Add Ubuntu scripts

This commit is contained in:
MatMoul 2023-11-19 20:28:09 +01:00
parent 77d0758861
commit 2406180195
11 changed files with 676 additions and 0 deletions

View File

@ -0,0 +1,10 @@
#!/bin/bash
apt install -y bind9
if [ -f "/etc/iptables/rules.v4" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # DNS' /etc/iptables/rules.v4
iptables-restore /etc/iptables/rules.v4
fi

View File

@ -0,0 +1,10 @@
#!/bin/bash
apt install -y iperf3
if [ -f "/etc/iptables/rules.v4" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 5201 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 5201 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # IPERF' /etc/iptables/rules.v4
iptables-restore /etc/iptables/rules.v4
fi

View File

@ -0,0 +1,197 @@
#!/bin/bash
ZPUSHVER="2.7.1"
ZPUSHVER=$(whiptail --title "Z-Push version" --inputbox "" 0 30 "${ZPUSHVER}" 3>&1 1>&2 2>&3)
TIMEZONE="Europe\/Zurich"
TIMEZONE=$(whiptail --title "Default timezone" --inputbox "" 0 30 "${TIMEZONE}" 3>&1 1>&2 2>&3)
BACKENDVER=71
BACKENDVER=$(whiptail --title "Backend version" --inputbox "" 0 30 "${BACKENDVER}" 3>&1 1>&2 2>&3)
ZIMBRAURL="https://test.mbx.netm.ch"
ZIMBRAURL=$(whiptail --title "Zimbra URL" --inputbox "" 0 30 "${ZIMBRAURL}" 3>&1 1>&2 2>&3)
APACHE2PORT=4433
APACHE2PORT=$(whiptail --title "Apache SSL Port" --inputbox "" 0 30 "${APACHE2PORT}" 3>&1 1>&2 2>&3)
main() {
inst_dep
inst_z-push "${ZPUSHVER}" "${TIMEZONE}"
inst_z-push-update
inst_z-push-backend "${BACKENDVER}" "${ZIMBRAURL}"
inst_z-push-backend-update
conf_apache2
conf_logrotate
}
inst_dep() {
apt -y install php php-cli php-soap php-mbstring php-curl php-intl php-fpm
mkdir /var/lib/z-push
mkdir /var/log/z-push
mkdir /var/www/z-push
}
inst_z-push() { # $1=version $2=timezone
cd || exit 1
wget -O z-push.tar.gz https://github.com/Z-Hub/Z-Push/archive/refs/tags/"${1}".tar.gz
tar xzvf z-push.tar.gz
cp -r Z-Push-"${1}"/src/* /var/www/z-push
rm z-push.tar.gz
rm -r Z-Push-"${1}"
# Config
sed -i "s/'TIMEZONE', ''/'TIMEZONE', '${2}'/" /var/www/z-push/config.php
sed -i "s/'BACKEND_PROVIDER', ''/'BACKEND_PROVIDER', 'BackendZimbra'/" /var/www/z-push/config.php
}
inst_z-push-update() {
cat << 'EOF' > /usr/local/bin/mtm-zpushupdate
show_help() {
echo "mtm-zpushupdate version"
echo ""
echo "Example :"
echo "mtm-zpushupdate 2.7.1"
echo "Look at :"
echo "https://github.com/Z-Hub/Z-Push/releases"
}
if [ "${1}" == "" ]; then
show_help
exit 1
fi
cd || exit 1
wget -O z-push.tar.gz https://github.com/Z-Hub/Z-Push/archive/refs/tags/"${1}".tar.gz
tar xzvf z-push.tar.gz
mv /var/www/z-push /var/www/z-push.upd
mkdir /var/www/z-push
cp -r Z-Push-"${1}"/src/* /var/www/z-push
mv /var/www/z-push/config.php /var/www/z-push/config.php.new
mv /var/www/z-push.upd/config.php /var/www/z-push/
mv /var/www/z-push.upd/backend/zimbra /var/www/z-push/backend/
# chown -R www-data:www-data /var/www/z-push
systemctl restart apache2.service
rm -r /var/www/z-push.upd
rm z-push.tar.gz
rm -r Z-Push-"${1}"
diff /var/www/z-push/config.php /var/www/z-push/config.php.new
EOF
chmod 755 /usr/local/bin/mtm-zpushupdate
}
inst_z-push-backend() { # $1=version $2=zimbraurl
cd || exit 1
wget https://sourceforge.net/projects/zimbrabackend/files/Release"${1}"/zimbra"${1}".tgz/download
tar -xf download
cp -r zimbra"${1}" /var/www/z-push/backend/zimbra
rm download
rm -r zimbra"${1}"
# Config
sed -i "/define('ZIMBRA_URL', 'https:\/\/127.0.0.1');/a \ define('ZIMBRA_URL', '${2}');" /var/www/z-push/backend/zimbra/config.php
}
inst_z-push-backend-update() {
cat << 'EOF' > /usr/local/bin/mtm-zpushbackendupdate
show_help() {
echo "mtm-zpushbackendupdate version"
echo ""
echo "Example :"
echo "mtm-zpushbackendupdate 71"
echo "Look at :"
echo "https://sourceforge.net/projects/zimbrabackend/files"
}
if [ "${1}" == "" ]; then
show_help
exit 1
fi
cd || exit 1
wget https://sourceforge.net/projects/zimbrabackend/files/Release"${1}"/zimbra"${1}".tgz/download
tar -xf download
mv /var/www/z-push/backend/zimbra /var/www/z-push/backend/zimbra.upd
cp -r zimbra"${1}" /var/www/z-push/backend/zimbra
mv /var/www/z-push/backend/zimbra/config.php /var/www/z-push/backend/zimbra/config.php.new
mv /var/www/z-push/backend/zimbra.upd/config.php /var/www/z-push/backend/zimbra/config.php
# chown -R www-data:www-data /var/www/z-push/backend/zimbra
systemctl restart apache2.service
rm -r /var/www/z-push/backend/zimbra.upd
rm download
rm -r zimbra"${1}"
diff /var/www/z-push/backend/zimbra/config.php /var/www/z-push/backend/zimbra/config.php.new
EOF
chmod 755 /usr/local/bin/mtm-zpushbackendupdate
}
conf_apache2() {
chown -R www-data:www-data /var/lib/z-push
chown -R www-data:www-data /var/log/z-push
# chown -R www-data:www-data /var/www/z-push
a2dissite 000-default.conf
a2enmod ssl
a2enmod proxy_fcgi setenvif
a2enconf php7.4-fpm
cat << EOF > /etc/apache2/ports.conf
<IfModule ssl_module>
Listen ${APACHE2PORT}
</IfModule>
<IfModule mod_gnutls.c>
Listen ${APACHE2PORT}
</IfModule>
EOF
cat << EOF > /etc/apache2/sites-available/z-push.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:${APACHE2PORT}>
ServerAdmin admin@mtm.lan
ServerName 127.0.0.1
# Indexes + Directory Root.
DirectoryIndex index.php
DocumentRoot /var/www/z-push/
Alias /Microsoft-Server-ActiveSync /var/www/z-push/index.php
AliasMatch (?i)/Autodiscover/Autodiscover.xml /var/www/z-push/autodiscover/autodiscover.php
<Directory />
Require all granted
#AllowOverride None
</Directory>
php_flag magic_quotes_gpc off
php_flag register_globals off
php_flag magic_quotes_runtime off
php_flag short_open_tag on
# Logfiles
ErrorLog /var/log/z-push/error.log
CustomLog /var/log/z-push/access.log combined
# SSL
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
</IfModule>
EOF
a2ensite z-push.conf
systemctl restart apache2.service
}
conf_logrotate() {
cat << EOF > /etc/logrotate.d/z-push
/var/log/z-push/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
}
EOF
}
main
# iptables
if [ -f "/etc/iptables/rules.v4" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport '"${APACHE2PORT}"' -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # Z-PUSH' /etc/iptables/rules.v4
iptables-restore /etc/iptables/rules.v4
fi

View File

@ -0,0 +1,66 @@
#!/bin/bash
MTMZMBUILDER="http://127.0.0.1"
MTMZMBUILDER=$(whiptail --title "ZM Builder URL" --inputbox "" 0 30 "${MTMZMBUILDER}" 3>&1 1>&2 2>&3)
ZIMBRAVER=10.0.5
ZIMBRAVER=$(whiptail --title "Zimbra version" --inputbox "" 0 30 "${ZIMBRAVER}" 3>&1 1>&2 2>&3)
DNSIP=$(grep "nameserver " /etc/resolv.conf | awk -F ' ' '{print $2}')
FQDN=$(hostname -A)
apt -y remove postfix
apt -y autoremove
mkdir v"${ZIMBRAVER}"
cd v"${ZIMBRAVER}" || exit 1
wget "${MTMZMBUILDER}"/zcs-"${ZIMBRAVER}".tgz
tar xf zcs-*.tgz
cd "$(ls -d ./*/)" || exit 1
systemctl disable systemd-resolved.service
systemctl stop systemd-resolved.service
./install.sh
cd || exit 1
sed -i "s/127.0.0.1/${DNSIP}/" /etc/resolv.conf
sudo -u zimbra bash -c "/opt/zimbra/bin/zmprov mcf zimbraPublicServiceHostname ${FQDN}"
sudo -u zimbra bash -c "/opt/zimbra/bin/zmprov mcf zimbraPublicServicePort 443"
cat << 'EOF' > /usr/local/bin/mtm-zmupdate
#!/bin/bash
MTMZMBUILDER=${1}
ZIMBRAVER=${2}
show_help() {
echo "mtm-zmupdate zmbuilder zmversion"
echo ""
echo "Example :"
echo "mtm-zmupdate https://x.x.x.x 10.0.5"
}
if [ "${MTMZMBUILDER}" == "" ] || [ "${ZIMBRAVER}" == "" ]; then
show_help
exit 1
fi
cd || exit 1
mkdir v"${ZIMBRAVER}"
cd v"${ZIMBRAVER}" || exit 1
wget "${MTMZMBUILDER}"/zcs-"${ZIMBRAVER}".tgz
tar xf zcs-*.tgz
cd "$(ls -d ./*/)" || exit 1
./install.sh
cd || exit 1
EOF
chmod 755 /usr/local/bin/mtm-zmupdate
apt update
apt -y dist-upgrade
if [ -f "/etc/iptables/rules.v4" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 8443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 7071 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # ZIMBRA' /etc/iptables/rules.v4
iptables-restore /etc/iptables/rules.v4
fi

View File

@ -0,0 +1,11 @@
alias ls='ls --color=auto -hl --time-style long-iso'
alias l='ls --color=auto -hlA --time-style long-iso'
alias ll='ls --color=auto -hla --time-style long-iso'
alias cd..='cd ..'
alias ff='find / -name'
alias f='find . -name'
alias fif='grep -rnw . -e'
alias grep='grep --color=auto'
alias ip='ip -c'
alias vdir='vdir --color=auto'
alias watch='watch --color'

21
ubuntu-20.04/files/issue Normal file
View File

@ -0,0 +1,21 @@
\v \r \l
.o oOOOOOOOo OOOo
Ob.OOOOOOOo OOOo. oOOo. .adOOOOOOO
OboO"""""""""""".OOo. .oOOOOOo. OOOo.oOOOOOo.."""""""""'OO
OOP.oOOOOOOOOOOO "POOOOOOOOOOOo. `"OOOOOOOOOP,OOOOOOOOOOOB'
`O'OOOO' `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO' `OOOOo
.OOOO' `OOOOOOOOOOOOOOOOOOOOOOOOOO' `OO
OOOOO '"OOOOOOOOOOOOOOOO"` oOO
oOOOOOba. .adOOOOOOOOOOba .adOOOOo.
oOOOOOOOOOOOOOba. .adOOOOOOOOOO@^OOOOOOOba. .adOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"` '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO
"OOOO" "YOoOOOOMOIONODOO"` . '"OOROAOPOEOOOoOY" "OOO"
Y 'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?' :`
: .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO? .
. oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
'%o OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
`$" `OOOO' `O"Y ' `OOOO' o .
. . OP" : o .
:
.

View File

@ -0,0 +1,5 @@
clrreset='\e[0m'
clrwhite='\e[1;37m'
clrgreen='\e[1;32m'
clrred='\e[1;31m'
export PS1="\[$clrred\][$USER@$HOSTNAME]\[$clrwhite\] \w \`if [ \$? = 0 ]; then echo -e '\[$clrgreen\]'; else echo -e '\[$clrred\]'; fi\`\\$ \[$clrreset\]"

View File

@ -0,0 +1,13 @@
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
# Ping
-A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
# SNMPD
-A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT
COMMIT

View File

@ -0,0 +1,7 @@
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT

304
ubuntu-20.04/init.sh Normal file
View File

@ -0,0 +1,304 @@
#!/bin/bash
declare BASE_URL=https://git.netm.ch/m/os-init/raw/branch/main
declare DIR_URL=ubuntu-20.04
declare IPV4=127.0.0.1
declare ISLXC=0
showHelp() {
echo "init.sh"
echo ""
echo "use :"
echo "bash init.sh [options]"
echo " -b | --base-url url"
}
InitConst() {
IPV4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /)
grep -q -v -a lxc /proc/1/environ
ISLXC=$?
}
Main() {
InitConst
if [[ ${ISLXC} == 0 ]]; then
NetSetHostname
NetIPConfig
else
APTCleanupLXCPackage
fi
NetCleanUpSystemdResolved
APTSetProxy
APTUpdateDist
APTInstallBase
APTCleanAll
BashSetAlias
BashSetPS
BashRMbashrc
NanoSetConfig
IssueSetContent
SSHEnableRootLogin
GrubSetConfig
InstApps
Reboot
}
NetSetHostname() {
hostname=$(hostname)
hostname=$(whiptail --title "Hostname + Domain" --inputbox "" 0 30 "${hostname}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ] && [ "${hostname}" != "" ]; then
hostnamectl set-hostname "${hostname}"
fi
}
NetIPConfig() {
options=()
options+=("DHCP" "")
options+=("Static" "")
sel=$(whiptail --title "Network" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ]; then
case ${sel} in
"Static") NetIPConfigStatic;;
esac
fi
}
NetIPConfigStatic() {
netif="$(ip a | grep ens | head -n1 | cut -d: -f2)"
netif=${netif:1}
netip="${IPV4}"
netmask="255.255.255.0"
netgw="$(echo "${IPV4}" | cut -d. -f1-3).1"
netdns="$(echo "${IPV4}" | cut -d. -f1-3).1"
netip=$(whiptail --title "Network" --inputbox "IP" 0 30 "${netip}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ] && [ "${netip}" != "" ]; then
netmask=$(whiptail --title "Network" --inputbox "Mask" 0 30 "${netmask}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netmask}" != "" ]; then
netgw=$(whiptail --title "Network" --inputbox "Route" 0 30 "${netgw}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netgw}" != "" ]; then
netdns=$(whiptail --title "Network" --inputbox "DNS" 0 30 "${netdns}" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ] && [ "${netdns}" != "" ]; then
echo "allow-hotplug ${netif}" > /etc/network/interfaces.d/${netif}
echo "iface ${netif} inet static" >> /etc/network/interfaces.d/${netif}
echo -e "\taddress ${netip}" >> /etc/network/interfaces.d/${netif}
echo -e "\tnetmask ${netmask}" >> /etc/network/interfaces.d/${netif}
echo -e "\tgateway ${netgw}" >> /etc/network/interfaces.d/${netif}
sed -i "/${netif}/d" /etc/network/interfaces
echo "nameserver ${netdns}" > /etc/resolv.conf
fi
fi
fi
fi
}
NetCleanUpSystemdResolved() {
sed -i s/#LLMNR=yes/LLMNR=no/ /etc/systemd/resolved.conf
sed -i s/#DNSStubListener=yes/DNSStubListener=no/ /etc/systemd/resolved.conf
systemctl restart systemd-resolved
}
APTSetProxy() {
proxy=""
proxy=$(whiptail --title "Proxy" --inputbox "ex : http://192.168.1.200/ or leave empty for none" 0 30 "${proxy}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ]; then
if [ "${proxy}" != "" ]; then
echo "Acquire::http { Proxy \"${proxy}\"; };" > /etc/apt/apt.conf.d/02proxy
fi
fi
}
APTCleanupLXCPackage() {
echo "Skip"
# apt remove -y bind9-host debian-faq doc-debian postfix x11-common fontconfig-config fonts-dejavu-core gdbm-l10n python-apt-common
}
APTUpdateDist() {
apt update -y
apt dist-upgrade -y
}
APTInstallBase() {
options=()
options+=("curl" "" on)
options+=("wget" "" on)
options+=("lsof" "" on)
options+=("acpi" "" on)
options+=("bash-completion" "" on)
options+=("iptables" "" on)
options+=("iptables-persistent" "" on)
options+=("openssh-server" "" on)
options+=("gnupg" "" on)
options+=("rsync" "" on)
options+=("nmon" "" on)
options+=("snmpd" "" on)
options+=("clevis-net" "" off)
sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
# shellcheck disable=SC2001
if [ "$?" = "0" ]; then
pkg=""
for itm in ${sel}; do
case ${itm} in
'"iptables-persistent"')
pkg="${pkg} $(echo "${itm}" | sed 's/"//g')"
IPTablesPostInstall;;
'"clevis-net"')
pkg="${pkg} clevis clevis-luks clevis-systemd clevis-initramfs clevis-tpm2";;
*)
pkg="${pkg} $(echo "${itm}" | sed 's/"//g')";;
esac
done
# shellcheck disable=SC2086
apt install -y ${pkg}
for itm in ${sel}; do
case ${itm} in
'"iptables-persistent"')
IPTablesConfig;;
'"snmpd"')
SNMPDConfig;;
'"clevis-net"')
ClevisNetInit;;
esac
done
fi
}
APTCleanAll() {
apt-get autoremove -y
apt-get autoclean -y
}
BashSetAlias() {
wget -O /etc/profile.d/alias.sh "${BASE_URL}"/"${DIR_URL}"/files/alias.sh
}
BashSetPS() {
wget -O /etc/profile.d/ps1.sh "${BASE_URL}"/"${DIR_URL}"/files/ps1.sh
}
BashRMbashrc() {
rm /root/.bashrc
}
NanoSetConfig() {
sed -i "/tabsize/c\set tabsize 2" /etc/nanorc
{
echo "set numbercolor brightwhite"
echo "set statuscolor brightwhite,green"
echo "set keycolor cyan"
echo "set functioncolor green"
} >> /etc/nanorc
{
echo "set titlecolor brightwhite,red"
echo "set statuscolor brightwhite,red"
} > /root/.nanorc
}
IssueSetContent() {
wget -O /etc/issue "${BASE_URL}"/"${DIR_URL}"/files/issue
}
IPTablesPostInstall() {
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
}
IPTablesConfig() {
wget -O /etc/iptables/rules.v4 "${BASE_URL}"/"${DIR_URL}"/files/rules.v4
wget -O /etc/iptables/rules.v6 "${BASE_URL}"/"${DIR_URL}"/files/rules.v6
iptables-restore /etc/iptables/rules.v4
ip6tables-restore /etc/iptables/rules.v6
}
SNMPDConfig() {
cummunityname=public
cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3)
sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf
sed -i "s/127.0.0.1,\[::1\]/0.0.0.0/" /etc/snmp/snmpd.conf
systemctl restart snmpd
}
ClevisNetInit() {
LUKSPARTS=$(lsblk -p -l --fs |grep LUKS |cut -d " " -f1)
options=()
IFS_ORIG=$IFS
IFS=$'\n'
for LUKSPART in ${LUKSPARTS}
do
options+=("${LUKSPART}" "")
done
IFS=$IFS_ORIG
DEV=$(whiptail --title "Select root LUKS part" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ]; then
TANGURL=$(whiptail --title "Tang Server" --inputbox "URL" 0 30 "" 3>&1 1>&2 2>&3)
if [ "$?" = "0" ]; then
clevis luks bind -d "${DEV}" tang "{\"url\": \"${TANGURL}\"}"
systemctl enable clevis-luks-askpass.path
fi
fi
}
SSHEnableRootLogin() {
sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config
systemctl restart sshd
}
GrubSetConfig() {
if [ -f "/etc/default/grub" ]; then
sed -i "/GRUB_TIMEOUT/c\GRUB_TIMEOUT=1" /etc/default/grub
update-grub
fi
}
InstApps() {
options=()
#if [[ ${ISLXC} == 0 ]]; then
# options+=("docker" "" off)
# options+=("portainer" "" off)
#fi
options+=("zimbra-10" "Need Debian 12 zm-builder" off)
options+=("zimbra-10-zpush" "Need zimbra 10" off)
options+=("misc-apps" "..." off)
sel=$(whiptail --title "More Apps" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ]; then
for itm in ${sel}; do
case ${itm//\"/} in
misc-apps)
InstMiscApps;;
archived-apps)
InstArchivedApps;;
*)
cd /tmp || exit
wget "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"/"${ITM//\"/}".sh
bash ./"${itm//\"/}".sh "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}";;
esac
done
fi
}
InstMiscApps() {
options=()
options+=("bind9" "" off)
options+=("iperf3" "" off)
sel=$(whiptail --title "Misc Apps" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
# shellcheck disable=SC2181
if [ "$?" = "0" ]; then
for itm in ${sel}; do
cd /tmp || exit
wget "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"/"${ITM//\"/}".sh
bash ./"${itm//\"/}".sh "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"
done
fi
}
Reboot() {
if whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3; then
reboot
fi
}
while [ ${#} -gt 0 ]; do
case ${1} in
--help) showHelp; exit 0;;
-b | --base-url) BASE_URL="${2}"; shift;;
*) shift;;
esac
done
Main

32
ubuntu.sh Normal file
View File

@ -0,0 +1,32 @@
#!/bin/bash
declare BASE_URL=https://git.netm.ch/m/os-init/raw/branch/main
declare UBUNTUVER=0
showHelp() {
echo "ubuntu.sh"
echo ""
echo "use :"
echo "bash ubuntu.sh [options]"
echo " -b | --base-url url"
}
main() {
UBUNTUVER=$(grep "VERSION_ID=" /etc/os-release | sed 's/"//g' | sed 's/.*=//')
apt update -y
apt install -y wget
wget -O /tmp/init.sh "${BASE_URL}"/ubuntu-"${UBUNTUVER}"/init.sh
bash /tmp/init.sh -b "${BASE_URL}"
rm /tmp/init.sh
}
while [ ${#} -gt 0 ]; do
case ${1} in
--help) showHelp; exit 0;;
-b | --base-url) BASE_URL="${2}"; shift;;
*) shift;;
esac
done
main