealw]" >> /etc/samba/smb.conf
echo " comment = akanealw" >> /etc/samba/smb.conf
echo " read only = no" >> /etc/samba/smb.conf
echo " path = /home/akanealw" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
fi
fi
fi
# ask to install docker
if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then
read -r -p "Install Docker? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# prepare for install
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release
mkdir -p /home/akanealw/docker/appdata
chown -R akanealw:akanealw /home/akanealw/docker
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# install docker
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# post install
groupadd docker > /dev/null 2>&1
usermod -aG docker akanealw
systemctl enable docker.service
systemctl enable containerd.service
fi
if [[ ! -f /etc/apt/keyrings/docker.gpg ]]
then
read -r -p "Install Docker? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release
mkdir -p /home/akanealw/docker/appdata
chown -R akanealw:akanealw /home/akanealw/docker
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
groupadd docker > /dev/null 2>&1
usermod -aG docker akanealw
systemctl enable docker.service
systemctl enable containerd.service
fi
fi
# ask to regenerate machine-id
if [[ ! -f /etc/machine-id-regenerated ]] ; then
read -r -p "Regenerate machine-id? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# regenerate machine-id
rm -f /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen --ensure=/etc/machine-id
dbus-uuidgen --ensure
touch /etc/machine-id-regenerated
fi
if [[ ! -f /etc/machine-id-regenerated ]]
then
read -r -p "Regenerate machine-id? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
rm -f /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen --ensure=/etc/machine-id
dbus-uuidgen --ensure
touch /etc/machine-id-regenerated
fi
fi
# ask to regenerate ssh host keys
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then
read -r -p "Regenerate SSH Keys? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
mkdir /home/akanealw/.ssh
touch /home/akanealw/.ssh/ssh_keys_regenerated
chmod 700 /home/akanealw/.ssh
chown -R akanealw:akanealw /home/akanealw/.ssh
if [[ ! -d /etc/cloud ]]
then
if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]]
then
read -r -p "Regenerate SSH Keys? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
mkdir /home/akanealw/.ssh
touch /home/akanealw/.ssh/ssh_keys_regenerated
chmod 700 /home/akanealw/.ssh
chown -R akanealw:akanealw /home/akanealw/.ssh
fi
fi
fi
fi
# ask to set static ip address
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /etc/network/interfaces.bak ]] ; then
read -r -p "Set Static IP address? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
read -r -p "Enter Static IP Address with subnet prefix: " staticip
read -r -p "Enter Gateway IP Address: " gatewayip
read -r -p "Enter Primary DNS IP Address: " dnsip1
read -r -p "Enter Secondary DNS IP Address: " dnsip2
# get adapter name
name=$(basename /sys/class/net/e*)
# backup original interfaces file
if [[ ! -f /etc/network/interfaces.bak ]] ; then
cp /etc/network/interfaces /etc/network/interfaces.bak
fi
rm /etc/network/interfaces
cp /etc/network/interfaces.bak /etc/network/interfaces
# set static ip
sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces
echo " address $staticip" >> /etc/network/interfaces
echo " gateway $gatewayip" >> /etc/network/interfaces
# backup resolv.conf file
if [[ ! -f /etc/resolv.conf.bak ]] ; then
cp /etc/resolv.conf /etc/resolv.conf.bak
fi
rm /etc/resolv.conf
# set primary dns ip
echo "nameserver $dnsip1" >> /etc/resolv.conf
echo "nameserver $dnsip2" >> /etc/resolv.conf
# restart the interface
ifdown $name
ifup $name
if [[ ! -d /etc/cloud ]]
then
if [[ ! -f /etc/network/interfaces.bak ]]
then
read -r -p "Set Static IP address? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
read -r -p "Enter Static IP Address with subnet prefix: " staticip
read -r -p "Enter Gateway IP Address: " gatewayip
read -r -p "Enter Primary DNS IP Address: " dnsip1
read -r -p "Enter Secondary DNS IP Address: " dnsip2
name=$(basename /sys/class/net/e*)
if [[ ! -f /etc/network/interfaces.bak ]]
then
cp /etc/network/interfaces /etc/network/interfaces.bak
fi
rm /etc/network/interfaces
cp /etc/network/interfaces.bak /etc/network/interfaces
sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces
echo " address $staticip" >> /etc/network/interfaces
echo " gateway $gatewayip" >> /etc/network/interfaces
if [[ ! -f /etc/resolv.conf.bak ]]
then
cp /etc/resolv.conf /etc/resolv.conf.bak
fi
rm /etc/resolv.conf
echo "nameserver $dnsip1" >> /etc/resolv.conf
echo "nameserver $dnsip2" >> /etc/resolv.conf
ifdown $name
ifup $name
fi
fi
fi
fi