-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup.sh
100 lines (84 loc) · 3.23 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/bash
# Load environment variables if .env file exists
if [ -f .env ]; then
echo "Loading variables from .env file..."
export $(grep -v '^#' .env | xargs)
else
echo ".env file not found. Prompting for input..."
# Prompt user for each variable if not set
read -p "Enter new username: " NEW_USER
read -sp "Enter password for $NEW_USER: " NEW_USER_PASSWORD
echo
read -p "Enter SSH public key path (default: $HOME/.ssh/cvs_servers.pub): " SSH_PUBLIC_KEY_PATH
SSH_PUBLIC_KEY_PATH=${SSH_PUBLIC_KEY_PATH:-$HOME/.ssh/cvs_servers.pub}
read -p "Enter SSH server IP: " SSH_SERVER_IP
read -p "Enter timezone (default: Europe/Berlin): " TIMEZONE
TIMEZONE=${TIMEZONE:-Europe/Berlin}
read -p "Enter hostname: " HOSTNAME
read -p "Enter admin email for update notifications: " EMAIL
fi
# Update and Upgrade System
echo "Updating and upgrading the system..."
sudo apt update -qq && sudo apt upgrade -y -qq
# Create a New User and Assign Root Privileges
echo "Creating a new user: $NEW_USER"
sudo adduser $NEW_USER --gecos "" --disabled-password
echo "$NEW_USER:$NEW_USER_PASSWORD" | sudo chpasswd
echo "Adding $NEW_USER to sudo group..."
sudo usermod -aG sudo $NEW_USER
# Configure SSH Warning Banner
echo "Setting up SSH warning banner..."
sudo tee /etc/issue.net > /dev/null <<EOF
###############################################################
# Authorized access only! #
# Disconnect IMMEDIATELY if you are not an authorized user!!! #
# All actions Will be monitored and recorded #
###############################################################
EOF
echo "Updating sshd configuration..."
sudo tee -a /etc/ssh/sshd_config > /dev/null <<EOF
Banner /etc/issue.net
PubkeyAuthentication yes
EOF
sudo systemctl restart sshd
# Set Time Zone
echo "Setting timezone to $TIMEZONE..."
sudo timedatectl set-timezone $TIMEZONE
timedatectl
# Set and Check New Hostname
echo "Setting hostname to '$HOSTNAME'..."
sudo hostnamectl set-hostname $HOSTNAME
hostnamectl
# Check Swap
echo "Checking swap space..."
swapon -s
# Configure Email Notifications for Updates
echo "Installing mailutils for email notifications..."
sudo apt install -y -qq mailutils
# Test email
echo "Sending test email to $EMAIL..."
echo "This is a test email from $HOSTNAME" | mail -s "Test" $EMAIL
# Enable Unattended Upgrades
echo "Installing and configuring unattended-upgrades..."
sudo apt install -y -qq unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades
# Configure unattended-upgrades to send update notifications
echo "Setting up unattended-upgrades email notifications..."
sudo tee -a /etc/apt/apt.conf.d/50unattended-upgrades > /dev/null <<EOF
Unattended-Upgrade::Mail "$EMAIL";
Unattended-Upgrade::MailReport "on-change";
EOF
# Check Unattended-Upgrades Timer
echo "Listing timers for unattended-upgrades..."
systemctl list-timers apt-daily.timer
# Display System IP Address
echo "System IP address:"
hostname -I
# Halt before reboot
read -p "Setup complete. Do you want to reboot the system now? (y/n): " REBOOT_CONFIRM
if [[ "$REBOOT_CONFIRM" == "y" || "$REBOOT_CONFIRM" == "Y" ]]; then
echo "Rebooting system..."
sudo systemctl reboot
else
echo "Reboot canceled. You may reboot the system manually when ready."
fi