102 lines
3.4 KiB
Bash
Executable File
102 lines
3.4 KiB
Bash
Executable File
#!/bin/ash
|
|
|
|
if [[ ! $(id -u) = 0 ]]; then
|
|
echo "Please run as root!"
|
|
exit 1
|
|
fi
|
|
|
|
# edit repositories
|
|
echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/main" > /etc/apk/repositories
|
|
echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
|
|
|
|
# apk update and install essentials
|
|
apk update && apk upgrade
|
|
apk add nano sudo pwgen curl wget git bash-doc bash-completion openssh iputils restic --no-cache
|
|
|
|
# check if vm or lxc
|
|
if [[ ! -d /dev/disk/by-id ]]
|
|
then
|
|
apk add qemu-guest-agent
|
|
rc-update add qemu-guest-agent
|
|
rc-service qemu-guest-agent start
|
|
else
|
|
isInFile=$(ls /dev/disk/by-id | grep -c "QEMU")
|
|
if [ $isInFile -eq 0 ]
|
|
then
|
|
rc-service qemu-guest-agent stop
|
|
rc-update del qemu-guest-agent
|
|
apk del qemu-guest-agent
|
|
else
|
|
apk add qemu-guest-agent
|
|
rc-update add qemu-guest-agent
|
|
rc-service qemu-guest-agent start
|
|
fi
|
|
fi
|
|
|
|
# change default shell to bash
|
|
isInFile=$(cat /etc/passwd | grep -c "/bin/bash")
|
|
if [ $isInFile -eq 0 ]
|
|
then
|
|
sed -i 's/ash/bash/g' /etc/passwd
|
|
fi
|
|
|
|
# add akanealw user if not existing
|
|
isInFile=$(cat /etc/passwd | grep -c "akanealw")
|
|
if [ $isInFile -eq 0 ]
|
|
then
|
|
adduser -h /home/akanealw -s /bin/bash -u 1000 -D akanealw
|
|
echo 'akanealw:$1$OI5pilBO$ueRIbJDk6UVhxz9uCZjgU0' | chpasswd -e
|
|
fi
|
|
|
|
# add akanealw to sudo users
|
|
if [[ ! -f /etc/sudoers.d/akanealw ]]
|
|
then
|
|
echo "akanealw ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/akanealw
|
|
fi
|
|
|
|
# add ssh keys for akanealw
|
|
mkdir /home/akanealw/.ssh > /dev/null 2>&1
|
|
cp /home/akanealw/.ssh/authorized_keys /home/akanealw/.ssh/authorized_keys.bak > /dev/null 2>&1
|
|
|
|
isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "winpc-akanealw") > /dev/null 2>&1
|
|
if [ $isInFile -eq 0 ]; then
|
|
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBKYj+eRQsvdLvrJNoqugb9A7iQT+BEPb6LI9BseyhWR winpc-akanealw" >> /home/akanealw/.ssh/authorized_keys
|
|
fi
|
|
|
|
isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "server-akanealw")
|
|
if [ $isInFile -eq 0 ]; then
|
|
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAiw0sQxxTg/zBm/Hz4LLjtiuGfefF2vogGkYcWox4S server-akanealw" >> /home/akanealw/.ssh/authorized_keys
|
|
fi
|
|
chown akanealw:akanealw /home/akanealw/.ssh/
|
|
chown akanealw:akanealw /home/akanealw/.ssh/*
|
|
chmod 600 /home/akanealw/.ssh/*
|
|
|
|
# download user customization script for akanealw
|
|
mkdir /home/akanealw/scripts > /dev/null 2>&1
|
|
rm /home/akanealw/scripts/alpine-* > /dev/null 2>&1
|
|
wget -qO /home/akanealw/scripts/alpine-user-customizations.sh http://192.168.1.50/scripts/alpine/alpine-user-customizations.sh
|
|
chown -R akanealw:akanealw /home/akanealw/scripts/
|
|
chmod +x /home/akanealw/scripts/alpine-*
|
|
|
|
# disable ssh password login
|
|
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
|
|
sed -i "/#PasswordAuthentication yes/c\PasswordAuthentication no" /etc/ssh/sshd_config
|
|
|
|
# enable and start sshd
|
|
if [[ -f /etc/init.d/sshd ]]; then
|
|
rc-update add sshd > /dev/null 2>&1
|
|
rc-service sshd start > /dev/null 2>&1
|
|
fi
|
|
|
|
# edit issue file
|
|
isInFile=$(cat /etc/issue | grep -c "192.168.1")
|
|
if [ $isInFile -eq 0 ]
|
|
then
|
|
ip address show eth0 | awk '/inet / {print $2}' | cut -d/ -f1 >> /etc/issue
|
|
echo "" >> /etc/issue
|
|
fi
|
|
|
|
# remove all motd
|
|
rm /etc/motd > /dev/null 2>&1
|
|
|