#!/bin/bash # autoreply config update dialog with no if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local echo " "--force-confold";" >> /etc/apt/apt.conf.d/local echo "}" >> /etc/apt/apt.conf.d/local fi # make mirrors directoy if [[ ! -d /etc/apt/mirrors ]] ; then mkdir /etc/apt/mirrors fi # create mirror sources if [[ ! -f /etc/apt/mirrors/debian.list ]] ; then echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list fi if [[ ! -f /etc/apt/mirrors/debian-security.list ]] ; then echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list fi # create debian.sources if [[ ! -f /etc/apt/sources.list.d/debian.sources ]] ; then echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources echo "" >> /etc/apt/sources.list.d/debian.sources echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources echo "Components: main" >> /etc/apt/sources.list.d/debian.sources fi # backup sources.list if [[ ! -f /etc/apt/sources.list.bak ]] ; then mv /etc/apt/sources.list /etc/apt/sources.list.bak fi # remove other sources.list backup rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 # update and upgrade apt-get update apt-get upgrade -y # download and install packages apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion # add akanealw user if not existing isInFile=$(cat /etc/passwd | grep -c "akanealw") if [ $isInFile -eq 0 ]; then echo "Set password for akanealw" useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw mkdir /home/akanealw/.ssh chown akanealw:akanealw /home/akanealw/.ssh chmod 700 /home/akanealw/.ssh cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 fi # create akanealw file in /etc/sudoers.d if [[ ! -f /etc/sudoers.d/akanealw ]] ; then echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw fi # enable ping for all users setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) # remove all motd rm /etc/motd > /dev/null 2>&1 # disable systemd-networkd-wait-online.service systemctl disable systemd-networkd-wait-online.service # git config git config --global credential.helper store git config --global user.name "akanealw" git config --global user.email "akanealw@gmail.com" git config --global init.defaultBranch main # show ip in /etc/issue name=$(basename /sys/class/net/e*) isInFile=$(cat /etc/issue | grep -c "$name") if [ $isInFile -eq 0 ]; then cp /etc/issue /etc/issue.bak echo "$name: \4{$name}" >> /etc/issue echo "" >> /etc/issue fi # set input preferences if [[ ! -f /etc/inputrc.bak ]] ; then cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 fi rm /etc/inputrc > /dev/null 2>&1 cp /etc/inputrc.bak /etc/inputrc echo "" >> /etc/inputrc echo "set completion-ignore-case On" >> /etc/inputrc # set bash preferences and aliases if [[ -f /etc/bash.bashrc.default ]] ; then mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 fi if [[ ! -f /etc/bash.bashrc.bak ]] ; then cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 fi rm /etc/bash.bashrc > /dev/null 2>&1 cp /etc/bash.bashrc.bak /etc/bash.bashrc echo "" >> /etc/bash.bashrc echo "# custom settings and aliases" >> /etc/bash.bashrc echo "set -o noclobber" >> /etc/bash.bashrc echo "alias lsa='ls -alhF'" >> /etc/bash.bashrc echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc echo "alias apts='sudo apt search'" >> /etc/bash.bashrc echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc echo "alias dc='docker compose'" >> /etc/bash.bashrc echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc echo "alias dps='docker ps'" >> /etc/bash.bashrc echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc # create tmux config rm /etc/tmux.conf* > /dev/null 2>&1 echo "unbind C-b" >> /etc/tmux.conf echo "set-option -g prefix C-a" >> /etc/tmux.conf echo "bind-key C-a send-prefix" >> /etc/tmux.conf # create credentials and map network drives isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") if [ $isInFile -eq 0 ]; then mkdir /mnt/truenasdata > /dev/null 2>&1 chown akanealw:akanealw /mnt/truenasdata echo "# nfs shares" >> /etc/fstab echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab fi # ask to install samba if [[ ! -f /etc/samba/smb.conf ]] ; then read -r -p "Install Samba? " prompt if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then apt-get install -y samba --no-install-recommends # configure default samba share (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") if [ $isInFile -eq 0 ]; then echo "[akanealw]" >> /etc/samba/smb.conf echo " comment = akanealw" >> /etc/samba/smb.conf echo " read only = no" >> /etc/samba/smb.conf echo " path = /home/akanealw" >> /etc/samba/smb.conf echo " guest ok = no" >> /etc/samba/smb.conf echo "" >> /etc/samba/smb.conf fi fi fi # ask to install docker if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then read -r -p "Install Docker? " prompt if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then # prepare for install apt-get update apt-get install -y ca-certificates curl gnupg lsb-release mkdir -p /home/akanealw/docker/appdata chown -R akanealw:akanealw /home/akanealw/docker mkdir -m 0755 -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null # install docker apt-get update apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin # post install groupadd docker > /dev/null 2>&1 usermod -aG docker akanealw systemctl enable docker.service systemctl enable containerd.service fi fi # ask to regenerate machine-id if [[ ! -f /etc/machine-id-regenerated ]] ; then read -r -p "Regenerate machine-id? " prompt if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then # regenerate machine-id rm -f /etc/machine-id /var/lib/dbus/machine-id dbus-uuidgen --ensure=/etc/machine-id dbus-uuidgen --ensure touch /etc/machine-id-regenerated fi fi # ask to regenerate ssh host keys if [[ ! -d /etc/cloud ]] ; then if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then read -r -p "Regenerate SSH Keys? " prompt if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then rm /etc/ssh/ssh_host_* dpkg-reconfigure openssh-server mkdir /home/akanealw/.ssh touch /home/akanealw/.ssh/ssh_keys_regenerated chmod 700 /home/akanealw/.ssh chown -R akanealw:akanealw /home/akanealw/.ssh fi fi fi # ask to set static ip address if [[ ! -d /etc/cloud ]] ; then if [[ ! -f /etc/network/interfaces.bak ]] ; then read -r -p "Set Static IP address? " prompt if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then read -r -p "Enter Static IP Address with subnet prefix: " staticip read -r -p "Enter Gateway IP Address: " gatewayip read -r -p "Enter Primary DNS IP Address: " dnsip1 read -r -p "Enter Secondary DNS IP Address: " dnsip2 # get adapter name name=$(basename /sys/class/net/e*) # backup original interfaces file if [[ ! -f /etc/network/interfaces.bak ]] ; then cp /etc/network/interfaces /etc/network/interfaces.bak fi rm /etc/network/interfaces cp /etc/network/interfaces.bak /etc/network/interfaces # set static ip sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces echo " address $staticip" >> /etc/network/interfaces echo " gateway $gatewayip" >> /etc/network/interfaces # backup resolv.conf file if [[ ! -f /etc/resolv.conf.bak ]] ; then cp /etc/resolv.conf /etc/resolv.conf.bak fi rm /etc/resolv.conf # set primary dns ip echo "nameserver $dnsip1" >> /etc/resolv.conf echo "nameserver $dnsip2" >> /etc/resolv.conf # restart the interface ifdown $name ifup $name fi fi fi