Add more scripts

2025-04-27 16:38:54 +03:00 · 2025-04-27 16:38:54 +03:00 · ddb6d7dcd1
commit ddb6d7dcd1
parent 03ab6ee918
10 changed files with 14 additions and 1 deletions
--- a/.config/containers/storage.conf
+++ b/.config/containers/storage.conf
--- a/4
+++ b/4
@ -0,0 +1,4 @@
+Configs for debian 12 setup.
+
+Clone to $HOME, run ./scripts/full.sh and pray.
+
--- a/scripts/beszel.sh
+++ b/scripts/beszel.sh
--- a/scripts/full.sh
+++ b/scripts/full.sh
@ -12,8 +12,12 @@ sudo apt install -y \
    python3-pip \
    vim

+sudo cp "$HOME/.vimrc" /root/.vimrc
+
+./zfs.sh
 ./sshd.sh
 ./nginx.sh
 ./ufw.sh
 ./podman.sh
 ./unattended.sh
+./beszel.sh
--- a/scripts/nginx.sh
+++ b/scripts/nginx.sh
--- a/scripts/podman.sh
+++ b/scripts/podman.sh
@ -4,5 +4,8 @@ set -euo pipefail

 sudo apt install -y podman

+sudo mkdir -p /etc/containers/
+sudo cp "$HOME/.config/containers/storage.conf" /etc/containers/storage.conf
+
 systemctl --user enable podman.socket
 systemctl --user start podman.socket
--- a/scripts/sshd.sh
+++ b/scripts/sshd.sh
@ -2,7 +2,7 @@

 set -euo pipefail

-# TODO: just 'sed' the usual hardenings
+# TODO: 'sed' automate the usual hardenings
 sudo vim /etc/ssh/sshd_config

 if ! sudo sshd -t; then
--- a/scripts/ufw.sh
+++ b/scripts/ufw.sh
@ -7,9 +7,11 @@ sudo apt install -y ufw
 sudo ufw default deny incoming
 sudo ufw default allow outgoing

+# Allow SSH port
 port=$(cat /etc/ssh/sshd_config | grep -o 'Port [0-9]*' | grep -o '[0-9]*')
 sudo ufw allow "$port/tcp"

+# Allow Nginx if installed
 if ! which nginx; then
    sudo ufw allow "Nginx Full"
 fi
--- a/scripts/unattended.sh
+++ b/scripts/unattended.sh
--- a/scripts/zfs.sh
+++ b/scripts/zfs.sh