Initial commit++
This commit is contained in:
parent
0761c81599
commit
6be2827295
10
README.md
10
README.md
|
@ -1,3 +1,11 @@
|
||||||
# debian_setup_tools
|
# debian_setup_tools
|
||||||
|
|
||||||
Ayyy let's have fun everybody
|
Ayyy let's have fun everybody
|
||||||
|
|
||||||
|
- `deb_bugger.sh`
|
||||||
|
|
||||||
|
Usual setup script
|
||||||
|
|
||||||
|
- `deb_linode.sh`
|
||||||
|
|
||||||
|
Special Linode edition
|
||||||
|
|
156
deb_bugger.sh
Executable file
156
deb_bugger.sh
Executable file
|
@ -0,0 +1,156 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Make sure we can connect to apt repos
|
||||||
|
apt-get update
|
||||||
|
|
||||||
|
# Networking & Firewall
|
||||||
|
apt-get -y install network-manager netcat-openbsd rsync curl wget \
|
||||||
|
net-tools ufw whois ifupdown- connman- cmst- netcat-traditional-
|
||||||
|
|
||||||
|
if [ -w /etc/network/interfaces ]; then
|
||||||
|
mv /etc/network/interfaces /etc/network/interfaces.OLD
|
||||||
|
touch /etc/network/interfaces
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Can only give ufw one arg at a time...
|
||||||
|
for service in mdns dhcpv6-client; do
|
||||||
|
ufw allow $service
|
||||||
|
done
|
||||||
|
ufw limit ssh
|
||||||
|
|
||||||
|
ufw --force enable
|
||||||
|
|
||||||
|
# Disallow root login via ssh
|
||||||
|
echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||||
|
systemctl restart sshd
|
||||||
|
|
||||||
|
# Make sure NetworkMangler is doing its thing
|
||||||
|
systemctl restart NetworkManager NetworkManager-wait-online
|
||||||
|
|
||||||
|
# Pause here til it's good or it won't make it much further
|
||||||
|
until nc -w 5 -z mirror.swagg.net 80; do
|
||||||
|
echo "Couldn't ping SwaggNet... Trying again in 5 seconds..."
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
|
||||||
|
# Shared drives
|
||||||
|
if grep -q 'swaggnet\.real' /etc/resolv.conf; then
|
||||||
|
apt-get -y install cifs-utils smbclient autofs
|
||||||
|
|
||||||
|
if ! [ -d /var/autofs/swagg ]; then
|
||||||
|
mkdir -p /var/autofs/swagg
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [ -d "$HOME"/misc ]; then
|
||||||
|
mkdir "$HOME"/misc
|
||||||
|
fi
|
||||||
|
|
||||||
|
(cd "$HOME"/misc
|
||||||
|
wget --content-disposition \
|
||||||
|
'http://mirror.swagg.net/cgi-bin/iso9660.cgi'
|
||||||
|
tar xf samba_swagg_debian.tar.gz
|
||||||
|
cp samba_swagg/etc/auto.master.d/swagg.autofs /etc/auto.master.d/
|
||||||
|
cp samba_swagg/etc/auto.swagg /etc/
|
||||||
|
cp samba_swagg/root/.samba /root/.samba)
|
||||||
|
|
||||||
|
systemctl restart autofs
|
||||||
|
fi
|
||||||
|
|
||||||
|
# AppArmor (disable for now)
|
||||||
|
cat > /etc/default/grub.d/apparmor.cfg <<'EOF'
|
||||||
|
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
update-grub
|
||||||
|
|
||||||
|
# Development stuff
|
||||||
|
apt-get -y install git libsecret-1-0 libsecret-1-dev build-essential vim \
|
||||||
|
emacs crun podman podman-docker podman-compose ruby-full rbenv \
|
||||||
|
perl perlbrew cpanminus rakudo raku-* postgresql-15 shellcheck \
|
||||||
|
postgresql-server-dev-15 emacs-goodies-extra-el \
|
||||||
|
elpa-dockerfile-mode elpa-web-mode elpa-yaml-mode docker-compose-
|
||||||
|
|
||||||
|
(cd /usr/share/doc/git/contrib/credential/libsecret
|
||||||
|
make)
|
||||||
|
|
||||||
|
# Logging
|
||||||
|
apt-get -y install rsyslog
|
||||||
|
|
||||||
|
if [ -d /var/log/journal ]; then
|
||||||
|
rm -rf /var/log/journal
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Firmware (if available)
|
||||||
|
if apt-get -s install firmware-linux-nonfree 2>&1 > /dev/null; then
|
||||||
|
apt-get -y install firmware-linux-nonfree
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Various things
|
||||||
|
apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \
|
||||||
|
fortunes-mario fortunes fortunes-min neofetch screen beep apt-file \
|
||||||
|
htop iftop lm-sensors
|
||||||
|
|
||||||
|
apt-file update
|
||||||
|
|
||||||
|
# systemd cope
|
||||||
|
perl -i.bak -pe 's/^#// if /Timeout/ && /\ds$/' /etc/systemd/system.conf
|
||||||
|
|
||||||
|
# Stop here if there's no graphical UI
|
||||||
|
if [ "$(systemctl is-active display-manager)" = 'inactive' ]; then
|
||||||
|
apt-get -y autoremove
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
# fwupd
|
||||||
|
apt-get -y install udisks2 fwupd
|
||||||
|
|
||||||
|
# PipeWire
|
||||||
|
apt-get -y remove pipewire-media-session
|
||||||
|
apt-get -y install wireplumber libspa-0.2-bluetooth
|
||||||
|
|
||||||
|
systemctl --user -M daniel@ enable wireplumber.service
|
||||||
|
|
||||||
|
# Flatpak
|
||||||
|
apt-get -y install flatpak
|
||||||
|
|
||||||
|
flatpak remote-add --if-not-exists flathub \
|
||||||
|
'https://flathub.org/repo/flathub.flatpakrepo'
|
||||||
|
|
||||||
|
# Various DESKTOP things
|
||||||
|
apt-get -y install lxqt-archiver caffeine picom vlc thunderbird redshift \
|
||||||
|
kitty libopengl-xscreensaver-perl xscreensaver-data-extra \
|
||||||
|
xscreensaver-data xscreensaver-gl-extra xscreensaver-gl \
|
||||||
|
xscreensaver-screensaver-bsod xscreensaver-screensaver-dizzy \
|
||||||
|
xscreensaver-screensaver-webcollage chromium nm-tray gimp quassel- \
|
||||||
|
transmission-qt liblxqt-backlight-helper xserver-xorg-video-intel- \
|
||||||
|
openbox obconf-qt menu xfwm4-
|
||||||
|
|
||||||
|
flatpak -y install com.bitwarden.desktop com.discordapp.Discord \
|
||||||
|
com.sindresorhus.Caprine com.slack.Slack im.riot.Riot
|
||||||
|
|
||||||
|
# Laptop stuff
|
||||||
|
if ! command -v laptop-detect > /dev/null 2>&1; then
|
||||||
|
apt-get -y install laptop-detect
|
||||||
|
fi
|
||||||
|
|
||||||
|
if laptop-detect; then
|
||||||
|
apt-get -y install tlp modemmanager modem-manager-gui powertop-
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Steam (if available)
|
||||||
|
(cd /tmp
|
||||||
|
# I can't do a simulated install due to the multilib requirement
|
||||||
|
if apt-get download steam-installer 2>&1 > /dev/null; then
|
||||||
|
dpkg --add-architecture i386
|
||||||
|
apt-get update
|
||||||
|
apt-file update
|
||||||
|
|
||||||
|
apt-get -y install steam-installer
|
||||||
|
|
||||||
|
rm ./steam-installer*.deb
|
||||||
|
fi)
|
||||||
|
|
||||||
|
# Clean up before exiting
|
||||||
|
apt-get -y autoremove
|
60
deb_linode.sh
Executable file
60
deb_linode.sh
Executable file
|
@ -0,0 +1,60 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Make sure we can connect to apt repos
|
||||||
|
apt-get update
|
||||||
|
|
||||||
|
# Networking & Firewall
|
||||||
|
apt-get -y install network-manager netcat-openbsd rsync curl wget \
|
||||||
|
net-tools ufw whois ifupdown- connman- cmst- netcat-traditional-
|
||||||
|
|
||||||
|
if [ -w /etc/network/interfaces ]; then
|
||||||
|
mv /etc/network/interfaces /etc/network/interfaces.OLD
|
||||||
|
touch /etc/network/interfaces
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Can only give ufw one arg at a time...
|
||||||
|
for service in mdns dhcpv6-client; do
|
||||||
|
ufw allow $service
|
||||||
|
done
|
||||||
|
ufw limit ssh
|
||||||
|
|
||||||
|
ufw --force enable
|
||||||
|
|
||||||
|
# Disallow root login via ssh
|
||||||
|
echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/permit_root_login
|
||||||
|
systemctl restart sshd
|
||||||
|
|
||||||
|
# Make sure NetworkMangler is doing its thing
|
||||||
|
systemctl restart NetworkManager NetworkManager-wait-online
|
||||||
|
|
||||||
|
nmcli device set eth0 managed true
|
||||||
|
nmcli connection modify Wired\ connection\ 1 ipv6.addr-gen-mode eui64
|
||||||
|
|
||||||
|
# Pause here til it's good or it won't make it much further
|
||||||
|
until nc -w 5 -z mirror.swagg.net 80; do
|
||||||
|
echo "Couldn't ping SwaggNet... Trying again in 5 seconds..."
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
|
||||||
|
# AppArmor (disable for now)
|
||||||
|
cat > /etc/default/grub.d/apparmor.cfg <<'EOF'
|
||||||
|
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
update-grub
|
||||||
|
|
||||||
|
# Logging
|
||||||
|
apt-get -y install rsyslog
|
||||||
|
|
||||||
|
if [ -d /var/log/journal ]; then
|
||||||
|
rm -rf /var/log/journal
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Various things
|
||||||
|
apt-get -y install unifont bsdgames fortune-mod fortunes-bofh-excuses \
|
||||||
|
fortunes-mario fortunes fortunes-min neofetch screen apt-file \
|
||||||
|
htop iftop
|
||||||
|
|
||||||
|
apt-file update
|
Loading…
Reference in a new issue