diff --git a/README.md b/README.md index cdb0e84..68f91af 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,11 @@ # debian_setup_tools -Ayyy let's have fun everybody \ No newline at end of file +Ayyy let's have fun everybody + +- `deb_bugger.sh` + + Usual setup script + +- `deb_linode.sh` + + Special Linode edition diff --git a/deb_bugger.sh b/deb_bugger.sh new file mode 100755 index 0000000..56868e2 --- /dev/null +++ b/deb_bugger.sh @@ -0,0 +1,156 @@ +#!/usr/bin/env sh + +set -e + +# Make sure we can connect to apt repos +apt-get update + +# Networking & Firewall +apt-get -y install network-manager netcat-openbsd rsync curl wget \ + net-tools ufw whois ifupdown- connman- cmst- netcat-traditional- + +if [ -w /etc/network/interfaces ]; then + mv /etc/network/interfaces /etc/network/interfaces.OLD + touch /etc/network/interfaces +fi + +# Can only give ufw one arg at a time... +for service in mdns dhcpv6-client; do + ufw allow $service +done +ufw limit ssh + +ufw --force enable + +# Disallow root login via ssh +echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login.conf +systemctl restart sshd + +# Make sure NetworkMangler is doing its thing +systemctl restart NetworkManager NetworkManager-wait-online + +# Pause here til it's good or it won't make it much further +until nc -w 5 -z mirror.swagg.net 80; do + echo "Couldn't ping SwaggNet... Trying again in 5 seconds..." + sleep 5 +done + +# Shared drives +if grep -q 'swaggnet\.real' /etc/resolv.conf; then + apt-get -y install cifs-utils smbclient autofs + + if ! [ -d /var/autofs/swagg ]; then + mkdir -p /var/autofs/swagg + fi + + if ! [ -d "$HOME"/misc ]; then + mkdir "$HOME"/misc + fi + + (cd "$HOME"/misc + wget --content-disposition \ + 'http://mirror.swagg.net/cgi-bin/iso9660.cgi' + tar xf samba_swagg_debian.tar.gz + cp samba_swagg/etc/auto.master.d/swagg.autofs /etc/auto.master.d/ + cp samba_swagg/etc/auto.swagg /etc/ + cp samba_swagg/root/.samba /root/.samba) + + systemctl restart autofs +fi + +# AppArmor (disable for now) +cat > /etc/default/grub.d/apparmor.cfg <<'EOF' +GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0" +EOF + +update-grub + +# Development stuff +apt-get -y install git libsecret-1-0 libsecret-1-dev build-essential vim \ + emacs crun podman podman-docker podman-compose ruby-full rbenv \ + perl perlbrew cpanminus rakudo raku-* postgresql-15 shellcheck \ + postgresql-server-dev-15 emacs-goodies-extra-el \ + elpa-dockerfile-mode elpa-web-mode elpa-yaml-mode docker-compose- + +(cd /usr/share/doc/git/contrib/credential/libsecret + make) + +# Logging +apt-get -y install rsyslog + +if [ -d /var/log/journal ]; then + rm -rf /var/log/journal +fi + +# Firmware (if available) +if apt-get -s install firmware-linux-nonfree 2>&1 > /dev/null; then + apt-get -y install firmware-linux-nonfree +fi + +# Various things +apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \ + fortunes-mario fortunes fortunes-min neofetch screen beep apt-file \ + htop iftop lm-sensors + +apt-file update + +# systemd cope +perl -i.bak -pe 's/^#// if /Timeout/ && /\ds$/' /etc/systemd/system.conf + +# Stop here if there's no graphical UI +if [ "$(systemctl is-active display-manager)" = 'inactive' ]; then + apt-get -y autoremove + exit +fi + +# fwupd +apt-get -y install udisks2 fwupd + +# PipeWire +apt-get -y remove pipewire-media-session +apt-get -y install wireplumber libspa-0.2-bluetooth + +systemctl --user -M daniel@ enable wireplumber.service + +# Flatpak +apt-get -y install flatpak + +flatpak remote-add --if-not-exists flathub \ + 'https://flathub.org/repo/flathub.flatpakrepo' + +# Various DESKTOP things +apt-get -y install lxqt-archiver caffeine picom vlc thunderbird redshift \ + kitty libopengl-xscreensaver-perl xscreensaver-data-extra \ + xscreensaver-data xscreensaver-gl-extra xscreensaver-gl \ + xscreensaver-screensaver-bsod xscreensaver-screensaver-dizzy \ + xscreensaver-screensaver-webcollage chromium nm-tray gimp quassel- \ + transmission-qt liblxqt-backlight-helper xserver-xorg-video-intel- \ + openbox obconf-qt menu xfwm4- + +flatpak -y install com.bitwarden.desktop com.discordapp.Discord \ + com.sindresorhus.Caprine com.slack.Slack im.riot.Riot + +# Laptop stuff +if ! command -v laptop-detect > /dev/null 2>&1; then + apt-get -y install laptop-detect +fi + +if laptop-detect; then + apt-get -y install tlp modemmanager modem-manager-gui powertop- +fi + +# Steam (if available) +(cd /tmp + # I can't do a simulated install due to the multilib requirement + if apt-get download steam-installer 2>&1 > /dev/null; then + dpkg --add-architecture i386 + apt-get update + apt-file update + + apt-get -y install steam-installer + + rm ./steam-installer*.deb + fi) + +# Clean up before exiting +apt-get -y autoremove diff --git a/deb_linode.sh b/deb_linode.sh new file mode 100755 index 0000000..3a77a93 --- /dev/null +++ b/deb_linode.sh @@ -0,0 +1,60 @@ +#!/usr/bin/env sh + +set -e + +# Make sure we can connect to apt repos +apt-get update + +# Networking & Firewall +apt-get -y install network-manager netcat-openbsd rsync curl wget \ + net-tools ufw whois ifupdown- connman- cmst- netcat-traditional- + +if [ -w /etc/network/interfaces ]; then + mv /etc/network/interfaces /etc/network/interfaces.OLD + touch /etc/network/interfaces +fi + +# Can only give ufw one arg at a time... +for service in mdns dhcpv6-client; do + ufw allow $service +done +ufw limit ssh + +ufw --force enable + +# Disallow root login via ssh +echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login +systemctl restart sshd + +# Make sure NetworkMangler is doing its thing +systemctl restart NetworkManager NetworkManager-wait-online + +nmcli device set eth0 managed true +nmcli connection modify Wired\ connection\ 1 ipv6.addr-gen-mode eui64 + +# Pause here til it's good or it won't make it much further +until nc -w 5 -z mirror.swagg.net 80; do + echo "Couldn't ping SwaggNet... Trying again in 5 seconds..." + sleep 5 +done + +# AppArmor (disable for now) +cat > /etc/default/grub.d/apparmor.cfg <<'EOF' +GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0" +EOF + +update-grub + +# Logging +apt-get -y install rsyslog + +if [ -d /var/log/journal ]; then + rm -rf /var/log/journal +fi + +# Various things +apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \ + fortunes-mario fortunes fortunes-min neofetch screen apt-file \ + htop iftop + +apt-file update