os-init/debian-10/init.sh

253 lines
7.0 KiB
Bash
Raw Permalink Normal View History

2023-11-19 22:33:15 +00:00
#!/bin/bash
ipv4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /)
grep -a -q -v lxc /proc/1/environ
islxc=$?
main() {
if [[ ${islxc} == 0 ]]; then
NetSetHostname
NetIPConfig
else
APTCleanupLXCPackage
fi
APTSetProxy
APTUpdateDist
APTInstallBase
APTCleanAll
BashSetAlias
BashSetPS
NanoSetConfig
IssueSetContent
SSHEnableRootLogin
GrubSetConfig
Reboot
}
NetSetHostname() {
hostname=$(hostname)
hostname=$(whiptail --title "Hostname" --inputbox "" 0 30 "${hostname}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${hostname}" != "" ]; then
hostname "${hostname}"
echo "${hostname}" > /etc/hostname
fi
}
NetIPConfig() {
options=()
options+=("DHCP" "")
options+=("Static" "")
sel=$(whiptail --title "Network" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ]; then
case ${sel} in
"Static") NetIPConfigStatic;;
esac
fi
}
NetIPConfigStatic() {
netif="$(ip a | grep ens | head -n1 | cut -d: -f2)"
netif=${netif:1}
netip="${ipv4}"
netmask="255.255.255.0"
netgw="$(echo "${ipv4}" | cut -d. -f1-3).1"
netdns="$(echo "${ipv4}" | cut -d. -f1-3).1"
netip=$(whiptail --title "Network" --inputbox "IP" 0 30 "${netip}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netip}" != "" ]; then
netmask=$(whiptail --title "Network" --inputbox "Mask" 0 30 "${netmask}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netmask}" != "" ]; then
netgw=$(whiptail --title "Network" --inputbox "Route" 0 30 "${netgw}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netgw}" != "" ]; then
netdns=$(whiptail --title "Network" --inputbox "DNS" 0 30 "${netdns}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netdns}" != "" ]; then
echo "allow-hotplug ${netif}" > /etc/network/interfaces.d/${netif}
echo "iface ${netif} inet static" >> /etc/network/interfaces.d/${netif}
echo -e "\taddress ${netip}" >> /etc/network/interfaces.d/${netif}
echo -e "\tnetmask ${netmask}" >> /etc/network/interfaces.d/${netif}
echo -e "\tgateway ${netgw}" >> /etc/network/interfaces.d/${netif}
sed -i "/${netif}/d" /etc/network/interfaces
echo "nameserver ${netdns}" > /etc/resolv.conf
fi
fi
fi
fi
}
APTSetProxy() {
proxy=""
proxy=$(whiptail --title "Proxy" --inputbox "" 0 30 "${proxy}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ]; then
if [ "${proxy}" != "" ]; then
echo "Acquire::http { Proxy \"${proxy}\"; };" > /etc/apt/apt.conf.d/02proxy
fi
fi
}
APTCleanupLXCPackage() {
apt remove -y bind9-host debian-faq doc-debian postfix x11-common fontconfig-config fonts-dejavu-core gdbm-l10n python-apt-common
}
APTUpdateDist() {
apt update -y
apt dist-upgrade -y
}
APTInstallBase() {
options=()
options+=("curl" "" on)
options+=("wget" "" on)
options+=("lsof" "" on)
options+=("acpi" "" on)
options+=("bash-completion" "" on)
options+=("iptables" "" on)
options+=("iptables-persistent" "" on)
options+=("openssh-server" "" on)
options+=("gnupg" "" on)
options+=("rsync" "" on)
options+=("nmon" "" on)
options+=("snmpd" "" on)
sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ]; then
pkg=""
for itm in ${sel}; do
pkg="${pkg} $(echo ${itm} | sed 's/"//g')"
done
apt install -y ${pkg}
for itm in ${sel}; do
case ${itm} in
'"iptables-persistent"')
IPTablesInstall;;
'"snmpd"')
SNMPDInstall;;
esac
done
fi
}
APTCleanAll() {
apt-get autoremove -y
apt-get autoclean -y
}
BashSetAlias() {
cat > /etc/profile.d/alias.sh << "EOF"
alias ls='ls --color=auto -hl --time-style long-iso'
alias l='ls --color=auto -hlA --time-style long-iso'
alias ll='ls --color=auto -hla --time-style long-iso'
alias cd..='cd ..'
alias ..='cd ..'
alias ...='cd ../../'
alias ....='cd ../../../'
alias .....='cd ../../../../'
alias ff='find / -name'
alias f='find . -name'
alias fif='grep -rnw . -e'
alias grep='grep --color=auto'
alias egrep='egrep --color=auto'
alias fgrep='fgrep --color=auto'
alias ip='ip -c'
alias vdir='vdir --color=auto'
alias watch='watch --color'
EOF
}
BashSetPS() {
cat > /etc/profile.d/ps1.sh << "EOF"
clrreset='\e[0m'
clrwhite='\e[1;37m'
clrgreen='\e[1;32m'
clrred='\e[1;31m'
export PS1="\[$clrred\][$USER@$HOSTNAME]\[$clrwhite\] \w \`if [ \$? = 0 ]; then echo -e '\[$clrgreen\]'; else echo -e '\[$clrred\]'; fi\`\\$ \[$clrreset\]"
EOF
}
NanoSetConfig() {
sed -i "/tabsize/c\set tabsize 2" /etc/nanorc
cat >> /etc/nanorc << "EOF"
set numbercolor brightwhite
set statuscolor brightwhite,green
set keycolor cyan
set functioncolor green
EOF
cat > /root/.nanorc << "EOF"
set titlecolor brightwhite,red
set statuscolor brightwhite,red
EOF
}
IssueSetContent() {
cat > /etc/issue << "EOF"
\v \r \l
.o oOOOOOOOo OOOo
Ob.OOOOOOOo OOOo. oOOo. .adOOOOOOO
OboO"""""""""""".OOo. .oOOOOOo. OOOo.oOOOOOo.."""""""""'OO
OOP.oOOOOOOOOOOO "POOOOOOOOOOOo. `"OOOOOOOOOP,OOOOOOOOOOOB'
`O'OOOO' `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO' `OOOOo
.OOOO' `OOOOOOOOOOOOOOOOOOOOOOOOOO' `OO
OOOOO '"OOOOOOOOOOOOOOOO"` oOO
oOOOOOba. .adOOOOOOOOOOba .adOOOOo.
oOOOOOOOOOOOOOba. .adOOOOOOOOOO@^OOOOOOOba. .adOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"` '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO
"OOOO" "YOoOOOOMOIONODOO"` . '"OOROAOPOEOOOoOY" "OOO"
Y 'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?' :`
: .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO? .
. oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
'%o OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
`$" `OOOO' `O"Y ' `OOOO' o .
. . OP" : o .
:
.
EOF
}
IPTablesInstall() {
cat > /etc/iptables/rules.v4 << "EOF"
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
# Ping
-A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
# SNMPD
-A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT
COMMIT
EOF
cat > /etc/iptables/rules.v6 << "EOF"
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
EOF
iptables-restore /etc/iptables/rules.v4
ip6tables-restore /etc/iptables/rules.v6
}
SNMPDInstall() {
cummunityname=public
cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3)
sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf
sed -i "s/127.0.0.1/0.0.0.0/" /etc/snmp/snmpd.conf
systemctl restart snmpd
}
SSHEnableRootLogin() {
sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config
systemctl restart sshd
}
GrubSetConfig() {
if [ -f "/etc/default/grub" ]; then
sed -i "/GRUB_TIMEOUT/c\GRUB_TIMEOUT=1" /etc/default/grub
update-grub
fi
}
Reboot() {
if $(whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3); then
reboot
fi
}
main