From ddb6d7dcd1fc7d316a78df20bdb371e8744b13b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20R=C3=A4s=C3=A4nen?= Date: Sun, 27 Apr 2025 16:38:54 +0300 Subject: [PATCH] Add more scripts --- {containers => .config/containers}/storage.conf | 0 readme | 4 ++++ beszel.sh => scripts/beszel.sh | 0 full.sh => scripts/full.sh | 4 ++++ nginx.sh => scripts/nginx.sh | 0 podman.sh => scripts/podman.sh | 3 +++ sshd.sh => scripts/sshd.sh | 2 +- ufw.sh => scripts/ufw.sh | 2 ++ unattended.sh => scripts/unattended.sh | 0 zfs.sh => scripts/zfs.sh | 0 10 files changed, 14 insertions(+), 1 deletion(-) rename {containers => .config/containers}/storage.conf (100%) create mode 100644 readme rename beszel.sh => scripts/beszel.sh (100%) rename full.sh => scripts/full.sh (78%) rename nginx.sh => scripts/nginx.sh (100%) rename podman.sh => scripts/podman.sh (55%) rename sshd.sh => scripts/sshd.sh (73%) rename ufw.sh => scripts/ufw.sh (90%) rename unattended.sh => scripts/unattended.sh (100%) rename zfs.sh => scripts/zfs.sh (100%) diff --git a/containers/storage.conf b/.config/containers/storage.conf similarity index 100% rename from containers/storage.conf rename to .config/containers/storage.conf diff --git a/readme b/readme new file mode 100644 index 0000000..86f7aea --- /dev/null +++ b/readme @@ -0,0 +1,4 @@ +Configs for debian 12 setup. + +Clone to $HOME, run ./scripts/full.sh and pray. + diff --git a/beszel.sh b/scripts/beszel.sh similarity index 100% rename from beszel.sh rename to scripts/beszel.sh diff --git a/full.sh b/scripts/full.sh similarity index 78% rename from full.sh rename to scripts/full.sh index cde362c..834c265 100755 --- a/full.sh +++ b/scripts/full.sh @@ -12,8 +12,12 @@ sudo apt install -y \ python3-pip \ vim +sudo cp "$HOME/.vimrc" /root/.vimrc + +./zfs.sh ./sshd.sh ./nginx.sh ./ufw.sh ./podman.sh ./unattended.sh +./beszel.sh diff --git a/nginx.sh b/scripts/nginx.sh similarity index 100% rename from nginx.sh rename to scripts/nginx.sh diff --git a/podman.sh b/scripts/podman.sh similarity index 55% rename from podman.sh rename to scripts/podman.sh index 1e419df..8227d5d 100755 --- a/podman.sh +++ b/scripts/podman.sh @@ -4,5 +4,8 @@ set -euo pipefail sudo apt install -y podman +sudo mkdir -p /etc/containers/ +sudo cp "$HOME/.config/containers/storage.conf" /etc/containers/storage.conf + systemctl --user enable podman.socket systemctl --user start podman.socket diff --git a/sshd.sh b/scripts/sshd.sh similarity index 73% rename from sshd.sh rename to scripts/sshd.sh index d3a7ff2..ba55539 100755 --- a/sshd.sh +++ b/scripts/sshd.sh @@ -2,7 +2,7 @@ set -euo pipefail -# TODO: just 'sed' the usual hardenings +# TODO: 'sed' automate the usual hardenings sudo vim /etc/ssh/sshd_config if ! sudo sshd -t; then diff --git a/ufw.sh b/scripts/ufw.sh similarity index 90% rename from ufw.sh rename to scripts/ufw.sh index cbff590..afafe3b 100755 --- a/ufw.sh +++ b/scripts/ufw.sh @@ -7,9 +7,11 @@ sudo apt install -y ufw sudo ufw default deny incoming sudo ufw default allow outgoing +# Allow SSH port port=$(cat /etc/ssh/sshd_config | grep -o 'Port [0-9]*' | grep -o '[0-9]*') sudo ufw allow "$port/tcp" +# Allow Nginx if installed if ! which nginx; then sudo ufw allow "Nginx Full" fi diff --git a/unattended.sh b/scripts/unattended.sh similarity index 100% rename from unattended.sh rename to scripts/unattended.sh diff --git a/zfs.sh b/scripts/zfs.sh similarity index 100% rename from zfs.sh rename to scripts/zfs.sh