diff --git a/debian-10/init.sh b/debian-10/init.sh new file mode 100644 index 0000000..fb6b97b --- /dev/null +++ b/debian-10/init.sh @@ -0,0 +1,252 @@ +#!/bin/bash + +ipv4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /) +grep -a -q -v lxc /proc/1/environ +islxc=$? + +main() { + if [[ ${islxc} == 0 ]]; then + NetSetHostname + NetIPConfig + else + APTCleanupLXCPackage + fi + APTSetProxy + APTUpdateDist + APTInstallBase + APTCleanAll + BashSetAlias + BashSetPS + NanoSetConfig + IssueSetContent + SSHEnableRootLogin + GrubSetConfig + Reboot +} + +NetSetHostname() { + hostname=$(hostname) + hostname=$(whiptail --title "Hostname" --inputbox "" 0 30 "${hostname}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${hostname}" != "" ]; then + hostname "${hostname}" + echo "${hostname}" > /etc/hostname + fi +} +NetIPConfig() { + options=() + options+=("DHCP" "") + options+=("Static" "") + sel=$(whiptail --title "Network" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + case ${sel} in + "Static") NetIPConfigStatic;; + esac + fi +} +NetIPConfigStatic() { + netif="$(ip a | grep ens | head -n1 | cut -d: -f2)" + netif=${netif:1} + netip="${ipv4}" + netmask="255.255.255.0" + netgw="$(echo "${ipv4}" | cut -d. -f1-3).1" + netdns="$(echo "${ipv4}" | cut -d. -f1-3).1" + netip=$(whiptail --title "Network" --inputbox "IP" 0 30 "${netip}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netip}" != "" ]; then + netmask=$(whiptail --title "Network" --inputbox "Mask" 0 30 "${netmask}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netmask}" != "" ]; then + netgw=$(whiptail --title "Network" --inputbox "Route" 0 30 "${netgw}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netgw}" != "" ]; then + netdns=$(whiptail --title "Network" --inputbox "DNS" 0 30 "${netdns}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netdns}" != "" ]; then + echo "allow-hotplug ${netif}" > /etc/network/interfaces.d/${netif} + echo "iface ${netif} inet static" >> /etc/network/interfaces.d/${netif} + echo -e "\taddress ${netip}" >> /etc/network/interfaces.d/${netif} + echo -e "\tnetmask ${netmask}" >> /etc/network/interfaces.d/${netif} + echo -e "\tgateway ${netgw}" >> /etc/network/interfaces.d/${netif} + sed -i "/${netif}/d" /etc/network/interfaces + echo "nameserver ${netdns}" > /etc/resolv.conf + fi + fi + fi + fi +} + +APTSetProxy() { + proxy="" + proxy=$(whiptail --title "Proxy" --inputbox "" 0 30 "${proxy}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + if [ "${proxy}" != "" ]; then + echo "Acquire::http { Proxy \"${proxy}\"; };" > /etc/apt/apt.conf.d/02proxy + fi + fi +} +APTCleanupLXCPackage() { + apt remove -y bind9-host debian-faq doc-debian postfix x11-common fontconfig-config fonts-dejavu-core gdbm-l10n python-apt-common +} +APTUpdateDist() { + apt update -y + apt dist-upgrade -y +} +APTInstallBase() { + options=() + options+=("curl" "" on) + options+=("wget" "" on) + options+=("lsof" "" on) + options+=("acpi" "" on) + options+=("bash-completion" "" on) + options+=("iptables" "" on) + options+=("iptables-persistent" "" on) + options+=("openssh-server" "" on) + options+=("gnupg" "" on) + options+=("rsync" "" on) + options+=("nmon" "" on) + options+=("snmpd" "" on) + sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + pkg="" + for itm in ${sel}; do + pkg="${pkg} $(echo ${itm} | sed 's/"//g')" + done + apt install -y ${pkg} + for itm in ${sel}; do + case ${itm} in + '"iptables-persistent"') + IPTablesInstall;; + '"snmpd"') + SNMPDInstall;; + esac + done + fi +} +APTCleanAll() { + apt-get autoremove -y + apt-get autoclean -y +} + +BashSetAlias() { + cat > /etc/profile.d/alias.sh << "EOF" +alias ls='ls --color=auto -hl --time-style long-iso' +alias l='ls --color=auto -hlA --time-style long-iso' +alias ll='ls --color=auto -hla --time-style long-iso' +alias cd..='cd ..' +alias ..='cd ..' +alias ...='cd ../../' +alias ....='cd ../../../' +alias .....='cd ../../../../' +alias ff='find / -name' +alias f='find . -name' +alias fif='grep -rnw . -e' +alias grep='grep --color=auto' +alias egrep='egrep --color=auto' +alias fgrep='fgrep --color=auto' +alias ip='ip -c' +alias vdir='vdir --color=auto' +alias watch='watch --color' +EOF +} +BashSetPS() { + cat > /etc/profile.d/ps1.sh << "EOF" +clrreset='\e[0m' +clrwhite='\e[1;37m' +clrgreen='\e[1;32m' +clrred='\e[1;31m' +export PS1="\[$clrred\][$USER@$HOSTNAME]\[$clrwhite\] \w \`if [ \$? = 0 ]; then echo -e '\[$clrgreen\]'; else echo -e '\[$clrred\]'; fi\`\\$ \[$clrreset\]" +EOF +} + +NanoSetConfig() { + sed -i "/tabsize/c\set tabsize 2" /etc/nanorc + cat >> /etc/nanorc << "EOF" +set numbercolor brightwhite +set statuscolor brightwhite,green +set keycolor cyan +set functioncolor green +EOF + cat > /root/.nanorc << "EOF" +set titlecolor brightwhite,red +set statuscolor brightwhite,red +EOF +} + +IssueSetContent() { + cat > /etc/issue << "EOF" +\v \r \l + + .o oOOOOOOOo OOOo + Ob.OOOOOOOo OOOo. oOOo. .adOOOOOOO + OboO"""""""""""".OOo. .oOOOOOo. OOOo.oOOOOOo.."""""""""'OO + OOP.oOOOOOOOOOOO "POOOOOOOOOOOo. `"OOOOOOOOOP,OOOOOOOOOOOB' + `O'OOOO' `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO' `OOOOo + .OOOO' `OOOOOOOOOOOOOOOOOOOOOOOOOO' `OO + OOOOO '"OOOOOOOOOOOOOOOO"` oOO + oOOOOOba. .adOOOOOOOOOOba .adOOOOo. + oOOOOOOOOOOOOOba. .adOOOOOOOOOO@^OOOOOOOba. .adOOOOOOOOOOOO + OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"` '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO + "OOOO" "YOoOOOOMOIONODOO"` . '"OOROAOPOEOOOoOY" "OOO" + Y 'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?' :` + : .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO? . + . oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo + '%o OOOO"%OOOO%"%OOOOO"OOOOOO"OOO': + `$" `OOOO' `O"Y ' `OOOO' o . + . . OP" : o . + : + . +EOF +} + +IPTablesInstall() { + cat > /etc/iptables/rules.v4 << "EOF" +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +# Ping +-A INPUT -p icmp -j ACCEPT +# SSH +-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT +# SNMPD +-A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT +COMMIT +EOF + cat > /etc/iptables/rules.v6 << "EOF" +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +COMMIT +EOF + iptables-restore /etc/iptables/rules.v4 + ip6tables-restore /etc/iptables/rules.v6 +} + +SNMPDInstall() { + cummunityname=public + cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3) + sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf + sed -i "s/127.0.0.1/0.0.0.0/" /etc/snmp/snmpd.conf + systemctl restart snmpd +} + +SSHEnableRootLogin() { + sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config + systemctl restart sshd +} + +GrubSetConfig() { + if [ -f "/etc/default/grub" ]; then + sed -i "/GRUB_TIMEOUT/c\GRUB_TIMEOUT=1" /etc/default/grub + update-grub + fi +} + +Reboot() { + if $(whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3); then + reboot + fi +} + +main diff --git a/debian-11/init.sh b/debian-11/init.sh index 9a44086..752038d 100644 --- a/debian-11/init.sh +++ b/debian-11/init.sh @@ -254,9 +254,9 @@ GrubSetConfig() { InstApps() { options=() - options+=("nodejs-18" "" off) - options+=("nodejs-19" "" off) options+=("nodejs-20" "" off) + options+=("nodejs-19" "" off) + options+=("nodejs-18" "" off) options+=("mongodb-6.0" "" off) options+=("traefik" "" off) options+=("apt-cacher-ng" "" off) diff --git a/debian-9/init.sh b/debian-9/init.sh new file mode 100644 index 0000000..76066ba --- /dev/null +++ b/debian-9/init.sh @@ -0,0 +1,251 @@ +#!/bin/bash + +ipv4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /) +grep -a -q -v lxc /proc/1/environ +islxc=$? + +main() { + if [[ ${islxc} == 0 ]]; then + NetSetHostname + NetIPConfig + else + APTCleanupLXCPackage + fi + APTSetProxy + APTUpdateDist + APTInstallBase + APTCleanAll + BashSetAlias + BashSetPS + NanoSetConfig + IssueSetContent + SSHEnableRootLogin + GrubSetConfig + Reboot +} + +NetSetHostname() { + hostname=$(hostname) + hostname=$(whiptail --title "Hostname" --inputbox "" 0 30 "${hostname}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${hostname}" != "" ]; then + hostname "${hostname}" + echo "${hostname}" > /etc/hostname + fi +} +NetIPConfig() { + options=() + options+=("DHCP" "") + options+=("Static" "") + sel=$(whiptail --title "Network" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + case ${sel} in + "Static") NetIPConfigStatic;; + esac + fi +} +NetIPConfigStatic() { + netif="$(ip a | grep ens | head -n1 | cut -d: -f2)" + netif=${netif:1} + netip="${ipv4}" + netmask="255.255.255.0" + netgw="$(echo "${ipv4}" | cut -d. -f1-3).1" + netdns="$(echo "${ipv4}" | cut -d. -f1-3).1" + netip=$(whiptail --title "Network" --inputbox "IP" 0 30 "${netip}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netip}" != "" ]; then + netmask=$(whiptail --title "Network" --inputbox "Mask" 0 30 "${netmask}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netmask}" != "" ]; then + netgw=$(whiptail --title "Network" --inputbox "Route" 0 30 "${netgw}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netgw}" != "" ]; then + netdns=$(whiptail --title "Network" --inputbox "DNS" 0 30 "${netdns}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ] && [ "${netdns}" != "" ]; then + echo "allow-hotplug ${netif}" > /etc/network/interfaces.d/${netif} + echo "iface ${netif} inet static" >> /etc/network/interfaces.d/${netif} + echo -e "\taddress ${netip}" >> /etc/network/interfaces.d/${netif} + echo -e "\tnetmask ${netmask}" >> /etc/network/interfaces.d/${netif} + echo -e "\tgateway ${netgw}" >> /etc/network/interfaces.d/${netif} + sed -i "/${netif}/d" /etc/network/interfaces + echo "nameserver ${netdns}" > /etc/resolv.conf + fi + fi + fi + fi +} + +APTSetProxy() { + proxy="" + proxy=$(whiptail --title "Proxy" --inputbox "" 0 30 "${proxy}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + if [ "${proxy}" != "" ]; then + echo "Acquire::http { Proxy \"${proxy}\"; };" > /etc/apt/apt.conf.d/02proxy + fi + fi +} +APTCleanupLXCPackage() { + apt remove -y bind9-host debian-faq doc-debian postfix x11-common fontconfig-config fonts-dejavu-core python-apt-common +} +APTUpdateDist() { + apt update -y + apt dist-upgrade -y +} +APTInstallBase() { + options=() + options+=("curl" "" on) + options+=("wget" "" on) + options+=("lsof" "" on) + options+=("acpi" "" on) + options+=("bash-completion" "" on) + options+=("iptables-persistent" "" on) + options+=("openssh-server" "" on) + options+=("gnupg" "" on) + options+=("rsync" "" on) + options+=("nmon" "" on) + options+=("snmpd" "" on) + sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3) + if [ "$?" = "0" ]; then + pkg="" + for itm in ${sel}; do + pkg="${pkg} $(echo ${itm} | sed 's/"//g')" + done + apt install -y ${pkg} + for itm in ${sel}; do + case ${itm} in + '"iptables-persistent"') + IPTablesInstall;; + '"snmpd"') + SNMPDInstall;; + esac + done + fi +} +APTCleanAll() { + apt-get autoremove -y + apt-get autoclean -y +} + +BashSetAlias() { + cat > /etc/profile.d/alias.sh << "EOF" +alias ls='ls --color=auto -hl --time-style long-iso' +alias l='ls --color=auto -hlA --time-style long-iso' +alias ll='ls --color=auto -hla --time-style long-iso' +alias cd..='cd ..' +alias ..='cd ..' +alias ...='cd ../../' +alias ....='cd ../../../' +alias .....='cd ../../../../' +alias ff='find / -name' +alias f='find . -name' +alias fif='grep -rnw . -e' +alias grep='grep --color=auto' +alias egrep='egrep --color=auto' +alias fgrep='fgrep --color=auto' +alias ip='ip -c' +alias vdir='vdir --color=auto' +alias watch='watch --color' +EOF +} +BashSetPS() { + cat > /etc/profile.d/ps1.sh << "EOF" +clrreset='\e[0m' +clrwhite='\e[1;37m' +clrgreen='\e[1;32m' +clrred='\e[1;31m' +export PS1="\[$clrred\][$USER@$HOSTNAME]\[$clrwhite\] \w \`if [ \$? = 0 ]; then echo -e '\[$clrgreen\]'; else echo -e '\[$clrred\]'; fi\`\\$ \[$clrreset\]" +EOF +} + +NanoSetConfig() { + sed -i "/tabsize/c\set tabsize 2" /etc/nanorc + cat >> /etc/nanorc << "EOF" +set numbercolor brightwhite +set statuscolor brightwhite,green +set keycolor cyan +set functioncolor green +EOF + cat > /root/.nanorc << "EOF" +set titlecolor brightwhite,red +set statuscolor brightwhite,red +EOF +} + +IssueSetContent() { + cat > /etc/issue << "EOF" +\v \r \l + + .o oOOOOOOOo OOOo + Ob.OOOOOOOo OOOo. oOOo. .adOOOOOOO + OboO"""""""""""".OOo. .oOOOOOo. OOOo.oOOOOOo.."""""""""'OO + OOP.oOOOOOOOOOOO "POOOOOOOOOOOo. `"OOOOOOOOOP,OOOOOOOOOOOB' + `O'OOOO' `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO' `OOOOo + .OOOO' `OOOOOOOOOOOOOOOOOOOOOOOOOO' `OO + OOOOO '"OOOOOOOOOOOOOOOO"` oOO + oOOOOOba. .adOOOOOOOOOOba .adOOOOo. + oOOOOOOOOOOOOOba. .adOOOOOOOOOO@^OOOOOOOba. .adOOOOOOOOOOOO + OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"` '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO + "OOOO" "YOoOOOOMOIONODOO"` . '"OOROAOPOEOOOoOY" "OOO" + Y 'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?' :` + : .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO? . + . oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo + '%o OOOO"%OOOO%"%OOOOO"OOOOOO"OOO': + `$" `OOOO' `O"Y ' `OOOO' o . + . . OP" : o . + : + . +EOF +} + +IPTablesInstall() { + cat > /etc/iptables/rules.v4 << "EOF" +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +# Ping +-A INPUT -p icmp -j ACCEPT +# SSH +-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT +# SNMPD +-A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT +COMMIT +EOF + cat > /etc/iptables/rules.v6 << "EOF" +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +COMMIT +EOF + iptables-restore /etc/iptables/rules.v4 + ip6tables-restore /etc/iptables/rules.v6 +} + +SNMPDInstall() { + cummunityname=public + cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3) + sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf + sed -i "s/127.0.0.1/0.0.0.0/" /etc/snmp/snmpd.conf + systemctl restart snmpd +} + +SSHEnableRootLogin() { + sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config + systemctl restart sshd +} + +GrubSetConfig() { + if [ -f "/etc/default/grub" ]; then + sed -i "/GRUB_TIMEOUT/c\GRUB_TIMEOUT=1" /etc/default/grub + update-grub + fi +} + +Reboot() { + if $(whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3); then + reboot + fi +} + +main