Improve Alpine scripts
This commit is contained in:
166
alpine/init.sh
Normal file
166
alpine/init.sh
Normal file
@@ -0,0 +1,166 @@
|
||||
#!/bin/dash
|
||||
|
||||
BASE_URL=https://git.netm.ch/m/os-init/raw/branch/main
|
||||
|
||||
showHelp() {
|
||||
echo "alpine.sh"
|
||||
echo ""
|
||||
echo "use :"
|
||||
echo "sh alpine.sh [options]"
|
||||
}
|
||||
|
||||
main() {
|
||||
APKUpdateDist
|
||||
APKInstallBase
|
||||
Customizations
|
||||
InstApps
|
||||
Reboot
|
||||
}
|
||||
|
||||
APKUpdateDist() {
|
||||
apk update
|
||||
apk upgrade
|
||||
}
|
||||
APKInstallBase() {
|
||||
apk add newt
|
||||
SEL=$(whiptail --title "Base Apps" --checklist "" 0 0 0 \
|
||||
"curl" "" on \
|
||||
"lsof" "" on \
|
||||
"bash-completion" "" on \
|
||||
"iptables" "" on \
|
||||
"ip6tables" "" on \
|
||||
"openssh-server" "" on \
|
||||
"gnupg" "" on \
|
||||
"rsync" "" on \
|
||||
"net-snmp" "" on \
|
||||
"nano" "" on 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "${?}" = "0" ]; then
|
||||
for ITM in ${SEL}; do
|
||||
# shellcheck disable=SC3000-SC4000
|
||||
apk add "${ITM//\"/}"
|
||||
# shellcheck disable=SC3000-SC4000
|
||||
case ${ITM//\"/} in
|
||||
"openssh-server")
|
||||
SSHEnableRootLogin
|
||||
rc-update add sshd
|
||||
service sshd start
|
||||
;;
|
||||
"iptables") IPTablesInstall;;
|
||||
"ip6tables") IP6TablesInstall;;
|
||||
"net-snmp") SNMPDInstall;;
|
||||
"nano") NanoSetConfig;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
}
|
||||
IPTablesInstall() {
|
||||
wget -O /etc/iptables/rules-save "${BASE_URL}"/alpine/files/rules-save
|
||||
iptables-restore /etc/iptables/rules-save
|
||||
rc-update add iptables
|
||||
}
|
||||
IP6TablesInstall() {
|
||||
wget -O /etc/iptables/rules6-save "${BASE_URL}"/alpine/files/rules6-save
|
||||
ip6tables-restore /etc/iptables/rules6-save
|
||||
rc-update add ip6tables
|
||||
}
|
||||
SSHEnableRootLogin() {
|
||||
sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config
|
||||
service sshd restart
|
||||
|
||||
if [ -f "/etc/iptables/rules-save" ]; then
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT' /etc/iptables/rules-save
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # SSH' /etc/iptables/rules-save
|
||||
iptables-restore /etc/iptables/rules-save
|
||||
fi
|
||||
}
|
||||
SNMPDInstall() {
|
||||
cummunityname=public
|
||||
cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3)
|
||||
sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf
|
||||
sed -i "s/127.0.0.1/0.0.0.0/" /etc/snmp/snmpd.conf
|
||||
service snmpd restart
|
||||
rc-update add snmpd default
|
||||
|
||||
if [ -f "/etc/iptables/rules-save" ]; then
|
||||
sed -i '/^-A INPUT -p icmp -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT' /etc/iptables/rules-save
|
||||
sed -i '/^-A INPUT -p icmp -j ACCEPT.*/a # SNMP' /etc/iptables/rules-save
|
||||
iptables-restore /etc/iptables/rules-save
|
||||
fi
|
||||
|
||||
}
|
||||
NanoSetConfig() {
|
||||
sed -i "/tabsize/c\set tabsize 2" /etc/nanorc
|
||||
{
|
||||
echo "set numbercolor brightwhite"
|
||||
echo "set statuscolor brightwhite,green"
|
||||
echo "set keycolor cyan"
|
||||
echo "set functioncolor green"
|
||||
} >> /etc/nanorc
|
||||
{
|
||||
echo "set titlecolor brightwhite,red"
|
||||
echo "set statuscolor brightwhite,red"
|
||||
} > /root/.nanorc
|
||||
}
|
||||
|
||||
Customizations() {
|
||||
SEL=$(whiptail --title "Additions" --checklist "" 0 0 0 \
|
||||
"alias" "" on \
|
||||
"ps1" "" on \
|
||||
"issue" "" on 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "${?}" = "0" ]; then
|
||||
for ITM in ${SEL}; do
|
||||
# shellcheck disable=SC3000-SC4000
|
||||
case ${ITM//\"/} in
|
||||
"alias") ProfileSetAlias;;
|
||||
"ps1") ProfileSetPS;;
|
||||
"issue") IssueSetContent;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
}
|
||||
ProfileSetAlias() {
|
||||
wget -O /etc/profile.d/alias.sh "${BASE_URL}"/alpine/files/alias.sh
|
||||
}
|
||||
ProfileSetPS() {
|
||||
wget -O /etc/profile.d/ps1.sh "${BASE_URL}"/alpine/files/ps1.sh
|
||||
}
|
||||
IssueSetContent() {
|
||||
wget -O /etc/issue "${BASE_URL}"/alpine/files/issue
|
||||
}
|
||||
|
||||
InstApps() {
|
||||
SEL=$(whiptail --title "More Apps" --checklist "" 0 0 0 \
|
||||
"traefik" "" off \
|
||||
"gitea" "" off \
|
||||
"docker" "" off \
|
||||
"portainer" "" off \
|
||||
"rancher" "" off 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "${?}" = "0" ]; then
|
||||
for ITM in ${SEL}; do
|
||||
cd /tmp || exit
|
||||
# shellcheck disable=SC3000-SC4000
|
||||
wget "${BASE_URL}"/alpine/apps/"${ITM//\"/}"/"${ITM//\"/}".sh
|
||||
# shellcheck disable=SC3000-SC4000
|
||||
sh ./"${ITM//\"/}".sh "${BASE_URL}"
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
Reboot() {
|
||||
if whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3; then
|
||||
reboot
|
||||
fi
|
||||
}
|
||||
|
||||
while [ ${#} -gt 0 ]; do
|
||||
case ${1} in
|
||||
--help) showHelp; exit 0;;
|
||||
-b | --base-url) BASE_URL="${2}"; shift;;
|
||||
*) shift;;
|
||||
esac
|
||||
done
|
||||
|
||||
main
|
||||
Reference in New Issue
Block a user