diff --git a/files/bashscripts/debian/debian-essentials.sh b/files/bashscripts/debian/debian-essentials.sh index 0b08c20..1dbb92e 100755 --- a/files/bashscripts/debian/debian-essentials.sh +++ b/files/bashscripts/debian/debian-essentials.sh @@ -1,33 +1,40 @@ #!/bin/bash # autoreply config update dialog with no -if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then - echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local - echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local - echo " "--force-confold";" >> /etc/apt/apt.conf.d/local - echo "}" >> /etc/apt/apt.conf.d/local +if [[ ! -f /etc/apt/apt.conf.d/local ]] + then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local fi # update bookworm to new debian.sources file -#if [[ -f /etc/apt/sources.list.d/debian.sources ]] ; then -# isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") -# if [ $isInFile -eq 0 ]; then -# mkdir /etc/apt/mirrors > /dev/null 2>&1 -# echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list -# echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list -# echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources -# echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources -# echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources -# echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources -# echo "" >> /etc/apt/sources.list.d/debian.sources -# echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources -# echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources -# echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources -# echo "Components: main" >> /etc/apt/sources.list.d/debian.sources -# mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 -# rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 -# fi -#fi +if [[ -f /etc/apt/sources.list.d/debian.sources ]] + then + echo "Sources already updated" + else + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ] + then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + else + echo "Bullseye detected, skipping sources update" + fi +fi # update and upgrade apt-get update @@ -38,20 +45,22 @@ apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unz # add akanealw user if not existing isInFile=$(cat /etc/passwd | grep -c "akanealw") -if [ $isInFile -eq 0 ]; then - echo "Set password for akanealw" - useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw - mkdir /home/akanealw/.ssh - chown akanealw:akanealw /home/akanealw/.ssh - chmod 700 /home/akanealw/.ssh - cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 - chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 - chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +if [ $isInFile -eq 0 ] + then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 fi # create akanealw file in /etc/sudoers.d -if [[ ! -f /etc/sudoers.d/akanealw ]] ; then - echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +if [[ ! -f /etc/sudoers.d/akanealw ]] + then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw fi # enable ping for all users @@ -127,115 +136,120 @@ echo "bind-key C-a send-prefix" >> /etc/tmux.conf # create credentials and map network drives isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") -if [ $isInFile -eq 0 ]; then - mkdir /mnt/truenasdata > /dev/null 2>&1 - chown akanealw:akanealw /mnt/truenasdata - echo "# nfs shares" >> /etc/fstab - echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +if [ $isInFile -eq 0 ] + then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab fi # ask to install samba -if [[ ! -f /etc/samba/smb.conf ]] ; then - read -r -p "Install Samba? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then - apt-get install -y samba --no-install-recommends - # configure default samba share - (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw - sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf - isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") - if [ $isInFile -eq 0 ]; then - echo "[akanealw]" >> /etc/samba/smb.conf - echo " comment = akanealw" >> /etc/samba/smb.conf - echo " read only = no" >> /etc/samba/smb.conf - echo " path = /home/akanealw" >> /etc/samba/smb.conf - echo " guest ok = no" >> /etc/samba/smb.conf - echo "" >> /etc/samba/smb.conf - fi - fi +if [[ ! -f /etc/samba/smb.conf ]] + then + read -r -p "Install Samba? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + apt-get install -y samba --no-install-recommends + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") + if [ $isInFile -eq 0 ] + then + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + fi + fi fi # ask to install docker -if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then - read -r -p "Install Docker? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - # prepare for install - apt-get update - apt-get install -y ca-certificates curl gnupg lsb-release - mkdir -p /home/akanealw/docker/appdata - chown -R akanealw:akanealw /home/akanealw/docker - mkdir -m 0755 -p /etc/apt/keyrings - curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - # install docker - apt-get update - apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin - # post install - groupadd docker > /dev/null 2>&1 - usermod -aG docker akanealw - systemctl enable docker.service - systemctl enable containerd.service - fi +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] + then + read -r -p "Install Docker? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + mkdir -p /home/akanealw/docker/appdata + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + fi fi # ask to regenerate machine-id -if [[ ! -f /etc/machine-id-regenerated ]] ; then - read -r -p "Regenerate machine-id? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - # regenerate machine-id - rm -f /etc/machine-id /var/lib/dbus/machine-id - dbus-uuidgen --ensure=/etc/machine-id - dbus-uuidgen --ensure - touch /etc/machine-id-regenerated - fi +if [[ ! -f /etc/machine-id-regenerated ]] + then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi fi # ask to regenerate ssh host keys -if [[ ! -d /etc/cloud ]] ; then - if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then - read -r -p "Regenerate SSH Keys? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - rm /etc/ssh/ssh_host_* - dpkg-reconfigure openssh-server - mkdir /home/akanealw/.ssh - touch /home/akanealw/.ssh/ssh_keys_regenerated - chmod 700 /home/akanealw/.ssh - chown -R akanealw:akanealw /home/akanealw/.ssh +if [[ ! -d /etc/cloud ]] + then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] + then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi fi - fi fi # ask to set static ip address -if [[ ! -d /etc/cloud ]] ; then - if [[ ! -f /etc/network/interfaces.bak ]] ; then - read -r -p "Set Static IP address? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then - read -r -p "Enter Static IP Address with subnet prefix: " staticip - read -r -p "Enter Gateway IP Address: " gatewayip - read -r -p "Enter Primary DNS IP Address: " dnsip1 - read -r -p "Enter Secondary DNS IP Address: " dnsip2 - # get adapter name - name=$(basename /sys/class/net/e*) - # backup original interfaces file - if [[ ! -f /etc/network/interfaces.bak ]] ; then - cp /etc/network/interfaces /etc/network/interfaces.bak - fi - rm /etc/network/interfaces - cp /etc/network/interfaces.bak /etc/network/interfaces - # set static ip - sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces - echo " address $staticip" >> /etc/network/interfaces - echo " gateway $gatewayip" >> /etc/network/interfaces - # backup resolv.conf file - if [[ ! -f /etc/resolv.conf.bak ]] ; then - cp /etc/resolv.conf /etc/resolv.conf.bak - fi - rm /etc/resolv.conf - # set primary dns ip - echo "nameserver $dnsip1" >> /etc/resolv.conf - echo "nameserver $dnsip2" >> /etc/resolv.conf - # restart the interface - ifdown $name - ifup $name +if [[ ! -d /etc/cloud ]] + then + if [[ ! -f /etc/network/interfaces.bak ]] + then + read -r -p "Set Static IP address? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + read -r -p "Enter Static IP Address with subnet prefix: " staticip + read -r -p "Enter Gateway IP Address: " gatewayip + read -r -p "Enter Primary DNS IP Address: " dnsip1 + read -r -p "Enter Secondary DNS IP Address: " dnsip2 + name=$(basename /sys/class/net/e*) + if [[ ! -f /etc/network/interfaces.bak ]] + then + cp /etc/network/interfaces /etc/network/interfaces.bak + fi + rm /etc/network/interfaces + cp /etc/network/interfaces.bak /etc/network/interfaces + sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces + echo " address $staticip" >> /etc/network/interfaces + echo " gateway $gatewayip" >> /etc/network/interfaces + if [[ ! -f /etc/resolv.conf.bak ]] + then + cp /etc/resolv.conf /etc/resolv.conf.bak + fi + rm /etc/resolv.conf + echo "nameserver $dnsip1" >> /etc/resolv.conf + echo "nameserver $dnsip2" >> /etc/resolv.conf + ifdown $name + ifup $name + fi fi - fi fi