deathbybandaid/template_setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
deathbybandaid 2023-04-05 12:21:35 -04:00
parent a35329b5ea
commit d911c3d777
17 changed files with 256 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
10-Checking_Dependencies.sh
View File

@ -1,49 +0,0 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
pkgmgr_update
## Start File Loop
## For .dependency files In The dependencies Directory
DEPENDENCIESALL="$SCRIPTDIR/dependencies/*.dep"
for f in $DEPENDENCIESALL
do
## Name Of Package
DEPENDENCYCOMMAND=$(echo "`basename $f | cut -f 1 -d '.'`")
## Actual Package
DEPENDENCYPACKAGE=`cat $f`
printf "$COL_LIGHT_BLUE" "* Checking For command $DEPENDENCYCOMMAND with package name $DEPENDENCYPACKAGE"
if is_command $DEPENDENCYCOMMAND;
then
printf "$COL_YELLOW" "** $DEPENDENCYCOMMAND Is Already Installed."
else
printf "$COL_YELLOW" "** Installing $DEPENDENCYCOMMAND"
install_pkg $DEPENDENCYPACKAGE
if is_command $DEPENDENCYCOMMAND;
then
printf "$COL_GREEN" "** $DEPENDENCYCOMMAND Installation Success"
else
printf "$COL_RED" "** Error Installing $DEPENDENCYCOMMAND"
fi
fi
## End Of loop
done
if is_command "unattended-upgrades";
then
printf "$COL_YELLOW" "** unattended-upgrades priority being set to low."
dpkg-reconfigure --priority=low unattended-upgrades
fi

0
05-Setting_TimeZone.sh → 10-Setting_TimeZone.sh
View File

38
15-Tweaking_Systemd_Journalling.sh
View File

@ -1,38 +0,0 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
printf "$COL_LIGHT_BLUE" "* Vaccuming Systemd Journal"
journalctl --vacuum-size=50M
printf "$COL_LIGHT_BLUE" "* Checking for Systemd Journal directory"
journal_directory="/var/log/journal"
if [ ! -d "$journal_directory" ]; then
printf "$COL_YELLOW" "** creating Systemd Journal installation directory"
mkdir $journal_directory
fi
systemd_journald_conf="/etc/systemd/journald.conf"
if (whiptail --title "Systemd Journalling limits" --yes-button "yes" --no-button "no" --yesno "Do You want to limit systemd journalling?" 10 80)
then
if [[ $(grep -L "Change Logging maximums" $systemd_journald_conf) ]]; then
printf "$COL_YELLOW" "** Limitting"
cat <<EOT >> $systemd_journald_conf
#Change Logging maximums
RuntimeMaxFileSize=50
RuntimeMaxFiles=100
EOT
else
printf "$COL_YELLOW" "** not limitting"
fi
fi
systemctl restart systemd-journald

45
20-Checking_Dependencies.sh Normal file
View File

@ -0,0 +1,45 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
install_dependencies() {
## Start File Loop
## For .dependency files In The dependencies Directory
DEPENDENCIESALL="$SCRIPTDIR/dependencies/*.dep"
for f in $DEPENDENCIESALL
do
## Name Of Package
DEPENDENCYCOMMAND=$(echo "`basename $f | cut -f 1 -d '.'`")
## Actual Package
DEPENDENCYPACKAGE=`cat $f`
printf "$COL_LIGHT_BLUE" "* Checking For command $DEPENDENCYCOMMAND with package name $DEPENDENCYPACKAGE"
if is_command $DEPENDENCYCOMMAND;
then
printf "$COL_YELLOW" "** $DEPENDENCYCOMMAND Is Already Installed."
else
printf "$COL_YELLOW" "** Installing $DEPENDENCYCOMMAND"
install_pkg $DEPENDENCYPACKAGE
if is_command $DEPENDENCYCOMMAND;
then
printf "$COL_GREEN" "** $DEPENDENCYCOMMAND Installation Success"
else
printf "$COL_RED" "** Error Installing $DEPENDENCYCOMMAND"
fi
fi
## End Of loop
done
}
pkgmgr_update
install_dependencies

13
25-Unattended_Upgrades.sh Normal file
View File

@ -0,0 +1,13 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
if is_command "unattended-upgrades";
then
printf "$COL_YELLOW" "** unattended-upgrades"
dpkg-reconfigure --priority=$unattended_upgrades_priority unattended-upgrades
fi

52
30-Checking_Topgrade_Installation_Status.sh
View File

@ -6,45 +6,55 @@ source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh" source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh" source "$SCRIPTDIR/common/load-defaults.sh"
printf "$COL_LIGHT_BLUE" "* Checking for topgrade directory"
topgrade_install_directory="/opt/topgrade" topgrade_install_directory="/opt/topgrade"
if [ ! -d "$topgrade_install_directory" ]; then
printf "$COL_YELLOW" "** creating topgrade installation directory"
mkdir $topgrade_install_directory
fi
printf "$COL_LIGHT_BLUE" "* Checking for topgrade binary"
topgrade_binary="/opt/topgrade/topgrade" topgrade_binary="/opt/topgrade/topgrade"
install_topgrade() {
topgrade_tar="/opt/topgrade/topgrade.tar.gz" topgrade_tar="/opt/topgrade/topgrade.tar.gz"
topgrade_git_owner="r-darwish" topgrade_git_owner="r-darwish"
topgrade_git_repo="topgrade" topgrade_git_repo="topgrade"
if [ ! -f "$topgrade_binary" ]; then
printf "$COL_YELLOW" "** topgrade binary missing, installing now"
newest_release_url=$(curl -sL https://api.github.com/repos/$topgrade_git_owner/$topgrade_git_repo/releases/latest | jq -r ".assets[].browser_download_url" | grep x86_64-unknown-linux-gnu.tar.gz) newest_release_url=$(curl -sL https://api.github.com/repos/$topgrade_git_owner/$topgrade_git_repo/releases/latest | jq -r ".assets[].browser_download_url" | grep x86_64-unknown-linux-gnu.tar.gz)
wget $newest_release_url -q -O "$topgrade_tar" wget $newest_release_url -q -O "$topgrade_tar"
tar -xvf $topgrade_tar -C $topgrade_install_directory tar -xvf $topgrade_tar -C $topgrade_install_directory
rm $topgrade_tar rm $topgrade_tar
chmod +x $topgrade_binary chmod +x $topgrade_binary
else }
printf "$COL_YELLOW" "** topgrade binary exists"
fi
if [ ! -f "$topgrade_binary" ]; then update_topgrade() {
printf "$COL_RED" "** topgrade binary not present at $topgrade_binary"
else
current_version=$($topgrade_binary --version | sed 's/[A-Za-z]*//g') current_version=$($topgrade_binary --version | sed 's/[A-Za-z]*//g')
printf "$COL_GREEN" "** Locally installed topgrade version: $current_version" printf "$COL_GREEN" "** Locally installed topgrade version: $current_version"
newest_release=$(curl -sL https://api.github.com/repos/$topgrade_git_owner/$topgrade_git_repo/releases/latest | jq -r ".tag_name" | sed 's/[A-Za-z]*//g') newest_release=$(curl -sL https://api.github.com/repos/$topgrade_git_owner/$topgrade_git_repo/releases/latest | jq -r ".tag_name" | sed 's/[A-Za-z]*//g')
printf "$COL_GREEN" "** Online topgrade version: $newest_release" printf "$COL_GREEN" "** Online topgrade version: $newest_release"
if [ "$current_version" != "$newest_release" ]; then
printf "$COL_LIGHT_BLUE" "* Updating topgrade binary"
install_topgrade
fi
}
check_topgrade_dir() {
if [ ! -d "$topgrade_install_directory" ]; then
printf "$COL_YELLOW" "** creating topgrade installation directory"
mkdir $topgrade_install_directory
else
printf "$COL_YELLOW" "** topgrade installation directory exists"
fi
}
printf "$COL_LIGHT_BLUE" "* Checking for topgrade directory"
check_topgrade_dir
printf "$COL_LIGHT_BLUE" "* Checking for topgrade binary"
if [ ! -f "$topgrade_binary" ]; then
printf "$COL_YELLOW" "** topgrade binary missing, installing now"
install_topgrade
else
printf "$COL_LIGHT_BLUE" "* Checking for topgrade binary updates"
update_topgrade
fi fi
printf "$COL_LIGHT_BLUE" "checking for topgrade confs" printf "$COL_LIGHT_BLUE" "checking for topgrade confs"
custom_topgrade_confs_path="/etc/topgrade" custom_topgrade_confs_path="/etc/topgrade"
custom_topgrade_confs_git="https://git.deathbybandaid.net/deathbybandaid/topgrade.git" custom_topgrade_confs_git="https://git.deathbybandaid.net/deathbybandaid/topgrade.git"
git_update "topgrade" "$custom_topgrade_confs_path" "$custom_topgrade_confs_git" git_update "topgrade" "$custom_topgrade_confs_path" "$custom_topgrade_confs_git"
## Update
if [ -f "$topgrade_binary" ]; then
printf "$COL_CYAN" "* Running topgrade"
$topgrade_binary
fi

16
35-Runing_Topgrade.sh Normal file
View File

@ -0,0 +1,16 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
topgrade_install_directory="/opt/topgrade"
topgrade_binary="/opt/topgrade/topgrade"
## Update
if [ -f "$topgrade_binary" ]; then
printf "$COL_CYAN" "* Running topgrade"
$topgrade_binary
fi

2
40-Checking_Custom_Bash_Aliases.sh
View File

@ -10,7 +10,7 @@ BASHRCFILE="$HOME/.bashrc"
custom_bash_aliases_path="/etc/bash_aliases" custom_bash_aliases_path="/etc/bash_aliases"
custom_bash_aliases_git="https://git.deathbybandaid.net/deathbybandaid/bash_aliases.git" custom_bash_aliases_git="https://git.deathbybandaid.net/deathbybandaid/bash_aliases.git"
git_update "topgrade" "$custom_bash_aliases_path" "$custom_bash_aliases_git" git_update "Custom Bash Aliases" "$custom_bash_aliases_path" "$custom_bash_aliases_git"
printf "$COL_LIGHT_BLUE" "* Checking if bash aliases are setup in ~/.bashrc" printf "$COL_LIGHT_BLUE" "* Checking if bash aliases are setup in ~/.bashrc"
if [[ $(grep -L "$custom_bash_aliases_path" $BASHRCFILE) ]]; then if [[ $(grep -L "$custom_bash_aliases_path" $BASHRCFILE) ]]; then

59
50-Checking_IPA_Realm_Join_Status.sh
View File

@ -1,59 +0,0 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
# TODO setup /etc/hosts with FQDN and FreeIPA servers
printf "$COL_LIGHT_BLUE" "* Checking if system already contains Membership to FreeIPA Realm"
realm_join=0
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
then
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm"
realm_join=1
else
printf "$COL_GREEN" "** $HOSTNAME appears to already be joined to FreeIPA Server Realm"
fi
## FreeIPA Realm Join
if [ "$realm_join" == 1 ]; then
if (whiptail --title "FreeIPA Realm Join" --yes-button "yes" --no-button "no" --yesno "Do You want to join a FreeIPA Realm?" 10 80)
then
if [[ $HOSTNAME == *template* ]]; then
printf "$COL_RED" "** Hostname $HOSTNAME contains the word 'template', skipping realm joining"
realm_join=0
fi
if [ "$realm_join" == 1 ]; then
printf "$COL_YELLOW" "** Setting up ipa-client to join FreeIPA Server Realm"
freeipa_admin=$(whiptail --passwordbox "Please enter the user authorized to join FreeIPA realm: $freeipa_admin" 8 78 --title "FreeIPA Admin User Prompt" 3>&1 1>&2 2>&3)
freeipa_password=$(whiptail --passwordbox "Please enter the password for the FreeIPA admin user: $freeipa_admin" 8 78 --title "FreeIPA Password Prompt" 3>&1 1>&2 2>&3)
ipa-client-install --mkhomedir --no-ntp --principal="$freeipa_admin" --password="$freeipa_password" --enable-dns-updates --unattended
fi
else
printf "$COL_CYAN" "** Skipping realm joining"
fi
fi
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
then
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm, skipping Cert Question"
else
printf "$COL_GREEN" "** $HOSTNAME appears to be joined to FreeIPA Server Realm, Checking if user wants a cert."
if (whiptail --title "FreeIPA CA" --yes-button "yes" --no-button "no" --yesno "Do You want to use FreeIPA as a CA and get a certificate?" 10 80)
then
mkdir -p /etc/certmonger/certs
ipa-getcert request -f /etc/certmonger/certs/app.crt -k /etc/certmonger/certs/app.key -K HTTP/$(hostname -f) -D $(hostname -f) -N $(hostname -f)
sudo getcert list
else
printf "$COL_CYAN" "** Skipping Cert Grabbing"
fi
fi

47
50-Tweaking_Systemd_Journalling.sh Normal file
View File

@ -0,0 +1,47 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
do_limit_journal() {
systemd_journald_conf="/etc/systemd/journald.conf"
if [[ $(grep -L "Change Logging maximums" $systemd_journald_conf) ]]; then
printf "$COL_YELLOW" "** Applying Systemd Journal tweak"
cat <<EOT >> $systemd_journald_conf
#Change Logging maximums
RuntimeMaxFileSize=50
RuntimeMaxFiles=100
EOT
else
printf "$COL_YELLOW" "** Systemd Journal tweak already applied"
fi
}
printf "$COL_LIGHT_BLUE" "* Checking for Systemd Journal directory"
journal_directory="/var/log/journal"
if [ ! -d "$journal_directory" ]; then
printf "$COL_YELLOW" "** creating Systemd Journal installation directory"
mkdir $journal_directory
fi
if [ "$systemd_journaling_tweak" == "ask" ]; then
if (whiptail --title "Systemd Journalling limits" --yes-button "yes" --no-button "no" --yesno "Do You want to limit systemd journalling?" 10 80)
then
systemd_journaling_tweak=1
else
systemd_journaling_tweak=0
fi
fi
if [ "$systemd_journaling_tweak" == 1 ]; then
printf "$COL_YELLOW" "** Limitting"
do_limit_journal
systemctl restart systemd-journald
else
printf "$COL_YELLOW" "** not Applying Systemd Journal tweak"
fi

10
55-Vaccuming_Systemd_Journalling.sh Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
printf "$COL_LIGHT_BLUE" "* Vaccuming Systemd Journal"
journalctl --vacuum-size=50M

0
20-Updating_Custom_MOTD.sh → 60-Updating_Custom_MOTD.sh
View File

46
90-Checking_IPA_Realm_Join_Status.sh Normal file
View File

@ -0,0 +1,46 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
# TODO setup /etc/hosts with FQDN and FreeIPA servers
printf "$COL_LIGHT_BLUE" "* Checking if system already contains Membership to FreeIPA Realm"
realm_join=0
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
then
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm"
realm_join=$freeipa_join_realm
else
printf "$COL_GREEN" "** $HOSTNAME appears to already be joined to FreeIPA Server Realm"
fi
if [ "$freeipa_join_realm" == "ask" ]; then
if (whiptail --title "FreeIPA Realm Join" --yes-button "yes" --no-button "no" --yesno "Do You want to join a FreeIPA Realm?" 10 80)
then
realm_join=1
else
realm_join=0
fi
fi
if [ "$realm_join" == 1 ]; then
if [[ $HOSTNAME == *template* ]]; then
printf "$COL_RED" "** Hostname $HOSTNAME contains the word 'template', skipping realm joining"
realm_join=0
fi
fi
## FreeIPA Realm Join
if [ "$realm_join" == 1 ]; then
printf "$COL_YELLOW" "** Setting up ipa-client to join FreeIPA Server Realm"
freeipa_admin=$(whiptail --passwordbox "Please enter the user authorized to join FreeIPA realm: $freeipa_admin" 8 78 --title "FreeIPA Admin User Prompt" 3>&1 1>&2 2>&3)
freeipa_password=$(whiptail --passwordbox "Please enter the password for the FreeIPA admin user: $freeipa_admin" 8 78 --title "FreeIPA Password Prompt" 3>&1 1>&2 2>&3)
ipa-client-install --mkhomedir --no-ntp --principal="$freeipa_admin" --password="$freeipa_password" --enable-dns-updates --unattended
else
printf "$COL_CYAN" "** Skipping realm joining"
fi

36
95-FreeIPA_CA.sh Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
## Script Location
SCRIPTDIR=$(dirname $0)
source "$SCRIPTDIR/common/colors.sh"
source "$SCRIPTDIR/common/functions.sh"
source "$SCRIPTDIR/common/load-defaults.sh"
printf "$COL_LIGHT_BLUE" "* Checking if system already contains Membership to FreeIPA Realm"
realm_get_ca=0
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
then
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm"
realm_get_ca=$freeipa_ca
else
printf "$COL_GREEN" "** $HOSTNAME appears to already be joined to FreeIPA Server Realm"
fi
if [ "$freeipa_ca" == "ask" ]; then
if (whiptail --title "FreeIPA Realm Join" --yes-button "yes" --no-button "no" --yesno "Do You want to use FreeIPA as a CA and get a certificate?" 10 80)
then
realm_get_ca=1
else
realm_get_ca=0
fi
fi
## FreeIPA get ca
if [ "$realm_get_ca" == 1 ]; then
printf "$COL_YELLOW" "** Grabbing Cert"
mkdir -p /etc/certmonger/certs
ipa-getcert request -f /etc/certmonger/certs/app.crt -k /etc/certmonger/certs/app.key -K HTTP/$(hostname -f) -D $(hostname -f) -N $(hostname -f)
sudo getcert list
else
printf "$COL_CYAN" "** Skipping Cert Grabbing"
fi

4
common/defaults-blank
View File

@ -1 +1,5 @@
desired_timezone=0 desired_timezone=0
unattended_upgrades_priority="low"
systemd_journaling="ask"
freeipa_join_realm="ask"
freeipa_ca="ask"

4
common/defaults-dbb
View File

@ -1 +1,5 @@
desired_timezone="America/Detroit" desired_timezone="America/Detroit"
unattended_upgrades_priority="medium"
systemd_journaling_tweak=1
freeipa_join_realm=1
freeipa_ca=1

1
template_setup.sh
View File

@ -17,7 +17,6 @@ do
printf "${COL_CYAN}" "$TOPLEVELSUBDIRSCRIPTTEXT" printf "${COL_CYAN}" "$TOPLEVELSUBDIRSCRIPTTEXT"
/bin/bash $scriptfile $load_defaults /bin/bash $scriptfile $load_defaults
exit
echo "" echo ""
done done