Initial commit++
This commit is contained in:
parent
0761c81599
commit
6be2827295
10
README.md
10
README.md
|
@ -1,3 +1,11 @@
|
|||
# debian_setup_tools
|
||||
|
||||
Ayyy let's have fun everybody
|
||||
Ayyy let's have fun everybody
|
||||
|
||||
- `deb_bugger.sh`
|
||||
|
||||
Usual setup script
|
||||
|
||||
- `deb_linode.sh`
|
||||
|
||||
Special Linode edition
|
||||
|
|
156
deb_bugger.sh
Executable file
156
deb_bugger.sh
Executable file
|
@ -0,0 +1,156 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -e
|
||||
|
||||
# Make sure we can connect to apt repos
|
||||
apt-get update
|
||||
|
||||
# Networking & Firewall
|
||||
apt-get -y install network-manager netcat-openbsd rsync curl wget \
|
||||
net-tools ufw whois ifupdown- connman- cmst- netcat-traditional-
|
||||
|
||||
if [ -w /etc/network/interfaces ]; then
|
||||
mv /etc/network/interfaces /etc/network/interfaces.OLD
|
||||
touch /etc/network/interfaces
|
||||
fi
|
||||
|
||||
# Can only give ufw one arg at a time...
|
||||
for service in mdns dhcpv6-client; do
|
||||
ufw allow $service
|
||||
done
|
||||
ufw limit ssh
|
||||
|
||||
ufw --force enable
|
||||
|
||||
# Disallow root login via ssh
|
||||
echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||
systemctl restart sshd
|
||||
|
||||
# Make sure NetworkMangler is doing its thing
|
||||
systemctl restart NetworkManager NetworkManager-wait-online
|
||||
|
||||
# Pause here til it's good or it won't make it much further
|
||||
until nc -w 5 -z mirror.swagg.net 80; do
|
||||
echo "Couldn't ping SwaggNet... Trying again in 5 seconds..."
|
||||
sleep 5
|
||||
done
|
||||
|
||||
# Shared drives
|
||||
if grep -q 'swaggnet\.real' /etc/resolv.conf; then
|
||||
apt-get -y install cifs-utils smbclient autofs
|
||||
|
||||
if ! [ -d /var/autofs/swagg ]; then
|
||||
mkdir -p /var/autofs/swagg
|
||||
fi
|
||||
|
||||
if ! [ -d "$HOME"/misc ]; then
|
||||
mkdir "$HOME"/misc
|
||||
fi
|
||||
|
||||
(cd "$HOME"/misc
|
||||
wget --content-disposition \
|
||||
'http://mirror.swagg.net/cgi-bin/iso9660.cgi'
|
||||
tar xf samba_swagg_debian.tar.gz
|
||||
cp samba_swagg/etc/auto.master.d/swagg.autofs /etc/auto.master.d/
|
||||
cp samba_swagg/etc/auto.swagg /etc/
|
||||
cp samba_swagg/root/.samba /root/.samba)
|
||||
|
||||
systemctl restart autofs
|
||||
fi
|
||||
|
||||
# AppArmor (disable for now)
|
||||
cat > /etc/default/grub.d/apparmor.cfg <<'EOF'
|
||||
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0"
|
||||
EOF
|
||||
|
||||
update-grub
|
||||
|
||||
# Development stuff
|
||||
apt-get -y install git libsecret-1-0 libsecret-1-dev build-essential vim \
|
||||
emacs crun podman podman-docker podman-compose ruby-full rbenv \
|
||||
perl perlbrew cpanminus rakudo raku-* postgresql-15 shellcheck \
|
||||
postgresql-server-dev-15 emacs-goodies-extra-el \
|
||||
elpa-dockerfile-mode elpa-web-mode elpa-yaml-mode docker-compose-
|
||||
|
||||
(cd /usr/share/doc/git/contrib/credential/libsecret
|
||||
make)
|
||||
|
||||
# Logging
|
||||
apt-get -y install rsyslog
|
||||
|
||||
if [ -d /var/log/journal ]; then
|
||||
rm -rf /var/log/journal
|
||||
fi
|
||||
|
||||
# Firmware (if available)
|
||||
if apt-get -s install firmware-linux-nonfree 2>&1 > /dev/null; then
|
||||
apt-get -y install firmware-linux-nonfree
|
||||
fi
|
||||
|
||||
# Various things
|
||||
apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \
|
||||
fortunes-mario fortunes fortunes-min neofetch screen beep apt-file \
|
||||
htop iftop lm-sensors
|
||||
|
||||
apt-file update
|
||||
|
||||
# systemd cope
|
||||
perl -i.bak -pe 's/^#// if /Timeout/ && /\ds$/' /etc/systemd/system.conf
|
||||
|
||||
# Stop here if there's no graphical UI
|
||||
if [ "$(systemctl is-active display-manager)" = 'inactive' ]; then
|
||||
apt-get -y autoremove
|
||||
exit
|
||||
fi
|
||||
|
||||
# fwupd
|
||||
apt-get -y install udisks2 fwupd
|
||||
|
||||
# PipeWire
|
||||
apt-get -y remove pipewire-media-session
|
||||
apt-get -y install wireplumber libspa-0.2-bluetooth
|
||||
|
||||
systemctl --user -M daniel@ enable wireplumber.service
|
||||
|
||||
# Flatpak
|
||||
apt-get -y install flatpak
|
||||
|
||||
flatpak remote-add --if-not-exists flathub \
|
||||
'https://flathub.org/repo/flathub.flatpakrepo'
|
||||
|
||||
# Various DESKTOP things
|
||||
apt-get -y install lxqt-archiver caffeine picom vlc thunderbird redshift \
|
||||
kitty libopengl-xscreensaver-perl xscreensaver-data-extra \
|
||||
xscreensaver-data xscreensaver-gl-extra xscreensaver-gl \
|
||||
xscreensaver-screensaver-bsod xscreensaver-screensaver-dizzy \
|
||||
xscreensaver-screensaver-webcollage chromium nm-tray gimp quassel- \
|
||||
transmission-qt liblxqt-backlight-helper xserver-xorg-video-intel- \
|
||||
openbox obconf-qt menu xfwm4-
|
||||
|
||||
flatpak -y install com.bitwarden.desktop com.discordapp.Discord \
|
||||
com.sindresorhus.Caprine com.slack.Slack im.riot.Riot
|
||||
|
||||
# Laptop stuff
|
||||
if ! command -v laptop-detect > /dev/null 2>&1; then
|
||||
apt-get -y install laptop-detect
|
||||
fi
|
||||
|
||||
if laptop-detect; then
|
||||
apt-get -y install tlp modemmanager modem-manager-gui powertop-
|
||||
fi
|
||||
|
||||
# Steam (if available)
|
||||
(cd /tmp
|
||||
# I can't do a simulated install due to the multilib requirement
|
||||
if apt-get download steam-installer 2>&1 > /dev/null; then
|
||||
dpkg --add-architecture i386
|
||||
apt-get update
|
||||
apt-file update
|
||||
|
||||
apt-get -y install steam-installer
|
||||
|
||||
rm ./steam-installer*.deb
|
||||
fi)
|
||||
|
||||
# Clean up before exiting
|
||||
apt-get -y autoremove
|
60
deb_linode.sh
Executable file
60
deb_linode.sh
Executable file
|
@ -0,0 +1,60 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -e
|
||||
|
||||
# Make sure we can connect to apt repos
|
||||
apt-get update
|
||||
|
||||
# Networking & Firewall
|
||||
apt-get -y install network-manager netcat-openbsd rsync curl wget \
|
||||
net-tools ufw whois ifupdown- connman- cmst- netcat-traditional-
|
||||
|
||||
if [ -w /etc/network/interfaces ]; then
|
||||
mv /etc/network/interfaces /etc/network/interfaces.OLD
|
||||
touch /etc/network/interfaces
|
||||
fi
|
||||
|
||||
# Can only give ufw one arg at a time...
|
||||
for service in mdns dhcpv6-client; do
|
||||
ufw allow $service
|
||||
done
|
||||
ufw limit ssh
|
||||
|
||||
ufw --force enable
|
||||
|
||||
# Disallow root login via ssh
|
||||
echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login
|
||||
systemctl restart sshd
|
||||
|
||||
# Make sure NetworkMangler is doing its thing
|
||||
systemctl restart NetworkManager NetworkManager-wait-online
|
||||
|
||||
nmcli device set eth0 managed true
|
||||
nmcli connection modify Wired\ connection\ 1 ipv6.addr-gen-mode eui64
|
||||
|
||||
# Pause here til it's good or it won't make it much further
|
||||
until nc -w 5 -z mirror.swagg.net 80; do
|
||||
echo "Couldn't ping SwaggNet... Trying again in 5 seconds..."
|
||||
sleep 5
|
||||
done
|
||||
|
||||
# AppArmor (disable for now)
|
||||
cat > /etc/default/grub.d/apparmor.cfg <<'EOF'
|
||||
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0"
|
||||
EOF
|
||||
|
||||
update-grub
|
||||
|
||||
# Logging
|
||||
apt-get -y install rsyslog
|
||||
|
||||
if [ -d /var/log/journal ]; then
|
||||
rm -rf /var/log/journal
|
||||
fi
|
||||
|
||||
# Various things
|
||||
apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \
|
||||
fortunes-mario fortunes fortunes-min neofetch screen apt-file \
|
||||
htop iftop
|
||||
|
||||
apt-file update
|
Loading…
Reference in a new issue