no full paths
--> Linted: BASH No errors were found in the linting process
Details
--> Linted: BASH_EXEC No errors were found in the linting process
Details
--> Linted: EDITORCONFIG No errors were found in the linting process
Details
--> Linted: GITLEAKS No errors were found in the linting process
Details
🎨 Lint / lint (push) Successful in 9s
Details
--> Linted: BASH No errors were found in the linting process
Details
--> Linted: BASH_EXEC No errors were found in the linting process
Details
--> Linted: EDITORCONFIG No errors were found in the linting process
Details
--> Linted: GITLEAKS No errors were found in the linting process
Details
🎨 Lint / lint (push) Successful in 9s
Details
This commit is contained in:
parent
4803c3ef2e
commit
d028e8bb6c
|
@ -12,62 +12,62 @@ if [ -z "$1" ]; then
|
|||
fi
|
||||
|
||||
# Update the system
|
||||
/usr/bin/apt update
|
||||
/usr/bin/apt upgrade -y
|
||||
apt update
|
||||
apt upgrade -y
|
||||
|
||||
# Install my SSH key
|
||||
/usr/bin/mkdir -p ~/.ssh
|
||||
/usr/bin/chmod 700 ~/.ssh
|
||||
/usr/bin/cp ./resources/ssh-keys/* ~/.ssh/
|
||||
/usr/bin/chmod 600 ~/.ssh/*
|
||||
/usr/bin/cat ~/.ssh/*.pub >> ~/.ssh/authorized_keys
|
||||
/usr/bin/chmod 644 ~/.ssh/authorized_keys
|
||||
mkdir -p ~/.ssh
|
||||
chmod 700 ~/.ssh
|
||||
cp ./resources/ssh-keys/* ~/.ssh/
|
||||
chmod 600 ~/.ssh/*
|
||||
cat ~/.ssh/*.pub >> ~/.ssh/authorized_keys
|
||||
chmod 644 ~/.ssh/authorized_keys
|
||||
|
||||
# Lockdown SSH
|
||||
/usr/bin/sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
||||
/usr/bin/sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
|
||||
/usr/bin/sed -i 's/#PermitRootLogin no/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
|
||||
/usr/bin/sed -i 's/#UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
||||
/usr/bin/systemctl restart sshd
|
||||
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
||||
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
|
||||
sed -i 's/#PermitRootLogin no/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
|
||||
sed -i 's/#UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
||||
systemctl restart sshd
|
||||
|
||||
# Install base packages
|
||||
/usr/bin/apt install -y git curl wget unzip zip htop vim sed apt-transport-https ca-certificates software-properties-common fail2ban dos2unix unattended-upgrades gnupg gnupg-agent lsb-release rsync mosh neofetch zsh dialog molly-guard borgbackup
|
||||
apt install -y git curl wget unzip zip htop vim sed apt-transport-https ca-certificates software-properties-common fail2ban dos2unix unattended-upgrades gnupg gnupg-agent lsb-release rsync mosh neofetch zsh dialog molly-guard borgbackup
|
||||
|
||||
# Start fail2ban
|
||||
/usr/bin/systemctl enable --now fail2ban
|
||||
systemctl enable --now fail2ban
|
||||
|
||||
# Setup unattended upgrades
|
||||
/usr/bin/cp ./resources/unattended-upgrades/* /etc/apt/apt.conf.d/
|
||||
cp ./resources/unattended-upgrades/* /etc/apt/apt.conf.d/
|
||||
|
||||
# sysctl tweaks
|
||||
/usr/bin/cp ./resources/sysctl.conf /etc/sysctl.conf
|
||||
/usr/sbin/sysctl -p
|
||||
cp ./resources/sysctl.conf /etc/sysctl.conf
|
||||
sysctl -p
|
||||
|
||||
# Disable MOTDs
|
||||
/usr/bin/touch ~/.hushlogin
|
||||
touch ~/.hushlogin
|
||||
|
||||
# Set default shell to zsh
|
||||
/usr/bin/chsh -s "$(which zsh)"
|
||||
chsh -s "$(which zsh)"
|
||||
|
||||
# Install oh-my-zsh
|
||||
/usr/bin/sh -c "$(/usr/bin/curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
|
||||
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
|
||||
|
||||
# Install zsh plugins
|
||||
## zsh-autosuggestions
|
||||
/usr/bin/git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions
|
||||
git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions
|
||||
|
||||
# Install my dotfiles
|
||||
/usr/bin/git clone https://git.chse.dev/chase/dotfiles.git ~/.dotfiles
|
||||
if [ -f ~/.zshrc ]; then /usr/bin/mv ~/.zshrc ~/.zshrc.bak; fi
|
||||
/usr/bin/ln -s ~/.dotfiles/zshrc ~/.zshrc
|
||||
if [ -f ~/.vimrc ]; then /usr/bin/mv ~/.vimrc ~/.vimrc.bak; fi
|
||||
/usr/bin/ln -s ~/.dotfiles/vimrc ~/.vimrc
|
||||
if [ -f ~/.gitconfig ]; then /usr/bin/mv ~/.gitconfig ~/.gitconfig.bak; fi
|
||||
/usr/bin/ln -s ~/.dotfiles/gitconfig ~/.gitconfig
|
||||
git clone https://git.chse.dev/chase/dotfiles.git ~/.dotfiles
|
||||
if [ -f ~/.zshrc ]; then mv ~/.zshrc ~/.zshrc.bak; fi
|
||||
ln -s ~/.dotfiles/zshrc ~/.zshrc
|
||||
if [ -f ~/.vimrc ]; then mv ~/.vimrc ~/.vimrc.bak; fi
|
||||
ln -s ~/.dotfiles/vimrc ~/.vimrc
|
||||
if [ -f ~/.gitconfig ]; then mv ~/.gitconfig ~/.gitconfig.bak; fi
|
||||
ln -s ~/.dotfiles/gitconfig ~/.gitconfig
|
||||
|
||||
# Install my scripts
|
||||
/usr/bin/git clone https://git.chse.dev/chase/Scripts.git ~/Scripts
|
||||
git clone https://git.chse.dev/chase/Scripts.git ~/Scripts
|
||||
|
||||
# Setup MOTD
|
||||
/usr/bin/cp ./resources/motd.sh /etc/motd.sh
|
||||
/usr/bin/chmod +x /etc/motd.sh
|
||||
cp ./resources/motd.sh /etc/motd.sh
|
||||
chmod +x /etc/motd.sh
|
||||
|
|
|
@ -13,45 +13,45 @@ if [ -z "$1" ]; then
|
|||
fi
|
||||
|
||||
# Do everything in general.sh first
|
||||
/usr/bin/bash general.sh secrets
|
||||
bash general.sh secrets
|
||||
|
||||
# Required for later things
|
||||
/usr/sbin/groupadd media
|
||||
/usr/bin/mkdir /dockerData
|
||||
groupadd media
|
||||
mkdir /dockerData
|
||||
|
||||
# Change SSH Port
|
||||
/usr/bin/sed -i 's/#Port 22/Port 1000/g' /etc/ssh/sshd_config
|
||||
/usr/bin/systemctl restart sshd
|
||||
sed -i 's/#Port 22/Port 1000/g' /etc/ssh/sshd_config
|
||||
systemctl restart sshd
|
||||
|
||||
# Install docker
|
||||
## INFO: https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository
|
||||
/usr/bin/sudo /usr/bin/mkdir -p /etc/apt/keyrings
|
||||
/usr/bin/curl -fsSL https://download.docker.com/linux/ubuntu/gpg | /usr/bin/sudo /usr/bin/gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
||||
sudo mkdir -p /etc/apt/keyrings
|
||||
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
||||
echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
|
||||
$(lsb_release -cs) stable" | /usr/bin/sudo /usr/bin/tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||
/usr/bin/sudo /usr/bin/apt-get update
|
||||
/usr/bin/sudo /usr/bin/apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y
|
||||
/usr/bin/systemctl enable --now docker
|
||||
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||
sudo apt-get update
|
||||
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y
|
||||
systemctl enable --now docker
|
||||
|
||||
# Install Plex
|
||||
echo "deb [signed-by=/usr/share/keyrings/plex.gpg] https://downloads.plex.tv/repo/deb public main" | /usr/bin/sudo /usr/bin/tee /etc/apt/sources.list.d/plexmediaserver.list
|
||||
/usr/bin/sudo /usr/bin/wget -O- https://downloads.plex.tv/plex-keys/PlexSign.key | /usr/bin/gpg --dearmor | /usr/bin/sudo /usr/bin/tee /usr/share/keyrings/plex.gpg
|
||||
/usr/bin/sudo /usr/bin/apt-get update
|
||||
/usr/bin/sudo /usr/bin/apt-get install plexmediaserver -y
|
||||
echo "deb [signed-by=/usr/share/keyrings/plex.gpg] https://downloads.plex.tv/repo/deb public main" | sudo tee /etc/apt/sources.list.d/plexmediaserver.list
|
||||
sudo wget -O- https://downloads.plex.tv/plex-keys/PlexSign.key | gpg --dearmor | sudo tee /usr/share/keyrings/plex.gpg
|
||||
sudo apt-get update
|
||||
sudo apt-get install plexmediaserver -y
|
||||
|
||||
# Copy secrets
|
||||
/usr/bin/cp ./resources/secrets/*.txt ~
|
||||
cp ./resources/secrets/*.txt ~
|
||||
|
||||
# Add crontabs
|
||||
(/usr/bin/crontab -l ; echo "*/15 * * * * /root/ddns.sh") | /usr/bin/crontab -
|
||||
(/usr/bin/crontab -l ; echo "0 1 * * * /root/Scripts/Backup/Backup.sh") | /usr/bin/crontab -
|
||||
(/usr/bin/crontab -l ; echo "0 2 * * * docker image prune -a -f && docker volume prune -f && docker network prune -f") | /usr/bin/crontab -
|
||||
(/usr/bin/crontab -l ; echo "0 * * * * curl --silent https://missionpark.net?es=cron&guid=edaiqo-pgoemj-cenpat-cbgkjr-fomgjy > /dev/null 2>&1") | /usr/bin/crontab -
|
||||
(crontab -l ; echo "*/15 * * * * /root/ddns.sh") | crontab -
|
||||
(crontab -l ; echo "0 1 * * * /root/Scripts/Backup/Backup.sh") | crontab -
|
||||
(crontab -l ; echo "0 2 * * * docker image prune -a -f && docker volume prune -f && docker network prune -f") | crontab -
|
||||
(crontab -l ; echo "0 * * * * curl --silent https://missionpark.net?es=cron&guid=edaiqo-pgoemj-cenpat-cbgkjr-fomgjy > /dev/null 2>&1") | crontab -
|
||||
|
||||
# Use docker-compose to start all the containers
|
||||
cd ./resources || exit
|
||||
/usr/bin/docker compose up -d
|
||||
docker compose up -d
|
||||
cd ../
|
||||
|
||||
echo
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/bin/sh
|
||||
|
||||
/usr/bin/clear
|
||||
/usr/bin/neofetch
|
||||
clear
|
||||
neofetch
|
||||
echo
|
||||
|
|
Loading…
Reference in New Issue